A Complex Matrix Private Key to Enhance the Security Level of Image Cryptography

Abstract

Standard methods used in the encryption and decryption process are implemented to protect confidential data. These methods require many arithmetic and logical operations that negatively affect the performance of the encryption process. In addition, they use private keys of a specific length, in addition to the fixed length of the data block used in encryption, which may provide the possibility of penetration of these methods, thus decreasing the level of security. In this research paper, a new method of digital image cryptography is introduced. This method is based on using a color image as an $image\_key$ to generate a sophisticated matrix private key (MPK) that cannot be hacked. The proposed method uses an initial state to set the required parameters, with secret information needed to generate the private key. The data-block size is variable, and the complicity of the MPK depends on the number of selected rounds and the data-block size. The proposed method is appropriate for publication in Symmetry because it employs a symmetrical complex matrix key to encrypt and decrypt digital images. The proposed method is simple yet very efficient in terms of throughput and scalability. The experiments show that the proposed method meets the quality requirements and can speed up the encryption–decryption process compared with standard methods, including DES, 3DES, AES, and Blowfish.

1. Introduction

Digital images [1,2], especially colored ones, are considered to be one of the most important types of data circulating among various people and institutions, as they can be obtained easily and at no cost. A digital color image is represented by a three-dimensional matrix, where one dimension is assigned to each of the three colors (red, green, and blue), as shown in Figure 1.

Digital images are mainly characterized by their ease of processing, and in this study, we are concerned with the process of reshaping and resizing the image to change the image dimensions. Resizing the image is achieved by either reducing or increasing the size of the image using the reduction process, as shown in Figure 2. Here, we resize a color image to obtain a matrix of a defined dimensions (one row, one column, or a 2D matrix), and the process of resizing depends on the required matrix dimension.

On the other hand, image reshaping keeps the image size unchanged but can be used to convert a 3D image to 1D, as shown in Figure 3.

Digital images are used in many vital applications such as protection, security applications, and medical applications. These applications require the image to be protected, as it may be confidential or of a personal nature, or may possibly carry confidential data [3,4]. The process of protecting the digital image will prevent intruders, data thieves, hackers, or unauthorized persons from understanding the digital image. One of the important methods used to protect digital photos is the use of data cryptography, i.e., data encryption and decryption, which is implemented through the use of a private key and performs some arithmetic and logical operations on the data using this key to encrypt and decrypt the data, as shown in Figure 4. The inputs and outputs of the encryption and decryption process are digital images, which are a type of digital data that can be easily processed [5,6,7,8,9].

The method chosen to perform the image encryption–decryption process must achieve the following [10,11,12,13,14]:

• Provision of the necessary protection for the digital image, completely preventing unauthorized parties from understanding the image and knowing its contents.
• Distortion of the encrypted digital image so that it becomes unclear or cannot be understood, in such a way that the original image is fully restored upon decoding. Here, the extent of distortion can be measured by the calculated quality parameter, the mean square error (MSE) value, which must be very large when encrypting and zero when decrypting, and/or the peak signal-to-noise ratio (PSNR), which must be very low when encrypting and infinite when decrypting the image.
• Very high encryption efficiency in order to reduce the time for encryption and decryption, thus increasing the permeability (throughput) by increasing the number of processed bits per second.
• Flexibility and scalability by enabling the user to modify the length of the private key, modify the data-block size, or modify the number of rounds required to apply encryption/decryption.
• Ease of use and application through the use of simplified arithmetic and logical operations.
• Versatility of use, so that it is easy to use the method to protect different types of data including text messages, text files, and digital images.

This paper aims to improve the performance of encryption methods based on classical methods by shortening the arithmetic and logical operations, shortening the time required to generate private keys, and increasing the degree of security of the encryption process through the use of the procedures presented. The following benefits can be achieved:

• Using the colored digital image as a key, through which private keys can be generated easily. This process is very safe, especially since the image is kept secret through an agreement between the sender and receiver regarding the image to be used, without resorting to the image transmission process.
• The data blocks used in the image splitting process are variable, as is the length of the secret key.
• A variable number of encryption cycles.
• The possibility of using the procedures provided to encrypt text messages and images with high efficiency.

In this paper, Section 2 describes the work most closely related to the proposed algorithm. The proposed method is represented in detail in section, and the results obtained using the proposed method and a comparison with other traditional encryption algorithms are provided in Section 4. A detailed explanation of the results is given in the Results Analysis section.

2. Related Work

Nowadays, multiple methods of encryption and decryption are used, and the majority of these algorithms are based on standard DES (Data Encryption Standard), 3DES, AES, and Blowfish (BF) methods [15,16,17,18]. The above-mentioned standard methods have similar encryption and decryption mechanisms. These methods, as indicated in

Table 1. Standard encryption method features [19,20,21,22,23,24].

Method Parameter	DES	3DES	AES	Blowfish
PK length (bit)	56 (fixed)	112, 168 (fixed)	128, 192, 256 (fixed)	32–448 (fixed)
Block size (bit)	64 (fixed)	64 (fixed)	128 (fixed)	64 (fixed)
Ability to deal with images	Difficult	Difficult	Difficult	Difficult
Encryption quality	Excellent: High MSE and low PSNR	Excellent: High MSE and low PSNR	Excellent: High MSE and low PSNR	Excellent: High MSE and low PSNR
Decryption quality	Excellent: Zero MSE and infinite PSNR	Excellent: Zero MSE and infinite PSNR	Excellent: Zero MSE and infinite PSNR	Excellent: Zero MSE and infinite PSNR
Efficiency	Slow	Slow	Slow	Moderate
Attack	Brute force attack	Brute force attack, Known plaintext, Chosen plaintext	Side-channel attack	Dictionary attack
Structure	Feistel	Feistel	Substitution– Permutation	Feistel
Block cipher	Binary	Binary	Binary	Binary
Rounds	16 (fixed)	48 (fixed)	10,12,14 (fixed)	16 (fixed)
Flexibility to modification	No	Yes	Yes	Yes
Simplicity	No	No	No	No
Security level	Adequate	Adequate	Excellent	Excellent
Throughput	Low	low	Low	Moderate

, have the following characteristics:

• The use of a single private key with a fixed length that does not change and in some cases can be hacked. This is a problem that must be eliminated.
• Dividing the data to be encrypted into blocks of fixed length that cannot be changed. This is one of the disadvantages of these methods.
• Use of a fixed and unchangeable number of rounds.
• All other sub-private keys used in the encryption are generated from the private key using specific arithmetic operations. This, in turn, makes the degree of security and protection completely dependent on the private key.
• These methods provide excellent values of MSE and PSNR in both phases, i.e., encryption and decryption.
• These methods are designed to encrypt and decrypt messages and text files using large quantities of data, as a color image will reduce the efficiency of data cryptography by requiring longer encryption and decryption times.
• These methods require many rounds, and this will negatively affect the efficiency. Each round contains a set of operations that will require extra time for execution.
• Generating and manipulating an S-box will add extra execution time, thus affecting the speed of the cryptography process. For datasets with large sizes (such as a color image), the number of generated blocks will be so large that extra time will be required for data division before encryption and assembly after decryption.

3. Proposed Method

To ensure a very high level of data security and protection, the proposed method includes implementing an initialization stage, in which confidential information is used that is agreed upon by the sender and receiver. This information is used to build the 2D matrix private key (MPK) with the number of rows equal to the number of rounds and the number of columns equal to the block size. The information includes the following:

• Image to be used as an $image\_key$.
• Type of MPK generation: 1: extracting; 2: $image\_key$ resizing.
• Color to be used: 1: red; 2: green; 3: blue.
• Number of rounds.
• Block size in bytes.
• Row number if type equals 1.
• Column number if type equals 1.

Here the contents and the size of the MPK will depend on the settings values of the initial state. Figure 5, Figure 6, Figure 7 and Figure 8 illustrate examples of generating an MPK using two different $image\_keys$.

We can see from the above examples that the MPK changes automatically when:

• The key image is replaced, preserving the other setting parameters unchanged.
• The value of any one or more of the set parameters is changed.

The encryption process using the proposed method can be implemented by applying the following steps:

• Step 1: Initialization:In this step, we select the $image\_key$ and assign values for generation type, color to be used, number of rounds, block size (BLS), rows, and columns. This information is needed to create the MPK.
  The following algorithm can be used to generate the MPK:
  Input: Image-key;
  Output: MPK;
  Operations:

  −

  Select the color channel (1: red; 2: green 3: blue);

  −

  Select the operation type (ot = 1: extraction; 2: image resizing);

  −

  Select the block size (bs);

  −

  Select the number of rounds (nr);

  −

  If ot = 1

  then

  define the row and column from which to start extracting MPK with size =$bs\ast nr$

  Else

  Resize the image to the size $bs\ast nr$;

  −

  Save MPK.

• Step 2: Apply the operations shown in Figure 9:

For each byte in any round, a Feistel function will be assigned to perform the required byte rotation.

Table 2. Feistel functions.

Encryption		Decryption
Feistel Function	Operation	Feistel Function	Operation
FF1	Rotate right 1 digit	FF’1	Rotate right 7 digits
FF2	Rotate right 2 digits	FF’2	Rotate right 6 digits
FF3	Rotate right 3 digits	FF’3	Rotate right 5 digits
FF4	Rotate right 4 digits	FF’4	Rotate right 4 digits
FF5	Rotate right 5 digits	FF’5	Rotate right 3 digits
FF6	Rotate right 6 digits	FF’6	Rotate right 2 digits
FF7	Rotate right 7 digits	FF’7	Rotate right 1 digit

shows the operation of these functions in the encryption and decryption phases (the order of these functions can be changed).

The following example shows the method for implementing the rotation (FF3 and FF’3):

Value: 123

Binary: 01111011

Rotate right 3 digits:

011 01111

Decimal: 111

Binary: 011 01111

Rotate right 5 digits:

01111011

Decimal: 123

Each row in the MPK will be assigned to the associated round, and the results of the Feistel function must be XORed with the associated part of the MPK, as shown in Figure 9. The decryption phase must be implemented inversely.

4. Implementation and Experimental Results

The proposed method was programmed using MATLAB, and the scripts were run using a Core i5 2.5 GHz processor with 8 GB of RAM. The 12 images with information shown in

Table 3. Information for color images used.

Image Number	Dimensions	Size (Bytes)	Size (Kbytes)
1	$151\times 333\times 3$	150,849	147.3
2	$152\times 171\times 3$	77,976	76.1
3	$360\times 480\times 3$	518,400	506.2
4	$1071\times 1600\times 3$	5,140,800	5020.3
5	$981\times 1470\times 3$	4,326,210	4224.8
6	$165\times 247\times 3$	122,265	119.4
7	$360\times 480\times 3$	518,400	506.2
8	$183\times 275\times 3$	150,975	147.4
9	$183\times 275\times 3$	150,975	147.4
10	$201\times 251\times 3$	151,353	147.8
11	$600\times 1050\times 3$	1,890,000	1845.7
12	$1144\times 1783\times 3$	6,119,256	5975.8
Average			1572

were used in the experiments.

To measure the performance of the proposed method, multiple colored images of different sizes were selected. The focus was placed on the efficiency coefficients, in order to prove the extent of distortion in the encrypted image by calculating the values of MSE and PSNR. The calculated values were compared with the values for the standard methods used in encryption, to prove the reliability of the proposed method. The encryption and decryption times were chosen to perform the necessary comparisons, to prove the efficiency of the proposed method.

The following cases were executed:

• Case 1: Using a small image as an $image\_key$ (image 2). Number of rounds = 4, BLS = 16 byte = 128 bits (number of keys = 64, MPK dimension: 4 × 16).

  Table 4. Case 1 results.

  Image Number	MSE	PSNR	Encryption Time (s)
  1	$2.7611\times {10}^4$	8.5656	0.039
  1	$2.7611\times {10}^4$	8.5656	0.039
  2	$3.5382\times {10}^4$	6.0858	0.021
  3	$2.1049\times {10}^4$	11.2791	0.0134
  4	$1.6573\times {10}^4$	13.6700	1.348
  5	$1.6353\times {10}^4$	13.8037	1.128
  6	$1.2290\times {10}^4$	16.6596	0.032
  7	$2.4088\times {10}^4$	9.9304	0.138
  8	$2.1687\times {10}^4$	10.9808	0.040
  9	$1.5915\times {10}^4$	14.0749	0.047
  10	$2.5081\times {10}^4$	9.5264	0.039
  11	$2.2763\times {10}^4$	10.4966	0.492
  12	$7.4966\times {10}^3$	21.6032	1.603
  Average			0.4218
  Average Throughput (Kbyte/s)			0 3726.9

  shows the obtained results after executing the proposed method for case 1.
• Case 2: Using a medium image as an $image\_key$ (image 3). Number of rounds = 4, BLS = 16 byte = 128 bits (number of keys = 64, MPK dimension: 4 × 16).

  Table 5. Case 2 results.

  Image Number	MSE	PSNR	Encryption Time (s)
  1	$1.0752\times {10}^4$	17.9967	0.041
  2	$1.2723\times {10}^4$	16.3140	0.021
  3	$9.2259\times {10}^3$	19.5276	0.0136
  4	$7.8357\times {10}^3$	21.1608	1.342
  5	$7.7566\times {10}^3$	21.2622	1.119
  6	$6.6985\times {10}^3$	22.7288	0.032
  7	$1.0195\times {10}^4$	18.5285	0.135
  8	$9.4476\times {10}^3$	19.2901	0.039
  9	$7.7782\times {10}^3$	21.2345	0.039
  10	$1.0207\times {10}^4$	18.5174	0.040
  11	$9.7592\times {10}^3$	18.9656	0.490
  12	$5.8686\times {10}^3$	24.0515	1.601
  Average			0.4196
  Average Throughput (Kbyte/s)			3746.4

  shows the obtained results after executing the proposed method for case 2.
• Case 3: Using a large image as an $image\_key$ (image 12). Number of rounds = 4, BLS = 16 byte = 128 bits (number of keys = 64, MPK dimension: 4 × 16).

  Table 6. Case 3 results.

  Image Number	MSE	PSNR	Encryption Time (s)
  1	$1.6336\times {10}^4$	13.8142	0.041
  2	$1.7059\times {10}^4$	13.3812	0.020
  3	$1.5928\times {10}^4$	14.0667	0.138
  4	$1.5156\times {10}^4$	14.5634	1.416
  5	$1.5067\times {10}^4$	14.6224	1.180
  6	$1.4467\times {10}^4$	15.0290	0.032
  7	$1.6988\times {10}^4$	13.4228	0.136
  8	$1.5962\times {10}^4$	14.0458	0.040
  9	$1.4861\times {10}^4$	14.7603	0.039
  10	$1.6348\times {10}^4$	13.8069	0.040
  11	$1.5853\times {10}^4$	14.1144	0.494
  12	$1.4312\times {10}^4$	15.1369	1.724
  Average			0.4417
  Average Throughput (Kbyte/s)			3559

  shows the obtained results after executing the proposed method for case 3.
  The proposed method was executed with various block sizes, fixing the number of rounds at 4.

  Table 7. Varying block sizes, with image 12 as $image\_key$. Number of rounds = 4.

  BLS (Byte)	MPK Dimensions	Number of Keys	Image 2 Encryption Time (s)	Image 3 Encryption Time (s)	Image 12 Encryption Time (s)
  4	4 × 4	16	0.007000	0.040000	0.462000
  8	4 × 8	32	0.010000	0.073000	0.876000
  16	4 × 16	64	0.021000	0.150000	1.661000
  20	4 × 20	80	0.025000	0.170000	1.955000
  32	4 × 32	128	0.039000	0.265000	3.093000
  64	4 × 64	256	0.079000	0.517000	6.193000
  128	4 × 128	512	0.154000	1.047000	12.258000
  200	4 × 200	800	0.241000	1.741000	19.310000
  400	4 × 400	1600	0.481000	3.363000	38.272000

  shows the obtained experimental results.

The proposed method was executed with various numbers of rounds, fixing the block size to 16 bytes (128 bits).

Table 8. Varying number of rounds, with image 12 as $image\_key$. BLS = 16.

Number of Rounds	MPK Dimensions	Number of Keys	Image 2 Encryption Time (s)	Image 3 Encryption Time (s)	Image 12 Encryption Time (s)
1	1 × 16	16	0.021000	0.133000	1.544
2	2 × 16	32	0.023000	0.135000	1.601
4	4 × 16	64	0.026000	0.136000	1.617
5	5 × 16	80	0.026900	0.138200	1.6175
6	6 × 16	96	0.027000	0.139000	1.619
7	7 × 16	142	0.027910	0.139560	1.627
10	10 × 16	160	0.028900	0.142000	1.691
12	12 × 16	192	0.029900	0.145000	1.716
16	16 × 16	256	0.029930	0.153000	1.806
20	20 × 16	320	0.030900	0.164000	1.91

shows the obtained experimental results.

For performance evaluation purposes, the standard methods of data cryptography were programmed and executed using the same 12 images.

Table 9. Standard methods results.

Image Size (Bytes)	Encryption Time (s)
	DES	3DES	AES	BF	MPK (BLS = 16 Byte = 128 bits, Rounds = 10)
150,849	0.1093	0.1249	0.1008	0.0603	0.042000
77,976	0.0572	0.0647	0.0522	0.0313	0.022000
518,400	0.3761	0.4292	0.3456	0.2067	0.144000
5,140,800	3.6998	4.2546	3.4248	2.0452	1.402000
4,326,210	3.1138	3.5808	2.8822	1.7213	1.176000
122,265	0.0884	0.1015	0.0818	0.0490	0.034000
518,400	0.3739	0.4294	0.3457	0.2064	0.143000
150,975	0.1085	0.1253	0.1012	0.0607	0.054000
150,975	0.1089	0.1252	0.1012	0.0607	0.054000
151,353	0.1092	0.1257	0.1013	0.0604	0.045000
1890,000	1.3607	1.5646	1.2595	0.7521	0.521000
6,119,256	4.4038	5.0648	4.0767	2.4345	1.678000
Average	1.1591	1.3326	1.0728	0.6407	0.4429
Throughput (Kbyte)	1356.3	1179.7	1465.4	2453.7	3549.6

shows the obtained results.

5. Results Analysis

From the obtained experimental results presented in Section 4, we can extract the following facts:

• The proposed method satisfies the quality requirements by providing excellent values for MSE and PSNR, irrespective of the image-key size (Table 4, Table 5 and Table 6).
• Increasing the block size rapidly increases the encryption time, especially for images with large sizes; thus, it is recommended to use data blocks with small sizes (8 or 16 bytes) when dealing with large-sized images, (see Table 7 and Figure 10).
• Increasing the number of rounds slowly increases the encryption time for any image of any size (see Table 8 and Figure 11).
• The proposed method increases the level of security by using a 2D matrix as an MPK. This key is subject to change, due to changes in the image-key, the number of rounds, the block size, and other settings parameters.
• Compared with standard methods, the proposed method increases the cryptography process efficiency by decreasing the encryption time (see Table 5 and Table 9 and Figure 12).
• The proposed method can easily be used to encrypt and decrypt other types of data such as short messages and text files, and these can be treated using the same procedures as for color images.

The proposed method shows good speedup and increases the cryptography process throughput. The speedup calculations are shown in

Table 10. Throughput for different methods.

Method	Average Throughput (Kbyte per Second)
DES	1356.3
3DES	1179.7
AES	1465.4
BF	2453.7
Proposed (worst case)	3559.6

and

Table 11. Speedup calculation.

Method	DES	3DES	AES	BF	Proposed
DES	1.0000	1.1497	0.9255	0.5528	0.3810
3DES	0.8698	1.0000	0.8050	0.4808	0.3314
AES	1.0804	1.2422	1.0000	0.5972	0.4117
BF	1.8091	2.0799	1.6744	1.0000	0.6893
Proposed	2.6245	3.0174	2.4291	1.4507	1.0000

:

6. Conclusions

The proposed method was implemented using multiple images and the obtained practical results were compared with the practical results of standard methods, in order to prove the extent of the improvement in the efficiency achieved by the proposed method by reducing the time of encoding and decoding without preserving the values of the quality parameters MSE and PSNR.

A novel method for color image cryptography was introduced, tested, and implemented. The obtained results showed that the introduced method satisfies the requirement for image quality by providing acceptable and good values for MSE and PSNR during the encryption and decryption phases. The proposed method can be easily used to encrypt and decrypt short messages, text files, or any image. The obtained results were analyzed, and it was shown that the proposed method increased the efficiency by decreasing the encryption–decryption times. The speedup with respect to other methods was calculated, and it was shown that the proposed method showed significant speedup. The proposed method enhanced the data protection degree by increasing the level of security, and this was achieved by using a sophisticated 2D matrix as a private key. The dimensions and contents of this matrix can be changed, depending on the settings parameters used in the initial state.