Two-Dimensional Coupling-Enhanced Cubic Hyperchaotic Map with Exponential Parameters: Construction, Analysis, and Application in Hierarchical Significance-Aware Multi-Image Encryption

Abstract

As digital images proliferate across open networks, securing them against unauthorized access has become imperative. However, many recent image encryption algorithms are limited by weak chaotic dynamics and inadequate cryptographic design. To overcome these, we propose a new 2D coupling-enhanced cubic hyperchaotic map with exponential parameters (2D-CCHM-EP). By incorporating exponential terms and strengthening interdependence among state variables, the 2D-CCHM-EP exhibits strict local expansiveness, effectively suppresses periodic windows, and achieves robust hyperchaotic behavior, validated both theoretically and numerically. It outperforms several recent chaotic maps in key metrics, yielding significantly higher Lyapunov exponents and Kolmogorov–Sinai entropy, and passes all NIST SP 800-22 randomness tests. Leveraging the 2D-CCHM-EP, we further develop a hierarchical significance-aware multi-image encryption algorithm (MIEA-CPHS). The core of MIEA-CPHS is a hierarchical significance-aware encryption strategy that decomposes input images into high-, medium-, and low-significance layers, which undergo three, two, and one round of vector-level adaptive encryption operations. An SHA-384-based hash of the fused data dynamically generates a 48-bit adaptive control parameter, enhancing plaintext sensitivity and enabling integrity verification. Comprehensive security analyses confirm the exceptional performance of MIEA-CPHS: near-zero inter-pixel correlation (<0.0016), near-ideal Shannon entropy (>7.999), and superior plaintext sensitivity (NPCR $\approx 99.61\%$, UACI $\approx 33.46\%$). Remarkably, the hierarchical design and vectorized operations achieve an average encryption throughput of 87.6152 Mbps, striking an outstanding balance between high security and computational efficiency. This makes MIEA-CPHS highly suitable for modern high-throughput applications such as secure cloud storage and real-time media transmission.

1. Introduction

As a primary medium of information exchange in the digital era, digital images play a pivotal role in conveying rich, complex data with visual immediacy and ease of interpretation [1,2]. This distinctive capability has spurred their extensive adoption across critical domains, from clinical diagnostics and corporate communications to military reconnaissance and surveillance [3,4,5]. However, their widespread use introduces critical vulnerabilities: unauthorized exposure of confidential visual content can trigger serious security incidents. Moreover, standard encryption protocols like AES are ill suited for images due to inherent characteristics, large data volumes, and strong inter-pixel correlations, which undermine both security and efficiency in practical image encryption [6,7,8].

In response to growing security demands, image encryption schemes rooted in chaotic dynamics have gained significant traction within the field of information security [9,10,11]. Owing to their distinctive nonlinear traits, particularly high sensitivity to seed values, and intrinsic randomness in long-run evolution, chaotic systems offer an ideal foundation for achieving Shannon’s principles of confusion and diffusion [12,13,14]. Consequently, a surge of research activity has been devoted in the past few years to developing and optimizing chaos-based methodologies for securing digital images [15,16,17,18,19,20,21,22,23]. Recent studies have actively explored advanced dynamical properties to enhance cryptographic strength. For instance, Fedoseev et al. [24] utilized adaptive symmetry in discrete maps to expand the key space, while Hosbas et al. [25] leveraged fractional-order dynamics to construct robust true random number generators (TRNGs) verified by rigorous NIST assessments. In the specific domain of medical imaging, Kaya and Aydin introduced a chaos-based scheme for X-ray images using a double Lorenz map, achieving high resistance to differential attacks [26].

Despite the surge in novel encryption proposals, a considerable portion of contemporary algorithms are hindered by fundamental design shortcomings, which adversely affect their security guarantees, deployment feasibility, and runtime efficiency [27,28,29,30]. Through systematic cryptanalysis, we have uncovered two recurring weaknesses that persist across recent studies [31,32].

The first critical weakness in many current designs lies in their dependence on cryptographically weak chaotic primitives. Many schemes employ chaotic maps with known vulnerabilities. For instance, some algorithms utilize classic maps or 1D maps, which suffer from narrow chaotic ranges, uneven state distributions, and limited parameter spaces [33,34]. Others adopt hyperchaotic maps whose high complexity incurs substantial computational overhead, severely compromising encryption efficiency [35,36,37]. Even seemingly robust maps, such as the 2D Cubic map [38] analyzed in Section 2.1, can suffer from structural flaws like state variable independence, leading to dynamical degradation under specific parameters [39,40].

However, the design of robust chaotic maps faces deeper theoretical challenges beyond simple structural complexity. The recent literature has highlighted the critical issue of parameter-driven degradation phenomena, where chaotic systems implemented in finite-precision devices collapse into short-cycle periodic orbits or fixed points under specific parameter settings [41,42,43]. Furthermore, studies examining the relationship between sampling frequency and chaotic behavior have shown that improper sampling of continuous systems or weak discrete iterations can compromise the statistical independence of the generated sequences [44,45]. Similar challenges regarding signal integrity and security in non-ideal physical channels have also been addressed in recent chaotic communication systems [46]. These issues directly undermine the long-term unpredictability required for secure encryption. Therefore, constructing a map that maintains rigorous instability and uniform distribution regardless of parameter variations is not merely a performance goal but a fundamental requirement to prevent dynamical degradation.

The second critical weakness lies in flawed cryptographic architectures. Many algorithms fail to establish a strong link between the key and the plaintext, resulting in low sensitivity to plaintext changes and vulnerability to differential attacks [31,47]. Furthermore, many designs introduce key management challenges that violate Kerckhoffs’ principle, such as by directly using image hash values to initialize the chaotic system, which complicates decryption and key handling [34,48]. Finally, inefficient structures, such as pixel-by-pixel processing or complex DNA computation [48], create significant computational overhead, rendering them unsuitable for high-throughput applications.

To overcome these dual challenges in both dynamics and cryptographic design, this paper first constructs a new 2D coupling-enhanced cubic hyperchaotic map with exponential parameters (2D-CCHM-EP), and then proposes a novel, high-performance, and secure multi-image encryption framework. The primary contributions are as follows:

• We construct a new hyperchaotic map called 2D-CCHM-EP. By incorporating exponential terms to accelerate trajectory divergence and strengthen state interdependence, the map achieves robust hyperchaotic behavior.
• We rigorously demonstrate that the 2D-CCHM-EP exhibits strict local expansiveness across its entire parameter space, a key theoretical finding that guarantees the effective suppression of periodic windows. Comprehensive dynamical analyses validate its superior chaotic performance and randomness compared with several recent maps.
• We develop a hierarchical significance-aware multi-image encryption algorithm based on the 2D-CCHM-EP (MIEA-CPHS). This algorithm introduces a novel strategy that decomposes images into high-, medium-, and low-significance layers, applying differentiated encryption rounds to optimally balance security and speed.
• The algorithm integrates an SHA-384-based adaptive parameter mechanism with high-performance vector-level operations. This mechanism dynamically generates a 48-bit control parameter from the fused data, ensuring extreme plaintext sensitivity (NPCR $\approx 99.61\%$, UACI $\approx 33.46\%$) and enabling data-integrity verification.
• Extensive experiments confirm that the MIEA-CPHS achieves an outstanding balance between high security and efficiency, yielding an average encryption throughput of 87.6152 Mbps, significantly outperforming recent benchmarks and making it highly suitable for modern high-throughput applications.

The remainder of this paper is organized as follows: Section 2 details the construction, theoretical analysis, and numerical validation of the proposed 2D-CCHM-EP. Section 3 presents the complete architecture and operational steps of the MIEA-CPHS encryption algorithm. Section 4 provides a comprehensive evaluation of the algorithm’s security performance and computational efficiency. Finally, Section 5 concludes the paper and discusses potential avenues for future research.

2. Construction and Dynamical Analysis of 2D-CCHM-EP

This section primarily presents the construction of the 2D-CCHM-EP, its dynamical analysis, and an evaluation of its suitability for image encryption. We first detail its mathematical formulation, followed by a theoretical investigation of its dynamical properties, including fixed points, stability, and local expansiveness. The theoretical findings are then validated through a series of numerical experiments. Furthermore, the randomness of the sequences generated by the system is assessed using the NIST Statistical Test Suite, confirming its effectiveness and superiority as a chaotic source for cryptographic applications.

2.1. Construction of 2D-CCHM-EP

In contrast to continuous chaotic systems, discrete chaotic maps exhibit notable superiority in the speed of generating chaotic sequences—a critical advantage for engineering applications such as high-efficiency image encryption. Consequently, the adoption of diverse chaotic maps in cryptographic schemes has been steadily increasing. However, many recently proposed maps still suffer from either insufficient chaotic performance or unnecessarily complex structures.

For instance, Hua et al. proposed the 2D Cubic map in 2021 [38]. As shown in the first row of

Table 1. Definitions of our 2D-CCHM-EP and four recent 2D chaotic maps.

Name	Definition	Control Parameters
2D Cubic map [38]	$\left\{\begin{array}{c}{x}_t=(a{x}_{t-1}+c{y}_{t-1}^3)mod1,\hfill \\ y_t=b{y}_{t-1}mod1.\hfill \end{array}\right.$	$a,b,c$
Our 2D-CCHM-EP	$\left\{\begin{array}{c}{x}_t=(e^{\theta }{x}_{t-1}+y_{t-1}^3/\pi )mod1,\hfill \\ y_t=(e^{\gamma }{y}_{t-1}+x_{t-1}/\pi )mod1.\hfill \end{array}\right.$	$\theta ,\gamma$
2D-SCMCI [35]	$\left\{\begin{array}{c}{x}_t=rsin\left(\pi ((y_{t-1}+h)ksin(a\pi /x_{t-1}))\right),\hfill \\ y_t=rsin\left(\pi ((k{x}_t+h)sin(a\pi /x_{t-1}))\right).\hfill \end{array}\right.$	$r,h,k,a$
2D-LCCCM [36]	$\left\{\begin{array}{c}{x}_t=cos\left({\pi }^2(4\mu x_{t-1}(1-x_{t-1})+p{y}_{t-1}(1-y_{t-1}^2))+\pi /2\right),\hfill \\ y_t=cos\left({\pi }^2(4\mu y_{t-1}(1-y_{t-1})+p{x}_{t-1}(1-x_t^2))+\pi /2\right).\hfill \end{array}\right.$	$p,\mu$
2D-FOCM [37]	$\left\{\begin{array}{c}{x}_t=x_{t-1}+{\displaystyle \frac{h^v}{\Gamma (1+v)}}cos\left({\displaystyle \frac{2\pi x_{t-1}}{2\mu x_{t-1}^4-1}}-y_{t-1}\right),\hfill \\ y_t=y_{t-1}+{\displaystyle \frac{h^v}{\Gamma (1+v)}}cos(\mu \pi x_t+y_{t-1}).\hfill \end{array}\right.$	$h,v,\mu$

, its structure is extremely simple and computationally efficient. However, it exhibits two critical dynamical flaws: (i) the state variable $y_t$ is independent of $x_{t-1}$, leading to weak interdependence between dimensions; and (ii) for certain parameter values (e.g., $b=2$ or 10), both $y_t$ and $x_t$ collapse into non-chaotic, periodic, or even fixed-point dynamics.

To address these intrinsic limitations, we propose a robust hyperchaotic map named 2D-CCHM-EP, defined as

$$\left\{\begin{array}{cc}\hfill x_t& =\left(e^{\theta }{x}_{t-1}+y_{t-1}^3/\pi \right)mod1,\hfill \\ \hfill y_t& =\left(e^{\gamma }{y}_{t-1}+x_{t-1}/\pi \right)mod1,\hfill \end{array}\right.$$

(1)

where $(x_{t-1},y_{t-1})$ and $(x_t,y_t)$ denote the input and output states at the t-th iteration, respectively, and $(\theta ,\gamma )$ are the control parameters. As analytically derived in Section 2.2.2, when $\theta ,\gamma \in [1,13]$, the system exhibits strictly expanding local dynamics (with Jacobian eigenvalues always exceeding 2.167), guaranteeing persistent hyperchaotic behavior across the entire parameter range. This interval is chosen to balance numerical stability (avoiding overflow from excessively large exponentials) and cryptographic applicability.

The design of 2D-CCHM-EP incorporates three mathematically engineered improvements, each addressing a specific dynamical deficiency in the original 2D Cubic map:

• Exponential Repulsion Mechanism: The linear coefficients in the original map are replaced by exponential modulators $e^{\theta }$ and $e^{\gamma }$. As verified later in Equation (4), these terms ensure that the eigenvalues of the Jacobian at the origin are ${\lambda }_1=e^{\theta }$ and ${\lambda }_2=e^{\gamma }$. For $\theta ,\gamma \ge 1$, we have $|{\lambda }_i|\ge e^1\approx 2.718>1$. This theoretically guarantees that the fixed point acts as a strong unstable repeller regardless of parameter fluctuations, solving the weak divergence issue found in some polynomial-based maps such as the original 2D Cubic map.
• Full State Coupling: A linear coupling term $x_{t-1}/\pi$ is introduced into the equation for $y_t$. In the original 2D Cubic map, the decoupling of $y_t$ from $x_{t-1}$ results in a sparse Jacobian matrix, making the system vulnerable to parameter-driven degradation and reducing the statistical independence between dimensions. Our modification ensures a fully dense Jacobian (Equation (3)), enforcing bidirectional state dependence to mitigate these degradation phenomena.
• Scaling for Strict Local Expansiveness ($1/\pi$): The coefficient $1/\pi$ is not an arbitrary choice but a theoretically derived bound. As demonstrated in Section 2.2.2, this specific scaling ensures that even in the worst-case scenario ($\theta =\gamma =1$, $y\to 1$), the smaller eigenvalue remains strictly above unity (${\lambda }_{min}\approx 2.167>1$). Without this scaling, the system could violate the strict expansion condition, leading to periodic windows.

With these theoretically grounded enhancements, 2D-CCHM-EP achieves robust, parameter-insensitive hyperchaos. In the following sections, we provide a rigorous dynamical analysis and comprehensive performance evaluation to validate its suitability for secure image encryption.

2.2. Dynamical Analysis

Before presenting numerical validations, we conduct a theoretical analysis of the dynamical properties of 2D-CCHM-EP. This establishes the mathematical foundation for the hyperchaotic behavior observed in subsequent experiments and directly justifies the design choices outlined in Section 2.1.

2.2.1. Fixed Points and Stability Analysis

A fixed point $X^{\ast }=(x^{\ast },y^{\ast })$ of a map satisfies $F\left(X^{\ast }\right)=X^{\ast }$. For 2D-CCHM-EP (Equation (1)), the fixed points must satisfy

$$\left\{\begin{array}{cc}\hfill x^{\ast }& =\left(e^{\theta }{x}^{\ast }+{\left(y^{\ast }\right)}^3/\pi \right)mod1,\hfill \\ \hfill y^{\ast }& =\left(e^{\gamma }{y}^{\ast }+x^{\ast }/\pi \right)mod1.\hfill \end{array}\right.$$

(2)

This implies the existence of integers $k_1,k_2$ such that

$$\left\{\begin{array}{cc}\hfill (e^{\theta }-1)x^{\ast }+{\left(y^{\ast }\right)}^3/\pi & =k_1,\hfill \\ \hfill x^{\ast }/\pi +(e^{\gamma }-1)y^{\ast }& =k_2.\hfill \end{array}\right.$$

Clearly, $(x^{\ast },y^{\ast })=(0,0)$ is a fixed point when $k_1=k_2=0$.

For local stability analysis, the $mod1$ operation can be omitted, as it only affects global topology, not local linearization. The Jacobian matrix at any point $(x,y)$ is

$$J(x,y)=\left(\begin{array}{cc}{e}^{\theta }& 3y^2/\pi \\ 1/\pi & e^{\gamma }\end{array}\right).$$

(3)

Evaluated at the origin:

$$J(0,0)=\left(\begin{array}{cc}{e}^{\theta }& 0\\ 1/\pi & e^{\gamma }\end{array}\right),$$

(4)

which is lower triangular. Its eigenvalues are the diagonal entries: ${\lambda }_1=e^{\theta }$, ${\lambda }_2=e^{\gamma }$.

Given $\theta ,\gamma \in [1,13]$, we have $|{\lambda }_i|\ge e^1\approx 2.718>1$. Unlike certain polynomial-based maps such as the 2D Cubic map, whose eigenvalues may approach or fall below 1 for certain parameters, the exponential structure here enforces a rapid, guaranteed rate of separation. Thus, the origin is a robust unstable repeller, ensuring that all nearby trajectories diverge exponentially. This result rigorously validates the necessity of the exponential repulsion mechanism introduced in Section 2.1, as it eliminates the risk of trajectory collapse inherent in maps with weak fixed-point repulsion.

2.2.2. Jacobian Matrix and Local Expansiveness Analysis

A system is hyperchaotic if it possesses at least two positive Lyapunov exponents (LEs) [49]. While LEs are defined as long-term averages along trajectories, a sufficient condition for hyperchaos in smooth or piecewise-smooth systems is the presence of strict local expansiveness: that is, all eigenvalues of the Jacobian matrix $J(x,y)$ satisfy $\left|\lambda \right|>1$ for all $(x,y)$ in the interior of the phase space. This condition ensures that infinitesimal perturbations grow exponentially at every point, precluding the existence of stable periodic orbits.

Although the $mod1$ operation renders the map discontinuous at the boundaries of ${[0,1)}^2$, the Jacobian matrix remains valid for analyzing local dynamics in the interior ${(0,1)}^2$, where almost all trajectories evolve due to the strong repulsion from fixed points (see Section 2.2.1). Moreover, since the map is piecewise smooth and the expansion condition holds strictly throughout the open domain, no attracting periodic orbits can emerge—a fact corroborated by extensive numerical simulations (see Section 2.3).

From Equation (3), the characteristic equation is

$${\lambda }^2-(e^{\theta }+e^{\gamma })\lambda +\left(e^{\theta }{e}^{\gamma }-3y^2/{\pi }^2\right)=0.$$

The discriminant is

$$\Delta ={(e^{\theta }-e^{\gamma })}^2+{\displaystyle \frac{12y^2}{{\pi }^2}}\ge 0,$$

proving that both eigenvalues are real for all $(x,y)$. They are given by

$${\lambda }_{1,2}={\displaystyle \frac{(e^{\theta }+e^{\gamma })\pm \sqrt{{(e^{\theta }-e^{\gamma })}^2+12y^2/{\pi }^2}}{2}}.$$

We now determine the lower bound of the smaller eigenvalue ${\lambda }_2$. It is minimized when $\theta$ and $\gamma$ are smallest and y is largest. In the worst-case scenario ($\theta =\gamma =1$, $y\to 1$):

$${\lambda }_2={\displaystyle \frac{2e-\sqrt{12/{\pi }^2}}{2}}=e-{\displaystyle \frac{\sqrt{3}}{\pi }}\approx 2.718-0.551=2.167>1.$$

This result explicitly justifies the choice of the scaling factor $1/\pi$. We can demonstrate its necessity by analyzing the counterfactual scenario where this scaling is removed (i.e., the coefficient is set to 1). In that case, the discriminant term $12y^2/{\pi }^2$ would increase to $12y^2$. Consequently, in the worst-case limit ($\theta =\gamma =1$, $y\to 1$), the smaller eigenvalue would drop to ${\lambda }_2=e-\sqrt{3}\approx 2.718-1.732=0.986<1$. This violates the strict expansion condition, thereby removing the theoretical guarantee against periodic windows and permitting the emergence of stable orbits. Hence, the factor $1/\pi$ is a mathematically derived stability bound required to ensure ${\lambda }_{min}>1$ globally.

Since ${\lambda }_1\ge {\lambda }_2>2.167>1$ everywhere in the interior of the phase space, the system exhibits strictly expanding local dynamics throughout its domain. Consequently, the time-averaged logarithmic growth rates (LEs) satisfy $L{E}_1>0$ and $L{E}_2>0$. This establishes that 2D-CCHM-EP exhibits robust hyperchaos across its entire parameter range and is free from periodic windows, a significant improvement over certain existing maps such as the 2D Cubic map.

Thus, the structure of 2D-CCHM-EP is not an ad hoc combination of existing components, but a theoretically constrained design that enforces global hyperchaoticity through analytically derived parameter bounds.

2.3. Numerical Verification of Dynamical Behaviors

To complement the theoretical findings in Section 2.2, this subsection presents a series of numerical experiments designed to validate the dynamical properties of the 2D-CCHM-EP.

2.3.1. Trajectory Analysis

To visually verify our theoretical analysis, we present a comprehensive set of trajectory plots in Figure 1. The first plot (left) displays the 2D phase portrait of the system with fixed parameters ($\theta =6,\gamma =6$). As predicted by the analysis of the unstable repeller in Section 2.2.1, the trajectory rapidly diverges from the origin and exhibits a dense, space-filling behavior that uniformly covers the entire ${[0,1)}^2$ phase space. This visual evidence confirms the system’s strong ergodicity.

Furthermore, the second and third plots illustrate the 3D trajectory evolutions as the control parameters $\gamma$ and $\theta$ vary, respectively, across their entire defined range of $[1,13]$. In both 3D plots, the states $(x_t,y_t)$ remain uniformly distributed across the phase space regardless of the parameter values. The complete absence of any gaps, “periodic windows,” or collapsed structures in these plots provides powerful numerical corroboration for the theoretical proof in Section 2.2.2, which concluded that the 2D-CCHM-EP exhibits strictly expanding local dynamics and is persistently hyperchaotic throughout its entire parameter domain.

2.3.2. Bifurcation Diagram

Bifurcation diagrams offer an intuitive and effective means to verify the chaotic behavior of chaotic maps by exhibiting the distribution characteristics of state values as the control parameters vary [1]. For encryption applications, it is desirable that ciphertext pixels are uniformly distributed. Correspondingly, in the bifurcation diagram of the employed chaotic map, state values should also be uniformly distributed within the entire value domain, without the occurrence of blank areas or clustering of state values, often referred to as “periodic windows”.

Figure 2 showcases six bifurcation diagrams we plotted to visually assess the dynamical behavior of 2D-CCHM-EP across its full parameter range $(\theta ,\gamma )\in [1,13]$. Specifically, the first row presents bifurcation diagrams concerning the state value $x_t$. The first two plots are 2D diagrams showing $x_t$ vs. $\theta$ (with $\gamma =6$ fixed) and $x_t$ vs. $\gamma$ (with $\theta =6$ fixed), respectively. The third plot is a 3D diagram illustrating the distribution of $x_t$ over the entire $(\theta ,\gamma )$ plane. The second row mirrors this structure for the state value $y_t$, displaying two 2D bifurcation diagrams ($y_t$ vs. $\theta$ and $y_t$ vs. $\gamma$) and one 3D diagram ($y_t$ vs. $(\theta ,\gamma )$). It is evident from all six diagrams that both state values, $x_t$ and $y_t$, exhibit extremely uniform distributions across the entire state space $[0,1)$ for all tested parameter values within the defined range $[1,13]$. Crucially, there is a complete absence of any periodic windows or degenerate behaviors in these diagrams. This provides strong numerical evidence corroborating our theoretical conclusion in Section 2.2.2 that the 2D-CCHM-EP system exhibits strictly expanding local dynamics and is persistently hyperchaotic throughout its parameter space.

2.3.3. Lyapunov Exponents

The Lyapunov exponent (LE) serves as a pivotal metric for evaluating chaotic performance. A system is considered chaotic if it possesses at least one positive LE, and hyperchaotic if two or more LEs are positive [9]. For a 2D discrete map $\psi (x,y)$ such as 2D-CCHM-EP, the two LEs are defined as

$${\mathrm{LE}}_v=\underset{s\to \infty }{lim}{\displaystyle \frac{1}{s}}\sum _{k=1}^{s}ln\left|{\lambda }_v\left(J(x_k,y_k)\right)\right|,$$

(5)

where ${\mathrm{LE}}_v$ denotes either ${\mathrm{LE}}_1$ or ${\mathrm{LE}}_2$, and ${\lambda }_v\left(J(x_k,y_k)\right)$ is the v-th eigenvalue of the Jacobian matrix evaluated at the trajectory point $(x_k,y_k)$.

To ensure the statistical reliability and robustness of the LE estimates, all numerical experiments were conducted using double-precision floating-point arithmetic (IEEE 754 standard). For each parameter configuration, the system was iterated for $N=10000$ steps, with the first $N_{\mathrm{trans}}=2000$ iterations discarded as transients to eliminate dependence on initial conditions. The LEs were then computed from the remaining 8000 points.

As illustrated in Figure 3, both LEs of 2D-CCHM-EP remain strictly positive across the entire parameter range $(\theta ,\gamma )\in [1,13]$. While persistent hyperchaos over such a wide interval is uncommon for $mod1$ maps—which are typically plagued by periodic windows—this behavior is theoretically guaranteed for 2D-CCHM-EP. As rigorously derived in Section 2.2.2, the map’s design (notably the $1/\pi$ scaling) ensures that all local Jacobian eigenvalues satisfy $\left|\lambda \right|>2.167$ throughout the phase space. Consequently, the LEs are bounded below by $ln\left(2.167\right)\approx 0.773>0$, which explains the complete absence of non-chaotic regions. Moreover, as $\theta$ and $\gamma$ increase, both LEs grow rapidly, endowing the system with tunable divergence rates. These properties—broad hyperchaoticity, parameter insensitivity, and strong local expansiveness—make 2D-CCHM-EP an ideal candidate for high-security image encryption.

To highlight the chaotic performance improvement achieved through our enhancement designs, we compared the LEs of 2D-CCHM-EP with those of four recent chaotic maps, including the 2D Cubic map [35,36,37,38].

Table 2. Setup and findings of our LE comparative experiments.

Name	Invariable	Variable	${\mathbf{LE}}_1$	${\mathbf{LE}}_2$
2D-CCHM-EP	$\gamma =13$	$\theta$	12.9726	7.0274
2D Cubic map [38]	$b=13,c=1$	a	1.7660	2.5649
2D-SCMCI [35]	$k=1,h=2,r=1$	a	4.9351	−0.2636
2D-LCCCM [36]	$p=8.78$	$\mu$	6.7709	2.7685
2D-FOCM [37]	$h=0.5,v=0.789$	$\mu$	1.6439	0.0458

and Figure 4 present our experimental setup and findings. Clearly, the ${\mathrm{LE}}_1$ values of our 2D-CCHM-EP are significantly higher than those of the other four maps. Furthermore, the ${\mathrm{LE}}_2$ values rapidly increase when the control parameter exceeds 3, with its average value also being significantly higher. Consequently, it can be concluded that our enhancement designs are effective.

2.3.4. Kolmogorov–Sinai Entropy

Kolmogorov–Sinai entropy quantifies the rate at which a dynamical system generates information, reflecting the degree of unpredictability in its evolution. It measures the average amount of new information produced per unit time as trajectories diverge, not the information needed for prediction [50]. A higher KSE indicates faster loss of predictability, signifying stronger chaos or more complex dynamics.

For measure-preserving chaotic systems, Pesin’s Identity establishes a fundamental relationship between KSE ($h_{\mathrm{KS}}$) and the positive LEs: $h_{\mathrm{KS}}={\sum }_{{\mathrm{LE}}_i>0}{\mathrm{LE}}_i$. This identity provides a valuable means to cross-validate numerical estimations of both quantities. The theoretical definition of KSE (or more precisely, the metric entropy $K_1$, which equals $h_{\mathrm{KS}}$ under certain conditions) is based on the Shannon entropy rate of trajectory sequences over a phase space partition. It involves partitioning the space into boxes of size $ϵ$ and considering sequences of length d with delay $\tau$:

$$K_1=-\underset{\tau \to 0}{lim}\underset{ϵ\to 0}{lim}\underset{d\to \infty }{lim}{\displaystyle \frac{1}{d\tau }}{\sum }_{i_0,\dots ,i_{d-1}}P(i_0,\dots ,i_{d-1})lnP(i_0,\dots ,i_{d-1}),$$

(6)

where $P(i_0,\dots ,i_{d-1})$ is the joint probability for a trajectory sequence visiting boxes $i_0,\dots ,i_{d-1}$. Directly computing $K_1$ from Equation (6) is numerically challenging. Therefore, we employed the widely used Grassberger–Procaccia algorithm to estimate the correlation entropy $K_2$ (denoted KE in our results, see

Table 3. Setup and findings of our KE comparative experiments.

Name	Invariable	Variable	${\mathbf{KE}}_{\mathit{x}}$	${\mathbf{KE}}_{\mathit{y}}$
2D-CCHM-EP	$\gamma =6$	$\theta$	2.3503	2.4310
2D Cubic map [38]	$b=6,c=1$	a	1.9094	1.9557
2D-SCMCI [35]	$k=1,h=2,r=1$	a	2.1325	1.8067
2D-LCCCM [36]	$p=8.78$	$\mu$	2.1116	2.1129
2D-FOCM [37]	$h=0.5,v=0.789$	$\mu$	0.3282	0.3214

and Figure 5) [50]. This method analyzes the scaling of the correlation sum $C(ϵ,d)$ with $ϵ$ and d. It is well established that $K_2$ provides a rigorous lower bound for $K_1$ ($K_2\le K_1\approx h_{\mathrm{KS}}$). Despite being a lower bound, $K_2$ is a standard and practical measure for quantifying and comparing the complexity and unpredictability inherent in chaotic systems.

We conducted numerical experiments to evaluate the unpredictability and complexity of 2D-CCHM-EP and four other recent maps (See Table 3 and Figure 5). As revealed, all five maps exhibit positive KE values, confirming they are all in unpredictable, chaotic states. Notably, our 2D-CCHM-EP demonstrates superior performance: its ${\mathrm{KE}}_y$ values surpass all other maps across the entire tested parameter range, while its ${\mathrm{KE}}_x$ values are optimal within the parameter range $\theta \in [3,10]$. The average KE values for 2D-CCHM-EP are significantly greater than those of the comparison maps. This indicates that 2D-CCHM-EP possesses enhanced unpredictability and complexity.

Furthermore, comparing these results with the LEs presented earlier (Table 2 in Section 2.3.3), we observe a strong consistency. The sum of the estimated entropy components (${\mathrm{KE}}_x$ + ${\mathrm{KE}}_y$) from Table 3 closely correlates in trend with the sum of the positive LEs (${\mathrm{LE}}_1$ + ${\mathrm{LE}}_2$) from Table 2. This alignment is consistent with Pesin’s Identity and serves as further validation for both our LE calculations and the robust hyperchaotic nature, including the strict local expansiveness established in Section 2.2.2, of the proposed 2D-CCHM-EP.

2.4. Randomness Test

While the preceding analyses have theoretically proven (Section 2.2) and numerically verified (Section 2.3) the robust hyperchaotic nature and complex dynamics of the 2D-CCHM-EP, its suitability for cryptographic applications ultimately hinges on the statistical randomness of the sequences it generates. To rigorously evaluate this aspect, we employed the NIST SP800-22 test suite, a comprehensive battery of statistical tests published by the National Institute of Standards and Technology (NIST) designed to detect non-randomness in binary sequences [51]. According to NIST standards, a binary sequence of sufficient length (e.g., ${10}^6$ bits) is considered to possess acceptable randomness if the p-values obtained from all relevant statistical tests exceed a predefined significance level, typically $\alpha =0.01$ [51,52].

We conducted a thorough testing procedure involving 20 rounds. In each round, a distinct set of initial values $(x_0,y_0)$ and control parameters $(\theta ,\gamma )$ (randomly chosen within their valid ranges) was used to iterate the 2D-CCHM-EP. For each parameter set, the output sequences $\left\{x_t\right\}$ and $\left\{y_t\right\}$ were transformed into two binary sequences of length ${10}^6$ bits each. This resulted in a total of 40 binary sequences generated under diverse conditions. Subsequently, each sequence was subjected to the full NIST SP800-22 test suite.

The summarized results of these tests are presented in

Table 4. Our random test findings for 2D-CCHM-EP.

Test Item	p-Value		Pass Ratio	Result (R = Random)
	${\mathit{x}}_{\mathit{t}}$	${\mathit{y}}_{\mathit{t}}$
Freq. Bit	0.684742	0.504134	20/20	R
Freq. Block	0.976444	0.186752	20/20	R
Run	0.280215	0.968449	20/20	R
Longest Run	0.273609	0.759439	20/20	R
Bin. Mat. Rank	0.638293	0.822162	20/20	R
DFT	0.699927	0.956091	20/20	R
Non-Overlapping Temp.	0.176719	0.661149	20/20	R
Overlapping Temp.	0.892654	0.574118	20/20	R
Univ. Stat.	0.942278	0.737329	20/20	R
Linear Complexity	0.445562	0.212496	20/20	R
Serial 1	0.729394	0.655986	20/20	R
Serial 2	0.610851	0.622832	20/20	R
Appr. Entropy	0.880750	0.693010	20/20	R
Cumu. Sums Forward	0.728022	0.424428	20/20	R
Cumu. Sums Reverse	0.926945	0.724265	20/20	R
Random Excur. ($x=-1$)	0.830732	0.175877	20/20	R
Random Excur. ($x=+1$)	0.542486	0.542967	20/20	R
Random Excur. Var. ($x=-1$)	0.933815	0.630282	20/20	R
Random Excur. Var. ($x=+1$)	0.454816	0.582257	20/20	R

. As clearly indicated, for all 15 test items, the average p-values for both the $x_t$-derived and $y_t$-derived sequences are significantly greater than the threshold of 0.01. Furthermore, the pass ratio for every test across all 20 rounds (40 sequences) was 100%. These results strongly demonstrate that the sequences generated by 2D-CCHM-EP exhibit excellent statistical properties consistent with true randomness.

The comprehensive analyses in this section confirm the desirable properties of the proposed 2D-CCHM-EP. The theoretical analysis (Section 2.2) established its strictly expanding hyperchaotic nature, free from periodic windows. The numerical verifications (Section 2.3) demonstrated its superior LE and KE values compared with existing maps, alongside excellent trajectory and bifurcation characteristics. Finally, the NIST tests (Section 2.4) confirmed the high statistical randomness of its output sequences. Collectively, these findings validate the 2D-CCHM-EP as a robust and high-performance chaotic source, ideally suited for designing the image encryption algorithm proposed in the subsequent section.

3. Proposed MIEA-CPHS

Building upon the robust hyperchaotic properties of the 2D-CCHM-EP established in Section 2, we now introduce a novel multi-image encryption algorithm, termed MIEA-CPHS. The architecture of MIEA-CPHS is specifically designed to resolve the fundamental trade-off between security and efficiency in high-throughput applications. Unlike uniform encryption schemes that treat all data equally, MIEA-CPHS adopts a hierarchical significance-aware strategy grounded in the nonuniform distribution of visual information in digital images.

As illustrated in Figure 6, MIEA-CPHS integrates six stages: Generation of Hyperchaotic Sequence, Hierarchical Significance-Aware Bit-Plane Fusion, Generation of Adaptive Control Parameter, Generation of Keystreams, Adaptive Dual-Mode Vector-Level Hybrid Diffusion, and 2D Permutation with Adaptive Hybrid Substitution.

Crucially, the encryption process is hierarchical significance-aware: high-significance components undergo three rounds of diffusion–substitution, medium-significance components two rounds, and low-significance components one round—ensuring enhanced security for perceptually critical information while maintaining computational efficiency.

3.1. Generation of Hyperchaotic Sequence

Given n input images ${\left\{I^{\left(i\right)}\right\}}_{i=1}^n$ with a common spatial resolution $M\times N$ and channel counts $c_i$ ($c_i=1$ for grayscale images and $c_i=3$ for color images), we construct a 3D image tensor

$$\mathbf{X}\in {\mathbb{Z}}^{M\times N\times D},D=\sum _{i=1}^n{c}_i,$$

(7)

by sequentially stacking all image channels along the third dimension. The structural metadata is encoded as

$$\mathcal{M}=(M,N,\mathbf{c}),\mathbf{c}={[c_1,c_2,\dots ,c_n]}^{\top },$$

(8)

which enables exact, lossless reconstruction of the original image set from $\mathbf{X}$. The mapping $\left\{I^{\left(i\right)}\right\}\mapsto (\mathbf{X},\mathcal{M})$ is bijective.

The secret key of MIEA-CPHS is defined as

$$\mathcal{K}=\left[{\theta }^{\left(1\right)},{\gamma }^{\left(1\right)},x_0^{\left(1\right)},y_0^{\left(1\right)},{\theta }^{\left(2\right)},{\gamma }^{\left(2\right)},x_0^{\left(2\right)},y_0^{\left(2\right)},\alpha \right],$$

(9)

where the first four and the next four components serve as the initial parameters for two independent instances of the 2D-CCHM-EP, respectively, and $\alpha \in \mathbb{N}$ is a transient length used to discard initial samples for enhanced security.

From $\mathcal{K}$, the proposed MIEA-CPHS generates a hyperchaotic sequence ${\mathbf{S}}_{\mathrm{cut}}$ for subsequent encryption stages as follows:

• Step 1 (Length Determination): For the 3D image tensor $\mathbf{X}$ of size $M\times N\times D$, we compute the effective fused dimensions as $F_M=M/4$ and $F_N=ND/4$. The total number of required hyperchaotic samples is

  $$L=3F_M{F}_N+\alpha +1024,$$

  (10)

  where the additional 1024 samples are reserved to enhance plaintext sensitivity in later encryption stages.
• Step 2 (Raw Sequence Generation): Using the first eight components of $\mathcal{K}$ as initial parameters, we alternately iterate the two instances of the 2D-CCHM-EP and concatenate their state outputs in the order $[x^{\left(1\right)},y^{\left(1\right)},x^{\left(2\right)},y^{\left(2\right)}]$ at each iteration. This yields a raw hyperchaotic sequence ${\mathbf{S}}_{\mathrm{org}}\in {[0,1)}^L$.
• Step 3 (Key-Controlled Transient Removal): The first $\alpha$ samples of ${\mathbf{S}}_{\mathrm{org}}$ are discarded, where $\alpha$ is the last component of $\mathcal{K}$, yielding the truncated sequence

  $${\mathbf{S}}_{\mathrm{cut}}={\left\{s_t\right\}}_{t=\alpha +1}^L.$$

  (11)
• Step 4 (Sequence Extraction): From ${\mathbf{S}}_{\mathrm{cut}}$, the first $M+N+D$ samples are extracted to form the hyperchaotic sequence

  $${\mathbf{S}}^{\left(1\right)}={\left\{s_t\right\}}_{t=\alpha +1}^{\alpha +M+N+D},$$

  (12)

  which is used in the subsequent hierarchical significance-aware bit-plane fusion stage. The full sequence ${\mathbf{S}}_{\mathrm{cut}}$ is reserved for the keystream generation in Section 3.4.

3.2. Hierarchical Significance-Aware Bit-Plane Fusion

Building upon the hyperchaotic sequence ${\mathbf{S}}^{\left(1\right)}$ generated in Section 3.1, MIEA-CPHS performs a two-stage preprocessing step that jointly achieves 3D spatial confusion and hierarchical bit-plane fusion. This stage prepares the data for subsequent encryption operations by aligning the representation with perceptual significance.

First, a key-controlled 3D permutation is applied to the input tensor $\mathbf{X}\in {\mathbb{Z}}^{M\times N\times D}$ using the first $M+N+D$ samples of ${\mathbf{S}}^{\left(1\right)}$, yielding a scrambled tensor ${\mathbf{X}}_{\mathrm{sc}}$. The tensor is then reshaped and decomposed into three bit-plane groups according to visual importance: high-significance (bits 8–6), mid-significance (bits 5–3), and low-significance (bits 2–1). Each group is fused across 16 depth slices into a compact matrix through base-weighted accumulation, resulting in three matrices ${\mathbf{F}}_{\mathrm{H}3\mathrm{M}}$, ${\mathbf{F}}_{\mathrm{M}3\mathrm{M}}$, and ${\mathbf{F}}_{\mathrm{L}2\mathrm{M}}$ of size $F_M\times F_N$.

This hierarchical fusion preserves lossless reconstructability while enabling differentiated cryptographic protection according to perceptual significance. As illustrated in Figure 6, the high-significance component ${\mathbf{F}}_{\mathrm{H}3\mathrm{M}}$ undergoes three rounds of encryption, the mid-significance component ${\mathbf{F}}_{\mathrm{M}3\mathrm{M}}$ receives two rounds, and the low-significance component ${\mathbf{F}}_{\mathrm{L}2\mathrm{M}}$ is encrypted only once.

This distinct round allocation is not arbitrary but is dictated by the information entropy and spatial correlation inherent to each layer:

• High-Significance Layer (Three Rounds): This layer (bits 8–6) encapsulates over 94% of the total visual energy and possesses extremely strong spatial correlations. A single encryption round is mathematically insufficient to thoroughly disrupt these patterns. Therefore, three rounds are strictly necessary to guarantee the security of the most critical visual data against statistical attacks.
• Mid-Significance Layer (Two Rounds): Containing intermediate textural details, this layer represents a transition zone. Two rounds serve as an optimal equilibrium point, providing a safety margin superior to a single round without the computational cost of the full three-round process.
• Low-Significance Layer (One Round): These bits (2–1) statistically resemble random noise with negligible correlation. Applying multiple rounds here yields diminishing returns in security while tripling the computational overhead. Thus, a single round is sufficient to maximize throughput without compromising overall visual security.

This tiered strategy optimizes the balance between security and efficiency. The entire process is deterministic, invertible, and fully key-dependent, thereby satisfying Shannon’s principle of confusion. The complete procedure is summarized in Algorithm 1.

Algorithm 1 Hierarchical Significance-Aware Bit-Plane Fusion in MIEA-CPHS.

Input:  The 3D image tensor $\mathbf{X}$ of size $M\times N\times D$ and the hyperchaotic sequence ${\mathbf{S}}^{\left(1\right)}$ of length $M+N+D$.   1: Compute permutation indices ${\pi }_1$, ${\pi }_2$, ${\pi }_3$ via sorting: ${\pi }_1\leftarrow sort\left({\mathbf{S}}_{1:M}^{\left(1\right)}\right)$, ${\pi }_2\leftarrow sort\left({\mathbf{S}}_{M+1:M+N}^{\left(1\right)}\right)$, ${\pi }_3\leftarrow sort\left({\mathbf{S}}_{M+N+1:M+N+D}^{\left(1\right)}\right)$.   2: Perform 3D spatial scrambling: ${\mathbf{X}}_{\mathrm{sc}}\leftarrow \mathbf{X}({\pi }_1,{\pi }_2,{\pi }_3)$.   3: Reshape ${\mathbf{X}}_{\mathrm{sc}}$ into a 3D block array: ${\mathbf{X}}_{\mathrm{blk}}\leftarrow reshape\left({\mathbf{X}}_{\mathrm{sc}},F_M,F_N,16\right)$.   4: Extract high-significance layer (bits 8–6): $\mathbf{H}\leftarrow ⌊{\mathbf{X}}_{\mathrm{blk}}/32⌋$.   5: Extract mid-significance layer (bits 5–3): $\mathbf{M}\leftarrow ⌊mod({\mathbf{X}}_{\mathrm{blk}},32)/4⌋$.   6: Extract low-significance layer (bits 2–1): $\mathbf{L}\leftarrow mod({\mathbf{X}}_{\mathrm{blk}},4)$.   7: Initialize fused matrices: ${\mathbf{F}}_{\mathrm{H}3\mathrm{M}}\leftarrow \mathbf{0}$,${\mathbf{F}}_{\mathrm{M}3\mathrm{M}}\leftarrow \mathbf{0}$,${\mathbf{F}}_{\mathrm{L}2\mathrm{M}}\leftarrow \mathbf{0}$.   8: for $i=1$ to 16 do   9:     ${\mathbf{F}}_{\mathrm{H}3\mathrm{M}}\leftarrow {\mathbf{F}}_{\mathrm{H}3\mathrm{M}}\times 8+\mathbf{H}(:,:,i)$; 10:     ${\mathbf{F}}_{\mathrm{M}3\mathrm{M}}\leftarrow {\mathbf{F}}_{\mathrm{M}3\mathrm{M}}\times 8+\mathbf{M}(:,:,i)$; 11:     ${\mathbf{F}}_{\mathrm{L}2\mathrm{M}}\leftarrow {\mathbf{F}}_{\mathrm{L}2\mathrm{M}}\times 4+\mathbf{L}(:,:,i)$; 12: end for Output:  Three fused matrices ${\mathbf{F}}_{\mathrm{H}3\mathrm{M}},{\mathbf{F}}_{\mathrm{M}3\mathrm{M}}$, and ${\mathbf{F}}_{\mathrm{L}2\mathrm{M}}$ of size $F_M\times F_N$.

3.3. Generation of Adaptive Control Parameter

To enhance plaintext sensitivity and support secure decryption with integrity verification, MIEA-CPHS derives a 48-bit adaptive control parameter $\kappa$ from the three fused matrices ${\mathbf{F}}_{\mathrm{H}3\mathrm{M}}$, ${\mathbf{F}}_{\mathrm{M}3\mathrm{M}}$, and ${\mathbf{F}}_{\mathrm{L}2\mathrm{M}}$. Critically, the SHA-384 hash digest $\mathbf{h}$ used to compute $\kappa$ is transmitted alongside the ciphertext, enabling the receiver to reconstruct $\kappa$ before decryption and later verify the correctness of the recovered data. The generation proceeds as follows:

• Step 1 (Multi-Tier XOR Fusion): Perform element-wise XOR across the three significance-aware matrices:

  $${\mathbf{X}}_{\oplus }={\mathbf{F}}_{\mathrm{H}3\mathrm{M}}\oplus {\mathbf{F}}_{\mathrm{M}3\mathrm{M}}\oplus {\mathbf{F}}_{\mathrm{L}2\mathrm{M}}.$$

  (13)
• Step 2 (Cryptographic Hashing): Compute the SHA-384 hash digest of ${\mathbf{X}}_{\oplus }$, resulting in a 48-byte vector:

  $$\mathbf{h}=(h_1,h_2,\dots ,h_{48}),h_i\in \{0,1,\dots ,255\}.$$

  (14)
  This digest $\mathbf{h}$ is transmitted to the receiver for parameter reconstruction and integrity checking.
• Step 3 (Block-Wise Product Computation): Partition $\mathbf{h}$ into eight consecutive 6-byte blocks. For the i-th block ($i=1,\dots ,8$), compute the product of its bytes:

  $$p_i=\prod _{j=1}^6{h}_{6(i-1)+j}.$$

  (15)
• Step 4 (Modular Accumulation): Accumulate all block products modulo $2^{48}$ to obtain the final 48-bit adaptive control parameter:

  $$\kappa =\left(\sum _{i=1}^8{p}_i\right)mod{2}^{48}.$$

  (16)

The parameter $\kappa$ governs multiple stages of the subsequent encryption process, including keystream generation, adaptive dual-mode vector-level hybrid diffusion, and 2D permutation with adaptive hybrid substitution. At the receiver side, $\kappa$ is reconstructed from the received hash digest $\mathbf{h}$ prior to decryption. After decryption, the receiver recomputes the hash from the recovered fused matrices and compares it with $\mathbf{h}$ to verify both data integrity and decryption correctness.

3.4. Generation of Keystreams

To enable significance-aware encryption, MIEA-CPHS generates six distinct keystreams tailored to the high-, medium-, and low-significance layers. These keystreams drive the encryption operations in subsequent stages and are dynamically controlled by the adaptive parameter $\kappa$. The generation proceeds as follows:

• Step 1 (Hash-Controlled Sequence Trimming): Let $\kappa \in [0,2^{48}-1]$ be the adaptive control parameter from Section 3.3. Compute a hash-derived discard offset:

  $$h_{\mathrm{dis}}=\left(\kappa mod1024\right)+1.$$

  (17)
  The pre-generated hyperchaotic sequence ${\mathbf{S}}_{\mathrm{cut}}$ (from Section 3.1) is then trimmed to retain the segment

  $${\mathbf{S}}_{\mathrm{trim}}={\mathbf{S}}_{\mathrm{cut}}(h_{\mathrm{dis}}+1:h_{\mathrm{dis}}+3F_M{F}_N),$$

  (18)

  where $F_M=M/4$ and $F_N=ND/4$ are the fused dimensions defined in Section 3.2.
• Step 2 (Permutation Keystreams for High-Significance Layer): Denote $L_{\mathrm{perm}}=F_M+F_N$ and $L_{\mathrm{aux}}=M+N+D$. The first permutation keystream for the high-significance layer is extracted as

  $${\pi }_{\mathrm{H}3}^{\left(1\right)}={\mathbf{S}}_{\mathrm{trim}}(L_{\mathrm{aux}}+1:L_{\mathrm{aux}}+L_{\mathrm{perm}}).$$

  (19)
  The second and third permutation keystreams are derived via modular multiplication:

  $${\pi }_{\mathrm{H}3}^{\left(2\right)}=\{3smod1\mid s\in {\pi }_{\mathrm{H}3}^{\left(1\right)}\},{\pi }_{\mathrm{H}3}^{\left(3\right)}=\{5smod1\mid s\in {\pi }_{\mathrm{H}3}^{\left(1\right)}\}.$$

  (20)
  These three keystreams control the three rounds of 2D permutation within the “2D Permutation with Adaptive Hybrid Substitution” stage: ${\pi }_{\mathrm{H}3}^{\left(1\right)}$ drives the first round, ${\pi }_{\mathrm{H}3}^{\left(2\right)}$ the second, and ${\pi }_{\mathrm{H}3}^{\left(3\right)}$ the third, ensuring dynamic and non-repeating spatial shuffling.
• Step 3 (Permutation Keystreams for Medium-Significance Layer): The medium-significance layer employs two permutation keystreams:

  $${\pi }_{\mathrm{M}3}^{\left(1\right)}={\mathbf{S}}_{\mathrm{trim}}(L_{\mathrm{aux}}+L_{\mathrm{perm}}+1:L_{\mathrm{aux}}+2L_{\mathrm{perm}}),$$

  (21)

  $${\pi }_{\mathrm{M}3}^{\left(2\right)}=\{3smod1\mid s\in {\pi }_{\mathrm{M}3}^{\left(1\right)}\}.$$

  (22)
  These control the first and second rounds of 2D permutation for the medium-significance fused matrix, respectively.
• Step 4 (Permutation Keystream for Low-Significance Layer): The low-significance layer uses a single permutation keystream:

  $${\pi }_{\mathrm{L}2}={\mathbf{S}}_{\mathrm{trim}}(L_{\mathrm{aux}}+2L_{\mathrm{perm}}+1:L_{\mathrm{aux}}+3L_{\mathrm{perm}}),$$

  (23)

  which drives the sole round of 2D permutation for this layer.
• Step 5 (Substitution Keystreams for High-Significance Layer): The first block of $F_M{F}_N$ samples from ${\mathbf{S}}_{\mathrm{trim}}$ is scaled under modulus $2^{48}$:

  $${\sigma }_{\mathrm{H}3}^{\left(1\right)}=⌊{\mathbf{S}}_{\mathrm{trim}}(1:F_M{F}_N)·2^{48}⌋,$$

  (24)

  with auxiliary matrices generated via modular multiplication:

  $${\sigma }_{\mathrm{H}3}^{\left(2\right)}=\left(3{\sigma }_{\mathrm{H}3}^{\left(1\right)}\right)mod{2}^{48},{\sigma }_{\mathrm{H}3}^{\left(3\right)}=\left(5{\sigma }_{\mathrm{H}3}^{\left(1\right)}\right)mod{2}^{48}.$$

  (25)
  Each is reshaped into an $F_M\times F_N$ matrix and applied in a distinct round of hybrid diffusion and hybrid substitution: ${\sigma }_{\mathrm{H}3}^{\left(1\right)}$ in round 1, ${\sigma }_{\mathrm{H}3}^{\left(2\right)}$ in round 2, and ${\sigma }_{\mathrm{H}3}^{\left(3\right)}$ in round 3.
• Step 6 (Substitution Keystreams for Medium-Significance Layer): The second block yields

  $${\sigma }_{\mathrm{M}3}^{\left(1\right)}=⌊{\mathbf{S}}_{\mathrm{trim}}(F_M{F}_N+1:2F_M{F}_N)·2^{48}⌋,$$

  (26)

  $${\sigma }_{\mathrm{M}3}^{\left(2\right)}=\left(3{\sigma }_{\mathrm{M}3}^{\left(1\right)}\right)mod{2}^{48}.$$

  (27)
  These matrices are used in the first and second rounds of hybrid diffusion and hybrid substitution for the medium-significance layer, respectively.
• Step 7 (Substitution Keystream for Low-Significance Layer): The third block is scaled under modulus $2^{32}$:

  $${\sigma }_{\mathrm{L}2}=⌊{\mathbf{S}}_{\mathrm{trim}}(2F_M{F}_N+1:3F_M{F}_N)·2^{32}⌋,$$

  (28)

  and reshaped into an $F_M\times F_N$ matrix that drives the single round of hybrid diffusion and hybrid substitution for the low-significance component.

3.5. Adaptive Dual-Mode Vector-Level Hybrid Diffusion

To achieve robust diffusion that is both content-adaptive and key-dependent, MIEA-CPHS introduces an encryption step called adaptive dual-mode vector-level hybrid diffusion. This stage operates independently on each significance layer (high, medium, and low) and is coupled with the substitution keystreams generated in Section 3.4. The diffusion process is structured in multiple rounds, three for the high-significance layer, two for the medium, and one for the low, each round alternating with an encryption step called 2D permutation with adaptive hybrid substitution (as detailed in Section 3.6).

The necessity of the vector-level architecture stems from the computational demands of the multi-round strategy described in Section 3.2. Traditional pixel-by-pixel diffusion involves computationally expensive nested loops that create significant latency, especially when reiterated multiple times. By designing the diffusion to operate on entire row or column vectors (as detailed in Algorithm 2), we leverage CPU vectorization and efficient memory access patterns. This architectural optimization acts as a necessary enabler, allowing MIEA-CPHS to execute multiple rounds of high-intensity encryption on critical layers while maintaining a high throughput.

Algorithm 2 Adaptive Dual-Mode Vector-Level Hybrid Diffusion in MIEA-CPHS.

Input:  An input matrix $\mathbf{P}$ of size $F_M\times F_N$, an adaptive control value $\tilde{\kappa }$, and the first element $\tilde{\sigma }$ of the corresponding substitution keystream. Output:  The diffused output matrix $\mathbf{C}$ of size $F_M\times F_N$.   1: Compute the mode selector: $f\leftarrow (\tilde{\kappa }+\tilde{\sigma })mod2$.   2: if $f=1$ then   3:     Compute column split index: $i_c\leftarrow ⌊{\displaystyle \frac{F_N}{2}}⌋+⌊\tilde{\kappa }mod⌊{\displaystyle \frac{F_N}{4}}⌋⌋$.   4:     Initialize first column: $\mathbf{C}(:,1)\leftarrow (\mathbf{P}(:,1)+\tilde{\kappa })mod{2}^b$.   5:     for $j=2$ to $i_c$ do   6:         $\mathbf{C}(:,j)\leftarrow \left(\mathbf{P}(:,j)+\mathbf{C}(:,j-1)\right)mod{2}^b$.   7:     end for   8:     for $j=i_c+1$ to $F_N$ do   9:         $\mathbf{C}(:,j)\leftarrow \mathbf{P}(:,j)\oplus \mathbf{C}(:,j-1)$. 10:     end for 11: else 12:     Compute row split index: $i_r\leftarrow ⌊{\displaystyle \frac{F_M}{2}}⌋+⌊\tilde{\kappa }mod⌊{\displaystyle \frac{F_M}{4}}⌋⌋$. 13:     Initialize first row: $\mathbf{C}(1,:)\leftarrow (\mathbf{P}(1,:)+\tilde{\kappa })mod{2}^b$. 14:     for $i=2$ to $i_r$ do 15:         $\mathbf{C}(i,:)\leftarrow \left(\mathbf{P}(i,:)+\mathbf{C}(i-1,:)\right)mod{2}^b$. 16:     end for 17:     for $i=i_r+1$ to $F_M$ do 18:         $\mathbf{C}(i,:)\leftarrow \mathbf{P}(i,:)\oplus \mathbf{C}(i-1,:)$. 19:     end for 20: end if

The core of this diffusion step lies in the dual-mode diffusion, which dynamically selects between row-wise and column-wise propagation based on the adaptive control parameter $\kappa$ derived from the plaintext hash digest and the current round of substitution keystream. This design ensures that even minor changes in either the plaintext or the secret key result in drastically different diffusion trajectories, thereby achieving a strong avalanche effect and robust resistance against differential and chosen-plaintext attacks.

Notably, the two control inputs $(\tilde{\kappa },\tilde{\sigma })$ to each diffusion round (see Algorithm 2) differ across rounds, causing the diffusion direction to vary dynamically between row-wise and column-wise modes. For the high-significance layer, the last two control inputs for each round are, respectively, as follows:

• Round 1: $\tilde{\kappa }=\kappa$, $\tilde{\sigma }={\sigma }_{\mathrm{H}3}^{\left(1\right)}(1,1)$,
• Round 2: $\tilde{\kappa }=\kappa +1$, $\tilde{\sigma }={\sigma }_{\mathrm{H}3}^{\left(2\right)}(1,1)$,
• Round 3: $\tilde{\kappa }=\kappa +2$, $\tilde{\sigma }={\sigma }_{\mathrm{H}3}^{\left(3\right)}(1,1)$.

Similarly, the medium layer uses two rounds with $\tilde{\kappa }=\kappa ,\kappa +1$ and $\tilde{\sigma }={\sigma }_{\mathrm{M}3}^{\left(1\right)}(1,1),{\sigma }_{\mathrm{M}3}^{\left(2\right)}(1,1)$, respectively. The low layer performs a single diffusion with $\tilde{\kappa }=\kappa$ and $\tilde{\sigma }={\sigma }_{\mathrm{L}2}(1,1)$.

The precise operations of a single diffusion round are formalized in Algorithm 2, which takes the current fused matrix, the round-specific $\tilde{\kappa }$, and the first element $\tilde{\sigma }$ of the corresponding substitution matrix as inputs. By design, the algorithm’s mode selection and split-point computation are driven by these two values, enabling lightweight yet highly sensitive diffusion behavior tailored to each layer’s security requirements. Notably, the modular arithmetic in the diffusion operations is performed modulo $2^b$, where the bit-width b is layer-adaptive: $b=48$ for both the high- and medium-significance layers, and $b=32$ for the low-significance layer.

3.6. 2D Permutation with Adaptive Hybrid Substitution

Complementing the diffusion mechanism in Section 3.5, MIEA-CPHS employs a tightly integrated permutation–substitution step named 2D permutation with adaptive hybrid substitution. This operation is applied to each significance layer after every diffusion round, forming an alternating sequence of diffusion, permutation, and substitution, thereby enhancing security while maintaining high encryption efficiency.

Specifically, for the high-significance layer, three rounds of this operation are executed; for the mid-significance layer, two rounds; and for the low-significance layer, one round. Each invocation consumes four inputs: an input diffused pixel matrix, a permutation keystream $\tilde{\pi }$, a substitution matrix $\tilde{\sigma }$, and an adaptive control parameter $\tilde{\kappa }$. The precise procedure is formalized in Algorithm 3, which operates in three sequential phases:

• 2D Permutation: The input matrix is shuffled row-wise and column-wise using sorted indices derived from the permutation vector $\tilde{\pi }$.
• Segmented Modular Addition: The permuted matrix undergoes a three-segment horizontal (column-wise) modular addition, where segment boundaries are dynamically determined by $\tilde{\kappa }$.
• Adaptive Dual-Mode Substitution: Depending on $\tilde{\kappa }$, the result is either combined with $\tilde{\sigma }$ via modular addition or bitwise XOR, enabling a dual-mode, key-driven substitution mechanism.

Critically, the modulus used in all modular operations is layer-specific: $2^{48}$ for the high- and medium-significance layers, and $2^{32}$ for the low-significance layer. Round-specific inputs are used as follows:

• For the high-significance layer, the r-th permutation and substitution round ($r=1,2,3$) uses permutation keystream ${\pi }_{\mathrm{H}3}^{\left(r\right)}$, substitution matrix ${\sigma }_{\mathrm{H}3}^{\left(r\right)}$, and control parameter $\kappa +r$.
• For the medium-significance layer, the r-th round ($r=1,2$) uses ${\pi }_{\mathrm{M}3}^{\left(r\right)}$, ${\sigma }_{\mathrm{M}3}^{\left(r\right)}$, and $\kappa +r$.
• For the low-significance layer, a single round is performed using ${\pi }_{\mathrm{L}2}$, ${\sigma }_{\mathrm{L}2}$, and $\kappa +1$.

Algorithm 3 2D Permutation with Adaptive Dual-Mode Substitution in MIEA-CPHS.

Input:  An input matrix $\mathbf{P}$ of size $F_M\times F_N$, a permutation keystream $\tilde{\pi }$ of length $F_M+F_N$, a substitution matrix $\tilde{\sigma }$ of size $F_M\times F_N$, and the adaptive control parameter $\tilde{\kappa }$. Output:  The substituted and permuted output matrix $\mathbf{C}$ of size $F_M\times F_N$.   1: Compute row sorting indices: ${\pi }_r\leftarrow \mathrm{sort}\left(\tilde{\pi }(1:F_M)\right)$.   2: Compute column sorting indices: ${\pi }_c\leftarrow \mathrm{sort}\left(\tilde{\pi }(F_M+1:F_M+F_N)\right)$.   3: Apply 2D permutation: $\mathbf{C}\leftarrow \mathbf{P}({\pi }_r,{\pi }_c)$.   4: if $F_N<3$ then   5:     $\mathbf{C}\leftarrow (\mathbf{C}+3\tilde{\kappa })mod{2}^b$   6: else   7:     $q\leftarrow max(1,\lfloor F_N/4\rfloor )$   8:     $o_1\leftarrow \lfloor \tilde{\kappa }modq\rfloor$,    $o_2\leftarrow \lfloor \left(7\tilde{\kappa }\right)modq\rfloor$   9:     $j_1\leftarrow min\left(max(1,\lfloor F_N/4\rfloor +o_1),F_N-2\right)$ 10:     $j_2\leftarrow min\left(max(j_1+1,j_1+o_2),F_N-1\right)$ 11:     $\mathbf{C}(:,1:j_1)\leftarrow (\mathbf{C}(:,1:j_1)+2\tilde{\kappa })mod{2}^b$ 12:     $\mathbf{C}(:,j_1+1:j_2)\leftarrow (\mathbf{C}(:,j_1+1:j_2)+3\tilde{\kappa })mod{2}^b$ 13:     $\mathbf{C}(:,j_2+1:F_N)\leftarrow (\mathbf{C}(:,j_2+1:F_N)+4\tilde{\kappa })mod{2}^b$ 14: end if 15: if $\tilde{\kappa }mod3=2$ then 16:     $\mathbf{C}\leftarrow \mathbf{C}\oplus \tilde{\sigma }$ 17: else 18:     $\mathbf{C}\leftarrow (\mathbf{C}+\tilde{\sigma })mod{2}^b$ 19: end if

3.7. Brief Overview of the Decryption Process

The decryption process of MIEA-CPHS is the exact inverse of the encryption procedure, executed in reverse order using the same secret key K. Notably, the 48-bit adaptive control parameter $\kappa$, which governs keystream generation, diffusion, permutation, and substitution, is not derived from the (unknown) plaintext but is reconstructed by the receiver from the SHA-384 hash digest $\mathbf{h}$ that is transmitted alongside the ciphertext. Specifically, upon receiving $\mathbf{h}$, the receiver computes $\kappa$ via the same four-step procedure as in encryption. This allows all round-dependent parameters (e.g., $\tilde{\pi }$, $\tilde{\sigma }$, $\tilde{\kappa }$) to be correctly instantiated before decryption begins.

Each significance layer is then decrypted with the corresponding number of inverse rounds (three for high-, two for medium-, one for low-significance), followed by inverse hierarchical bit-plane fusion and tensor reshaping using the metadata $\mathcal{M}=(M,N,\mathbf{c})$ to recover the original images losslessly. After decryption, the receiver recomputes the hash from the recovered fused matrices and compares it with the received $\mathbf{h}$ to verify both data integrity and decryption correctness. Since all encryption operations are bijective and fully determined by the secret key K and the adaptive parameter $\kappa$, and since $\kappa$ can be exactly reconstructed from the received hash digest $\mathbf{h}$, the original plaintext is uniquely recoverable. Consequently, the decryption process is the exact inverse of encryption; its detailed description is omitted for brevity.

4. Experiments and Analyses

This section presents a comprehensive validation of the proposed MIEA-CPHS, evaluating its performance on two key dimensions: cryptographic security and practical efficiency. Security is assessed by the algorithm’s resilience against a suite of standard cryptanalytic attacks, while efficiency is quantified primarily by its encryption throughput. To ensure comparability and reproducibility, all experiments were conducted in a standardized environment: MATLAB R2017a on a computer equipped with an Intel E3-1231 processor (3.40 GHz) and 8 GB of RAM. Test images were drawn from the standard USC-SIPI image database. Furthermore, to guarantee an unbiased evaluation, secret keys were randomly generated for each independent security test.

4.1. Visual Analysis

Visual security requires that encrypted images reveal no discernible trace of the original content, appearing as pure noise to the human eye. To evaluate this property, our MIEA-CPHS was tested on five images with diverse resolutions and textures (Figure 7). As observed, all output ciphertexts exhibit visual randomness and contain no meaningful patterns. Moreover, decryption using the correct key perfectly reconstructs the original inputs, confirming that the MIEA-CPHS is both lossless and fully invertible.

4.2. Key Space

The security of an encryption algorithm against brute-force attacks hinges on the cardinality of its key space. A sufficiently large key space renders exhaustive key search computationally infeasible, thereby preventing successful brute-force attacks [47]. In contemporary cryptographic practice, a key space of at least $2^{128}$ is widely regarded as the minimum requirement for robust classical security. Furthermore, in the post-quantum era, this requirement is strengthened: to preserve a 128-bit security level against quantum-accelerated attacks, such as those based on Grover’s algorithm, a symmetric key space of size $2^{256}$ is now considered necessary [53].

As described in Section 3.1, the secret key $\mathcal{K}$ of MIEA-CPHS comprises nine components: the control parameters (${\theta }^{\left(1\right)},{\gamma }^{\left(1\right)},{\theta }^{\left(2\right)},{\gamma }^{\left(2\right)}$) and initial values ($x_0^{\left(1\right)},y_0^{\left(1\right)},x_0^{\left(2\right)},y_0^{\left(2\right)}$) for two independent instances of the 2D-CCHM-EP, and an integer transient length $\alpha$. The control parameters are drawn from the closed interval $[1,13]$, while the initial values lie in the open interval $(0,1)$. In the MIEA-CPHS, these eight real-valued components are implemented with a uniform numerical precision of ${10}^{-14}$. Under this precision, each control parameter admits approximately $1.2\times {10}^{15}$ distinct values, while each initial value supports ${10}^{14}$ possible values. The integer parameter $\alpha$ is selected from the practical range $[200,1200]$, yielding approximately ${10}^3$ possible values. Consequently, the total key space size $\left|\mathcal{K}\right|$ is given by

$$\begin{array}{cc}\hfill \left|\mathcal{K}\right|& ={\left(1.2\times {10}^{15}·1.2\times {10}^{15}·{10}^{14}·{10}^{14}\right)}^2·{10}^3\hfill \\ \hfill & ={\left(1.44\times {10}^{58}\right)}^2·{10}^3\hfill \\ \hfill & =2.0736\times {10}^{119}\approx 2^{397}.\hfill \end{array}$$

(29)

Since $\left|\mathcal{K}\right|\approx 2^{397}\gg 2^{256}$, the key space of MIEA-CPHS exceeds the post-quantum security threshold, rendering brute-force attacks infeasible even under quantum adversaries.

4.3. Key Sensitivity

A fundamental property of any secure cryptosystem is extreme sensitivity to its secret key. This requires that even a minimal alteration in the key must cascade to produce a completely different and uncorrelated ciphertext [54,55]. This behavior is the primary defense against differential attacks that attempt to deduce the key by comparing ciphertexts generated from closely related keys.

To evaluate the key sensitivity of MIEA-CPHS, we performed a controlled experiment whose results are presented in Figure 8. We began by defining a base secret key ${\mathcal{K}}^{\left(b\right)}$ with randomly chosen values from the valid key space:

$${\mathcal{K}}^{\left(b\right)}=\left\{\begin{array}{c}{\theta }^{\left(1\right)}=11.237885160869109,\hfill \\ {\gamma }^{\left(1\right)}=5.614888174719484,\hfill \\ x_0^{\left(1\right)}=0.112705677161724,\hfill \\ y_0^{\left(1\right)}=0.346717246178014,\hfill \\ {\theta }^{\left(2\right)}=2.842757828942319,\hfill \\ {\gamma }^{\left(2\right)}=7.668183447408417,\hfill \\ x_0^{\left(2\right)}=0.471700071387344,\hfill \\ y_0^{\left(2\right)}=0.520149028090077,\hfill \\ \alpha =531.\hfill \end{array}\right.$$

This key was used to encrypt the standard test image 5.1.11, yielding a reference ciphertext C. Next, we generated nine perturbed keys ${\mathcal{K}}_1$ through ${\mathcal{K}}_9$, each differing from ${\mathcal{K}}^{\left(b\right)}$ in only one component, modified by the minimal representable amount (i.e., ${10}^{-14}$ for floating-point parameters or $+1$ for the integer $\alpha$). Using these slightly altered keys, we re-encrypted the same image to obtain nine new ciphertexts $C_1$ to $C_9$, enabling a direct assessment of how minute key changes affect the encrypted output.

As shown in Figure 8b,(c1–c9), the base ciphertext C and nine example modified ciphertexts ($C_1$ to $C_9$) are all visually indistinguishable from random noise, completely obscuring the plaintext content. More importantly, Figure 8(d1–d9) shows the difference images. These difference images are also entirely random and unstructured, visually confirming that a minimal change in any single key component results in a completely different and unpredictable output ciphertext. This demonstrates that MIEA-CPHS possesses exceptionally high key sensitivity, rendering brute-force and key-differential attacks computationally infeasible.

4.4. Pixel Distribution

The capacity of an image cryptosystem to produce a highly uniform pixel distribution is a key indicator of its resistance to statistical cryptanalysis [47]. In Figure 9, the distribution plots of the original images exhibit distinct peaks and valleys, reflecting their content-dependent statistical characteristics. In contrast, the ciphertexts generated by MIEA-CPHS display nearly flat distributions, effectively concealing the original statistical structure and thereby thwarting distribution-based attacks.

Furthermore, we also employed the chi-square test to critically examine whether the pixel values in MIEA-CPHS’s ciphertexts follow a uniform distribution. The test statistic is given by

$$Q=\sum _{v=0}^{255}{\displaystyle \frac{{(N_v-N_{\exp })}^2}{N_{\exp }}}$$

(30)

where $N_v$ denotes the count of pixels with intensity v, and $N_{\exp }=R\times C/256$ is the expected count for each intensity level in an ideal uniform distribution, with R and C denoting the image height and width. Under a 0.05 significance level, the critical value is 293.2478 [56]. The results in

Table 5. Obtained Chi-square test scores on MIEA-CPHS (passed if <293.2478).

Size	Image	${\mathit{\chi }}^2$ Value	Passed or Not
$256\times 256$	5.1.12	228.0547	Yes
	5.1.13	256.9844	Yes
	5.1.14	247.1563	Yes
$512\times 512$	7.1.03	238.6699	Yes
	7.1.04	245.9668	Yes
	7.1.05	261.4297	Yes
$1024\times 1024$	5.3.01	267.5874	Yes
	5.3.02	229.7222	Yes
	7.2.01	210.9365	Yes

show that all computed Q values are substantially lower than this threshold, confirming that the output pixels are statistically uniform. Such uniformity significantly reduces the likelihood of successful statistical attacks based on pixel frequency analysis.

4.5. Shannon Entropy

The randomness of pixel values in a ciphertext image is commonly quantified using Shannon entropy, which serves as a key indicator of an encryption scheme’s ability to conceal statistical information [57]. For the digital images with 256 intensity levels, this metric is computed as [58]

$$\mathcal{H}=-\sum _{v=0}^{255}Pr\left(v\right)·{log}_{2}Pr\left(v\right),$$

(31)

where $Pr\left(v\right)$ indicates the frequency of intensity level v. An ideal random image has an entropy of 8, indicating maximal uncertainty. We encrypted eight test images using MIEA-CPHS and evaluated the resulting entropy values (see

Table 6. Shannon entropy analysis of eight images before and after encryption using MIEA-CPHS.

Size	Image	Plaintext	Ciphertext
$512\times 512$	5.2.08	7.2010	7.9994
	7.1.01	6.0274	7.9993
	7.1.04	6.1074	7.9993
	7.1.07	5.9916	7.9994
	7.1.10	5.9088	7.9994
$1024\times 1024$	5.3.01	7.5237	7.9999
	5.3.02	6.8303	7.9999
	7.2.01	5.6415	7.9998
	Avg.	6.4040	7.9996

). The results reveal that the ciphertext entropies are consistently above 7.999 and closely approach the theoretical maximum, while the plaintext values are substantially lower. This confirms that MIEA-CPHS produces highly randomized outputs, significantly enhancing security against entropy-based analysis.

4.6. Pixel Correlation

Natural images inherently exhibit strong inter-pixel statistical redundancies, which constitute a critical vulnerability exploitable by correlation-based cryptanalytic attacks [40]. Consequently, a secure image cryptosystem must thoroughly suppress these spatial dependencies to ensure robustness against such threats. We assessed this capability of MIEA-CPHS using the test images 4.2.05 and 4.2.07, analyzing their pixel correlations before and after encryption. Figure 10 reveals that the original images exhibit strong directional correlations, whereas the encrypted outputs display uniformly scattered, structure-free distributions across all tested orientations. These results indicate that our MIEA-CPHS effectively randomizes pixel relationships independent of the input content, fulfilling a key requirement for secure image encryption.

Furthermore, we numerically assessed the degree of correlation between neighboring pixels by using the standard correlation coefficient derived from probability theory, calculated as [59,60]

$$r={\displaystyle \frac{\mathrm{Cov}(u,v)}{\sqrt{\mathrm{Var}\left(u\right)·\mathrm{Var}\left(v\right)}}},$$

(32)

where u and v denote neighboring pixel intensities, $\mathrm{Cov}(·,·)$ is the covariance, and $\mathrm{Var}(·)$ is the variance. The obtained correlation coefficient values are summarized in

Table 7. Correlation coefficient for MIEA-CPHS.

Size	Name	Original Image			Encrypted Image
		Horizontal	Vertical	Diagonal	Horizontal	Vertical	Diagonal
$256\times 256$	5.1.10	0.8613	0.9051	0.8215	−0.0014	−0.0015	−0.0004
	5.1.12	0.9753	0.9519	0.9384	0.0015	−0.0014	0.0015
	5.1.14	0.8933	0.9474	0.8496	−0.0008	0.0008	0.0005
$512\times 512$	5.2.08	0.9026	0.9367	0.8754	−0.0011	0.0015	0.0007
	7.1.01	0.9200	0.9621	0.9048	0.0010	0.0002	0.0003
	7.1.04	0.9668	0.9768	0.9554	0.0006	−0.0001	−0.0012
$1024\times 1024$	5.3.01	0.9818	0.9761	0.9672	0.0011	0.0005	−0.0012
	5.3.02	0.9036	0.9133	0.8637	−0.0002	−0.0001	−0.0014
	7.2.01	0.9509	0.9641	0.9424	0.0015	−0.0002	−0.0007

. The results reveal that the original images have high coefficient absolute values (all >0.82), whereas the encrypted outputs show negligible absolute values (<0.0016) across all orientations. This dramatic reduction demonstrates the superior capability of MIEA-CPHS in eliminating spatial redundancy, thereby significantly enhancing its resistance to statistical cryptanalysis.

4.7. Differential Attacks

Differential cryptanalysis leverages minute plaintext perturbations to infer keystreams by observing corresponding ciphertext changes [61]. An effective image cryptosystem must therefore be highly sensitive to such perturbations. To evaluate the MIEA-CPHS, we generated two variants of image boat.512 by flipping a single bit in each (see Figure 11(b1,b2)), encrypted them, and computed their differences relative to the original ciphertext. After encryption, the differences between these ciphertexts and the original are indistinguishable from random noise (see Figure 11(f1,f2)). This outcome verifies that flipping a single bit triggers a complete random transformation in the output ciphertext, underscoring the strong resilience of MIEA-CPHS to differential cryptanalysis.

To rigorously evaluate the sensitivity of MIEA-CPHS under single-bit perturbations, we adopt two standard statistical measures. The normalized pixel change rate (NPCR) quantifies the percentage of ciphertext pixels that differ when a single bit in the plaintext is flipped, with an ideal value of 99.6094%. Separately, the unified average changing intensity (UACI) captures the average absolute difference in intensity between corresponding pixel pairs, for which the theoretical optimum is 33.4635%. For two pixel matrix $\mathbf{I}$ and ${\mathbf{I}}^{\prime }$ of size $R\times C$, these metrics are computed as

$$\left\{\begin{array}{c}\mathrm{NPCR}(\mathbf{I},{\mathbf{I}}^{\prime })={\displaystyle \frac{1}{R\times C}}{\displaystyle \sum _{i=1}^R}{\displaystyle \sum _{j=1}^C}D(i,j)\times 100\%,\hfill \\ \mathrm{UACI}(\mathbf{I},{\mathbf{I}}^{\prime })={\displaystyle \frac{1}{255\times R\times C}}{\displaystyle \sum _{i=1}^R}{\displaystyle \sum _{j=1}^C}\left|\mathbf{I}(i,j)-{\mathbf{I}}^{\prime }(i,j)\right|\times 100\%\hfill \end{array}\right.$$

(33)

where $D(i,j)=1$ if $\mathbf{I}(i,j)\ne {\mathbf{I}}^{\prime }(i,j)$, and $D(i,j)=0$ otherwise.

Table 8 and Table 9 summarize the differential analysis results. In each trial, one bit of a randomly chosen plaintext pixel was flipped. MIEA-CPHS achieves mean NPCR and UACI values of 99.61% and 33.46%, respectively, virtually matching their theoretical ideals (99.6094% and 33.4635%). Compared with three recent algorithms, it not only reaches closer to these benchmarks but also exhibits lower score variance across trials, confirming its strong and stable sensitivity to minimal plaintext perturbations.

To formally validate the statistical significance of these results, we conducted hypothesis tests at the significance level $\alpha =0.05$, following the rigorous framework established by Wu et al. [62]. Note that in randomness testing, the acceptance interval for $\alpha =0.05$ is narrower (i.e., stricter) than that for $\alpha =0.01$, requiring the experimental values to cluster more closely around the theoretical ideal. The critical threshold for NPCR (${\mathcal{N}}_{0.05}^{\ast }$) and the acceptance interval for UACI ($[{\mathcal{U}}_{0.05}^{\ast -},{\mathcal{U}}_{0.05}^{\ast +}]$) for the image sizes used in our experiments are as follows:

• For $256\times 256$: ${\mathcal{N}}_{0.05}^{\ast }=99.5693\%$, UACI interval: $[33.2824\%,33.6447\%]$.
• For $512\times 512$: ${\mathcal{N}}_{0.05}^{\ast }=99.5893\%$, UACI interval: $[33.3730\%,33.5541\%]$.
• For $1024\times 1024$: ${\mathcal{N}}_{0.05}^{\ast }=99.5994\%$, UACI interval: $[33.4183\%,33.5088\%]$.

As shown in Table 8 and Table 9, all NPCR values obtained by MIEA-CPHS exceed their respective critical thresholds, and all UACI values fall strictly within the theoretical acceptance intervals, thereby passing the statistical tests at the $5\%$ significance level.

Table 8. NPCR values (%) achieved by MIEA-CPHS and three recent algorithms.

Size	Image	[63]	[64]	[65]	MIEA-CPHS
$256\times 256$	5.1.09	99.5938	99.6140	99.5865	99.5932
	5.1.10	99.5910	99.6246	99.6124	99.6094
	5.1.11	99.6353	99.6094	99.6155	99.6140
	5.1.12	99.6078	99.6155	99.6063	99.5942
	5.1.13	99.5986	99.6058	99.6094	99.6109
$512\times 512$	5.2.08	99.6124	99.6151	99.5895	99.6155
	7.1.01	99.6128	99.5945	99.6231	99.6048
	7.1.03	99.6158	99.6025	99.6067	99.6181
	7.1.05	99.6086	99.5907	99.6174	99.6044
	7.1.07	99.6120	99.6018	99.6304	99.6185
$1024\times 1024$	5.3.01	99.6023	99.6170	99.6082	99.6199
	5.3.02	99.6170	99.6197	99.6046	99.6109
	Avg	99.6090	99.6092	99.6092	99.6095
	Std. Dev.	0.0119	0.0103	0.0124	0.0089

Table 8. NPCR values (%) achieved by MIEA-CPHS and three recent algorithms.

Size	Image	[63]	[64]	[65]	MIEA-CPHS
$256\times 256$	5.1.09	99.5938	99.6140	99.5865	99.5932
	5.1.10	99.5910	99.6246	99.6124	99.6094
	5.1.11	99.6353	99.6094	99.6155	99.6140
	5.1.12	99.6078	99.6155	99.6063	99.5942
	5.1.13	99.5986	99.6058	99.6094	99.6109
$512\times 512$	5.2.08	99.6124	99.6151	99.5895	99.6155
	7.1.01	99.6128	99.5945	99.6231	99.6048
	7.1.03	99.6158	99.6025	99.6067	99.6181
	7.1.05	99.6086	99.5907	99.6174	99.6044
	7.1.07	99.6120	99.6018	99.6304	99.6185
$1024\times 1024$	5.3.01	99.6023	99.6170	99.6082	99.6199
	5.3.02	99.6170	99.6197	99.6046	99.6109
	Avg	99.6090	99.6092	99.6092	99.6095
	Std. Dev.	0.0119	0.0103	0.0124	0.0089

Table 9. UACI values (%) achieved by MIEA-CPHS and three recent algorithms.

Size	Image	[63]	[64]	[65]	MIEA-CPHS
$256\times 256$	5.1.09	33.5381	33.4780	33.4424	33.3952
	5.1.10	33.4521	33.4174	33.4631	33.5140
	5.1.11	33.5348	33.4891	33.4394	33.5188
	5.1.12	33.4535	33.5213	33.4703	33.4355
	5.1.13	33.4640	33.5093	33.5157	33.4553
$512\times 512$	5.2.08	33.4030	33.3891	33.5789	33.4364
	7.1.01	33.4582	33.4022	33.4053	33.4781
	7.1.03	33.5914	33.5162	33.5168	33.5263
	7.1.05	33.4521	33.5354	33.5248	33.4606
	7.1.07	33.5259	33.4824	33.4218	33.4499
$1024\times 1024$	5.3.01	33.4238	33.4994	33.3963	33.4352
	5.3.02	33.4290	33.3923	33.4247	33.4589
	Avg	33.4772	33.4693	33.4666	33.4637
	Std. Dev.	0.0568	0.0539	0.0562	0.0393

Table 9. UACI values (%) achieved by MIEA-CPHS and three recent algorithms.

Size	Image	[63]	[64]	[65]	MIEA-CPHS
$256\times 256$	5.1.09	33.5381	33.4780	33.4424	33.3952
	5.1.10	33.4521	33.4174	33.4631	33.5140
	5.1.11	33.5348	33.4891	33.4394	33.5188
	5.1.12	33.4535	33.5213	33.4703	33.4355
	5.1.13	33.4640	33.5093	33.5157	33.4553
$512\times 512$	5.2.08	33.4030	33.3891	33.5789	33.4364
	7.1.01	33.4582	33.4022	33.4053	33.4781
	7.1.03	33.5914	33.5162	33.5168	33.5263
	7.1.05	33.4521	33.5354	33.5248	33.4606
	7.1.07	33.5259	33.4824	33.4218	33.4499
$1024\times 1024$	5.3.01	33.4238	33.4994	33.3963	33.4352
	5.3.02	33.4290	33.3923	33.4247	33.4589
	Avg	33.4772	33.4693	33.4666	33.4637
	Std. Dev.	0.0568	0.0539	0.0562	0.0393

4.8. Robustness Analysis

During storage or transfer, ciphertext pixels are prone to corruption or loss, making robustness a critical requirement for image cryptosystems [64]. To evaluate the resilience of MIEA-CPHS against ciphertext degradation, we conducted targeted experiments simulating noise attacks and data loss scenarios.

First, we intentionally injected salt-and-pepper noise into the ciphertext of image 2.1.05 at different intensity levels. The noise intensity is characterized by the noise density $\eta$. Specifically, we tested $\eta \in \{2\%,4\%,6\%,8\%\}$ (see the first row of Figure 12). Subsequently, all ciphertext images were decrypted using MIEA-CPHS. As shown in Figure 12, even under severe noise corruption (up to $\eta =8\%$), the decrypted outputs retain sufficient structural fidelity for human interpretation. While perceptual quality declines progressively with increasing noise density, the core semantic features remain largely intact. This demonstrates that MIEA-CPHS exhibits good resilience to noise attacks, confirming its suitability for applications where ciphertext integrity may be compromised.

Analogously, data loss scenarios were simulated by excising multiple regions from the ciphertext of image 4.2.03. The resulting truncated ciphertexts and their respective reconstructions after decryption are displayed in Figure 13. Notably, the fidelity of the recovered images diminishes with increasing data removal. Nevertheless, even when a significant portion (a central block of size $288\times 288$) is removed, the essential visual semantics of the source image remain perceptible. This outcome underscores the good resilience of MIEA-CPHS to data loss attacks.

4.9. Resistance to Common Attack Models

Cryptanalytic attacks are conventionally classified into four levels based on the adversary’s available resources: ciphertext-only attack (COA), known-plaintext attack (KPA), chosen-plaintext attack (CPA), and chosen-ciphertext attack (CCA) [56]. Among these, CPA and CCA constitute the most stringent threat models, as they allow the attacker to adaptively probe the cryptosystem with specific inputs to extract the static secret key or equivalent keystreams. Consequently, a cryptosystem that resists CPA and CCA is inherently secure against the weaker KPA and COA scenarios.

The proposed MIEA-CPHS achieves robust resistance against these attacks through its hash-based adaptive control mechanism, centered on the 48-bit parameter $\kappa$. As defined in Section 3.3 (Equation (16)), $\kappa$ is derived from the SHA-384 hash digest h of the fused plaintext. Critically, the parameter $\kappa$ governs all subsequent primitives—including hyperchaotic keystream generation (Section 3.4), adaptive dual-mode vector-level hybrid diffusion (Section 3.5), and 2D permutation with adaptive hybrid substitution (Section 3.6). This creates a one-time-pad-like effect where the operational keystreams are unique to each input instance.

In a CPA scenario, an adversary chooses specific plaintexts (e.g., low-entropy images) and analyzes their corresponding ciphertexts to infer the internal state. However, MIEA-CPHS employs a plaintext-dependent keystream generation strategy that neutralizes this attack:

• Every distinct chosen plaintext $P_{\mathrm{chosen}}$ yields a unique hash digest, resulting in a unique control parameter ${\kappa }_{\mathrm{chosen}}$.
• This ${\kappa }_{\mathrm{chosen}}$ drives the MIEA-CPHS to generate a specific set of permutation and substitution keystreams exclusive to $P_{\mathrm{chosen}}$.
• Due to the collision resistance and avalanche effect of SHA-384, even a single-bit difference between the chosen plaintext and the target plaintext $P_{\mathrm{target}}$ results in ${\kappa }_{\mathrm{chosen}}\ne {\kappa }_{\mathrm{target}}$. Consequently, the keystreams derived from the chosen input are mathematically uncorrelated with those used for the target, rendering the analysis of chosen plaintexts useless for cracking the target ciphertext.

In a CCA, the adversary submits forged or chosen ciphertexts to a decryption oracle to extract key information. In MIEA-CPHS, the decryption process is strictly bound to the received hash digest h.

• To decrypt a chosen ciphertext $C_{\mathrm{chosen}}$, the receiver (or oracle) must use the accompanying $h_{\mathrm{chosen}}$ to reconstruct ${\kappa }_{\mathrm{chosen}}$.
• The resulting decryption keystreams are valid only for that specific $(C_{\mathrm{chosen}},h_{\mathrm{chosen}})$ pair.
• Any information gained from this decryption cannot be generalized to other ciphertexts, as the underlying dynamic parameter $\kappa$ changes with every hash value. Thus, the static secret key $\mathcal{K}$ remains protected.

In summary, the SHA-384-driven adaptive feedback loop ensures that MIEA-CPHS effectively resists CPA, CCA, KPA, and COA, meeting the high security standards required for modern image transmission.

4.10. Efficiency Analysis

In high-throughput application scenarios such as telehealth, social media, and cloud services, encryption efficiency is also a critical consideration. To address the growing demand for fast and secure image transmission, MIEA-CPHS achieves high encryption efficiency through a series of architectural innovations [47]. It employs a lightweight hyperchaotic map to generate keystreams with minimal computational and resource overhead. Meanwhile, a significance-aware bit splitting and recombination mechanism reduces computational burdens without sacrificing security. Strategically, hash values are utilized to eliminate redundant regeneration of chaotic sequences. Finally, vectorized encryption processing is adopted to significantly boost the encryption throughput, ensuring that the MIEA-CPHS can better meet the encryption efficiency requirements for various high-throughput applications.

When encrypting an image of resolution $M\times N$, all rationally engineered encryption schemes inherently exhibit linear time complexity relative to the total number of pixels, i.e., $\Theta (M\times N)$, since each pixel requires cryptographic transformation. Thus, the distinction among such methods does not lie in their theoretical complexity class but rather in their practical computational overhead. To objectively underscore the superior computational efficiency of MIEA-CPHS, we conducted a set of comparative experiments under strictly controlled computational environments. This ensured that any observed performance differences could not be attributed to variations in hardware specifications or software settings.

Table 10. Average encryption time (in seconds) of MIEA-CPHS versus four recent algorithms.

Algorithm	$256\times 256\times 3\times 2$	$512\times 512\times 3\times 2$	$1024\times 1024\times 3\times 2$
[56]	0.4677	1.8929	8.0234
[40]	0.2509	1.1647	5.5240
[66]	0.1944	0.9828	5.4708
[65]	0.1338	0.5676	2.3916
MIEA-CPHS	0.0314	0.1352	0.6111

and

Table 11. Average encryption throughput (in Mbps) of MIEA-CPHS versus four recent algorithms.

Algorithm	$256\times 256\times 3\times 2$	$512\times 512\times 3\times 2$	$1024\times 1024\times 3\times 2$	Average
[56]	6.4144	6.3395	5.9825	6.2454
[40]	11.9570	10.3031	8.6894	10.3165
[66]	15.4321	12.2100	8.7739	12.1387
[65]	22.4215	21.1416	20.0702	21.2111
MIEA-CPHS	95.5414	88.7574	78.5469	87.6152

present a performance comparison between MIEA-CPHS and four recently proposed algorithms. At three standard input dimensions, MIEA-CPHS exhibited significantly faster execution. It takes an average of only 0.6111 s to encrypt two $1024\times 1024$ color images, achieving a total average throughput of up to 87.6152 Mbps. Evidently, compared with many recently reported encryption algorithms, MIEA-CPHS can better meet the efficiency requirements of various high-throughput applications.

5. Conclusions

This paper addresses a fundamental challenge in secure visual communication: designing image encryption systems that simultaneously ensure high security and computational efficiency. To overcome the limitations of existing schemes, namely, weak chaotic dynamics and deficient cryptographic architectures, we introduce a new 2D hyperchaotic map called 2D-CCHM-EP. By incorporating exponential parameters and strengthening interdependence among state variables, we theoretically establish that the 2D-CCHM-EP exhibits strict local expansiveness across its entire parameter space, effectively suppressing periodic windows and ensuring robust hyperchaotic behavior. Comprehensive numerical analyses, including bifurcation diagrams and phase-space trajectories, validate this aperiodicity and ergodicity. Moreover, the 2D-CCHM-EP demonstrates clear superiority over several recently reported chaotic maps, yielding significantly higher LEs and Kolmogorov–Sinai entropy. It also successfully passes all NIST SP 800-22 randomness tests, verifying the statistical independence of the generated sequences and confirming its status as a highly reliable entropy source for cryptographic applications.

Leveraging this robust chaotic source, we developed the MIEA-CPHS, a multi-image encryption algorithm that employs a novel hierarchical significance-aware encryption strategy. This innovative architecture decomposes image data into high-, medium-, and low-significance layers, applying differentiated encryption rounds (three, two, and one, respectively), thereby optimally balancing security and speed. The algorithm further integrates an SHA-384-based adaptive parameter generation mechanism with high-performance vector-level diffusion, permutation, and substitution operations. Extensive security analyses confirm the algorithm’s outstanding performance: it achieves near-ideal Shannon entropy (>7.999), near-zero pixel correlation (<0.0016), and outstanding resistance to differential attacks (NPCR $\approx 99.61\%$, UACI $\approx 33.46\%$). Notably, its hierarchical and vectorized design enables an average encryption throughput of 87.6152 Mbps. Regarding algorithmic complexity, while the theoretical time complexity remains linear $\Theta (M\times N)$, our strategy optimizes the practical computational load by allocating intensive operations only to high-significance data, distinguishing it from uniform encryption schemes. This exceptional balance makes MIEA-CPHS highly suitable for modern high-throughput applications like secure cloud storage and real-time media transmission.

Future research will focus on three promising avenues. First, we will develop hardware-efficient implementations of both the 2D-CCHM-EP map and the MIEA-CPHS algorithm, specifically investigating the system’s behavior under varying hardware precisions (e.g., finite-precision effects on FPGAs) to ensure robustness against degradation. Second, the hierarchical significance-aware framework will be extended to heterogeneous data modalities, such as video sequences and 3D medical imaging, where adaptive, layer-specific security can significantly enhance both efficiency and protection. Finally, we intend to generalize the underlying chaotic dynamics by constructing higher-dimensional variants of the 2D-CCHM-EP, and further quantify the statistical independence between generated sequences under different sampling conditions, thereby strengthening the cryptographic foundation through even greater complexity and entropy.