A Novel Chaos-Based Image Encryption Scheme by Using Randomly DNA Encode and Plaintext Related Permutation

: To ensure the security and privacy of digital image when its transmitting online or storing in the cloud, we proposed a novel chaos based image encryption scheme by using randomly DNA encode and plaintext related permutation. In our scheme, we ﬁrst randomly encode plain image into a nucleotide sequence under the control by the piecewise linear chaotic map(PWLCM). After that, the plaintext related permutation would be done under the control sequence which generated by hyper chaotic Lorenz system (HCLS). Next, we make diffusion processing with key DNA sequence which is generated by another PWLCM system and also encoded randomly. Finally, we decode DNA sequence into cipher image matrix. In addition, we used many common security analysis methods to test our scheme, and the result compared with other works. The tests and comparison results are shown that our proposed image cryptosystem has excellent security performance to ensure the digital image security on communication.


Introduction
With the popularity of smart phones, digital images are becoming one of the most important data formats in our daily life, and it is easier to get than in the old days. However, security issues arise when these images need to be transferred over the internet or stored on the cloud, especially some of them contain privacy. Moreover, digital images are also used in many sensitive areas such as medical, national defense and legal affairs. Therefore, the security of digital images is becoming an eye-catching issue for many researchers [1][2][3].
As we all know, encryption is the most easy way to protect information security, and there are many excellent algorithms for encrypting text structure data which play important roles for protecting data security in network communication, e.g., DES, AES, RSA, etc. Unfortunately, those algorithms weakly adapt to the image data characteristics, such as high redundancy, strong correlation between pixels, etc. As a result, text structure encryption algorithms are not good at image encryption, and may cause some problems such as low efficiency, contour information leakage, etc. [4,5].
Chaos systems which were first proposed by Lorenz [6] have many good characteristics, e.g., sensitivity of initial values and parameters, etc., are very suitable for designing an image cryptosystem. The first chaotic cryptosystem is proposed by Matthews [7] who is a British scientist. After that, the chaotic system was beginning to be used to design image encryption systems. Usually, chaotic image encryption schemes use chaotic systems to generate key stream or some scrambling control sequences or nonlinear components, and then do permutation and diffusion to plain image to generate cipher image. In recent years, there are many image encryption schemes based on chaotic systems proposed to the public [8][9][10][11][12][13].
DNA computing was first proposed by Adleman [14] in 1994. After then, DNA computing had found some good characteristics such as ultra-high information density, great parallelism and ultra-low energy consumption. Gehani et al. [15] was first proposed the DNA computing in designing image cryptosystem. After Gehani, many image encryption schemes based on DNA computing appeared in public [16][17][18][19][20][21]. Zhang et al. [22] found that if the algorithm adopts binary coding, the coding efficiency is low, and it would be easy cracked when cryptosystem is not related to plain image. Xie et al. [23] found that an image encryption system based on DNA computing must contain diffusion part, if only scramble processing would not be security. Liu et al. [24] cracked an DNA computing based encryption system, and found that image cryptosystem must be able to resist differential attack, otherwise can reconstruct the equivalent key by part of known plaintext attack.
Recently, some interesting works on image encryption by using DNA computing. Wang et al. [16] proposed an image encryption scheme based on coupled map lattices and DNA encoding. In this scheme, rows and columns cyclic shift operation is used to scramble the image DNA matrix. The diffusion performance is good, however, the sensitivity of plaintext seems a little weak. Zefreh [20] proposed an image encryption scheme using DNA computing and hash function. This scheme related plaintext by hash function to make image cryptosystem has enough sensitivity to resist differential attack. However, the hash value of plain image also needs to transfer to the decryption part, it is harmful for key management. Babaei et al. [21] proposed a DNA computing based image encryption scheme using cellular automata. This scheme is cleverly designed but real security key only the initial value of logistic map, that it is hard to resist brute force attack.
To overcome the shortage mentioned above, we proposed a novel chaos-based image encryption scheme by using randomly DNA encode and plaintext related permutation. The main contribution of this paper is that we designed a reversible plaintext related permutation algorithm that the information of plain image also can directly calculated in the decryption part without transmitting from the encryption part. In addition, the reversible plaintext related permutation makes our image cryptosystem have enough sensitivity of plain image to against differential attack. Furthermore, chaos controlled randomly DNA encode and decode could make better diffusion performance. The detailed contributions of this paper are as follows: (1) A novel reversible plaintext related permutation method was given, (2) A novel image encryption scheme using randomly DNA encode and plaintext related permutation was given, (3) The detailed security analysis of our scheme was given.
The organization of this paper is as follows: In Section 2, the basic knowledge of chaotic system and DNA calculation used in this paper is given. In Section 3, the details of our proposed image encryption scheme are given. In Section 4, the simulation and some common security analysis of our scheme are given. In Section 5, the conclusion of this paper is given.

Chaotic Systems
In our scheme, chaotic systems are used to generate the control sequences for DNA encoding, permutation, diffusion, etc. There are two types of chaotic systems used in our image cryptosystem: the piecewise linear chaotic map (PWLCM) and the hyper chaotic Lorenz system (HCLS). PWLCM is used in controlling the DNA random encode process and generating key sequence. HCLS is used in controlling the permutation process.
The PWLCM [25] is given by where p ∈ (0, 0.5) is a parameter of PWLCM. The HCLS [26] is given by where a, b, c and γ are parameters of this hyper chaotic system. When a = 10, b = 8/3, c = 28 and γ ∈ [−1.52, −0.06], the system is chaotic and its attractors are shown in Figure 1.

DNA Operations
There are 4 kinds of nucleic acid bases in a DNA sequence: adenine (A), guanine (G), cytosine (C) and thymine (T). In the rules of Watson-Crick base pairing, adenine and thymine are a complementary pair, cytosine and guanine are a complementary pair. Thus, there are only 8 kinds of encoding modes satisfied with this complementary rule, the details are shown in Table 1. Every two bits can be encoded into one of the nucleic acid bases. For example, if we select rule 1 which is shown in Table 1, then '00', '11', '10' and '01' can be encoded into 'A', 'T', 'C' and 'G', respectively. Therefore, the M × N 8-bits gray image can be encoded as a 4MN length nucleotide string. There are three types of operations of DNA computing, addition operation rules are given in Table 2, the subtraction operation rules can be seen in Table 3 and the XOR operation rules are shown in Table 4.   Table 4. XOR operation of DNA code.

Encryption Scheme
The block diagram of the encryption scheme is shown in Figure 2, the detailed processes are as follows: Step 1: Input an 8-bit gray level plain image P with size of M × N, and an initial key K into the encryption scheme.
Step 2: Input initial key K into Algorithm 1 to generate a rules selection control sequence RSCS.
Step 3: Change the plain image matrix P into an array PA by rows.
Step 4: Input image array PA and rules selection control sequence RSCS into Algorithm 2 to randomly encode the image array PA under the DNA encode rules which are shown in Table 1, and generate an image DNA sequence IDS.
Step 5: Input image DNA sequence IDS and initial key K into Algorithm 3 to generate permutation control sequence PCS.
Step 6: Input image DNA sequence IDS and permutation control sequence PCS into Algorithm 4 to do plaintext related permutation, and get a permutated image sequence PIS.
Step 7: Put initial key K and rules selection control sequence RSCS into Algorithm 5 to generate a key DNA sequence KDS.
Step 8: Input permutated image sequence PIS and key DNA sequence KDS into Algorithm 6 to do DNA diffusion operation, and generate a diffused sequence DS.
Step 9: Put diffused sequence DS and rules selection control sequence RSCS into Algorithm 7 to decode DNA sequence to a recovered image array RIA.
Step 10: Reshape recovered image array RIA as M × N to a cipher image matrix C.
Step 11: Output cipher image C and the encryption process is finished.
Algorithm 1 Generation algorithm of rules selection control sequence (RSCS). (1) to generate a sequence X by iterating.
Algorithm 2 DNA random encode algorithm.
INPUT rules selection control sequence RSCSand data array A Build a DNA encode rules table RT (see Table 1). Change data array A to a bit array AB len ← Length(AB); n ← 1

Algorithm 3 Generation algorithm of permutation control sequence (PCS).
INPUT image DNA sequence IDS and initial key K Build a DNA addition operation table AT (see Table 2), a DNA XOR operation table XT (see Table 4).
) Put x 0 , y 0 , z 0 , w 0 into Equation (2) to generate a sequence X by iterating. PCS = mod( f loor(X × 10 15 ), len) Remove the repeated elements from PCS, and then put the absent numbers at the end. OUTPUT permutation control sequence PCS

Algorithm 4 Permutation/Reverse permutation algorithm.
INPUT image DNA sequence IDS and permutation control sequence PCS.
Algorithm 5 Generation algorithm of key DNA sequence (KDS).
INPUT initial key K and rules selection control sequence RSCS. (1) to generate a sequence X by iterating. DSA = mod( f loor(X × 10 15 ), 256) Input RSCS and DSA into Algorithm 2, then output DNA sequence KDS.
OUTPUT key DNA sequence KDS.

Algorithm 6 DNA diffusion algorithm.
INPUT permutated image sequence PIS and key DNA sequence KDS. Build a DNA addition operation table AT (see Table 2) and a DNA XOR operation table XT (see Table 4). INPUT DNA sequence DS and rules selection control sequence RSCS. Build a DNA encode rules table RT (see Table 1). len ← Length(DS); n ← 1 NS ← NULL for l = 1 to len do NS(n, n + 1) ← RT(DS(i), RSCS(i)) n ← n + 2 end for Change bit sequence NS to a numerical array NA by each 8 bits.
OUTPUT numerical array NA.

Decryption Scheme
The block diagram of decryption scheme is shown in Figure 3, the detailed processes are as follows: Step 1: Input a cipher image C, and an initial key K into the decryption scheme.
Step 2: Put initial key K into Algorithm 1 to generate a rules selection control sequence RSCS.
Step 3: Change the plain image matrix C into an array CA by rows.
Step 4: Input image array CA and rules selection control sequence RSCS into Algorithm 2 to randomly encode the image array CA under the DNA encode rules which are shown in Table 1, and generate a cipher image DNA sequence CIDS.
Step 5: Put initial key K into Algorithm 5 to generate a key DNA sequence KDS.
Step 6: Input cipher image DNA sequence CIDS and key DNA sequence KDS into Algorithm 8 to do reverse DNA diffusion operation, and generate a reverse diffused sequence RDS.

Algorithm 8 Reverse DNA diffusion algorithm.
INPUT cipher image DNA sequence CIDS and key DNA sequenceKDS. Build a DNA substraction operation table ST(see Table 3) and a DNA XOR operation table XT (see Table 4). Step 7: Input reverse diffused sequence RDS and initial key K into Algorithm 3 to generate permutation control sequence PCS.
Step 8: Input reverse diffused sequence RDS and permutation control sequence PCS into Algorithm 4 to do reverse permutation, and get a reverse permutated image sequence RPIS.
Step 9: Put reverse permutated image sequence RPIS and rules selection control sequence RSCS into Algorithm 7 to decode DNA sequence to a recovered image array RIA.
Step 10: Reshape recovered image array RIA as M × N to a cipher image matrix P.
Step 11: Output decrypted image P and the decryption process is finished.

Simulation and Security Analysis
In this section, we evaluate our proposed scheme by software simulation, and all of the simulation and security tests are implemented in MATLAB R2016a. Our tests were worked on a personal computer with Inter(R) Core i5-8500 CPU 3.00 GHz, 8 GB memory and the software was run on the operation system of Window 10 home edition. For simulation, we select initial key as 'FE02DE31AB456ACFB223013CADAB589092342FEFD' in hexadecimal, and parameters of hyper chaotic system which, given in Equation (2), are a = 10, b = 8/3, c = 28 and γ = −1. The images for testing are 512 × 512 pixels with 8-bit gray level. The simulation results are shown in Figure 4. The plain images of 'Lena', 'Baboon', 'Pepper', 'Airplane' and 'Lake' are shown in Figure 4a-e, the corresponding cipher images are shown in Figure 4f-j and the recovery images from decryption are shown in Figure 4k-o. In the following subsections, we provide several commonly used security test result to prove our proposed image encryption scheme has an excellent security performance.

Key Space Analysis
Key space is an important security index to evaluate the cryptosystem on whether it has enough capability to resist a brute-force attack. In our scheme, we use two PWLCM systems for generating DNA random encode rules selection sequence and key stream, and use the HCLS system for generating the permutation control sequence. The true keys of our cryptosystem are two parameters p ∈ (0, 0.5) and two initial values x ∈ (0, 1) of two PWLCM systems, and four initial values x 0 ∈ (−40, 40), y 0 ∈ (−40, 40), z 0 ∈ (1, 81), w 0 ∈ (−250, 250) of the HCLS system. We suppose the change step of each initial value and parameter is 10 −15 , the key space of our proposed cryptosystem can be calculated as S = (0.5 × 10 15 ) 2 × (1 × 10 15 ) 2 × (80 × 10 15 ) 3 × (500 × 10 15 ) = 6.4 × 10 127 ≈ 2 424 . The key space is required to be at least 2 100 to protect from a brute-force attack [16], and our key space is large enough for security.

Differential Attack
The sensitivity of plain image is a very important index to an image cryptosystem, and it can help cryptosystem to resist the differential attack which is a kind of chosen-plaintext attack. The differential attack usually changes the value of one pixel in the plain image, and compares the difference between two corresponding cipher images. There are two features to evaluate the sensitivity of the plain image: number of pixels change rate (NPCR) and unified average changing intensity (UACI) [8,27]. The NPCR and UACI are calculated by Equations (3) and (4), respectively.
where C 1 (i, j) and C 2 (i, j) are the cipher images which correspond two one-pixel different images. M and N are the height and width of those images, respectively. The NPCR calculates the percentage of pixels which are different values at the same position between C 1 (i, j) and C 2 (i, j). The UACI is a quantitative assessment of the average distance between two pixels at the same position in C 1 (i, j) and C 2 (i, j).
To evaluate the NPCR and UACI results, the critical value is given by Wu et al. [28]. For a significance level α, a critical value of NPCR is given by: where H represents the total number of pixels in an image, Q represents the largest allowed pixel value in the image. An image encryption scheme can be considered to pass the NPCR if the obtained NPCR is larger than N * α . The critical interval (U * − α , U * + α ) of UACI is given by: where and If the UACI value falls into interval (U * − α , U * + α ), it means that the two test images have much difference. When the size of test image is 512 × 512 and the significance level α = 0.05, the critical value of NPCR is N * 0.05 = 99.5893% and the critical interval of UACI is (U * − 0.05 , U * + 0.05 ) = (33.3730%, 33.5541%). For this test, we randomly changed one pixels' value from plain images, and calculated the NPCR and UACI. We test NPCR and UACI 100 times, and the test results are shown in Table 5. The expectation of NPCR and UACI between two random images are given in Equations (9) and (10), respectively.
where L is the gray level of test images. If the test images are 8-bit gray levels, the expectation of NPCR is 99.6094%, and the expectation of UACI is 33.4635%. In Table 5, the average of NPCR is higher than 99.6094% and the average of UACI is close to 33.4635%. The test result means that our proposed image cryptosystem is secure enough to resist the differential attack.

Histogram Analysis
Statistical indiscernibility is one of the important indexes to measure the quality of a cipher image. A good cipher image, which can resist statistical analysis, should have a uniform histogram at each gray level. The histogram analysis results are shown in Figure 5. The test plain images of 'Lena', 'Baboon', 'Pepper', 'Airplane' and 'Lake' are shown in Figure 5a-e, and the corresponding histograms in Figure 5f-j. The corresponding ciphers are in Figure 5k-o, and the corresponding histograms of these cipher images are in Figure 5p-t. We use chi-squared test to evaluate the uniformity of encrypted image's histogram. When we set the significance level α = 0.05, chi-squared test results of cipher images are given in Table 6. According to our histogram analysis results, our proposed cryptosystem has good diffused property to resist the statistical attack.

Correlation Coefficient
Correlation coefficient analysis is a measurement of the correlation among the adjacent pixels in the image. The encryption process should break the correlation of adjacent pixels; therefore, the less correlation among adjacent pixels in the cipher image, the better the security.
The correlation coefficient is given in Equation (11).
where a and b are two gray values of adjacent pixels, and  For this test, 10,000 pairs of adjacent pixels have been randomly selected from plain images and corresponding cipher images. The test results are shown in Table 7. The correlation distributions are shown in Figure 6 and the rows (a)-(e) corresponds to images of 'Lena', 'Baboon', 'Pepper', 'Airplane' and 'Lake', respectively; the column (1) shows corresponding plain images; columns (2)- (4) correspond to the plain images' distributions of 'horizontal direction', 'vertical direction' and 'diagonal direction', respectively; column (5) is the corresponding cipher images by encryption, and columns (6)- (8) correspond to the cipher images' distributions of 'horizontal direction', 'vertical direction' and 'diagonal direction', respectively.  Figure 6. Correlation distributions. Rows (a)-(e) correspond to images of 'Lena', 'Baboon', 'Pepper', 'Airplane' and 'Lake', respectively; Column (1) shows the corresponding plain images; Columns (2)-(4) correspond to the plain images' distributions of 'horizontal direction', 'vertical direction' and 'diagonal direction', respectively; Column (5) is the corresponding cipher images by encryption; Columns (6)- (8) correspond to the cipher images' distributions of 'horizontal direction', 'vertical direction' and 'diagonal direction', respectively.

Key Sensitivity Analysis
Key sensitivity is the basic requirement of image cryptosystem security, and it can reflect the performance of diffusion. For this test, we select 'Lena' to be the test image. Firstly, we encrypt 'Lena' using initial key, which was declared at the beginning of Section 4, and denote the cipher image as C1. C1 was used as the benchmark for comparison experiments, then we modify a parameter or initial value of the chaotic system which are the real keys of our proposed scheme. In the first test, we modify a parameter of PWLCM which is used in generating the rules selection control sequence as p = p + 10 −15 , and denote the corresponding cipher image as C2. In the second test, we modify the initial value of PWLCM which is used in generating key sequence as x = x + 10 −15 , and denote the corresponding cipher image as C3. In the third test, we modify the initial value of hyper chaotic Lorenz system which is used in permutation as x 0 = x 0 + 10 −15 , and denote the corresponding cipher image as C4. In the fourth test, we modify the initial value of hyper chaotic Lorenz system as y 0 = y 0 + 10 −15 , and denote the corresponding cipher image as C5. The test result is shown in Figure 7. The difference between C1 and C2 is shown in Figure 7g, the difference between C1 and C3 is shown in Figure 7h, the difference between C1 and C4 is shown in Figure 7i and the difference between C1 and C5 is shown in Figure 7j.
We also use NPCR and UACI to quantitatively measure the difference between cipher images. The result is shown in Table 8. According to this test result, our proposed image cryptosystem has enough key sensitivity.

Global Shannon Entropy
The degree of uncertainty of a cipher image can reflect the diffusion performance of an image cryptosystem, and the global information entropy is a measurement to indicate the uncertainty degree of the whole image information. The global information entropy is given in Equation (15).
where K is the bit depth of the test image, e.g., K = 8 for an 8-bit gray image, and P(s i ) means the probability of s i . In the ideal case, the information entropy of 8-bit gray image is H(s) = 8 bits. The entropy test results are shown in Table 9. In our test results, entropies of cipher images are very close to the ideal value 8. Thus, our cryptosystem has good diffusion performance. Global Shannon entropy reflects the total randomness of an image, and it has certain limitations in some occasions. Therefore, local Shannon entropy (LSE) was proposed by Wu et al. [29]. To measure local entropy, we first randomly select k non-overlapping image blocks B 1 , B 2 , · · · , B k with T B pixels from image I, then the LSE is defined by: where H(B i ) is the Shannon entropy of image block B i , and can by calculated by Equation (15). In this test, we select parameters (k, T B ) = (30,1936). Under these parameters, the ideal value of LSE is 7.902469317. When we set significance α = 0.05, we consider the tests passed when the test LSE values fall into the interval (7.901901305, 7.903037329). The LSE test results are shown in Table 10.

Computation and Complexity Analysis
Due to DNA computing having advantages when processing in parallel, our scheme is applicable to encrypt a large amount of image data in the actual DNA computing environment. In this section, we only discuss the time-consuming part of cryptography for computing floating point numbers. We use PWLCM to control randomly DNA encoding and to generate key sequence, it needs Θ(5 × M × N) iterations of computing floating point number. And we use HCLS to control permutation, it needs Θ(M × N) iterations of computing floating point number. The Matlab programming to simulate DNA calculation is low efficiency, under the hardware and software environment mentioned at beginning of Section 4, the encryption of 512 × 512 image is total cost 3.233 s. Although MATLAB simulation results have long running time, the proposed algorithm is still applicable to the actual DNA computing scene. After all, our purpose of this paper is to design a secure image encryption scheme in a real DNA computing scene, and simulation is only a means to verify the correctness and security of the proposed image cryptosystem.

Security Comparison
In this part, we make a comparison with other works on some common security analysis indicators, the comparison results are shown in Table 11, and shown that our proposed scheme has very excellent security performance.

Conclusion
The security and privacy of digital images, such as medical images, satellite remote sensing images, social network images, etc., is very important in communication. To ensure the security and privacy of digital images, we proposed a novel chaos based image encryption scheme with randomly DNA encode and plaintext related permutation in this paper. In the proposed scheme, for utilizing the ultra-high information density, great parallelism and ultra-low energy consumption of DNA, we encode the plain image randomly into a nucleotide sequence controlled by the piecewise linear chaotic map. Under the control sequence generated by hyper-chaotic Lorenz system, the plaintext related permutation is done, which can increase the plaintext sensitivity and improve resistance to differential attack. Moreover, we use key DNA sequence to make diffusion processing, which can strongly resist statistical attack. In addition, many common security analysis methods are used to test our proposed image cryptosystem. The test results shown that our proposed image cryptosystem has excellent security performance in digital image communication. The image encryption based on chaos and DNA computing are still under constant research, and there are still many problems that need to be further studied and solved. In the next stage, we will focus on the multi-image aggregation encryption and parallel DNA image encoding.