Dual-Region Encryption Model Based on a 3D-MNFC Chaotic System and Logistic Map

Abstract

Facial information carries key personal privacy, and it is crucial to ensure its security through encryption. Traditional encryption for portrait images typically processes the entire image, despite the fact that most regions lack sensitive facial information. This approach is notably inefficient and imposes unnecessary computational burdens. To address this inefficiency while maintaining security, we propose a novel dual-region encryption model for portrait images. Firstly, a Multi-task Cascaded Convolutional Network (MTCNN) was adopted to efficiently segment facial images into two regions: facial and non-facial. Subsequently, given the high sensitivity of facial regions, a robust encryption scheme was designed by integrating a CNN-based key generator, the proposed three-dimensional Multi-module Nonlinear Feedback-coupled Chaotic System (3D-MNFC), DNA encoding, and bit reversal. The 3D-MNFC incorporating time-varying parameters, nonlinear terms and state feedback terms and coupling mechanisms has been proven to exhibit excellent chaotic performance. As for non-facial regions, the Logistic map combined with XOR operations is used to balance efficiency and basic security. Finally, the encrypted image is obtained by restoring the two ciphertext images to their original positions. Comprehensive security analyses confirm the exceptional performance of the regional model: large key space ($2^{536}$) and near-ideal information entropy (7.9995), NPCR and UACI values of 99.6055% and 33.4599%. It is worth noting that the model has been verified to improve efficiency by at least 37.82%.

1. Introduction

In the digital age, protecting privacy and security has become far more challenging, and image encryption has emerged as a critical puzzle. As key information carriers, images contain sensitive contents from personal private data to national-security-related information. Yet images can be leaked easily during transmission or storage and can be attacked or misused maliciously. Image encryption technology secures the confidentiality of sensitive information with strong protection: it works by breaking the inherent statistical patterns of images and boosting resistance to unauthorized decryption. This makes it indispensable for protecting individual rights and societal security. The field also faces unique challenges, primarily stemming from the large data volume and redundancy of image files.

Classic encryption algorithms like the Data Encryption Standard (DES), Advanced Encryption Standard (AES), RSA [1], and Diffie–Hellman (DH) [2] could hardly handle the complexity of image data. Chaotic systems present a promising alternative due to their sensitivity to initial values [3,4,5,6,7,8,9]. For instance, a study proposed a chaotic system (TLCMCML) and applied it to a multi-image medical encryption algorithm [10]. A novel fractional-order delayed chaotic system was proposed and applied to image encryption [11]. Zhang et al., introduced a method for image encryption that utilizes an enhanced Lorenz chaotic system in conjunction with Galois field [12]. A facial image privacy protection approach based on 2D-DMHM and DNA cryptography demonstrated superior security and efficiency [13]. Furthermore, significant progress has been achieved in the application of chaotic systems in image encryption: based on memristor-based multi-scroll Hopfield neural networks, dynamic analysis and FPGA implementation have enhanced the hardware deployment capability of chaotic systems [14]; the fractional-order memristive Hopfield neural network has introduced hidden chaotic double-wing attractors, strengthening the complexity of the system [15]; the state-dependent variable fractional-order hyperchaotic system, by coupling quadratic maps, has provided a new scheme for high-performance image protection [16]; the two-dimensional coupled enhanced cubic hyperchaotic map, combined with exponential parameters, has achieved hierarchical saliency-aware multi-image encryption [17]. These studies have contributed numerous methods to the application of chaotic systems in encryption, yet the issue of fixed parameters remains unresolved, resulting in insufficient ability to resist analytical attacks. The proposed 3D-MNFC is introduced with time-varying parameters to solve this problem and added coupling mechanism to enhance the randomness.

Images that only use chaotic systems for encryption usually show weak robustness when subjected to interference attacks such as cropping. To solve this defect, the combination of chaotic systems with other disciplines has become a popular trend. A hybrid approach for medical image encryption that merges DNA-based encoding technology with elliptic curve cryptography has been described [18]. Deep learning models have also been applied to encryption, and Kirtee Panwar and his partners summarized the trends of image encryption based on it [19]. Based on the above analysis, this kind of combination seems to exhibit better performance [20,21,22,23,24,25,26,27]. Therefore, a complex encryption method integrating chaotic systems and other operations is required to protect facial regions, as they are highly sensitive. The constructed model, integrating a CNN-based generator, the proposed 3D-MNFC, DNA encoding and bit reversion, significantly ensures the security of facial regions. Cryptanalysis research also provides important references for the design of encryption schemes: For encryption systems based on binary bit-plane extraction and multi-chaotic maps, researchers have found that the diffusion and permutation parts can be cracked separately by the divide-and-conquer strategy [28]; a color image encryption algorithm based on the fractional-order hyperchaotic system (CIEA-FOHS) can be broken by chosen-plaintext attack methods [29]; encryption schemes based on Feistel networks and dynamic DNA encoding have been shown to have several flaws in the design of keys, chaotic sequences, Hill encryption, and other aspects [30]. To address these attack types, this study proposes a dual-region encryption model that integrates a CNN-based generator, the 3D-MNFC, DNA encoding, and bit reversion, thereby significantly ensuring the security of facial regions. Through NPCR/UACI analysis, information entropy analysis, and resilience tests against cropping/noise attacks, the model is verified to possess sufficient practicality and security.

In addition, there is still an efficiency problem. Striking a balance between computational complexity and security performance is essential. Segmenting the image and encrypting each region as needed is one solution. It is more time-intensive and computationally demanding to encrypt the whole image compared to encrypting regionally. However, most existing studies focus on uniform encryption of the entire image [31,32,33], and multi-region encryption algorithms based on face detection are rarely mentioned. As a result, an encryption model is required to align various performance metrics closely with their optimal levels and minimize computational time.

To address the above needs, this paper proposes a dual-region encryption model. The encryption model detects the facial areas in the image through a Multi-task Cascaded Convolutional Network (MTCNN). For the facial region, 3D-MNFC is proposed in this study. Built upon the Lorenz and Chen systems, 3D-MNFC incorporates time-varying parameters, nonlinear terms and state feedback terms. Through analyses of various metrics, it has been verified to possess complex dynamic characteristics. After generating the public key via the CNN key generator, the encryption process for the facial region takes 3D-MNFC as its core and combines it with multi-level encryption operations to achieve secure encryption. The encryption for non-facial regions is relatively simple: a key stream is generated by the Logistic map and encryption is carried out through XOR operations. The workflow of this encryption model is illustrated in Figure 1. Analysis of this encryption model shows that it has good robustness and reduces encryption time.

The contributions of this model can be summarized as follows:

(1)

A novel three-dimensional Multi-module Nonlinear Feedback-coupled Chaotic System (3D-MNFC) is proposed, which has been verified to exhibit complex chaotic characteristics through a series of rigorous tests.

(2)

A new method which integrates a CNN-based key generator, the proposed 3D-MNFC, DNA encoding, and bit reversion is proposed. It provides robust security for facial regions.

(3)

We propose a composite dual-region encryption model. After undergoing a comprehensive suite of analyses and comparisons, this model demonstrates a balance between computational efficiency and security performance.

Finally, the remaining sections of this paper are described as follows: Section 2 introduces some fundamental theories. Section 3 proposes and analyzes 3D-MNFC. Section 4 elaborates the dual-region encryption model. Section 5 conducts a security analysis of the model. Section 6 summarizes the main contributions of this work and discusses potential directions for future research.

2. Fundamental Theories

This section introduces the fundamental theories relevant to this research, including two classical chaotic systems and the application of DNA encoding in encryption, providing theoretical support for the subsequent design of 3D-MNFC and the construction of the encryption model.

2.1. Chaotic System

Image encryption is a core part of information security. It is applied to break down the inherent pixel relationships and statistical patterns in images through advanced scrambling and diffusion. Nowadays, most image encryption algorithms are based on chaotic systems. One standout example is the use of a quadratic polynomial hyperchaotic map [34]. This approach has acquired impressive results, specifically achieving extremely high levels of information entropy. Furthermore, Nan-Run Zhou and his colleagues developed an encryption scheme based on bit-level expansion [35], which has proven resilient across various test conditions. A lightweight image encryption method [36] tailored for IoT networks built on multiple chaos systems was also introduced. This method holds up well against pixel intensity modification attacks. Although these methods yield satisfactory results in certain areas, fixed parameter settings impose an inherent restriction on their flexibility. The field still needs an encryption algorithm that can smoothly balance multiple key indicators. It can ensure comprehensive security while avoiding any compromise on efficiency.

The Lorenz and Chen systems are classical nonlinear dynamical models in chaos theory. They were known for their complex chaotic dynamics. For this reason, the encryption model we propose in this paper uses 3D-MNFC based on these two frameworks. The Lorenz system (1) is defined as follows:

$$\left\{\begin{array}{c}{\displaystyle \frac{dx}{dt}}=\sigma (y-x)\hfill \\ {\displaystyle \frac{dy}{dt}}=x(\rho -z)-y\hfill \\ {\displaystyle \frac{dz}{dt}}=xy-\beta ,\hfill \end{array}\right.$$

(1)

where x is convection intensity; y is horizontal temperature gradient; z is vertical temperature gradient; and $\sigma$, $\rho$, $\beta$ are system parameters. When $\sigma$ = 10, $\rho$ = 28, and $\beta$ = 8/3, the system enters a chaotic state.

The Chen system (2) is defined as follows:

$$\left\{\begin{array}{c}{\displaystyle \frac{dx}{dt}}=a(y-x)\hfill \\ {\displaystyle \frac{dy}{dt}}=(c-a)x-xz+cy\hfill \\ {\displaystyle \frac{dz}{dt}}=xy-bz,\hfill \end{array}\right.$$

(2)

where a, b, c are system parameters. When a = 35, b = 3, and c = 28, the system exhibits typical chaotic behavior.

2.2. DNA Encoding

In the field of biology, deoxyribonucleic acid (DNA) molecules exhibit a double-helix structure, composed of four nucleotide bases: adenine (A), thymine (T), guanine (G), and cytosine (C). The vast diversity of DNA base sequences serves as the molecular basis for biological diversity, with well-established base-pairing rules—A forms complementary pairs with T, and C forms complementary pairs with G.

For encryption applications, these four bases can be mapped to 2-bit binary values (e.g., A to “00”, C to “01”, G to “10”, and T to “11”). This study adopts the encoding rules detailed in

Table 1. DNA encoding rules.

Base	Rule 1	Rule 2	Rule 3	Rule 4	Rule 5	Rule 6	Rule 7	Rule 8
A	00	00	01	01	10	10	00	00
T	11	11	10	10	01	01	11	11
C	01	10	00	01	00	10	01	10
G	10	01	11	11	10	00	10	01

, where each rule corresponds to a unique base permutation strategy.

There is the workflow of DNA-encoded transformation. Each pixel value ranging from 0 to 255 is converted into an 8-bit binary string. That string is divided into four smaller 2-bit substrings. Each of these 2-bit chunks gets mapped to a corresponding DNA base, using whatever encoding rule was picked for the process. A 4-base DNA sequence that acts as a stand-in for the original pixel is generated. The next move is to scramble them. The key used here comes from the chaotic system that is initialized with the public and private keys the CNN generates. This scrambling step matters a lot because it breaks up the spatial correlation in the pixel data, and that is a big part of hiding the original structure of images so it cannot be easily decoded. The last step is reversing the mapping on those scrambled DNA sequences to turn them back into 8-bit binary strings. By converting those binary strings to decimal values, they are exactly the encrypted pixels.

Decryption is the reverse of the above process. Taking the encrypted pixels and converting them back to DNA sequences, we use the same chaotic key to unscramble those sequences to retrieve the original DNA sequences. Then, the mapping is reversed again to be turned into binary strings, and those strings are converted to decimal pixel values. Crucially, we must use the exact same encoding rule used for encryption.

3. The Proposed 3D-MNFC

This section introduces the composition of the proposed 3D-MNFC and shows the tests related to it. The results declare that it has good chaos and sufficient randomness.

3.1. The Composition of 3D-MNFC

A three-dimensional Multi-module Nonlinear Feedback-coupled Chaotic System (3D-MNFC) is constructed:

$$\left\{\begin{array}{c}x=(1-\alpha )L_x+\beta H_x\hfill \\ y=(L_y+\alpha C_y)/2\hfill \\ z=\alpha C_z,\hfill \end{array}\right.$$

(3)

where x, y, z are state parameters; $\alpha$ is a weighted coefficient; and $\beta$ serves as a variable control parameter. L and C refer to the modified Lorenz system and Chen system. Their specific formulations are detailed as follows:

$$\left\{\begin{array}{c}{L}_x=a_t(y-x)+\beta F_y\hfill \\ L_y=c_{t}x-y-xz\hfill \\ L_z=xy-bz,\hfill \end{array}\right.$$

(4)

$$\left\{\begin{array}{c}{C}_x=a_t(y-x)\hfill \\ C_y=(c_t-a_t)x-xz+c_{t}y\hfill \\ C_z=xy-dz+\beta G_z,\hfill \end{array}\right.$$

(5)

where $a_t$ and $c_t$ are time-varying parameters designed to address the periodic limitation of fixed-parameter chaotic systems. Specifically, we introduce periodic perturbation terms (sine/cosine functions) to modulate the base parameters of Lorenz and Chen subsystems: the low-frequency terms (0.05t, 0.02t, etc.) simulate the natural nonlinear fluctuations (e.g., fluid vibration), while the weight coefficients (0.3, 0.2, etc.) control the perturbation amplitude to prevent the system from falling into periodic orbits. Physically, $a_t$ corresponds to the convection intensity of the Lorenz subsystem, and $c_t$ corresponds to the horizontal temperature gradient of the Chen subsystem. The time-varying nature of $a_t$ and $c_t$ breaks the thermal equilibrium of the system, expanding the phase space trajectory and enhancing the unpredictability of chaotic behavior. $H_x$ and $F_y$ represent the nonlinear cross terms and $G_z$ is the state feedback term. They are designed to generate high-complexity chaotic sequences for image encryption, with the core goal of enhancing randomness and avoiding periodicity. The specific formulations are detailed as follows:

$$\left\{\begin{array}{c}{t}_1=sin(0.05\times t)\times 0.3+cos(0.02\times t)\times 0.2+1.0,\hfill \\ t_2=cos(0.07\times t)\times 0.4+sin(0.03\times t)\times 0.1+1.0,\hfill \\ a_t=a{t}_1,\hfill \\ c_t=c{t}_2,\hfill \end{array}\right.$$

(6)

$$\left\{\begin{array}{c}{H}_x=0.2·x·(1-{\displaystyle \frac{x^2}{1000}}),\hfill \\ F_y=e\times {\displaystyle \frac{y^2(z-x)}{0.3+y^2}}+\beta [sin\left(y\right)cos(x+y)+sin{\displaystyle \frac{y}{3}}cos{\displaystyle \frac{x}{4}}],\hfill \\ G_z=kztanhytanhx+0.1z·e^{-0.01(x^2+y^2)}.\hfill \end{array}\right.$$

(7)

In Equation (7), k is a state feedback intensity adjustment parameter, whose core function is to dynamically adjust the weight of the state feedback term, avoiding system oscillation caused by excessive feedback or insufficient randomness caused by weak feedback. The term $kztanhytanhx$ performs nonlinear compression on state variables x and y through hyperbolic tangent functions $tanhy$ and $tanhx$ (output range −1∼1), then couples with state variable z to enhance the nonlinear correlation between system states. Combined with the subsequent exponential decay term $0.1z·e^{-0.01(x^2+y^2)}$, it jointly suppresses the system from falling into periodic orbits, improves the random characteristics of chaotic sequences.

As a result, a high-performance 3D-MNFC is established. This chaotic system significantly mitigates the limitation of vulnerability to brute-force attacks, which arises from the inflexible parameter of traditional chaotic systems.

3.2. Lyapunov Exponent and Trajectory

The phase distribution of a chaotic system can intuitively reflect the complexity of the system’s chaotic behavior. The Lyapunov exponent, a core characteristic of chaotic systems, is used to quantify the degree of divergence or convergence of system trajectories. A positive Lyapunov exponent value is generally recognized as a key criterion for determining the presence of chaotic behavior in a system. Figure 2 presents the 3D trajectory diagram of 3D-MNFC proposed in this study, along with the phase distributions of the attractor across different planes. Figure 3 shows the Lyapunov exponent diagram of the proposed 3D-MNFC.

3.3. Bifurcation Diagram

Different parameters exert considerable impacts on chaotic systems, and bifurcation diagrams are capable of illustrating the dynamic characteristics exhibited by such parameter variations. When the initial states $x_0=y_0=z_0=0.1$, the control parameters $\alpha$ and $\beta$ fall within the interval (0, 2), and the ergodicity of the proposed 3D-MNFC is demonstrated in Figure 4.

3.4. Permutation Entropy

Permutation entropy (PE), proposed by Bandt and Pompe [37], is a quantitative index for measuring the complexity of nonlinear time series. It converts continuous time series into discrete permutation patterns and evaluates the complexity of the series based on the uniformity of pattern distribution. The more uniform the pattern distribution, the stronger the randomness of the series, and consequently, the higher the entropy value. The calculation formula for permutation entropy is expressed as (8)

$$PE=-\sum _{i=1}^m{P}_{i}ln{P}_i.$$

(8)

Normalizing it to the interval [0, 1] yields (9)

$$PE={\displaystyle \frac{PE}{ln(m!)}}.$$

(9)

Figure 5 presents the permutation entropy analysis of 3D-MNFC, and the results demonstrate that the sequences generated by it exhibit higher unpredictability.

3.5. 0-1 Test

The 0-1 test, a chaos identification method developed by Gottwald and Melbourne, is used to determine whether chaotic behavior exists in a deterministic time series. To implement this test for a chaotic sequence f, the following formula is applied (10):

$$\left\{\begin{array}{c}p\left(n\right)=\sum _{i=1}^n\varphi \left(i\right)cos\left(ci\right),\hfill \\ q\left(n\right)=\sum _{i=1}^n\varphi \left(i\right)sin\left(ci\right),\hfill \\ M\left(n\right)=\underset{n\to \infty }{lim}{\displaystyle \frac{1}{N}}\sum _{i=1}^N\left[{(p(n+i)-p\left(i\right))}^2+{(q(n+i)-q\left(i\right))}^2\right],\hfill \\ K={\displaystyle \frac{logM\left(n\right)}{logn}},\hfill \end{array}\right.$$

(10)

where N is one-tenth of the sequence length. If the test statistic K converges to 0, it indicates that the system exhibits regular motion; if K converges to 1, this confirms the presence of chaotic behavior in the system. Figure 6 presents the 0-1 test results for the proposed 3D-MNFC. The range of the K value indicates that 3D-MNFC exhibits an extremely high degree of chaotic behavior.

The parameter $\alpha$ was set within the range of 0.10 to 1.50, and its corresponding K values were distributed between 0.988382 and 0.992469, with an average value of 0.9908. There was no obvious monotonic trend in the overall K value variation, but all values remained close to 1, with a local minimum observed only at $\alpha$ = 0.30. For parameter $\beta$, which was also tested in the range of 0.10 to 1.50, its K values exhibited a clear monotonic decreasing trend, gradually declining from 0.999777 to 0.992389, with an average value of 0.9958. All the obtained K values were significantly higher than the chaos judgment threshold of 0.95, which verifies that the system maintains robust chaotic characteristics within the tested parameter ranges of $\alpha$ and $\beta$. The results indicate that 3D-MNFC exhibits an extremely high degree of chaotic behavior.

3.6. NIST SP 800-22 Test

NIST SP 800-22 [38] is a standard issued by the National Institute of Standards and Technology (NIST) for the evaluation of random number and pseudorandom number generators. This test comprises 15 individual test items, and each item yields a p-value. Only when the p-value exceeds 0.01 can the randomness of the random number sequence be deemed sufficient for application requirements. The test results presented in

Table 2. The results of NIST tests.

Test	X-seq	Y-seq	Z-seq	Result
Approximate Entropy	0.536292	0.493724	0.299761	Success
Block Frequency	0.269568	0.373244	0.154652	Success
Cumulative Sums	0.062363	0.127765	0.019553	Success
Discrete Fourier Transform Test	0.425317	0.3660778	0.193279	Success
Frequency	0.161927	0.462949	0.325863	Success
Linear Complexity	0.617653	0.882476	0.415933	Success
Longest Run	0.497203	0.353481	0.337534	Success
Non Overlapping Template	0.517501	0.565158	0.494387	Success
Overlapping Template	0.885625	0.901368	0.804579	Success
Runs Test	0.422496	0.795367	0.544602	Success
Random Excursions	0.525860	0.672229	0.372714	Success
Random Excursions Variant	0.729659	0.490996	0.088815	Success
Rank	0.362564	0.093562	0.026571	Success
Serial	0.863365	0.712044	0.052736	Success
Universal	0.188326	0.155473	0.027359	Success

demonstrate that the 3D-MNFC has passed the NIST SP 800-22 test, confirming its applicability for image encryption.

4. The Proposed Encryption Model

In this section, we introduce the MTCNN model utilized. Then we delve into the encryption method for facial regions and non-facial regions. After integrating the above processes to construct the overall encryption model, we provide the decryption algorithm.

4.1. Face Detection Based on MTCNN

Face detection has long been a cornerstone of computer vision research. It involves identifying and pinpointing the location of human faces accurately for input images. In recent years, there have been rapid advances in this technology, with many innovative methods emerging [39,40,41]. As a Multi-task Cascaded Convolutional Network tailored specifically for face detection and facial key point localization, MTCNN has a three-stage cascaded network structure [42]. Its cascaded architecture is shown in Figure 7. This architecture can extract key facial features layer by layer from low-resolution images, expanding the application scenarios of the encryption algorithm. In addition, MTCNN supports the customization of the ${min}_{facesize}$ parameter, which can flexibly adapt to the minimum face size under different resolutions and thus meets the requirement for accurate localization of facial regions. Moreover, MTCNN can locate facial key points during the detection process instead of only returning face bounding boxes, which enables fine-grained segmentation of facial regions. Compared with lightweight and efficient models or accurate models with more complex architectures, MTCNN to strike a balance between high accuracy and fast performance in complex scenarios. Zhang et al. verified that it can obtain the position of face more accurately [43]. And it has a higher operational efficiency [42], being able to achieve real-time recognition [44]. Hence, the face detection based on MTCNN was applied to the proposed encryption model, aiming at balancing the accuracy and efficiency.

The Proposal Network (P-Net) is a streamlined convolutional model that spots potential facial regions and pulls initial facial key points. It resizes the input image across multiple scales, which builds out an image pyramid. A 12 × 12 sliding window scans each layer of the pyramid. Each window goes through binary classification and bounding box regression. The likelihood of a face being present and the necessary offsets can be delivered. Non-Maximum Suppression (NMS) then refines these outputs: it filters out low-confidence candidate boxes to lock in approximate facial region locations and preliminary key point data.

The Refine Network (R-Net) is key to sharpen face detection outcomes. It starts with the candidate regions identified by P-Net, maps them back to the original image, then crops and resizes each one to a fixed 24 × 24 input dimension. It runs a second round of classification and bounding box regression by using a more complex network structure. After that, NMS and threshold checks are applied to filter the results, leaving only refined face boxes. The result is fewer false detections, along with a noticeable boost in overall accuracy.

The Output Network (O-Net) is the final stage, undertaking the tasks of high-precision face bounding box localization and facial key point detection. It maps the candidate boxes output by the R-Net back to the original image and processes them into 48 × 48 inputs. With the help of a deeper network structure, it simultaneously accomplishes face classification, bounding box regression, and the localization of five key points (both eyes, the tip of the nose, and the corners of the mouth). After non-maximum suppression, it outputs the precise localization results that can be used for subsequent tasks.

To defend against some extreme attacks, we conduct face detection on the test images under the conditions of original image, low brightness, high brightness, low contrast, high contrast, and Gaussian noise, respectively. Figure 8 shows the detection results of the Lena image under the above conditions.

Table 3. Robustness test results of face detection.

Image	Original Image	Low Brightness	High Brightness	Low Contrast	High Contrast	Gaussian Noise
Lena	1	1	1	1	1	1
Barbara	1	0	1	1	1	1
Cameraman	1	1	1	0	1	1
Female	1	1	1	1	1	1
Male	1	0	1	1	1	1

shows the number of faces detected by MTCNN in images under different environments, which demonstrates that it can accurately detect faces in most cases. Therefore, it is sufficient for face detection before encryption.

4.2. Encryption for the Facial Region

4.2.1. CNN Key Generation

Erkan, U. integrated deep learning into key generation [45], so we used a deep Convolutional Neural Network (CNN) key generation model. The core idea here is to pull out high-level semantic features from the input image by the CNN. These features then go through transformation and binarization to create a binary public key. It not only ensures the key has a strong link to the image but also boosts its randomness and uniqueness.

SHA-256 generates keys solely based on the hash values of images, and its sensitivity to minor image variations is lower than that of CNN-based feature extraction. Therefore, we only use it as a seed rather than directly generating keys with it. Networks such as InceptionNet and ResNet contain numerous complex structures, which may lead to unstable key generation logic. Given that this study aims to improve encryption efficiency, lightweight networks appear to be the optimal choice. However, lightweight networks like MobileNet have relatively low feature dimensions, resulting in weak correlation between the generated keys and image content, which is prone to key collision. Clearly, the demand for strong key–content correlation takes precedence over the pursuit of speed. As a result, we chose VGG16 as our base feature extraction network to accomplish it. The fact that it is pre-trained on large-scale datasets gives it a strong track record of capturing multi-scale image features. Maps with multiple dimensions that come out of its convolutional layers do a solid job of capturing the input image’s intrinsic attributes. This is a major advantage, because it lets us pick up on subtle differences between different images.

To tweak VGG16 for public key generation, we stripped out the original classification layers at the top of the network. Then a custom feature transformation module was added: a Flatten layer was used to turn the convolutional feature maps into a one-dimensional vector. Next, we fed that vector into two back-to-back dense layers. These handle dimensionality reduction and non-linear transformation. The first dense layer spits out a 2048-dimensional feature vector, and the second one compresses that down to 512 dimensions. Both of them used sigmoid activation. The 512-dimensional vector is the base for generating the public key. Figure 9 lays out the full workflow in detail.

The extracted features can ensure not only a strong correlation between the key and the image but also the uniqueness of the key. The network structure of VGG16, pre-trained on large-scale datasets, enables its shallow convolutional layers to capture low-level visual features such as image edges and textures, while the deep convolutional layers can abstract high-level semantic features including facial contours. These features are directly determined by image content without redundant information irrelevant to the image, and the unique facial attributes of portrait images will form exclusive feature vectors in the deep feature maps, laying a foundation for the strong correlation between the key and the image. Meanwhile, the features extracted by VGG16 reach an initial dimension of 25088 after transformation via the Flatten layer, which is then compressed to 512 dimensions through two fully connected layers. The collision probability of feature vectors between any two different images in the high-dimensional space is close to zero. Additionally, the fully connected layers adopt the Sigmoid activation function for nonlinear transformation, which further amplifies the subtle differences between features of different images. Even for portrait images with similar content, differentiated feature vectors can be generated, ensuring the uniqueness of the key. Furthermore, the features extracted by VGG16 reflect the comprehensive information of the global semantics and local details of the image, rather than a simple mapping of individual pixels or local regions. Attackers can hardly forge feature vectors consistent with the original image by tampering with local pixels of the image. The content relevance of the feature vectors can be directly transmitted to the final key, endowing the key with an “image-binding characteristic”—only the features of the corresponding image can generate valid keys, thus guaranteeing the directionality and security of encryption.

The above introduces how the CNN-based key generator works, and the following information is on applying it to actual encryption. When encryption starts, it produces a content-dependent public key—with the SHA-256 hash value serving as the seed. And a random private key is concurrently generated to generate a main key through XOR. Specifically, the facial region employs a dual-key architecture composed of a public key and a private key, which are combined to form the main key. The main key is then subjected to matrix transformation to extract the initial values and control parameters for the chaotic system.

4.2.2. Operations Based on 3D-MNFC

A sophisticated mechanism that integrates the 3D-MNFC, DNA encoding, and bit reversion is employed to encrypt facial regions. After obtaining the initial values and control parameters for the chaotic system, the encryption process proceeds in four steps:

Step 1. Permutation: The 3D-MNFC system extracts initial values ($x_0$ = $y_0$ = $z_0$ = 0.1) and control parameters ($\alpha$ = 0.7, $\beta$ = 0.9) from the master key generated by CNN and iterates to generate a 3D chaotic sequence. After normalizing to the pixel coordinate range, a permutation index matrix is constructed to realize the random mapping of pixel positions through a row–column permutation algorithm. This step disrupts the spatial correlation of the original image.

Step 2. DNA encoding: One of the eight rules of DNA encoding is dynamically selected. Each 8-bit binary value of pixel is converted into a DNA sequence, and it is then remapped back to a pixel value.

Step 3. Diffusion: The chaotic sequence generated by 3D-MNFC is normalized (0–255) and rounded to generate a keystream, which performs bitwise XOR operation with the pixel values after DNA encoding. This ensures that minor changes in individual pixels are diffused across the entire facial region to eliminate localized statistical patterns.

Step 4. Bit Reversion: A bit reversal mask is constructed based on the parity of the chaotic sequence (e.g., reversing the first 4 bits when the sequence value is positive, and reversing the last 4 bits when negative). The bit reversal operation is performed on the binary string of the diffused pixels, and then a second XOR operation is performed with another set of chaotic keystreams. This step further enhances encryption strength by introducing an additional layer of complexity.

Relevant information about the encrypted image of the facial region is preserved, which will be utilized in the subsequent fusion of the two regions.

4.3. Encryption for the Non-Facial Region

Non-facial regions have relatively lower security requirements. Thus, we adopt an encryption scheme with fewer steps. It combines the Logistic chaotic map with XOR operation. The Logistic map is used to generate chaotic sequences by (11):

$$x_{n+1}=\mu x_n(1-x_n),$$

(11)

where $\mu$ is the control parameter. The map exhibits complex chaotic behavior when 3.5699 < $\mu$ ≤ 4. This map significantly reduces computational work quite a bit. During encryption, this region adopts a single-key architecture, where a 3-byte private key is used to control the map’s initial values, parameters, and random seed. Once the chaotic sequence is generated, it does not work alone. Instead, it teams up with a random mask. These two steps work together to create the keystream. This keystream runs an XOR operation with the pixels in non-facial areas to accomplish encryption.

This method takes simple measures, but it can still resist common attacks. It markedly improves encryption efficiency. This advantage is more pronounced in images where non-facial regions account for a large part.

4.4. The Complete Image Encryption Model

We employ the techniques described earlier to elaborate on the process of the dual-region encryption model.

The model utilizes MTCNN to detect human faces in the image and obtain the bounding box coordinates of these facial regions. The image is segmented into facial and non-facial regions according to these coordinates. Subsequently, the two regions undergo independent encryption processes: For the facial region, a CNN-based key generator is first used to obtain a public key, which is then combined with a randomly generated private key to produce a main key. The 3D-MNFC system extracts initial values and control parameters based on the main key, iterates 500 times to generate a three-dimensional chaotic sequence, and then converts it into the encryption sequence after normalization and rounding. Thereafter, the high-security encryption is implemented using the approach proposed in Section 4.2, which integrates the CNN key generator, the 3D-MNFC, DNA encoding, and bit reversion. For the non-facial region, the Logistic map determines the initial values, control parameters, and random seeds by means of a 3-byte private key, and after iteratively generating a chaotic sequence, performs a modulo-256 addition operation with a random mask to produce the encryption sequence. In accordance with the method outlined in Section 4.3, rapid encryption is achieved through the Logistic map and XOR operation. Finally, the encrypted facial and non-facial regions are restored to their original positions in the image, resulting in a fully encrypted image.

4.5. Decryption Algorithm

Based on the encryption model described above, the decryption algorithm is a completely reverse process, as shown in Figure 10.

For decrypting the non facial region, a keystream is generated using the encryption key. By performing an XOR operation between this keystream and the encrypted non facial image, the original non-facial image can be restored.

Decrypting the facial region involves the key operations below: First, bit order reversal is conducted: using the same chaotic sequence employed during encryption, a bit reversal matrix is generated. An XOR operation between this matrix and the encrypted facial image is then performed to recover the original bit sequence. Second, the diffusion process is reversed: the chaotic matrix used in the encryption phase is regenerated, and an XOR operation with this matrix is executed to restore the facial region to its pre-diffusion state. To fully restore the facial region image, the bit-reversed image must undergo a third core operation: inverse DNA encoding. This involves applying the corresponding decoding method based on the rule index used during encryption. Subsequently, an inverse scrambling process is performed on the decoded image, ultimately yielding the decrypted facial image. Ultimately, the decrypted facial and non facial region images are integrated to obtain the complete decrypted image. The final encryption and decryption effects of different images are shown in Figure 11.

5. Experimental Results

This section conducts a performance analysis of the proposed encryption model, covering both security and efficiency. The computations were performed on a computer equipped with an Intel(R) Core(TM) Ultra 7 255H (2.00 GHz) processor, 32.0 GB of memory, and Windows 11. The environment was built using Python 3.10.11, utilizing simulation libraries such as time, random, math, hashlib, numpy 2.1.3, matplotlib 3.10.7, opencv-python 4.11.0.86, mtcnn 1.0.0, tensorflow 2.19.0 and keras 3.10.0 to establish the simulation environment. The initial parameters for the encryption model were set as $x=y=z=0.1$, with control parameters $\alpha =0.7$ and $\beta =0.9$.

5.1. Key Space Analysis

The key space refers to the set of all possible keys in an encryption algorithm, and its size (i.e., the number of keys) is determined by the key length and the character set used. Undoubtedly, an increase in the key space enhances security, as it exponentially raises the difficulty for attackers to find the correct key through brute-force attacks. In the constructed encryption model, there are two algorithms: the encryption algorithm for portrait regions and that for non-portrait regions. An innovative key format is adopted for the non-portrait region, which consists of an array of three integers. Each integer can take one of 256 possible values, resulting in a key space of $2^{24}$. The facial region employs a more complex dual-key system: a public key and a private key, both represented as 512-bit binary arrays, thus having a key space of $2^{512}$. The combination of the key spaces of these two encryption algorithms forms a more robust overall key space, which is $2^{536}$. This cumulative space exceeds the key spaces of previous algorithms [46,47,48,49] in

Table 4. Key space of different schemes.

Scheme	Proposed	[46]	[47]	[48]	[49]
Key space	$2^{536}$	$2^{256}$	$2^{272}$	$2^{419}$	$2^{469}$

, indicating that our encryption model has an extremely large key space and can provide an extremely high level of security.

For high-similarity images, the effective key space is calculated as follows:

The 3D-MNFC system maintains a strong chaotic state only when $\alpha \in (0.2,0.8)$ and $\beta \in (0.5,1.5)$. The ratio of effective chaotic parameters $R_{chaos}$ is calculated as 0.3. Let S denote the image similarity, and let $P\left(S\right)$ denote the key collision probability ($P\left(0.85\right)=0.1$). The collision-free ratio is $R_{\text{no-collision}}=1-P\left(S\right)$. The effective key space is

$$K_{\mathrm{eff}}\left(S\right)=K_{\mathrm{theo}}\times R_{\mathrm{chaos}}\times R_{\text{no-collision}}.$$

(12)

For example, when $S=0.85$, $K_{\mathrm{eff}}\left(S\right)=2^{536}\times 0.3\times 0.9\approx 2^{534}$. It is far larger than the brute-force attack threshold ($2^{128}$), confirming the system’s security even for high-similarity images.

5.2. Information Entropy Analysis

Information entropy serves as a pivotal metric for evaluating the security of encrypted images. It quantifies the inherent uncertainty and randomness in ciphertext images, thereby effectively gauging the extent to which an encryption algorithm obscures the statistical properties of the original image. For an 8-bit grayscale image (pixel values range from 0 to 255), the maximum theoretical information entropy is 8 bits. When the entropy of the encrypted image approaches 8, there is a highly chaotic distribution of pixels. This is a characteristic that complicates attackers’ efforts to deduce details of the original image through statistical analysis. The calculation method is as follows (13):

$$H\left(x\right)=-\sum _{i=1}^N{p}_i\times lo{g}_2{p}_i,$$

(13)

where $p_i$ is the frequency of occurrence of each pixel value (0–255) in the ciphertext image. Through calculations, the information entropy results of various tested images are summarized in

Table 5. Information entropy of the images through the proposed encryption model.

Image	Plaintext Image	Ciphertext Image
Lena	7.4331	7.9995
Barbara	7.5662	7.9995
Cameraman	7.0097	7.9992
Female	7.0526	7.9996
Male	7.5237	7.9998

. Furthermore,

Table 6. Comparison of information entropy of the encrypted Lena image.

Scheme	Proposed	[50]	[51]	[52]	[53]	[54]
Entropy	7.9995	7.9992	7.9991	7.9987	7.9993	7.9994

compares the entropy of the proposed encryption scheme and other schemes [50,51,52,53,54] after encrypting the Lena image. Importantly, our proposed model achieves the highest information entropy among those schemes. The finding demonstrates its ability to stand up to more advanced network attacks.

5.3. Encryption Efficiency Analysis

The proposed model is designed to enhance security and effectively reduce encryption time. As a result, we calculate its working time and compare it with other encryption schemes [33,55,56,57,58] in

Table 7. A comparison of time efficiency between the proposed model and other schemes.

Scheme	Proposed	[55]	[33]	[56]	[57]	[58]
Time(s)	1.07	4.27	3.06	1.42	1.24	1.12

. Additionally, the scheme originally applied for facial regions is also compared with the dual-region model. In the comparison, the time costs of both the dual-region encryption and the full-image encryption include the loading and initialization time of MTCNN and VGG16, thus avoiding comparison bias caused by model startup overhead. After encrypting various initial images with both methods, we found that the proposed model takes less time to complete the process. The detailed data are shown in

Table 8. Improvement in the time efficiency of the encryption model.

Image	Dual-Region Encryption	Full-Image Encryption	Improvement
Lena	1.08 s	2.04 s	47.06%
Cameraman	0.93 s	1.5 s	38.00%
Barbara	1.13 s	2.02 s	44.06%
Female	0.97 s	1.56 s	37.82%
Male	1.37 s	3.63 s	62.26%

. These results fully illustrate that the dual-region model achieves significant improvements in encryption efficiency, making it balance data security with fast processing capabilities.

5.4. Correlation Analysis

The level of association between pixels in an image serves as a pivotal metric in assessing the robustness of an encryption algorithm. In natural images, adjacent pixels typically demonstrate a strong correlation in horizontal, vertical, and diagonal orientations. This link is often embraced by a correlation coefficient close to 1. A successful encryption scheme aims to disrupt this correlation by approaching a correlation coefficient of 0. To obtain a full picture of how pixels depend on each other in an image’s spatial domain, we should calculate the covariance and standard deviation of the pixel sequence. This lets us derive the correlation coefficient and analyze those three directions we mentioned earlier. The two formulas are given, respectively, as follows (14) and (15):

$$Cov(x,y)={\displaystyle \frac{1}{N}}\sum _{i=1}^N(x_i-\overline{x})(y_i-\overline{y}),$$

(14)

$$r_{xy}={\displaystyle \frac{Cov(x,y)}{\sqrt{D\left(x\right)\times D\left(y\right)}}},$$

(15)

where x, y represent two random variables, $x_i$ and $y_i$ are the i-th sample observation values of them, $\overline{x}$ and $\overline{y}$ are the sample means of x and y, N is the number of samples, and $D\left(x\right)$ and $D\left(y\right)$ are the sample variances respectively.

If the correlations in the horizontal, vertical, and diagonal directions are significantly reduced after encryption, it indicates that the encryption algorithm effectively destroys the original pixel correlation, greatly increasing the difficulty of resisting statistical attacks. Figure 12 shows the correlation distribution of two adjacent pixels for three directions of Cameraman, and the specific data are recorded in

Table 9. Correlation statistics before and after encryption.

Direction	Lena		Cameraman		Barbara
	Original Image	Encrypted Image	Original Image	Encrypted Image	Original Image	Encrypted Image
Horizontal	0.9747	−0.0008	0.9335	0.0078	0.8597	0.0022
Vertical	0.9863	−0.0008	0.9592	0.0045	0.9591	0.0008
Diagonal	0.9627	0.0016	0.9087	−0.0021	0.8418	−0.0027

. The results vividly illustrate the model’s outstanding performance in dismantling statistical pixel correlations.

5.5. Histogram Analysis

With the aim of assessing the pixel distribution characteristics of natural images, uniformity analysis places particular focus on the tendency of grayscale values to cluster in specific regions, such as the concentration of skin-tone grayscale values in portrait images. This method generates histograms for the original and encrypted images, then uses these histograms to count how many pixels of each grayscale level. The uniformity of this distribution is quantified by the histogram uniformity coefficient. The ideal value should approach 1/256. A high uniformity indicates that encryption has effectively disrupted the pixel distribution and has hidden statistical features.

Figure 13 is the histograms of different images encrypted by our proposed encryption model. This outcome highlights the model’s effectiveness in breaking down the pixel clustering patterns inherent in the original image and significantly enhancing the statistical randomness of the encrypted image. This strengthens its resistance to statistical analysis attacks successfully.

5.6. Avalanche Effect Analysis

The avalanche effect refers to a phenomenon where a tiny change in the initial conditions leads to a drastic alteration in the encryption output. Standards like Number of Pixel Change Rate (NPCR) and Unified Average Changing Intensity (UACI) are used to reflect it. They, respectively, employ formulas detailed in (16) and (17):

$$NPCR(img1,img2)={\displaystyle \frac{1}{MN}}\sum _{i=1}^M\sum _{j=1}^{N}dif{f}_{ij}\times 100\%,$$

(16)

$$UACI(img1,img2)={\displaystyle \frac{1}{MN}}\sum _{i=1}^M\sum _{j=1}^N{\displaystyle \frac{\left|img1\right(i,j)-img2(i,j\left)\right|}{255}}\times 100\%,$$

(17)

where M and N are the height and width of the original image. The encrypted image (img1) undergoes a single bit flip to obtain a new encrypted image (img2). $dif{f}_{ij}$ is the pixel difference at position (i, j) between img1 and img2.

In this encryption model, the encryption algorithm for the portrait region, as the core content, must achieve indicators infinitely close to the ideal ones. For a 256 × 256 image, at a certain significance level, the values of NPCR and UACI are expected to be 99.6094% and 33.4635%. After randomly modifying one bit of the Lena plaintext image and calculating these two indicators, our results show that the NPCR value reaches 99.6055% and the UACI value is 33.4599% for Lena. And the values of other images are illustrated in

Table 10. The results of avalanche effect analysis.

Indicator	Lena	Barbara	Cameraman	Female	Male
NPCR	99.6055%	99.6015%	99.5972%	99.6038%	99.5960%
UACI	33.4599%	33.4368%	33.4577%	32.4563%	33.4370%

. These findings underscore the encryption scheme’s remarkable differential sensitivity and robust diffusion capabilities. Moreover, we also performed calculations on the non-facial regions. For the non-facial region of the Lena image, the NPCR value reaches 99.5775% and the UACI value stands at 31.7058%. Although these values are not as close to the ideal benchmarks as those of the facial region, they are more than sufficient to meet the encryption requirements for this non-sensitive part of the image.

5.7. Robustness Analysis

Robustness refers to the ability of an algorithm to maintain its encryption function and security in the face of various attacks, interferences, or abnormal situations, and it is directly related to the effectiveness of data encryption. Resistance to cropping attacks and resistance to noise attacks are important components of it, as these two capabilities mainly reflect the algorithm’s anti-interference performance when facing specific cropping attacks and noise interferences. Peak Signal-to-Noise Ratio (PSNR) provides an objective standard for measuring the ability to resist cropping and noise attacks. It is calculated based on Mean Squared Error (MSE), with Formulas (18) and (19) respectively:

$$MSE={\displaystyle \frac{1}{MN}}\sum _{x=0}^{M-1}\sum _{y=0}^{N-1}{[I(x,y)-K(x,y)]}^2,$$

(18)

$$PSNR=10lo{g}_{10}\left({\displaystyle \frac{MA{X}_I^2}{MSE}}\right).$$

(19)

The pixel values at coordinates (x, y) in the original image and the cropped version are denoted as $I(x,y)$ and $K(x,y)$, respectively. The dimensions of the image are given by its height M and width N. The highest pixel value in the original image is noted as $MA{X}_I$.

The image was subjected to cropping attacks with different size ratios and noise attacks with different densities. Figure 14 and Figure 15 further show the restoration effect of the Lena image after noise and cropping attacks. According to the results, the image can effectively resist various interferences. Therefore, this algorithm is suitable for scenarios that need to resist multiple attacks and can effectively ensure the recovery effect of images after being interfered with during transmission in practical applications.

5.8. Results in Real Scenarios

To verify the usability of the proposed model, we selected some low-resolution images with occlusions and other common artifacts that may appear in real scenarios from the CelebA dataset for testing. The test results are shown in Figure 16, where all the selected images were successfully encrypted and decrypted. This indicates that the proposed model can be applied well in practical scenarios.

6. Conclusions

This study proposes a dual-region encryption model specifically designed for portrait images. It leverages MTCNN to detect human faces in images and store their positional data. The data are then used to divide the image into two regions: the facial region and the non-facial region. To correlate the key with image features, we adopt a CNN-based key generator to produce a public key, which is further utilized to create the master key. Given the inflexible parameters of existing chaotic systems, we put forward a novel chaotic system named the 3D-MNFC. We theoretically analyze the periodicity avoidance capability of the 3D-MNFC system, which enhances the unpredictability of the chaotic system. Meanwhile, tests demonstrate that the 3D-MNFC system achieves favorable Lyapunov exponents and permutation entropy and passes the NIST randomness test, all of which verify its excellent dynamic characteristics.

For the facial region, we employ an encryption scheme combining the 3D-MNFC with scrambling, DNA encoding, diffusion, and bit inversion. This multi-layered process fully ensures the security of the facial sensitive region. The encryption of the non-facial region relies on the logistic map and XOR operation, and this lightweight encryption is intended to improve the overall encryption efficiency. After encryption, the two regions are restored to their original positions using the stored positional information. Decryption is performed in the reverse order. We conduct an analysis of the model’s security and efficiency. Evaluation results show that the model exhibits strong resistance against various attacks and can securely encrypt portrait images. We also calculate the efficiency of the proposed model. The results confirm that the dual-region method is more efficient and demonstrate that the model can effectively balance security and efficiency.

In most scenarios, identity-representative information is contained in the facial region, so this study mainly focuses on the design and analysis of the facial region. For cases where information such as clothing in the non-facial region can also indicate identity, the encryption model proposed in this paper has certain limitations, and we will create a more comprehensive algorithm design in the future. In addition, the idea of region-based encryption proposed in this paper can be extended to other general types of images, which requires more precise segmentation techniques to divide the core regions for achieving secure and efficient encryption.