A New Conservative Hyperchaotic System-Based Image Symmetric Encryption Scheme with DNA Coding

In the current paper, a new conservative hyperchaotic system is proposed. We make a quantitative analysis of the complexity of the conservative hyperchaotic system from several different aspects, such as phase diagrams, bifurcation diagrams, Lyapunov exponents, and Kaplan–Yorke dimension. The complexity of chaotic time series is tested with various measurement tools, such as the scale index, the multiscale sample entropy and approximate entropy, TESTU01, and NIST test. In addition, a novel hyperchao-based image encryption scheme with dynamic DNA coding is proposed. The encryption algorithm consists of line-by-line scrambling and diffusion of DNA encoding characters. The dynamic DNA coding mechanism is introduced by using the chaotic sequence. The generation of the intermediate secret keys is related to the sum of the image DNA code, and the ciphertext feedback mechanism of the DNA encoding image is introduced in the diffusion procedure. Simulation experiments and various security analyses show that this algorithm has a good effect on encryption, high time efficiency, and can effectively resist brute force attacks, statistical attacks, chosen-plaintext attacks, and differential attacks.


Introduction
With the rapid development of the Internet and the rapid expansion of information, a large amount of information is transmitted through public channels. Information security has become one of the key issues in the modern network communication era [1]. There are many types of information data, such as text, language, image, video, etc., among which images are the most widely used in information transmission [2]. The secure exchange of image information has attracted the attention of many researchers. Among various image information security technologies, image encryption occupies an important position. In the field of information encryption technology, cryptographers have proposed many encryption methods, such as data encryption standard (DES), advanced encryption standard (AES), RSA, international data encryption algorithm (IDEA), and other algorithms [3]. However, these traditional encryption methods are suitable for encrypting data with small amounts of information, such as text and small amounts of data. Image data have a different nature from text and small data. The image has a large amount of data and high information redundancy. Therefore, traditional encryption algorithms are not suitable for image information encryption [4]. This paper proposes an image encryption algorithm based on a new chaotic system and dynamic DNA (deoxyribonucleic acid) coding.
Latterly, chaotic systems have been widely adopted in the territory of encryption, especially in image encryption [5,6]. For example, in the medical field, in order to protect the privacy of patient information, it is often necessary to encrypt medical images. In [7], the authors proposed a fast and secure lightweight image encryption algorithm using the chaotic system. The signal generated by the chaotic system is sensitive to the initial value, based on a Julia set of fractals and three-dimensional Lorenz chaotic system. The above methods expand the technical scope of image encryption and have various characteristics.
In the field of cryptology, another research direction parallel to cryptography is cryptanalysis. At present, some cryptanalysis [40][41][42] studies show that some image encryption algorithms based on chaos have security defects, which can be summarized as follows: the secret keyspace is insufficient and can not resist exhaustive attacks. The distribution of ciphertext is not uniform enough, leaving loopholes for statistical analysis attacks. The equivalent secret key of the cryptosystem does not change with the encrypted content, and the algorithm can not resist the selective plaintext attack. In order to overcome some shortcomings of the chaos-based image encryption algorithm, in this work, we put forward an image encryption algorithm based on a new conservative hyperchaotic system and dynamic DNA coding. The encryption algorithm consists of two main processes: one is the line-by-line scrambling for DNA encoding image, the other is diffusion and encryption of the scrambled DNA encoding image. The main contributions of this work are as follows: (1) A new conservative hyperchaotic system is established, and the complexity of the system is analyzed by using a variety of measures. It is proven that the system has good hyperchaotic characteristics. (2) A novel hyperchaos-based image encryption scheme with dynamic DNA coding is proposed. The system consists of the line-by-line scrambling process and diffusion is achieved using a DNA encoding scheme. (3) Some statistical analyses and comparative analyses are also performed for the evaluation of the image encryption algorithm. It is verified that the proposed encryption algorithm has better cryptographic performance.
The rest of this paper is organized as follows: Section 2 introduces the new conservative chaotic system, image DNA coding, and operating rules. Section 3 provides details of the proposed image encryption and decryption algorithm. Section 4 shows the results of simulation experiments. Section 5 highlights the conclusion of this paper.

The 4D Conservative Hyper-Chaotic System
Continuous-time dynamical systems described by mathematical model . x = f(x) are divided into three types: dissipative, conservative, and expanding in phase-volume depending on the sign of the divergence, ∇·f < 0, ∇·f = 0, and ∇·f > 0, respectively, where ∇ is the Hamilton operator, and f is the vector function of the dynamical system.
Due to the ∇·f < 0 property of dissipative systems, their steady-state solutions are attractors. They can be nodes, stars, focal points, limit cycles, quasi-periodic and chaotic attractors. Since the phase space is close to zero, the dimension of the dissipative chaotic system is fractional, which leads to poor ergodicity because the trajectory reaches the zero-volume space and the initial entry trajectory does not occupy a huge space.
In contrast, because of the property of ∇·f = 0 for the conservative systems, the volume of phase space of a conservative system is conserved, and it can show concentric periodic solutions, quasi-periodic solutions, and chaotic solutions, but these are not attractors. On this account, a conservative system has better ergodicity than a dissipative system. Compared with dissipative chaotic systems, conservative chaotic systems can produce more complex pseudo-random numbers.
Inspired by reference [43], we propose a 4D conservative hyper-chaotic system model. The proposed system is described mathematically by Formula (1). In Equation (1), a, b, c are the system parameters, [x 0 , y 0 , z 0 , w 0 ] T are initial state values of the system variables. The divergences of f = [f 1 , f 2 , f 3 , f 4 ] T for system (1) is: Therefore, the phase space volume of system (1) is conservative. If the parameters and initial state values are set appropriately, then the conservative system (1) will be chaotic. Take parameters [a, b, c] T = [12,8,8] T , initial conditions [x 0 , y 0 , z 0 , w 0 ] T = [1, 1.1, 3.2, 3.3] T , and sampling time step ∆t = 0.01 s from t = 0 to t = 1200. The orbits of system (1) is chaotic (Figure 1a The Kaplan-Yorke dimension is an integer and equals the system dimension. Next, we make a quantitative analysis of the complexity of system (1) from several different aspects. Figure 2 shows the Lyapunov exponent spectrum and bifurcation diagrams of system (1). From Figure 2 one can see that the positive and negative Lyapunov exponents are symmetric about zero and the sum of the total Lyapunov exponents is zero. Therefore, system (1) is a conservative chaotic system (CCS). In addition, there are two positive Lyapunov exponents (L 1 and L 2 of Figure 2) in system (1), so the conservative chaotic system is in the hyperchaotic state. We find that the system has hyperchaotic characteristics in the experimental parameter range, but it is not limited to the above parameter range. Further research can find other parameter ranges that make the system produce chaotic behavior. In addition, two Lyuponov exponents are symmetric, that is, L 1 and L 4 are symmetrical, L 2 and L 3 are symmetrical.

The Scale Index
In addition, there are some other methods that can be used to test the complexity of chaotic time series. For example, in [44], the authors adopted the scale index which is presented by Benítez et al. [45] to detect and study non-periodicity in the chaotic sequences. The scale index technique is based on the continuous wavelet transform and multi-resolution analysis technology. Here, the computations are performed using the R statistical software named wavScalogram developed by Vicente J. Bolós et al. [46], which provides a convenient means for researchers to identify the aperiodic features of time series.. Starting with the initial condition (x 0 , y 0 , z 0 , w 0 ) = [2, 2, 2, 2] T , we iterate the system (1) 4595 times with the time step ∆t = 0.01, obtain four sequences of {x1, x2, x3, x4} each with a length of 4596. Discard the first 500 values for each sequence, then synthesize them into a sequence x = [x1, x2, x3, x4] with a length of 16,384, and then convert the synthesized sequence into an integer sequence Intx = mod(floor(x × 10 12 ), 256). Then, calculate the scale index values of the sequence Intx. Some representative results are shown in Figure 3. Comparing Figures 2a and 3a, we find that when a changes from 11.3 to 13, the scale index at the largest scale 4096 increases from 0.4146713 to 0.4257676, which is consistent with the increase in Lyapunov exponent in Figure 2a. Comparing Figures 2b and 3b, we find that when b changes from 9 to 10, the scale index at the largest scale 4096 increases from 0.7163966 to 0.9804939, which is consistent with the increase in Lyapunov exponent in Figure 2b. Comparing Figures 2c and 3c, we find that when c changes from 8 to 9, the scale index at the largest scale 4096 increases from 0.4502245 to 0.6935807, which is consistent with the increase of Lyapunov exponent in Figure 2c. Figure 3d shows the scale index of the sequences generated by the famous chaotic logistic map and the proposed CCS, we find that the scale index at the largest scale 4096 of the proposed CCS is larger than that of the logistic map. punov exponents is (L1 + L2 + L3 + L4) = 0. The Kaplan-Yorke dimension based on the mentioned Lyapunov exponents is The Kaplan-Yorke dimension is an integer and equals the system dimension. Next, we make a quantitative analysis of the complexity of system (1) from several different aspects.

The Scale Index
In addition, there are some other methods that can be used to test the complexity of chaotic time series. For example, in [44], the authors adopted the scale index which is presented by Benítez et al. [45] to detect and study non-periodicity in the chaotic sequences. The scale index technique is based on the continuous wavelet transform and  Multiscale sample entropy (MsEn) is used to describe the degree of irregularity of time series at different scales, including parameters m, s, and τ. Where m is the embedding dimension, s is the similarity coefficient and τ is the scale factor. Approximate entropy (ApEn) involves two parameters m and r. Where m is an integer, representing the length of the comparison vector, and r is a real number, representing the measure of "similarity". Set the parameters of system (1) as a = 12, b = 8, and c = 8. The initial state values are set as x 0 = 1.0, y 0 = 1.1, z 0 = 3.2, and w 0 = 3.3. Use the Runge-Kuda algorithm to solve the differential equation of system (1), the time step is set to 0.001, generate four chaotic sequences of length 6000, and remove the first 500 values in front of each sequence, obtain four sequences x1, x2, x3, x4, each of them has the length of 5500 real numbers. Connect the four sequences to obtain a real number sequence X = [x1, x2, x3, x4] with a length of 22,000. In the test, five groups of parameters are taken to calculate the MsEn of sequence X, and the results are shown in Table 1.
provides a convenient means for researchers to identify the aperiodic features of t series.. Starting with the initial condition (x0, y0, z0, w0) = [2, 2, 2, 2] T , we iterate the sys (1) 4595 times with the time step Δt = 0.01, obtain four sequences of {x1, x2, x3, x4} e with a length of 4596. Discard the first 500 values for each sequence, then synthe them into a sequence x = [x1, x2, x3, x4] with a length of 16,384, and then convert synthesized sequence into an integer sequence Intx = mod(floor(x × 10 12 ), 256). Th calculate the scale index values of the sequence Intx. Some representative results shown in Figure 3. Comparing Figures 2a and 3a, we find that when a changes from to 13, the scale index at the largest scale 4096 increases from 0.4146713 to 0.4257 which is consistent with the increase in Lyapunov exponent in Figure 2a. Compa  Figures 2b and 3b, we find that when b changes from 9 to 10, the scale index at largest scale 4096 increases from 0.7163966 to 0.9804939, which is consistent with increase in Lyapunov exponent in Figure 2b. Comparing Figures 2c and 3c, we find when c changes from 8 to 9, the scale index at the largest scale 4096 increases f 0.4502245 to 0.6935807, which is consistent with the increase of Lyapunov exponen Figure 2c. Figure 3d shows the scale index of the sequences generated by the fam chaotic logistic map and the proposed CCS, we find that the scale index at the lar scale 4096 of the proposed CCS is larger than that of the logistic map.

The Multiscale Sample Entropy and Approximate Entropy
Multiscale sample entropy (MsEn) is used to describe the degree of irregularit time series at different scales, including parameters m, s, and τ. Where m is the emb ding dimension, s is the similarity coefficient and τ is the scale factor. Approximate tropy (ApEn) involves two parameters m and r. Where m is an integer, representing length of the comparison vector, and r is a real number, representing the measur "similarity". Set the parameters of system (1) as a = 12, b = 8, and c = 8. The initial s values are set as x0 = 1.0, y0 = 1.1, z0 = 3.2, and w0 = 3.3. Use the Runge-Kuda algorithm solve the differential equation of system (1), the time step is set to 0.001, generate f chaotic sequences of length 6000, and remove the first 500 values in front of each quence, obtain four sequences x1, x2, x3, x4, each of them has the length of 5500 numbers. Connect the four sequences to obtain a real number sequence X = [x1, x2, x4] with a length of 22,000. In the test, five groups of parameters are taken to calcu the MsEn of sequence X, and the results are shown in Table 1.   Similarly, five groups of parameters are taken to calculate the ApEn of sequence X, and the results are shown in Table 2. TestU01 is a well-known software for testing the performance of random number generators (RNGs). The test data source of the software can be a predefined generator in the instance library of the software, a user-defined generator, or even a data file generated by equipment or software. This paper only focuses on the predefined batteries of tests available in TestU01 for the binary bit test. The bit sequences test in TestU01, namely, Rabbit, Alphabit, and BlockAlphabit, which are carried out by the following functions: (1) Void bbattery_RabbitFile(char *filename, double nb); (2) This function applies the Rabbit battery of tests to the first nb bits (or less, if nb is too large) of the binary file filename. For each test, the file is reset and the test is applied to the bit stream starting at the beginning of the file. This function applies the Alphabit battery of tests repeatedly to the binary file filename. Their design function is to test the complexity of the finite bit sequence stored in binary files. For the three tests, a binary sequence with a length of 2 × 10 7 bits is produced by using the CCS system (1) and saved as a data file. In the Rabbit test, we adopted 1,048,576 bits and 6,000,000 bits from the binary file to test, respectively. The summary results of the test of Rabbit are shown in Table 3, which confirmed that each test is passed with a p-value in the range of [0.001, 0.9990]. In the Alphabit test, we adopted 1,048,576 bits from the binary file to test. The results are shown in Table 4, which confirmed that all tests were passed with a p-value in the range of [0.001, 0.9990].
In the BlockAlphabit test, we obtain six identical results, as shown in Figure 4. The conclusion is "All tests were passed".

Symmetry 2021, 13, x FOR PEER REVIEW
In the BlockAlphabit test, we obtain six identical results, as shown in Figur conclusion is "All tests were passed".    NIST is a standard test software package released by the National Institute of Standards and Technology to evaluate the random performance of series, which includes 15 test indexes. Usually, the NIST test requires multi sequences and each one has 1,000,000 bits. NIST test software mainly uses two performance indicators: p-value and pass rate to determine the random nature of a sequence. The default p-value threshold is 0.01. If the p-value is greater than this threshold, the test is considered to have passed. We generated 10 sequences and each one has 1,000,000 bits, then the NIST test is performed. The results from all statistical tests are given in Table 5. In Table 5, the minimum pass rate is 7 samples for the random excursion and its variant test of 8 binary sequence samples. For 20 binary sequence samples, the minimum pass rate of all kinds of statistical tests is 18 samples, except for random excursion and its variant.

DNA Coding and Operations
DNA contains four kinds of bases, namely A (adenine), T (thymine), C (cytosine), and G (guanine). Traditional computer processing of data is usually expressed in binary form of 0 and 1. If a 2-bit binary number is used to represent a DNA base, there are 24 different representation methods in total. Based on the law of base complementary pairing, A and T are complementary, and C and G are complementary, so there are 8 kinds of expressions that conform to the principle, called eight kinds of DNA coding rules, as shown in Table 6. For a gray image with 256 gray levels, each pixel value is an 8-bit binary number and can be encoded as a DNA sequence with a length of 4. The DNA encoding process can be implemented by defining a function DNAencode(value, rule). For example, the pixel value 228 (its binary form is 11100100) can be encoded as a DNA sequence "TCGA" by using the coding rule 1, namely, DNAencode(228, 1) outputs the result of "TCGA". Conversely, a 4-character DNA string can be decoded as an 8-bit binary integer, which has a decimal value that is greater than or equal to 0 and less than or equal to 255, and the decoding process can be implemented with a function, e.g., DNAdecode(strDNA, rule). For instance, DNAdecode("TCGA", 7) outputs the binary form 00100111, which is the decimal number 39. It can be seen from this example that the pixel value 228 is encoded by rule 1 and then decoded by rule 7 to output a pixel value of 39. That is to say, after encoding the pixel value into a DNA code with a certain rule number, and then decoding it with a different rule number, the pixel value obtained is very different from the original pixel value. thus, we can use this feature of DNA encoding and decoding to realize image encryption.
In addition to DNA coding rules, we introduce three DNA operations: DNA addition, DNA subtraction, and DNA XOR, based on binary calculations. We regard A, C, G, and T as the numbers 0, 1, 2, 3, respectively, so the addition, subtraction, and XOR operations of DNA symbols can be executed according to the numerical calculation rules, and then the numerical results are expressed as characters. Thus, we obtain the three DNA operation rules as shown in Tables 7-9 respectively. The DNA XOR operation has the following rules, that is, if z = DNAXOR(x, y), then x = DNAXOR(z, y) or y = DNAXOR(z, x). DNAADD operation and DNASUB operation are inverse operations, that is, if z = DNAADD(x, y), then x = DNASUB(z, y) or y = DNASUB(z, x). Table 7. A newly defined operation rule for DNA addition.  Table 9. A newly defined operation rule for DNA XOR.

Image Encryption and Decryption Algorithm
Notation description: Bold regular letters, such as P and C, indicate matrices or vectors. Non-bold italic letters, such as x and P(i), indicate scalar variables or array elements. Nonbold regular letters, such as M and N, indicate scalar constants.

The Encryption Algorithm
The image encryption algorithm mainly includes the following five stages: (1) Generate chaotic sequence.  (1), the initial values (x 0 , y 0 , z 0 , w 0 ) and the system parameters (a, b, c) are input, and the conservative hyperchaotic system is iterated to generate four chaotic sequences {x, y, z, w}, each of which has a length of L (L is the total number of pixels contained in the image to be encrypted); then, the four chaotic sequences are connected to form a chaotic sequence X with a length of 4L; finally, the chaotic real number sequence X is converted to an integer sequence IntX. In stage (2), the original image is encoded with coding rule r 1 according to Table 1 to generate the DNA coding image. In stage (3), index scrambling is performed to change the DNA characters' position for each row of the DNA coding image. In stage (4), the DNA coding image and chaos sequence are used to perform dynamic DNA operations, and the principle of DNA addition, DNA subtraction, and DNA xor are used to achieve pixel diffusion. In stage (5), DNA dynamic decoding is carried out to obtain the cipher image. The specific implementation process and steps are given in below. The block diagram of the proposed encryption algorithm can be described by Figure 5. The secret key set of the cryptosystem includes the initial values (x 0 , y 0 , z 0 , w 0 ) of the conservative hyperchaotic system. In Figure 5, P M×N represents the plaintext image, PC M×4N represents the DNA coding image, P1 1×4MN represents the DNA coding sequence after row permutation, P2 1×4MN represents the DNA coding sequence after diffusion, and C M×N represents the final ciphertext image. P M×N  The encryption algorithm can be specifically described as follows: Step 1: Given a positive integer N0, the chaotic system iterates (N0 + M × N) times, discards the first N0 numbers, and obtains four chaotic sequences with length M × N, , through the hyper-chaotic sys- The encryption algorithm can be specifically described as follows: Step 1: Given a positive integer N 0 , the chaotic system iterates (N 0 + M × N) times, discards the first N 0 numbers, and obtains four chaotic sequences with length M × N, , through the hyperchaotic system (1) under the initial condition of {x 0 , y 0 , z 0 , w 0 } and system parameters {a, b, c}. Here, M is the number of pixel rows of the image to be encrypted, and N is its pixel column number. The purpose of introducing pre iteration number N 0 is to eliminate the influence of the transient effect of the chaotic system.
Step 2: Then, the four sequences are connected to form a chaotic sequence with a length of 4 × M × N.
Step 6: For each row i (i = 1, 2, . . . , M) in the DNA coded image PC, perform Step 6-1 to Step 6-4 to permutate the elements in the same row and obtain the scrambled coded image P1.
Step 6-1: Calculate a position number ni according to Formula (6): Step 6-2: From position ni in the chaotic sequence X, intercept a sub-sequence, say Xi, with a length of 4N: Step 6-3: Sort the chaotic subsequence Xi to obtain a position index sequence iXi as: Step 6-4: Rearrange all the elements in the i-th row in the PC to obtain the i-th row of the scrambled image P1: P1(i, j) = PC(i, iXi(j)), j = 1, 2, . . . , 4N.
Step 10-1: Calculate an integer r 2 (i) by using the following Equation (11) Step 10-2: Decode a 4-character DNA string with rule r 2 (i) to obtain an integer pixel value C1(i) by using the following Equation (12): Step 11: Convert the one-dimensional row vector C1 1×MN into a 2D matrix C M×N : C= reshape(C1, M, N).
At this moment, the final ciphertext image C is obtained. Compared with other simple chaotic encryption schemes, the proposed hyperchaotic encryption scheme has obvious advantages in security. For instance, the plaintext image in Arnold's cat map can be returned by continuing the chaotic mapping from the torus into itself (i.e., order becomes chaos, and chaos becomes order again if the mapping is allowed to continue). However, compared to the simple chaotic encryption schemes, the conservative hyperchaotic system not only resists reconstruction attacks but also has richer ergodicity.

The Decryption Algorithm
The decryption algorithm can be described as follows: Step 1: Generate four chaotic arrays (1) under the initial condition of {x 0 , y 0 , z 0 , w 0 } and system parameters {a, b, c}.
Step 2: Then, the four arrays are connected to form a chaotic sequence with a length of 4 × M × N.
Step 3: Convert chaotic real number sequence X into integer sequence by using Equation (1).
Step 10: For each i (i = 1, 2, . . . , M), carry out the reverse scrambling by using the following Step 10-1 to Step 10-4 and obtain the DNA coding image PC M×4N : Step 10-1: Calculate a position number ni according to the previous Equation (6).
Step 10-2: From position ni in the chaotic sequence X, intercept a sub-sequence, say Xi, with a length of 4N by using the previous Equation (7).
Step 10-3: Sort the chaotic subsequence Xi to obtain a position index sequence iXi by using the previous Equation (8).
Step 10-4: Rearrange all the elements in the i-th row in the P1 to obtain the i-th row of the matrix PC by using Equation (15): Step 11: Decode the DNA coding image with rule r 1 (i, j) to restore the original image P = {P(i, j)} i=M, j=N i=1, j=1 by using Equation (16).

Simulation Results and Security Analysis
To evaluate the validity of the proposed image encryption algorithm, we carried out simulation experiments with several typical gray level test images, such as lena, cameraman, baboon, peppers, which come from CVG-UGR image database (https://ccia.ugr.es/cvg/ dbimagenes/g256.php (accessed on 11 November 2021)). The secret key parameters of the cryptosystem are (x 0 , y 0 , z 0 , w 0 ). Use the Runge-Kuda algorithm to solve the differential equation of system (1), the time step is set to 0.001, generate four chaotic sequences of length (M × N + N 0 ), and remove the first N 0 values in front of each sequence, obtain four sequences X1, X2, X3, X4. Where, M is the row number of the test image, and N is the column number of it. N 0 is a positive integer to be set. In our simulation tests, the secret key parameters are set as x 0 =1.0, y 0 = 1.1, z 0 = 3.2, w 0 = 3.3. The other parameters are set as follows: a = 12, b = 8, c = 8; N 0 = 817, m = 12. Figure 6 shows the four test images and their encryption ones by the proposed algorithm. One can see that the cipher images that are not related to their respective original images and can no longer be understood. tion tests, the secret key parameters are set as x0 =1.0, y0 = 1.1, z0 = 3.2, w0 = 3.3. The other parameters are set as follows: a = 12, b = 8, c = 8; N0 = 817, m = 12. Figure 6 shows the four test images and their encryption ones by the proposed algorithm. One can see that the cipher images that are not related to their respective original images and can no longer be understood.

Key Space Analysis
Since the algorithm key mainly includes the four initial state values of the fourdimensional chaotic system. The precision of each is 10 14 , and the total key space is (10 14 ) 4 = 10 56 > 2 186 . Therefore, the key space of the algorithm must be larger than 2 186 . At present, the key space is greater than or equal to 2 100 to effectively resist brute force attacks [47]. Therefore, the key space of the proposed algorithm is large enough to effectively resist brute force attacks.

Information Entropy
The image information entropy reflects the distribution of image gray value. Its expression is as follows [32]: Among them, m i represents the i-th gray value of L gray levels, and P(m i ) represents the probability of the appearance of m i . Ideally, the information entropy of a gray value of the 256-level gray level should be close to 8 [19]. The larger the information entropy value is, the more uniform the pixel gray distribution in the image is the information entropy obtained by this algorithm as shown in Table 10. It can be seen from Table 10 that the information entropy of the encrypted image obtained by this algorithm has been significantly improved. The information entropy of this algorithm is slightly higher than that of the reference, and overall, it is close to 8.

Histogram
The histogram [50] reflects the uniformity of the gray value distribution of the image. Histograms of the original images and encrypted images are shown in Figures 7 and 8, respectively. It can be seen from Figure 7 that the histogram of each original image is uneven, with high and low, and it is easy to be broken by statistical attacks. However, from Figure 8, one can see that the histograms of images obtained after encryption by this algorithm are evenly distributed, which reduces the risk of being cracked by statistical attacks.   It can be seen from the histogram illustrations of the original image and the encrypted image that the histogram obtained by the encryption algorithm is more uniform, indicating that the proposed cryptosystem can well resist statistical attacks.

Correlation Coefficient and Point Image
The correlation coefficient [30] is used to measure the correlation degree of adjacent pixels of an image. The definition and calculation method of the correlation coefficient r xy is as follows: cov(x, y) = 1 N xy r xy = cov(x, y)/ D(x) D(y) Among them, (x i , y i ) represent a pair of gray values of two adjacent pixels in the image, and N xy represents the number of total pairs of randomly selected pixels from the image. The correlation coefficient between adjacent pixels in the original image is very high. After this encryption algorithm, the correlation coefficient is reduced. Ideally, the correlation coefficient should approach 0 [51]. In our experiment, the 256 × 256 gray images Lena, Cameraman, Peppers, and House are tested, 65,280 pairs (horizontal or vertical direction) or 65,025 pairs (diagonal direction) of adjacent pixels are selected, and the correlation coefficient comparison is shown in Table 11. It can be seen from the correlation coefficient comparison table that the correlation coefficient of the three directions of this algorithm is generally slightly lower than that of the reference. Therefore, the proposed algorithm has a better ability to resist statistical analysis attacks. The distributions of adjacent pixels are shown in Figure 9. It can be seen from the correlation coefficient comparison table that the correlation coefficient of the three directions of this algorithm is generally slightly lower than that of the reference. Therefore, the proposed algorithm has a better ability to resist statistical analysis attacks. The distributions of adjacent pixels are shown in Figure 9. It can be seen from Figure 9 that the correlation point map of the original images is distributed in a straight line, close to the straight line. After this encryption algorithm, the correlation point map of the encrypted images is evenly distributed, which effectively resists statistical attacks. It can be seen from Figure 9 that the correlation point map of the original images is distributed in a straight line, close to the straight line. After this encryption algorithm, the correlation point map of the encrypted images is evenly distributed, which effectively resists statistical attacks.

Plaintext Sensitivity Analysis
A fine encryption algorithm should be sensitive to the plaintext [53]. If the plaintext is changed a little, the ciphertext will change greatly. Usually use NPCR, UACI [29] to analyze the difference between two images. It is defined as follows: Among them, C(i, j) represents the pixel gray value of a ciphertext image corresponding to the original plaintext image at coordinates (i, j), and C (i, j) represents the pixel gray value of a ciphertext image corresponding to the plaintext image that only changes the least significant bit of a pixel value at coordinates (i, j); M and N represent the row number and column number of the image, respectively. D(i, j) is defined as follows: if C(i, j) = C (i, j), then D(i, j) = 1; otherwise, D(i, j) = 0. NPCR = 99.6094% and UACI = 33.4635% are the expected values [54]. The larger the value of NPCR and UACI, the greater the difference between ciphertexts, and the better the algorithm is.
We firstly encrypt a plaintext image to obtain its ciphertext image C. Then, we carry out five encryption experiments. In each experiment, select one pixel from the original image and change the least significant bit of it, then encrypt the modified image to obtain the ciphertext image C . Then, calculate the NPCR and UACI value between C and C . Comparisons of NPCR and UACI of the encryption image are shown in Tables 12 and 13,  respectively. Tables 12 and 13, respectively, list the results of NPCR and UACI of ciphertext images obtained by the proposed algorithm and the algorithms of Refs. [24,33,52]. The experimental results show that most of the NPCR and UACI values obtained by this paper are close to 99.6093% and 33.4635%. From the comparison table of NPCR and UACI, it can be seen that the values of NPCI and UACI fluctuate slightly above and below the ideal value, and most experimental values are higher than the ideal value. Therefore, it can be explained that there is a large distinction between the cipher image generated by changing the pixel value the plain image and the cipher image generated without changing the original image.

Key Sensitivity Analysis
Key sensitivity [50] means that when the key is slightly changed, it will cause a big change, and the correct restored image cannot be obtained through the decryption algorithm. The original key parameters are {x 0 = 1.0, y 0 = 1.1, z 0 = 3.1, w 0 = 3.3.}. This test changes only the parameter x 0 from 1.0 to 1.0 + 10 −15 . Then, obtain the restored image by using the changed key parameters to decrypt the original encrypted one. The comparison between the original encrypted image and the decrypted image obtained by changing the key is shown in Figure 10. The result of Figure 10 shows such a fact: when the key parameter is changed 10 −15 , the visually unrecognizable snowflake noise image can be obtained (see Figure 10c). It can be concluded that although the secret key changes very little, the correct decryption image cannot be obtained, indicating that the algorithm has strong key sensitivity.

Time Performance Analysis
A good algorithm must ensure that the encrypted information can be obtained in a short time, and the encrypted image information can be decrypted within a valid time [2]. In the test, all image encryption algorithms were carried out with MATLAB R2016b and run on a PC with 16.0 GB memory and a CPU of Intel(R) Core (TM) i7-9700 @ 3.00 GHz. The grayscale images Lena, Peppers, and Cameraman were adopted as experimental images. The average execution time of 5 experiments was shown in Tables 14 and 15 The tables also list the relevant encryption and decryption time data in references [25,30,31,33] as a comparison. From Tables 14 and 15, one can see that the encryption and decryption time of this algorithm are shorter than that of references [25,30,31,33]. The encryption and decryption time can be controlled at about 1 s, indicating that the algorithm has high time efficiency and strong real-time performance.  The result of Figure 10 shows such a fact: when the key parameter is changed 10 −15 , the visually unrecognizable snowflake noise image can be obtained (see Figure 10c). It can be concluded that although the secret key changes very little, the correct decryption image cannot be obtained, indicating that the algorithm has strong key sensitivity.

Time Performance Analysis
A good algorithm must ensure that the encrypted information can be obtained in a short time, and the encrypted image information can be decrypted within a valid time [2]. In the test, all image encryption algorithms were carried out with MATLAB R2016b and run on a PC with 16.0 GB memory and a CPU of Intel(R) Core (TM) i7-9700 @ 3.00 GHz. The grayscale images Lena, Peppers, and Cameraman were adopted as experimental images. The average execution time of 5 experiments was shown in Tables 14 and 15 The tables also list the relevant encryption and decryption time data in references [25,30,31,33] as a comparison. From Tables 14 and 15, one can see that the encryption and decryption time of this algorithm are shorter than that of references [25,30,31,33]. The encryption and decryption time can be controlled at about 1 s, indicating that the algorithm has high time efficiency and strong real-time performance.

Conclusions
This paper proposes a novel conservative hyperchaotic system-based image encryption algorithm with dynamic DNA coding. The new conservative hyperchaotic system and the dynamic DNA coding strategy improve the randomness of the encryption algorithm. In the permutation stage, the scrambling result of the image is related closely to the sum S 0 of the image's DNA encoding value, which makes the equivalent secret key related to the content of the encrypted image, so that the algorithm can resist chosen-plaintext attacks. In the diffusion stage, on the one hand, the generation of the intermediate secret keys ni are related closely to the sum of the image DNA encoding value; on the other hand, the ciphertext feedback mechanism of the image DNA encoding is introduced, which not only further improves the algorithm's ability to resist chosen-plaintext attacks, but also increase the sensitivity of ciphertext to plaintext. Correspondingly, the performance of the algorithm against differential attacks has also been improved. These aspects are some advantages of this algorithm. Simulation experiments and analysis of various security performances show that this algorithm has a good encryption effect and can effectively resist brute force attacks, statistical attacks, chosen-plaintext attacks, and differential attacks. Some disadvantages of this algorithm are that the time cost of generating hyperchaotic system sequences and DNA encoding and decoding is large. A direction worthy of future research is that the speed of DNA coding algorithms needs to be further improved. The proposed cryptosystem can be further improved by expanding the methods of scrambling and diffusion.