A New Chaotic Image Encryption Algorithm Based on Transversals in a Latin Square

In this paper, a new combinatorial structure is introduced for image encryption, which has an excellent encryption effect on security and efficiency. An n-transversal in a Latin square has the function of classifying all the matrix’s positions, and it can provide a pair of orthogonal Latin squares. Employing an n-transversal of a Latin square, we can permutate all the pixels of an image group by group for the first time, then use two Latin squares for auxiliary diffusion based on a chaotic sequence, and finally, make use of a pair of orthogonal Latin squares to perform the second scrambling. The whole encryption process is “scrambling–diffusion–scrambling”. The experimental results indicated that this algorithm passed various tests and achieved a secure and fast encryption effect, which outperformed many of the latest papers. The final information entropy was very close to 8, and the correlation coefficient was approximately 0. All these tests verified the robustness and practicability of the proposed algorithm.


Introduction
In these years, the network communication develops very rapidly, a large amount of public or private image information is transferred via the public internet.How to transmit a lot of image information safely and efficiently has become an increasingly important issue.Image encryption is the main solution.Digital image encryption is a new branch of computer cryptography, and also a relatively independent branch and a research hot issue in the field of information security.Unlike ordinary text information, digital image has a great deal of data, a strong correlation between pixels and other particularities, which makes DES, IDEA and RSA these traditional methods are not appropriate for them [1].Therefore, various image encryption algorithms have been put forward in the last few years.
In general, an encryption technology involves two aspects: scrambling and diffusion.Scrambling is mainly used to change the pixels' position, while diffusion is used to change the pixels' value.
Recently, many combinatorial design structures have been applied in cryptography, such as Latin square [12,[32][33][34][35][36][37], Latin cube [11,13,18], Hadamard matrix [38], etc.Using simple chaotic system and these uniform combinatorial design structure as auxiliary, better encryption effect can also be achieved.As early as 1949, Shannon pointed out that a perfect password can be expressed by a Latin square in his classic paper [39].Kong used Latin squares to build algebraic models for different password systems [40].A Latin square defined on a finite integer set S is a square matrix, and get uniformity for the same number of occurrences of each element in S , and the total number of Latin squares is also very large.These characteristics of Latin square are very suitable for image encryption, so some algorithms according to Latin square were put forward.In 2001, Li first proposed a method to do the image scrambling using a pair of orthogonal Latin squares [36], which can directly generate a two-dimensional mapping, instantly increasing the scrambling efficiency.However, he didn't give the algorithm of generating orthogonal Latin squares, nor did he do simulation experiments.In 2014, Wu et al. proposed an image encryption scheme by using Latin square [32].Firstly a Latin square was used to generate a one-dimensional mapping for the scrambling process.Then the Latin square was used to perform bitxor operation on image pixels.However, the scrambling efficiency of this algorithm is low and it is vulnerable to attack.Other algorithms that use Latin squares have the same problem.In 2018, Xu et al. generated a self-orthogonal Latin square (SOLS) and proposed a new algorithm for image encryption [34].Using a SOLS and its transpose, a pair of orthogonal Latin squares are formed, and the SOLS can provide a pseudo-random sequence for the diffusion process.The experimental results show that this algorithm is safe and highly efficient.The entropy value of encrypted Lena reached 7.997, and the correlation coefficient was small.In 2019, Xu et al. put forward a new image encryption scheme by using 3D bit matrix and orthogonal Latin cubes [18].Each original image was decomposed into a three-dimensional bit matrix, and a pair of orthogonal Latin cubes were used not only for confusion but also for diffusion, which proved that the algorithm is highly safe and efficient.In 2020, Zhou et al. combined 3D orthogonal Latin squares (3D-OLSs) with matching matrix for color image encryption [13].The same as algorithm in [18], it fully utilized the orthogonality of 3D Latin cube.In 2021, Zhang et al. proposed an encryption algorithm based on Latin square and random shift [12].Wang et al. also put forward an image encryption algorithm based on Latin square array [35], utilizing the orthogonality and uniformity of Latin square.In 2021, Hua et al. designed a new CIEA using orthogonal Latin squares and 2D-LSM for color image encryption, realized point-to-point permutation and the random distribution of the pixels in the plain image [11].
As can be seen from the above discussions, better encryption can also be achieved by using the orthogonality and uniformity of Latin squares, together with other innovations.In addition, there are some other properties of Latin squares that can be utilized, such as transversals.For a Latin square of order n, there exists plenty of n-transversals.By means of an ntransversal, we can divide all n 2 positions into n mutually disjoint groups.So in this article we proposed a novel chaos-based image encryption algorithm according to transversals in a Latin square.Fistly we use a ntransversal to permutate the image data group by group in the first round of substitution.We can also define two new Latin squares according to the n-transversal, which can be used for auxiliary diffusion on the basis of a chaotic sequence and achieve a good diffusion effect.Finally a pair of orthogonal Latin squares are reused for the second scrambling.As a whole, the structure of "scrambling-diffusion-scrambling" is formed.Simulation results show that a secure and fast encryption effect is achieved in this algorithm.
In the rest of this article, some primary definitions and conclusions are introduced in Section 2. Section 3 is mainly used to introducing the detailed procedure of encryption and decryption.In Section 4, the experimental results and analysis are demonstrated.In the end, we summarize this article.

Latin squares and transversals
A Latin square of order n (defined on an n-set S ) is an n × n array in which each cell contains a single symbol, such that each symbol occurs exactly once in each row and column [34].For consistency, we set S = {0, 1, . . ., n − 1}.
Two Latin squares of order n A = (a i j ) and B = (b i j ) are orthogonal if every ordered pair (a i j , b i j ) in S × S occurs exactly once.
Fig. 1 lists a pair of orthogonal Latin squares of order 4 A = (a i j ) and B = (b i j ).Denote C = (c i j ) as the juxtaposition array, where c i j = (a i j , b i j ).Each ordered pair in S × S occurs exactly once.Notation: Using a pair of orthogonal Latin squares A = (a i j ) and B = (b i j ) can directly generate a twodimensional map φ : (i, j) → (a i j , b i j ), i, j = 0, 1, ..., n − 1.
Suppose M is a Latin square defined on S .A transversal in M is a set of n positions, no two in the same row or column, including each of the n symbols exactly once.Two transversals are disjoint if there are no same positions in them.Any k disjoint transversals are called a k-transversal.If k = n there exists an ntransversal in M.There are 4 positions in the first column, all row numbers and column numbers are different, and the four elements at the four positions of A are 0, 3, 1, 2 respectively, so the first column of C is a transversal of A. The other columns of C are similar.All the positions of A are divided into four pairwise disjoint groups, so there is a 4-transversal in A.
For an additive group G, a bijection θ of G is called a complete mapping if the mapping σ : Theorem 1. [42] The Cayley table M of the additive group G = {g 0 , g 1 , ..., g n−1 } is a Latin square with (i, j)th entry g i + g j .For a bijection θ : G − → G, M θ is the Latin square with (i, j)th entry g i + θ(g j ), and the cells {(g i , θ(g i )) | i = 0, 1, ..., n − 1} form a transversal of M if and only if θ is a complete mapping of G.
Theorem 2. Let F = {g 0 , g 1 , ..., g n−1 } be a finite field with character p. M is the Cayley table of F. Let a ∈ F, a 0, 1, and a −1 (mod p).Define a mapping γ j : x − → ax + g j ( j = 0, 1, ..., n − 1).Then the following conclusions hold. 1) These γ j s ( j = 0, 1, ..., n − 1) are n different complete mappings over F under addition; 2) Define an n × n array M γ with (i, j)th entry γ j (g i ) = ag i + g j .Then M γ is a Latin square on F; 3) Define D = (d i j ) with d i j = (g i , γ j (g i )).All columns of D form n disjoint transversals of M (named D as the truncated decomposition array).Define the array M 1 with (i, j)th entry g i + γ j (g i ).Then M, M 1 , M γ are pairwise orthogonal Latin squares.
Appendix A shows the proof of Theorem 2. According to Theorem 2, there are n disjoint transversals in M, where the ith column index in jth transversal is the (i, j)th element of M γ .
Example 1.Let F be a finite field of order 4. Suppose the primitive polynomial is Firstly define the Cayley table M of the field F under addition with (i, j)th entry g i + g j , Construct the truncated decomposition array D with (i, j)th entry g i , γ j (g i ) , The four positions of each column of D form a transversal of M, and the set of all columns is a 4-transversal of M.
Finally define the array M 1 with (i, j)th entry According to Theorem 2, M, M 1 , M γ are pairwise orthogonal Latin squares.

Logistic map
In this article, we adopt the classical Logistic map to genrate two new sequences.One of them is used to generate a finite field, and the other is used to do diffusion.We describe Logistic map as follows.

The proposed image encryption algorithm
For simplicity, some of the symbols are described as follows.n stands for a prime power.Q is used to represent an n × n original plaintext image, K is the encryption key and Cipher denotes the corresponding ciphertext.This algorithm is divided into two parts: Algorithm 1 generates three Latin squares and an ntransversal by use of K and the features of Q; Algorithm 2 is mainly used for encryption, including three layers: scrambling, diffusion and scrambling, then the encrypted image Cipher is formed.The encryption diagram is listed in Fig. 2. We use Algorithm 1 to construct three Latin squares and an n-transversal, all of which are directly generated on a finite field, using addition and multiplication in the finite field.
Algorithm 1: The generation of M, M 1 , M γ and an n-transversal Input: An n × n plain image Q, encryption key K = (µ 0 , key 0 , key 1 ), public parameter a.
Output: Latin squares M, M 1 , M γ and the truncated decomposition array D.
Step 1: Compute the sum of all pixels in Q, denoted as sumQ.Let where floor is the downward integer function.Compute key 0 new = (key 0 + s)/2, key 1 new = (key 1 + s)/2.It's very essential because sumQ reflects the characteristics of the plaintext image.When the plaintext image changes a little, the chaotic sequence will change greatly because of the changed key.In other words, only one round of encryption is needed to achieve a high sensitivity to the plaintext image.
Step 2: Generate a logistic sequence of length n x1 = {x i | i = 0, 1, 2, ..., n − 1} with system parameter µ 0 and initial value x 0 = key 0 new .Sort x1 as follows: where sort is the function that sorts a sequence in ascending order.f x is the new sequence reordered by x1, lx is the index position.
Step 3: Redefine operations of addition and multiplication on lx, then generate a finite field F n with character p. Denote F n = {g 0 , g 1 , ..., g n−1 }.Select a ∈ F n , a 0, 1, and a −1(mod p), generate three Latin squares M, M 1 , M γ with (i, j)th entry g i +g j , (1+a)g i +g j and ag i + g j respectively.According to Theorem 2, M, M 1 , M γ are pairwise orthogonal.
Step 4: Generate the truncated decomposition array D with (i, j)th entry (g i , ag i + g j ).Then the column set of D is an n-transversal of M.

Image encryption
We use Algorithm 2 to complete the rest of the encryption process.First of all, with the help of the truncated decomposition array D, we can permutate the image data Q group by group.Secondly, we use two Latin squares M and M 1 for auxiliary diffusion based on another chaotic sequence x2.Finally, a pair of orthogonal Latin squares M 1 and M γ are used for the second scrambling.The following is the detailed procedure of Algorithm 2.

Algorithm 2: The proposed encryption algorithm
Input: An n × n plain image Q, encryption key K = (µ 0 , key 0 , key 1 ), public parameters a, c 1 and c 2 .
Step 1: Make use of Algorithm 1, Q, K and a to generate M, M 1 , M γ and D.
Step 2: Scramble Q for the first time.At first convert D to a natural column index array D θ by bijection θ : g i → i. Starting from the first transversal, the first pixel of Q at D θ (0, 0) is placed at the position D θ (1, 0), the second pixel at the position D θ (2, 0) is placed at the position D θ (3, 0), and so on..., until the last pixel at the position D θ (n − 1, 0) is placed at the position D θ (0, 0).After scrambling n times based on n transversals, we can get a temporary image P 1.The specific process is shown below.3 shows a 4-order example to illustrate the scrambling process in this step.In Fig. 3(a), A Latin square M(Generated on the field of Example 1) is converted to digital form.Select a number a = 2, then generate M γ with the (i, j)th entry (1 + a)g i + g j , resulting in a 4-transversal D, all the 16 positions of a 4-order matrix are divided into four pairwise disjoint groups.Because g i = i, D θ = D, we can scramble Q according to D. In Fig. 3(b), starting from the first transversal, the first pixel 1 at (0,0) is placed at (1,2), the second pixel 7 at (1,2) is placed at (2,3), the third pixel 12 at (2,3) is placed at (3,1), finally, the fourth pixel 14 at (3,1) is placed at (0,0).So are the scramblings of the other transversals.Because D is a 4-transversal, the first scrambling can be completed after 4 times .
Step 3: Firstly convert P 1 into a row vector P 2, then generate another new chaotic sequence of length n 2 + 100 with system parameter µ 0 and initial value key 1 new .To eliminate the effect of the initial value, especially delete the first 100 digits, the rest form a new chaotic sequence x2.M and M 1 are transposed into row vectors L M and L M1 , which are used as two pseudorandom sequences for auxiliary diffusion to form a new row vector {P 3(i)} n 2 −1 i=0 .The detailed diffusion formula is as follows.
where the initial value P 3(−1) = 0, b is a temporary variable, and mod is the module integer function.
Step 4: Transpose P 3 to an array P 4. By using the orthogonality of M 1 and M γ we conduct the second scrambling by formula (6), the final ciphertext image Cipher is obtained. (6)

Image decryption
When we do image decryption, follow the reverse procedure, and we need to know the value sumQ in ad-

Simulation results and security analysis
We conducted simulation experiments and listed all the results in this section.In order to reflect the advantages of this algorithm, we compared this algorithm with some representative algorithms [4,12,34,35,[43][44][45].
In our experiments, a total of six different 256 × 256 images are selected for testing, which are chosen from the USC-SIPI2 and CVG-UGR3 image sets.Every experiment requires only one round of encryption, the secret key K is: µ 0 = 3.99999, key 0 =0.123456, key 1 =0.234567.There are three public parameters a = ω (ω is a primitive root of F n ), c 1 = 1.3, c 2 = 1.5.
The algorithm was tested from the following aspects: key space and sensitivity analysis, histogram test, correlation test, information entropy test, differential attack resistance test, robustness test, computational complexity and time efficiency analysis, and so on.

Key space analysis
There are three real numbers in K = (µ 0 , key 0 , key 1 ), and the computational accuracy of each value is 10 −15 , so this algorithm can achieve a key space of 10 45 ≈ 2 149 , greater than 2 128 [46][47][48].There are also three public parameters to select, so the algorithm has a large enough key space and occupies a relatively small memory space.In summary, it can resist brute-force attacks.

Key sensitivity analysis
An excellent image encryption algorithm desires strong sensitivity to the key, so sensitivity analysis is often considered as a crucial indicator of resistance to brute-force attacks.It's usually evaluated from two aspects: sensitivity during encryption and sensitivity during decryption.
(1) Key sensitivity analysis during encryption Take Lena for example.Firstly, set K = (3.99999,0.123456, 0.234567), then modify each value slightly by adding 10 −15 after the decimal point.We use two sets of secret keys to encrypt Lena, Cipher1 being the image encrypted with K and Cipher2 being the image encrypted with the modified K. Fig. 5 shows the comparison of the results of the two ciphertext images.Percentages of different pixels are computed as shown in Table 1, which are all greater than 99.59%, fully indicating that the algorithm is extremely sensitive to the key during encryption.(2) Key sensitivity analysis during decryption Similarly, Lena is also used to do key sensitivity analysis during decryption.In view of the encrypted image Cipher, make a tiny change value 10 −15 in each value of K = (3.99999,0.123456, 0.234567), then use the two sets of secret keys to decrypt Cipher.Fig. 6 presents when we use the right key, we can obtain the original image, while using the modified key, we can't decrypt correctly.In addition, Table 2 records the percentages of different pixels of two deciphers, all greater than 99.5%.From these results, we can discover that even though the key changes a little, we will fail to obtain the original image.So this algorithm is key-sensitive during decryption.

Statistical Analysis
A good algorithm for image encryption should be capable of resisting any statistical attacks.The main statistical indicators include histogram analysis, correlation

Histogram analysis
In an image, histogram is a representation of the frequency of each gray level pixel.A well-encrypted image has a histogram distribution that is as uniform as possible.In general, it can be measured by variance S , and the formula is as follows:  Table 3 shows the histogram values of six images before and after encryption, and Fig. 7 shows the histogram distribution of six images before and after encryption.From the data and the figure, we can find that all the histograms of ciphertext images tend to be evenly distributed, and after encryption Lena's variance is as low as 195.766, indicating that this algorithm can effectively resist histogram analysis.

Correlation test
In a plaintext image, there exist strong correlations among adjacent pixels.To resist statistical analysis, correlation in ciphertext images should be as small as possible [49].We randomly select 4000 pairs of neighbouring pixels, including three directions (horizontal, vertical, and diagonal) to measure the correlations.The required calculation formula is listed in (8): where where u and v represent the grayscale values of two neighbouring pixels in the image.
To visualize the distribution of images before and after encryption, Fig. 4.2.2 displays the correlation distributions of six different images in three directions.Observing the original image we can note that the neighbouring dots are mainly distributed around the diagonal, while in an encrypted image the dots are evenly distributed throughout the whole plane.That is, the plaintext images are highly correlated in any direction, but the correlations after encryption are very low.Using the calculation formula in Ref. [34], we compute the correlation coefficients of six images before and after encryption, present the results in Table 4.We can see that before encryption the values are very large, but after encryption all numerical results are very small, approximate to 0. For comparison with other algorithms, Table 5 lists the comparison results in the case of Lena.Although the value of Lena in this article is inferior to Refs.[43], it is better than other six Refs [4,12,34,35,44,45]. .The accuracy of the decimal point is 10 −3 , which implies that this algorithm achieves a good confusion effect and has strong applicability.

Information entropy analysis
An important measure of testing randomness is information entropy, usually denoted as H, which can be measured according to the following formula (10): where m i is the gray value, and there are l kinds of gray values in an image.p(m i ) represents the probability of m i , and l−1 i=0 p(m i ) = 1.Generally, an image has 256 gray values.Only when the frequency of each gray level is the same, information entropy H reaches the theoretical ideal value 8 [50].
We use the formula (10) to calculate the entropy values of six images before and after encryption, then list the results in Table 6.From the table we can see all values are very close to 8, which shows a good encryption effect.Especially, the information entropy of Lena reaches 7.99784, strong uncertainty of this algorithm has been indicated.Table 5 lists Lena's entropy values in different algorithms.Our results are superior to the other six contrast algorithms.Therefore, the ciphertext images have strong uncertainty and our algorithm can resist entropy attacks.

Differential attack analysis
A good algorithm can resist differential analysis, requiring different plaintext images (even if with only one different pixel) corresponding to significantly different ciphertext images.In general, there are two commonly used criteria for testing resistance to differential attacks, NPCR and UACI.Let C 1 = (C 1 i, j ) and C 2 = (C 2 i, j ) denote two ciphertext images of size M × N, where their plaintext image has only one different pixel.Define binary sequence to the images C 1 and C 2 : Then define NPCR as formula (12), which means the percentage of different pixels of two ciphertext images.
Furthermore, define UACI as formula (13), which means the average of the absolute difference of two ciphertext images.
Table 7 shows encrypted Lena's NPCR and UACI at four specific positions, from which we can discover that the values are different at different positions.That is to say, these two indicators have randomness.For unity, let's reduce the first pixel at position (0,0) by 1, calculate the values of NPCR and UACI of six images based on formulas (12) and (13), list the numerical results in Table 8.
With a significance coefficient of 0.05, the ideal NPCR is 99.5693%, and UACI is 33.2824% for images of size 256 × 256 [51].The results in Table 8 are all higher than the expected values, which proves that the algorithm in this article effectively passes the differential attack capability test.The comparation with other algorithms in case of Lena can refer to Table 5.

Robustness test
In the process of transmitting ciphertext images over the network, the data may be lost or attacked by noise, which requires the ciphertext image to have good anticutting and anti-noise attack performance.In other words, a good algorithm for image encryption should have robustness [52].In addition, we can use PSNR to evaluate the quality of the decrypted image and the original image.The larger the value is, the more similar the two images, and the formula ( 14) is as follows: Taking Lena as an example, from the ciphertext image we respectively cut off 1/16, 1/8, 1/4 and 1/2 data at the top left corner, then decrypt the cut ciphertext images using the correct key.Fig. 9 displays the results, which clearly shows that even after its data is cut in half, the body of the image is still visible.The corresponding PSNR values of Fig. 9 are shown in Table 9.In summary, this algorithm indicates a good cutting resistance.Still taking Lena as an example, we respectively use salt and pepper noises with density 0.05, 0.1 and Gaussian noises with variance 0.01, 0.1 to attack.As shown in Fig. 10, the image is still visible, and the corresponding PSNR values of Fig. 10 are shown in Table 10, indicating a good performance to resist noise attacks.

Computational complexity and time efficiency
Any effective image encryption algorithm requires low computational complexity.In Algorithm 1, one chaotic sequence is generated with computational complexity O(n), and three Latin squares are constructed with computational complexity O(3n 2 ).In Algorithm 2, there is a three-layer encryption structure, which mainly uses an n-transversal for the first scrambling and Latin square for auxiliary diffusion and the second scrambling.The computational complexity is O(n 3 ), so the  11 shows the encryption time and decryption time of six images, which are all calculated 20 times on average.It can be found that all encryption times approximately equal to 0.31s, decryption times approximately equal to 0.27s, and the comparison results of Lena and other algorithms are listed in the Table 5.It can be seen that the algorithm in this paper has relatively fast encryption speed.

Resistance to classical types of attacks
There are four classical types of attacks: ciphertext only, known plaintext, chosen plaintext, chosen ciphertext.Among them, chosen plaintext attack is the most powerful attack.If an algorithm can resist this attack, it can resist others [3,13].
The proposed algorithm only needs one round of encryption to achieve a safe effect.It depends on the plaintext image and is very sensitive to the initial parameters µ 0 and initial values key 0 , key 1 .If the plain image or one key has changed, M, M 1 , M γ and D would be totally different.Further more, in the diffusion stage, encrypted value is not only related to plain value and former ciphered value, but also related to the second chaotic sequence and two Latin squares.So, the proposed algorithm can resist the chosen plaintext/ciphertext attack as well as other types of attacks.

Conclusion
In this article, a new chaotic algorithm for image encryption is proposed, mainly using transversals in a Latin square.An n-transversal can group all the positions and provide a pair of orthogonal Latin squares.So we can do scrambling in two ways, group by group and using the orthogonality of a pair of Latin squares, which obtains a nice scrambling effect.In the diffusion process, two suitable and uniform Latin squares are selected to do auxiliary diffusion based on a chaotic sequence, achieving good diffusion results.The proposed algorithm has successfully encrypted all test images, and passes the key sensitivity test, statistical test, plaintext sensitivity test, robustness test and other tests.Moreover, the entropy of each encrypted image is very close to 8, the correlation coefficient is very small, close to 0. From the above analysis, the algorithm in this article performs better than other contrast encryption algorithms.It shows that the algorithm achieves a secure and fast encryption effect, simultaneously has robustness and practicability.
2) By the definition of M γ , it's easy to see that each element of F occurs exactly once in each row and column of M γ .So M γ is a Latin square too.
3) According to Theorem 1 and the definition of D, all columns of D form n disjoint transversals of M.
Firstly let's prove M 1 is orthogonal to M. By the definition of M 1 , the (i, j)th entry is g i + γ j (g i ).That is g i + γ j (g i ) = g i + (ag i + g j ) = (1 + a)g i + g j .(A.2) Because a 0, 1 and a −1(mod p), M 1 is still a Latin square different from M, M γ .
Assuming M 1 is not orthogonal to M, there must exist two positions (i, j), (i , j ), where (i, j) (i , j ), such that (g i + g j , (1 + a)g i + g j ) = (g i + g j , (1 + a)g i + g j ), namely      g i + g j = g i + g j (1 + a)g i + g j = (1 + a)g i + g j (A.3) Then either (i, j) = (i , j ) or a ≡ −1(mod p).Whatever either case, it's a contradiction with the definition of a or the assumption.Therefore M 1 is orthogonal to M. Similarly, we can prove M 1 and M γ , M and M γ are pairwise orthogonal Latin squares.Theorem 2 is proved.

Figure 1 :
Figure 1: Latin squares A, B and the juxtaposition array C

Figure 2 :
Figure 2: The encryption process

Figure 3 :
Figure 3: An example of doing scrambling according to a 4-transversal vance.The following figure is the decryption diagram.

Figure 6 :
Figure 6: Comparisons of decryption results with key changed

Table 1 :
Key sensitivity test results during encryption

Table 2 :
Key sensitivity test results during decryption

Table 3 :
The variance of six images

Table 4 :
Correlation test results of six images in this article

Table 5 :
Comparison with other algorithms

Table 6 :
Information entropy of six ciphertext images

Table 7 :
Lena's NPCR and UACI at specific positions

Table 8 :
The NPCR and UACI of six images

Table 11 :
Encryption and decryption time of six images