Design and Embedded Implementation of Secure Image Encryption Scheme Using DWT and 2D-LASM

In order to further improve the information effectiveness of digital image transmission, an image-encryption algorithm based on 2D-Logistic-adjusted-Sine map (2D-LASM) and Discrete Wavelet Transform (DWT) is proposed. First, a dynamic key with plaintext correlation is generated using Message-Digest Algorithm 5 (MD5), and 2D-LASM chaos is generated based on the key to obtain a chaotic pseudo-random sequence. Secondly, we perform DWT on the plaintext image to map the image from the time domain to the frequency domain and decompose the low-frequency (LF) coefficient and high-frequency (HF) coefficient. Then, the chaotic sequence is used to encrypt the LF coefficient with the structure of “confusion-permutation”. We perform the permutation operation on HF coefficient, and we reconstruct the image of the processed LF coefficient and HF coefficient to obtain the frequency-domain ciphertext image. Finally, the ciphertext is dynamically diffused using the chaotic sequence to obtain the final ciphertext. Theoretical analysis and simulation experiments show that the algorithm has a large key space and can effectively resist various attacks. Compared with the spatial-domain algorithms, this algorithm has great advantages in terms of computational complexity, security performance, and encryption efficiency. At the same time, it provides better concealment of the encrypted image while ensuring the encryption efficiency compared to existing frequency-domain methods. The successful implementation on the embedded device in the optical network environment verifies the experimental feasibility of this algorithm in the new network application.


Introduction
With the rise of big data and the development of digital image processing technology [1][2][3][4][5], the digital image as an important transmission medium, contains a large amount of important data, such as personal privacy and confidential information. The importance of secure transmission is self-evident. However, in contrast to textual information, digital image information is characterised by high complexity and strong pixel correlation [6][7][8]; therefore, it is essential to study encryption algorithms for digital images.
In order to realize the secure transmission of digital images, many new encryption schemes have been proposed. Among them, the problem of encrypted image transmission is particularly important [9,10]. Optical network technology based on fibre optic communication has developed rapidly in recent years, and due to the advantages of efficient transmission in optical networks, it plays an irreplaceable role in the transceiver side of embedded devices [11,12].
However, on the one hand, many such algorithms do not have provable security, and on the other hand, they are less combined with Optical Access Network communication, which is also an important problem that must be solved in applications [13]. Therefore, it is necessary to study image encryption and transmission technologies based on optical networks. This can show that image encryption and transmission technology based on all-optical networks in the context of the big data era have certain theoretical value and practical significance [14,15].
Throughout the international research status, the research popularity of image encryption technology is increasing, and various encryption methods to enhance the security of algorithms have been proposed [16][17][18][19][20]. In 2020, Ref. [21] proposed cryptanalysis of an image block encryption algorithm based on chaotic maps.Its equivalent secret key can be easily recovered with some chosen plain-images. The summarized security defects can be used to inform designers of image-encryption algorithms about common security pitfalls in the field of image security, particularly chaotic cryptography.
In the same year, Ref. [22] proposed a new image multi encryption algorithm based on HDWT hyper-chaotic system generation, which increased the number of sequence generators and increased the size of the key space exponentially. In the same year, Ref. [23] proposed a novel time-lagged chaotic system, and a novel digital image-encryption algorithm was designed based on this system. The experimental results showed that the algorithm has the advantages of good encryption effect and high system security.
In 2021, Ref. [24] proposed an image-encryption algorithm based on DNA encoding and two specially configured binary chaotic kernels. After the security analysis of the scheme, it was proven that the algorithm can resist known attacks and has excellent encryption performance. In 2022, Ref. [25] re-analysed the theoretical security and practical performance of a medical privacy protection scheme based on DNA en-coding and chaotic maps. Detailed experimental results were provided to show more security defects, including the existence of a large number of weak secret keys, weak key sensitivity, and low efficiency.
The DNA-based encryption scheme that was analysed is important for promoting interdisciplinary research on application of DNA computing in cryptography. Most studies on encryption algorithms have achieved good results [26][27][28][29]; however, in the current research, the images are regarded as two-dimensional matrix encryption, which exposes two defects: (1) Most image encryption is only based on spatial-domain algorithms, and the encryption speed is slower. Compared with the spatial-domain algorithm, the frequency-domain algorithm has higher encryption efficiency. Due to the complexity of the frequency-domain algorithm, it can bring greater deciphering difficulties to illegal decipherers, and the security performance is much higher than that of the spatial-domain algorithm. (2) The system based on chaos is relatively complex. Although it ensures the randomness of chaotic sequences, there are still problems, such as high algorithm redundancy and slow generation of chaotic systems.
Compared with the existing research, this paper proposes a frequency-domain imageencryption algorithm based on two-dimensional chaos and discrete wavelet transform and makes innovative research. First, a dynamic key with plaintext correlation is generated by MD5, and 2D-LASM chaos is generated based on the key to obtain a chaotic pseudorandom sequence. Secondly, the plaintext image is transformed by DWT to map the image from the time domain to the frequency domain and decompose it into low-frequency (LF) coefficient and high-frequency (HF) coefficient.
Then, the chaotic sequence is used to encrypt the LF coefficient with the structure of "confusion-permutation", and only the HF coefficient is scrambled. The processed LF coefficient and HF coefficient are reconstructed to obtain the frequency-domain ciphertext image. Finally, the ciphertext is dynamically diffused using the chaotic sequence to obtain the final ciphertext. Theoretical analysis and simulation experiments show that the algorithm has a large key space and can effectively resist various attacks.
At the same time, it reduces the burden of channel transmission by reducing the redundancy of image data and ensures the security of image transmission in the public channel. In addition, combined with the characteristics that wavelet transform is suitable for real-time applications [30], we studied an end-to-end image security system based on Raspberry Pi and transplanted the algorithm to the embedded system equipment to run. The experimental results show that this system can protect user data better in real-time transmission under the transport layer TCP protocol and has good application prospects and research value in the field of information security.

Related Theory
The chaotic system first proposed by the American meteorologist Lorenz is a nonlinear dynamical system with the characteristics of non-divergence, non-convergence and nonperiod. Due to the complex dynamics of chaotic systems, the sequences generated by these systems are usually strongly random [31][32][33][34]. At the same time, due to the high initial value sensitivity of chaotic systems, the sequences are usually difficult to predict; therefore, chaotic sequences have been widely used in secure communication.
Ref. [35] indicated that the key size of image-encryption algorithms should be at least 10 30 ≈ 2 100 . Compared with two-dimensional chaotic systems, one-dimensional chaotic systems, such as Logistic and Sine are easy to predict the iterative sequence, have a small key space, and do not have complex chaotic properties. The high-dimensional chaotic systems formed by the combination of low dimensional chaotic systems have more control parameters, and the chaotic structures are more complex. In this paper, we use the 2D-LASM designed by Hua et al. [36] based on the combination of Logistic and Sine mapping chaotic system, which is expressed as where x n+1 , y n+1 ∈ [0, 1] are the pseudo-random sequences generated by chaos and the control parameters β 1 , β 2 ∈ [0, 1]. The two input parameters of this chaotic system interact with each other, and output pair (x n + 1, y n + 1) is distributed to the two-dimensional phase plane. Figure 1 is the phase diagram of 2D-LASM. As can be seen from the phase diagram, the output sequence (x i , y i ) of the 2D-LASM map covers a large area on a twodimensional plane.
The 0-1 Gottwald-Melbourne test can determine the regular motion and chaotic motion by calculating the parameter k asymptotically close to 0 or 1. As shown in Figure 2, the k value of the average result of 10,000 times is 0.9975, which is close to the theoretical value [37]. This can verify the excellent performance of the chaotic system.

Discrete Wavelet Transform
Wavelet transform performs multi-scale refinement of signal gradually through scaling and translation operations [38,39], finally achieves time subdivision at high frequency and frequency subdivision at low frequency, and can automatically adapt to the requirements of time-frequency signal analysis.
Definition 1. For any f (t) ∈ L 2 (R), after the basic wavelet ψ(t) is shifted by b, and then the inner product is made with the signal to be analysed f (t) at different scales a. The mathematical expression is given by where a is the scale factor, whose role is to stretch the basic wavelet ψ(t) function, b is the translation factor, whose value can be positive or negative, and a and b are both continuous variables; thus, it is called a continuous wavelet transform.

Definition 2.
The DWT is to discretize the scale factor a and the translation factor b on the basis of the continuous wavelet transform, and turn it into a power series structure, a = a j 0 (a 0 = 1, j ∈ Z), b = ka j 0 b 0 (b 0 > 0, k ∈ Z), the mathematical expression for the 2D-DWT of the image f(x,y) of size M × N is where j 0 is an arbitrary scale initial value, i is the superscript of the assumed values H, V and D, φ j 0 ,a,b (x, y) represents the scaling function, W φ (j 0 , m, n) is f (x, y) approximate coefficients at the scale j 0 , W φ (j 0 , m, n) coefficients add detail coefficients in the horizontal, vertical, and diagonal directions for scale j ≥ j 0 .
The schematic diagram of the image wavelet decomposition is shown in Figure 3. LL denotes low frequency, HL, LH, and HH denote high frequency, and the subscripts 1 and 2 denote the first-level and second-level decomposition, respectively. The image is decomposed into four sub-images after 2D-DWT: the low-frequency component of the original image, the high-frequency component in the horizontal direction, the highfrequency component in the vertical direction, and the high-frequency component in the diagonal direction. The low-frequency components continue to be decomposed into sub-images of lower resolution in the next level in exactly the same way.
In this way, the image is decomposed into multiple sub-images at different resolution levels and in different directions, which is consistent with the visual characteristics of the human eye. The schematic diagram of the wavelet decomposition data flow is shown in Figure 4. x[n] represents the discrete input signal, g[n] represents the low-pass filter, which is used to retain the low-frequency components of the input signal and remove the high-frequency components, h[n] represents the high-pass filter, whose function is opposite to that.   The 2D-DWT processing is performed on the 8 × 8 image block by transforming each row of the array, and then transforming each column of the array after the row transformation. Finally the transformed image data array is encoded. The elements in the upper left corner are called low-frequency coefficients, and the remaining elements are called high-frequency coefficients. The data before and after the transformation is shown in Figure 5.   Among them, the data 32.5 of Transformed Matrix is the low-frequency coefficients of the matrix, which shows that the energy of the image is mainly concentrated in the low-frequency coefficients after 2D-DWT. Based on this, only the low-frequency coefficients in the frequency domain after DWT need to be encrypted to obtain a more satisfactory image encryption effect.

Design of Encryption Algorithm
In traditional encryption algorithms, they are often designed for one-dimensional data stream information, the drawbacks of which are high computational complexity and low encryption efficiency, which are slightly stretched for digital images with large data volume, spatial order, strong correlation, and high redundancy. In particular, with the development of technology, the information contained is even gradient increasing. Therefore, this paper proposes an image-encryption algorithm based on DWT and a 2D-LASM chaotic system and introduces a dynamic key with plaintext correlation to achieve "one-time pad" encryption, and the specific process of encryption and decryption is shown in Figure 6. The specific encryption algorithm is designed as follows.  Step 1: Use 2D-DWT to decompose plaintext images The image is decomposed of DWT into four subbands: LL, LH, HL, and HH, are performed according to Equation (4), and the coefficients of each subband are calculated using a Haar filter to map the image matrix from the spatial domain to the frequency domain. Then, the data is processed into the pixel value range of 0-255 to obtain one low-frequency image and three high-frequency images. The specific treatment is shown as where p(x, y), p(x, y + 1), p(x + 1, y), and p(x + 1, y + 1) are the four pixel points of the LL, LH, HL, and HH.
Step 2: Pseudo-random sequence preprocessing The key of this algorithm consists of the MD5 value of the plaintext image, the initial value of the 2D-LASM chaos, and the control parameters. MD5 can scramble the initial values of the chaotic system to make the key sequence more sensitive to the plaintext, thus, enhancing the security of the algorithm. The detail of this algorithm is shown as where ⊕ is a bitwise XOR operation, x 1 (0), y 1 (0), x 2 (0), and y 2 (0) are two groups of initial values of 2D-LASM chaotic system. x 1 (0), y 1 (0), x 2 (0), and y 2 (0) are two groups of initial values updated after the disturbance from MD5. Clearly, the new initial values will change with different plaintext images. The confusion sequence is generated by where R is composed of two chaotic sequences obtained by the initial value solution of 2D-LASM. The length of R is the same as L, H and W are the pixel rows and columns of the plaintext image to be encrypted, and Ch is the number of channels of the plaintext image to be encrypted. A complete colour image is composed of three channels of red, green, and blue, while a greyscale image requires only one channel. The mask obfuscation sequence is generated by where f loor( * ) is a downward rounding operation; mod( * ) is a remainder function whose result is the remainder obtained by dividing two numerical expressions; reshape( * ) is a reshaping function generated Rc for the mask obfuscation operations, which is a sequence of integers with value range ∈ [0, 255], and its length is H×W. The pixel scrambling sequence is generated by where sort( * ) is the equation that sorts all elements of the sequence; seq_H denotes the chaos-based length sequence extracted from x 1 ; seq_W denotes the chaotic sequence of length 8 × W, extracted from y 2 ; R pr denotes a pixel row generated by the sorting function and length H; R pc denotes a pixel column generated by the sorting function with length 8 × W; and S 1 and S 2 are chaos-based sorted sequence values. The diffusion sequence is generated by where the lengths of R d1 and R d2 are H×W. The R d1 and R d2 sequences are used for dynamic diffusion operations.
Step 3: Confusion The ordinary image P is blurred with the confusion sequence R c so that the image can obtain the blurred image C 1 by hiding-namely, Step 4: Pixel permutation The blurred image C 1 is encrypted by pixel dislocation using the dislocation sequence R pc (i) and R pr (j) to obtain image C 3 -namely,    C 2 = swap(C 1 (:, R pc (i)), C 1 (:, i)) C 3 = swap(C 2 (:, R pr (j)), C 1 (j, :)) (11) where i = 1, 2, . . . , H; j = 1, 2, . . . , 8 × W; C 2 is the image after the double-bit column transformation arrangement; C 3 is the image after the double-bit row transformation arrangement; and swap( * ) is used to exchange the values of two pixels.
Step 5: Dynamic diffusion Dynamic diffusion allows each pixel to interact with each other, thus achieving an avalanche effect. By establishing a diffusion path between pixels and adding keys R d1 and R d2 to the diffusion process, the ciphertext pixels are diffused along that path to other pixels to generate the final ciphertext image C.
The diffusion encryption generation equation for the first greyscale pixel C(1) of the ciphertext image C is shown as where the operator can be defined as c d mod(c + d, 256); C 3 (1) is the first pixel in the replacement image C 3 ; R d1 (1) and R d2 (1) are the first elements of the diffusion encryption sequence; and sum(1) represents the accumulation of all pixels of the replacement image C 3 and then generates the ciphertext pixel C(i)-namely, where i = 2, 3, . . . , L; i denotes the ith pixel of image C 3 after remodelling; C(i − 1) is the (i − 1)th ciphertext pixel of the sequence of pixels representing dynamic diffusion encryption greyscale; and sum(i) is the cumulative sum of (L − i) pixel values of image C 3 . According to Equation (13), starting from the second ciphertext pixel C(2), the cipher image C is generated by computing C(i) through iterations of i in {1, 2, . . . , L}, until the Lth ciphertext pixel C(L) is generated.

Performance Analysis of the Image-Encryption Algorithm
The image-encryption algorithm proposed in this paper is based on the MATLAB r2018b system to complete the verification analysis. The system ran on a Windows 10 64-bit operating system, Intel(R) Core(TM) I7-6500U CPU @ 2.50 GHz 2.59 GHz processor and 8 GB memory running on a PC. This article selected some standard images as the test images for experiments, and most of the test images were from the "USC-SIPI Image Database [40]".

Key Space Analysis
The key space refers to the set of all possible keys that can be used to generate the key. The size of the key space depends on the length of the security key, which is one of the most important characteristics in determining the strength of a cryptosystem. The image-encryption algorithm designed in this paper uses a two-dimensional discrete chaotic system, and the key parameters involved are four chaotic initial values x 1 (0), y 1 (0), x 2 (0), and y 2 (0). The calculation accuracy of 64-bit double precision is 2 15 . The size of the key space of this part is 10 15 × 10 15 × 10 15 × 10 15 = 10 60 ≈ 2 199 .
Considering that the introduced MD5 can output 128-bit hash value, the key space of this encryption scheme is calculated as 2 327 , and the key length reaches 327 bits. From Table  1, it can be seen that the key space of this paper has obvious advantages compared with other existing encryption schemes, the key space of this paper has clear advantages. Therefore, the encryption algorithm in this paper can resist any form of brute force attack [41].

. Histogram Analysis
The colour histogram is an important feature of the statistical properties of an image, with the horizontal coordinate indicating the pixel value and the vertical coordinate indicating how often the pixel appears in the image. The ideal encryption algorithm should result in different plaintext images having a uniform statistical distribution or a similar histogram that is independent of the plaintext image [44]. From Figure 7, we know that, although the histograms of the plaintext images are completely different, the histograms of the ciphertext images all have similar distribution characteristics, indicating that the algorithm has a strong resistance to statistical attacks.

Coefficient of Adjacent Pixels
Every image has intrinsic and inherent characteristics, such as high pixel correlation and high redundancy [45]. Correlation analysis tests the strength of the correlation between image pixels, and the correlation between neighbouring pixels of a normal image is usually high, with a correlation coefficient closer to 1. At the same time, a secure and efficient encryption algorithm must satisfy the requirement of a low correlation coefficient between neighbouring pixels of a ciphertext image in order to resist statistical attacks. The correlation coefficient can be calculated from Equation (14)-namely, where the grey scale value of each pixel is denoted by x and y, respectively, E(x) denotes the mean value, D(x) denotes the variance, cov(x, y) denotes the covariance, and γ xy denotes the correlation coefficient. Table 2 shows the encryption quality of the proposed scheme and the classic encryption schemes in recent years. We evaluate the correlation between adjacent pixels in horizontal, vertical, and diagonal directions, as shown in Figure 8, from which it can be inferred that the correlation between adjacent pixels of the password is not strong. Therefore, from the experimental results, it can be found that the encryption algorithm in this paper can effectively resist statistical analysis [46].

Analysis of Differential Attacks
A complete encryption system should have a high sensitivity to images. The plaintext sensitivity can be one of the main indicators of the security of an encryption system and the strength of a cryptographic management system against differential attacks. Both the Number of Pixels Change Rate (NPCR) and the Unified Average Changing Intensity (U ACI) can be used to represent the difference between two images that change only on the same pixel [49]. The formula of NPCR and U ACI is defined by where v 1 (i, j) denotes the pixel value of a ciphertext pixel before it is changed; and v 2 (i, j) denotes the pixel value of a ciphertext image after changing the pixel value at a point in the plaintext image. We compare the values of NPCR and U ACI in this paper with other works in Table 3. In addition, the values of NPCR and U ACI after 50 experiments are shown in Figure 9. The NPCR and U ACI average values are near the theoretical value; thus, the encryption algorithm in this paper is sensitive to the pixel changes in the plaintext image. Therefore, the encryption algorithm designed in this paper can effectively resist differential attacks. The Peak Signal-to-Noise Ratio (PSNR) and Structural SIMilarity (SSI M) are commonly used in the field of image processing as a tool to weigh the quality of encryption. The Mean Square Error (MSE) is a part of PSNR and is defined by where MSE denotes the mean square error of the plaintext image X and the ciphertext image Y. The height and width of the image are denoted by H and W, respectively, and Q denotes the pixel level of the image. SSI M is a measure of the similarity of two images and is defined by where µ X , µ Y denote the mean of image X and Y, respectively, σ X , σ Y denote the standard deviation of image X and Y, respectively, and L denotes the dynamic range of pixel values. The values of PSNR and SSI M are calculated by using Equations (16) and (17) as shown in Table 4. The experimental results show that the PSNR and SSI M values obtained by this algorithm are low. Therefore, this encryption scheme has certain advantages.

Sensitivity Analysis
In image encryption, key sensitivity performance is often used as an important indicator to measure the security of an encryption system. The key sensitivity is generally expressed by the difference between corresponding images when decrypting or encrypting the same image with a slightly different key. In order to test the sensitivity to the key in the scheme, we processed the two chaotic series by means of time series and compared the generated two-dimensional chaotic series. It can be seen from Figure 10 that the encryption system designed in this paper has high security and strong sensitivity to keys, which increases the difficulties for attackers to decipher the ciphered image.

Information Entropy
Information entropy is an indicator of the amount and uncertainty of information contained in digital images. The information entropy of the image is positively correlated with the encryption effect. The larger the information entropy is, the better effect the encryption will have. The formula of information entropy is defined by where i represents the pixel greyscale value, and P(i) represents the probability that this grey value will appear in the digital image. From the calculation of Equation (18), the theoretical value of information entropy is the maximum value of 8. We compare the information entropy of the images before and after encryption, and the experimental result is shown in Table 5. It can be seen that the information entropy of the two ciphertext images is above 7.9994, which has a certain improvement compared with the similar references. There are many factors that can affect the efficiency, such as the size of the image, the degree of arithmetic power consumed by the encryption operation. We selected the images with sizes of 256 × 256, 512 × 512, and 1024 × 1024 for comparison [50]. As shown in Table 6, when the image size becomes larger, the required encryption and decryption time will increase accordingly. From the experimental results, it can be seen that the algorithm has high encryption efficiency.

Embedded Hardware Implementation of Image Encryption in Optical Access Network
The image encryption system can also be effectively applied in the optical access network communication scenario, which is illustrated in Figure 11. In this scenario, both the sender and the receiver are embedded terminals for reading and displaying, sending and receiving, and encrypting and decrypting images. In order to enhance the security of the information, we use the optical fibre transmission method to replace the traditional ordinary information transmission method, which greatly enhances the information transmission process while ensuring real-time performance. The possibility of protection from dangerous elements during information transmission is greatly enhanced. Therefore, the encryption method that we propose is suitable for secure communication in an optical access network environment.
To verify the effectiveness and feasibility of the image encryption system, we conducted experimental analysis on an experimental platform of optical access network based on ARM embedded system. The security, encryption speed, resource utilisation, and cracking difficulty of hardware encryption are all greatly superior to software encryption. The optical access network-based digital image encryption communication system consists of two ARM chip-based embedded development boards and a Gigabit single-mode single-fibre transceiver, TP-LINKTL-FC311A-3.
The maximum transmission distance is approximately 10 km and the maximum transmission rate is above 155 Mbit/s. The ARM development board is the Raspberry Pi 4B, and the programming language used is Python. The chip is a Broadcom BCM2711 with Cortex-A72 architecture, and the operating system is 32-bit Linux 5.4 with a 3.5-inch liquid crystal display (LCD). The wireless router is used for network communication between the sender and the receiver and obtains the sending and receiving addresses via Dynamic Host Configuration Protocol (DHCP), 192.168.1.114 and 192.168.1.115, respectively.
The sender is responsible for reading, displaying, encrypting, and transmitting the plaintext images, while the receiver is responsible for receiving, displaying, and decrypting the corresponding ciphertext images. The experimental platform and results are shown in

Conclusions
This paper proposed an image encryption scheme based on 2D-LASM and DWT and completed corresponding embedded hardware experiments. To enhance the security performance, we designed an MD5 plaintext association mechanism for obtaining dynamic chaotic sequences to resist the chosen plaintext attacks. In terms of specific encryption operations, we first performed Discrete Wavelet Transform (DWT) on the plaintext image to decompose low-frequency (LF) coefficients and high-frequency (HF) coefficients and encrypted them in different ways according to the weights.
Then, we used the chaotic sequences to perform dynamic diffusion operations on the reconstructed intermediate ciphertext frequency-domain image to obtain the final cipher image. Furthermore, the proposed encryption algorithm was successfully tested in an embedded optical access network communication environment. Theoretical analysis and simulation experiments showed that the algorithm has the characteristics of large key space, excellent statistical analysis performance and the ability to resist various common attacks.
Although the frequency processing is relatively complicated, the encryption algorithm still has the advantages of easy implementation and high efficiency. At the same time, its successful implementation on embedded devices in the optical network environment demonstrated that the algorithm has certain practicability in an Internet-of-Things environment.  Data Availability Statement: Data sharing not applicable to this article as no datasets were generated during the current study.