Conﬁgurational Entropy for Optimizing the Encryption of Digital Elevation Model Based on Chaos System and Linear Prediction

: A digital elevation model (DEM) digitally records information about terrain variations and has found many applications in different ﬁelds of geosciences. To protect such digital information, encryption is one technique. Numerous encryption algorithms have been developed and can be used for DEM. A good encryption algorithm should change both the compositional and conﬁgurational information of a DEM in the encryption process. However, current methods do not fully take into full consideration pixel structures when measuring the complexity of an encrypted DEM (e.g., using Shannon entropy and correlation). Therefore, this study ﬁrst proposes that conﬁgurational entropy capturing both compositional and conﬁgurational information can be used to optimize encryption from the perspective of the Second Law of Thermodynamics. Subsequently, an encryption algorithm based on the integration of the chaos system and linear prediction is designed, where the one with the maximum absolute conﬁgurational entropy difference compared to the original DEM is selected. Two experimental DEMs are encrypted for 10 times. The experimental results and security analysis show that the proposed algorithm is effective and that conﬁgurational entropy can help optimize the encryption and can provide guidelines for evaluating the encrypted DEM.


Introduction
A digital elevation model (DEM) is a digital representation of terrain variations and can explicitly reveal information about the topographic complexity with computer graphics. With the development of advanced equipment for data acquisition (e.g., high-resolution satellite sensors, unmanned aerial vehicle (UAV), and LiDAR (Light Detection and Ranging)), it is becoming more and more easy to acquire DEMs. In addition, DEM transmission becomes more and more frequent due to the development of advanced computer and network communication technologies. However, due to the openness and sharing of networks, there exists a serious threat in information security and confidentiality [1,2]. Therefore, information protection is desired and hence has attracted much attention. The literature on information protection can be traced back to Shannon's paper entitled "Communication Theory of Secrecy System" [3]. By now, numerous information protection methods have been proposed, and encryption is one such solution.
An increasing number of encryption algorithms have been developed to protect information from images as much as possible, and such algorithms can be employed to protect DEMs as well. Since chaotic systems are sensitive to the initial parameters, determinacy, ergodicity, and so forth [4][5][6][7], chaotic-systems-based encryption algorithms [8][9][10][11][12][13][14][15] are popular among these methods. In general, a chaotic-system-based algorithm encrypts an image via two stages (i.e., confusion and diffusion). At the confusion stage, the positions of pixels are changed. To enhance security, the pixel values are changed at the diffusion stage. Sometimes, these two stages can be achieved simultaneously. Nevertheless, one may notice that the precision of initial parameters for generating chaotic sequences can influence the encryption performance of a chaotic system. At this point, for a given image, one may ask two questions: (i) Can we employ a metric to help optimize an encryption algorithm based on the chaos system? and (ii) What abilities should such a metric have? To answer these two questions, let us first recall the viewpoint proposed by Shannon that it is possible to break many kinds of ciphers using a statistical analysis on the histogram and the correlation of adjacent pixels in the cipher image [3]. From this viewpoint, we know that both the composition (proportions of pixels) and configurational information (spatial structures) of an image should be considered when designing an encryption algorithm and when evaluating its performance. This further suggests that we may need to find metrics for capturing both compositional and configurational information of an image.
Some metrics have been developed to evaluate the performance of encryption systems upon an image, e.g., correlation [9], NPCR (Number of Pixels Change Rate) [9,16], UACI (Unified Average Changing Intensity) [9], histogram [17], and Shannon entropy [18][19][20]. Theoretically speaking, these metrics are not good enough for capturing both compositional and configurational information. For example, Shannon entropy is a type of statistical entropy [21] and thus is unable to completely capture the configurational information of an image since its calculation relies on the occurrence probabilities of pixels, not the two-dimensional spatial structures. Three DEMs are shown in Figure 1, where the ones in the middle and right frames are the scrambled results of the one in the left frame. They have different spatial structures, whereas their Shannon entropy values are the same. Additionally, the information content of the multiscale representation of a DEM cannot be well-quantified by these metrics.
Appl. Sci. 2021, 11, x FOR PEER REVIEW 2 of 17 are popular among these methods. In general, a chaotic-system-based algorithm encrypts an image via two stages (i.e., confusion and diffusion). At the confusion stage, the positions of pixels are changed. To enhance security, the pixel values are changed at the diffusion stage. Sometimes, these two stages can be achieved simultaneously. Nevertheless, one may notice that the precision of initial parameters for generating chaotic sequences can influence the encryption performance of a chaotic system. At this point, for a given image, one may ask two questions: (i) Can we employ a metric to help optimize an encryption algorithm based on the chaos system? and (ii) What abilities should such a metric have? To answer these two questions, let us first recall the viewpoint proposed by Shannon that it is possible to break many kinds of ciphers using a statistical analysis on the histogram and the correlation of adjacent pixels in the cipher image [3]. From this viewpoint, we know that both the composition (proportions of pixels) and configurational information (spatial structures) of an image should be considered when designing an encryption algorithm and when evaluating its performance. This further suggests that we may need to find metrics for capturing both compositional and configurational information of an image. Some metrics have been developed to evaluate the performance of encryption systems upon an image, e.g., correlation [9], NPCR (Number of Pixels Change Rate) [9,16], UACI (Unified Average Changing Intensity) [9], histogram [17], and Shannon entropy [18][19][20]. Theoretically speaking, these metrics are not good enough for capturing both compositional and configurational information. For example, Shannon entropy is a type of statistical entropy [21] and thus is unable to completely capture the configurational information of an image since its calculation relies on the occurrence probabilities of pixels, not the two-dimensional spatial structures. Three DEMs are shown in Figure 1, where the ones in the middle and right frames are the scrambled results of the one in the left frame. They have different spatial structures, whereas their Shannon entropy values are the same. Additionally, the information content of the multiscale representation of a DEM cannot be well-quantified by these metrics. To bridge the gaps induced by these metrics mentioned above, this study utilizes the configurational entropy (thermodynamic entropy) to encrypt DEM. An encryption algorithm is proposed with the integration of a chaos system and linear prediction and is optimized by leveraging the configurational entropy. Apart from the Introduction section, the remainder of this study is organized as follows. The Second Law of Thermodynamics and configurational entropy are introduced first as the perspective for optimizing the DEM encryption in Section 2. Then, a novel encryption algorithm based on the leverage of configurational entropy is proposed and described in Section 3. Two DEMs are used in experiments followed by the results analysis in Section 4. Finally, a conclusion is made in Section 5. To bridge the gaps induced by these metrics mentioned above, this study utilizes the configurational entropy (thermodynamic entropy) to encrypt DEM. An encryption algorithm is proposed with the integration of a chaos system and linear prediction and is optimized by leveraging the configurational entropy. Apart from the Introduction section, the remainder of this study is organized as follows. The Second Law of Thermodynamics and configurational entropy are introduced first as the perspective for optimizing the DEM encryption in Section 2. Then, a novel encryption algorithm based on the leverage of configurational entropy is proposed and described in Section 3. Two DEMs are used in experiments followed by the results analysis in Section 4. Finally, a conclusion is made in Section 5.

The Second Law of Thermodynamics as a New Perspective for Optimizing Encryption of Numerical Raster Data
The Second Law of Thermodynamics is concerned with the direction of natural processes. This law states that an isolated and closed thermodynamic system can spontaneously evolve towards thermodynamic equilibrium, where its disorder degree (which can be measured by entropy) is at maximum [22][23][24]. Inspired by this law, we can assume that a DEM could be considered an isolated and closed thermodynamic system where pixels are taken as gas molecules. Different temperatures (i.e., different encryption techniques or same techniques with different initial parameters) are imposed on the same thermodynamic system (an image), and then, the gas molecules (pixels) move in different directions and finally reach one type of status. Figure 2 shows different statuses of a closed thermodynamic system under different temperatures. The disorder of the thermodynamic system represents the complexity (randomness) of an image. The gas molecules move in different directions and then form different distributions. The disorder degree of gas molecules increases from (a) to (d).

The Second Law of Thermodynamics as a New Perspective for Optimizing Encryption of Numerical Raster Data
The Second Law of Thermodynamics is concerned with the direction of natural processes. This law states that an isolated and closed thermodynamic system can spontaneously evolve towards thermodynamic equilibrium, where its disorder degree (which can be measured by entropy) is at maximum [22][23][24]. Inspired by this law, we can assume that a DEM could be considered an isolated and closed thermodynamic system where pixels are taken as gas molecules. Different temperatures (i.e., different encryption techniques or same techniques with different initial parameters) are imposed on the same thermodynamic system (an image), and then, the gas molecules (pixels) move in different directions and finally reach one type of status. Figure 2 shows different statuses of a closed thermodynamic system under different temperatures. The disorder of the thermodynamic system represents the complexity (randomness) of an image. The gas molecules move in different directions and then form different distributions. The disorder degree of gas molecules increases from (a) to (d). The disorder of an isolated and closed thermodynamic system can be quantified by the thermodynamic entropy proposed by Ludwig Boltzmann [25,26]. The calculation formula for the thermodynamic entropy (configurational entropy and Boltzmann entropy) is as follows: where K is the Boltzmann constant (1 in the case of digital images, as suggested by [27]) and W is the number of microstates for a given macrostate. The configurational entropy of numerical raster data has been defined and computed in [28] with the assistance of the concept of multiscale representation, leading to two types of terms: relative and absolute. Concretely, the macrostate is defined as the upscaling results by an operation with a 2 × 2 sliding window; the microstates are all possible downscaling results, which can be seen The disorder of an isolated and closed thermodynamic system can be quantified by the thermodynamic entropy proposed by Ludwig Boltzmann [25,26]. The calculation formula for the thermodynamic entropy (configurational entropy and Boltzmann entropy) is as follows: where K is the Boltzmann constant (1 in the case of digital images, as suggested by [27]) and W is the number of microstates for a given macrostate. The configurational entropy of numerical raster data has been defined and computed in [28] with the assistance of the concept of multiscale representation, leading to two types of terms: relative and absolute. Concretely, the macrostate is defined as the upscaling results by an operation with a 2 × 2 sliding window; the microstates are all possible downscaling results, which can be seen in Figure 3. For an image, its relative configurational entropy (S R ) is the sum of configurational entropies of pixels in a sliding window of size 2 × 2 through the whole image. The absolute configurational entropy (S A ) is the sum of relative configurational entropies across all scales, capturing the multiscale information, which can help us enhance the analysis of the complexity of an encrypted DEM.
in Figure 3. For an image, its relative configurational entropy ( ) is the sum of configurational entropies of pixels in a sliding window of size 2 × 2 through the whole image. The absolute configurational entropy ( ) is the sum of relative configurational entropies across all scales, capturing the multiscale information, which can help us enhance the analysis of the complexity of an encrypted DEM. The experiments conducted in [29] demonstrates that can measure the scrambling degree of grayscale images at the confusion stage. Regarding the diffusion phase included by an encryption function, the range of pixel values is modified. A good encrypted image should have various value ranges and pixel structures different from the original one. At this point, we can take the absolute configurational entropy as a metric to help choose the best one among all encrypted images. Theoretically speaking, the higher the absolute configurational entropy, the higher the complexity (and the lower the compressibility concerning lossless compression). To improve the encryption security, we should select the one with the maximum value among all cases. In this study, the base of the logarithmic function in Equation (1) is set to 2 to measure the configurational information in units of bits. The configurational entropy of an image is proportional to its complexity.

Encryption Based on the Integration of Chaos System and Linear Prediction
Inspired by the Second Law of Thermodynamics, this section proposes an encryption algorithm consisting of two parts: (i) the encryption function and (ii) determination of the best-encrypted image with configurational entropy, which are shown in Figures 4 and 5. The experiments conducted in [29] demonstrates that S R can measure the scrambling degree of grayscale images at the confusion stage. Regarding the diffusion phase included by an encryption function, the range of pixel values is modified. A good encrypted image should have various value ranges and pixel structures different from the original one. At this point, we can take the absolute configurational entropy as a metric to help choose the best one among all encrypted images. Theoretically speaking, the higher the absolute configurational entropy, the higher the complexity (and the lower the compressibility concerning lossless compression). To improve the encryption security, we should select the one with the maximum S A value among all cases. In this study, the base of the logarithmic function in Equation (1) is set to 2 to measure the configurational information in units of bits. The configurational entropy of an image is proportional to its complexity.

Encryption Based on the Integration of Chaos System and Linear Prediction
Inspired by the Second Law of Thermodynamics, this section proposes an encryption algorithm consisting of two parts: (i) the encryption function and (ii) determination of the best-encrypted image with configurational entropy, which are shown in Figures 4 and 5. in Figure 3. For an image, its relative configurational entropy ( ) is the sum of configurational entropies of pixels in a sliding window of size 2 × 2 through the whole image. The absolute configurational entropy ( ) is the sum of relative configurational entropies across all scales, capturing the multiscale information, which can help us enhance the analysis of the complexity of an encrypted DEM. The experiments conducted in [29] demonstrates that can measure the scrambling degree of grayscale images at the confusion stage. Regarding the diffusion phase included by an encryption function, the range of pixel values is modified. A good encrypted image should have various value ranges and pixel structures different from the original one. At this point, we can take the absolute configurational entropy as a metric to help choose the best one among all encrypted images. Theoretically speaking, the higher the absolute configurational entropy, the higher the complexity (and the lower the compressibility concerning lossless compression). To improve the encryption security, we should select the one with the maximum value among all cases. In this study, the base of the logarithmic function in Equation (1) is set to 2 to measure the configurational information in units of bits. The configurational entropy of an image is proportional to its complexity.    The confusion phase included under the proposed encryption function is implemented by the chaos system generated by two logistic maps with different initial parameter values. Mathematically, the logistic map [30] is written as follows

Encryption Based on the Integration of Chaos System and Linear Prediction
where is located in the interval [0,1] and 0 ≤ r ≤4. When r ∊ (3.5699456, 4), the sequence generated by the logistic map shows chaotic behavior. We can assume that a DEM is read as a numerical matrix of size M × N. The confusion phase scrambles the whole image, indicating that both row and column scrambling are needed. To begin this process, first, we set the initial parameter and values to iterate the chaotic system (i.e., equation (2)) for M times and then a chaotic sequence of length M, { , , , , , , }, is generated and referred to as . Then, sorting this chaotic sequence in ascending or descending order, we get { ̅ , ̅ , ̅ , ̅ , ̅ , , ̅ } named ̅ . Next, we need to find the position values of in ̅ and to record the transformation positions TP = { , , , , , }. When we use TP for row scrambling, we only need to move the row to the first row and the row to the second row until all rows are scrambled. Similarly, regarding column scrambling, new parameter and values are needed to iterate the logistic map for N times and then to conduct the same operation as the row scrambling.
Concerning the diffusion phase, the three-point prediction is employed. A 2 × 2 sliding window is moved pixel by pixel, which generates the predicted pixels. Regarding the edge pixels, the missing ones among pixels a, b, and c are automatically set to 0. Thereafter, the difference between the confused image and the predicted one is computed and then taken as the final encrypted DEM in one round. The advantages of three-point prediction The confusion phase included under the proposed encryption function is implemented by the chaos system generated by two logistic maps with different initial parameter values. Mathematically, the logistic map [30] is written as follows where x n is located in the interval [0,1] and 0 ≤ r ≤ 4. When r ∈ (3.5699456, 4), the sequence generated by the logistic map can show chaotic status, though there are many periodic windows in this interval. We can assume that a DEM is read as a numerical matrix of size M × N. The confusion phase scrambles the whole image, indicating that both row and column scrambling are needed. To begin this process, first, we set the initial parameter r 0 and x 0 values to iterate the chaotic system (i.e., Equation (2) Concerning the diffusion phase, the three-point prediction is employed. A 2 × 2 sliding window is moved pixel by pixel, which generates the predicted pixels. Regarding the edge pixels, the missing ones among pixels a, b, and c are automatically set to 0. Thereafter, the difference between the confused image and the predicted one is computed and then taken as the final encrypted DEM in one round. The advantages of three-point prediction are (i) reducing the correlation between pixels (increasing the complexity of an image) and (ii) changing the range of pixel values.
After introducing the encryption function, we describe how the whole encryption algorithm is optimized with the assistance of configurational entropy. As shown in Figure 5a, users can determine the total encryption rounds, m, and the number of different confusion phases, n, as illustrated in Figure 5b. The encrypted image (DEM) in the last round is taken as the input of the encryption function for the next round in the whole encryption process. Figure 5b shows how to select the best-encrypted image. An image can be scrambled by 2n logistic maps with 2n different key pairs (r 0 , x 0 ) at the confusion phase; thus, n confused DEMs with the same histogram but different structures. Among these n confused DEMs, the one with the maximum absolute S R difference (|DS R |) compared to the original is selected as the input for the diffusion phase in which the range of pixel values is changed. The absolute configurational entropy (S A ) is finally employed to determine which one is the most suitable for transmission. From a theoretical perspective of information, the higher S A value, the higher the complexity (lower compressibility) of a DEM, indicating higher encryption performance. Two modes are provided for users: (i) complexity first and (ii) compressibility first. For the former, the one with the maximum S A is finally selected. Regarding the latter, the one with the minimum absolute S A difference (|DS A |) compared to the original DEM is chosen.
The encrypted image can be further processed by lossless compression techniques, such as Huffman encoding [31], free lossless image format (FLIF) [32], and multiscale compression [33], to reduce the burden on transmission and storage. To improve the encryption performance as much as possible, it is recommended that users encrypt a DEM for at least 4 times (i.e., m ≥ 4) using the proposed algorithm.

Encryption Results
Two 600 × 600 DEMs with different complexities tabulated in Table 1 were considered experimental images. Their data formats were plain text, and their elevation values were integer. Figure 6 shows these two DEMs, showing different complexities and various ranges of pixel values. are (i) reducing the correlation between pixels (increasing the complexity of an image) and (ii) changing the range of pixel values. After introducing the encryption function, we describe how the whole encryption algorithm is optimized with the assistance of configurational entropy. As shown in Figure  5a, users can determine the total encryption rounds, m, and the number of different confusion phases, n, as illustrated in Figure 5b. The encrypted image (DEM) in the last round is taken as the input of the encryption function for the next round in the whole encryption process. Figure 5b shows how to select the best-encrypted image. An image can be scrambled by 2n logistic maps with 2n different key pairs ( , ) at the confusion phase; thus, n confused DEMs with the same histogram but different structures. Among these n confused DEMs, the one with the maximum absolute difference (| |) compared to the original is selected as the input for the diffusion phase in which the range of pixel values is changed. The absolute configurational entropy ( ) is finally employed to determine which one is the most suitable for transmission. From a theoretical perspective of information, the higher value, the higher the complexity (lower compressibility) of a DEM, indicating higher encryption performance. Two modes are provided for users: (i) complexity first and (ii) compressibility first. For the former, the one with the maximum is finally selected. Regarding the latter, the one with the minimum absolute difference (| |) compared to the original DEM is chosen.
The encrypted image can be further processed by lossless compression techniques, such as Huffman encoding [31], free lossless image format (FLIF) [32], and multiscale compression [33], to reduce the burden on transmission and storage. To improve the encryption performance as much as possible, it is recommended that users encrypt a DEM for at least 4 times (i.e., m ≥ 4) using the proposed algorithm.

Encryption Results
Two 600 × 600 DEMs with different complexities tabulated in Table 1 were considered experimental images. Their data formats were plain text, and their elevation values were integer. Figure 6 shows these two DEMs, showing different complexities and various ranges of pixel values.    Table 2. Figure 7 shows the scrambled images, while they have the same histogram. The fourth one was selected for the diffusion phase because its |DS R | was the maximum compared with the remaining confused images. By using the proposed encryption algorithm, we obtained 10 encrypted DEM A, which are shown in Figure 8, and the key pairs are shown in Table 3, where C R represents the lossless compression ratio (i.e., the ratio between the bytes used for storing the original data and that for storing the compressed data) by using LZMA [34,35], which is a dictionary-based compression algorithm and takes into consideration the spatial structure of data. From Figure 8, we find that the pixel value range has been modified and the tenth one has the maximum |DS A | and S A as shown in Table 3. Therefore, it is selected as the best one when mode (i) is activated. Regarding mode (ii), Figure 8e is considered the best one. From Figure 9, we find that the S A values of the encrypted images increased, whereas the C R values decreased with the increase in the total encryption rounds (i.e., m). This can be explained by the viewpoint derived from [19] that, from a theoretical perspective, the lower the redundancy (which is measured by configurational entropy here) of an image, the lower the compression ratio of the image achieved.  Regarding DEM B, Table 4 shows the | | values of 10 confused ones illustrated in Figure 10. We find the 10th one is the best in the confusion phase. Table 5 shows similar results to DEM A. Obviously, when mode (i) is employed, the 10th one is the best since it has the maximum value in comparison with the others shown in Figure 11. However, the second one is selected when mode (ii) is activated. Figure 12a illustrates that the values increase with the increase in encryption rounds. However, we find that the values decrease in Figure 12b. These experimental results indicate that the configurational entropy is useful to optimize the proposed encrypted algorithm.  Regarding DEM B, Table 4 shows the | | values of 10 confused ones illustrated in Figure 10. We find the 10th one is the best in the confusion phase. Table 5 shows similar results to DEM A. Obviously, when mode (i) is employed, the 10th one is the best since it has the maximum value in comparison with the others shown in Figure 11. However, the second one is selected when mode (ii) is activated. Figure 12a illustrates that the values increase with the increase in encryption rounds. However, we find that the values decrease in Figure 12b. These experimental results indicate that the configurational entropy is useful to optimize the proposed encrypted algorithm. Regarding DEM B, Table 4 shows the |DS R | values of 10 confused ones illustrated in Figure 10. We find the 10th one is the best in the confusion phase. Table 5 shows similar results to DEM A. Obviously, when mode (i) is employed, the 10th one is the best since it has the maximum S A value in comparison with the others shown in Figure 11. However, the second one is selected when mode (ii) is activated. Figure 12a illustrates that the S A values increase with the increase in encryption rounds. However, we find that the C R values decrease in Figure 12b. These experimental results indicate that the configurational entropy is useful to optimize the proposed encrypted algorithm.

Security Analysis
A good encryption algorithm should be capable of resisting all attacks. In this section, we perform a security analysis on the proposed encryption algorithm.

Key space and sensitivity analysis
A good encryption approach should be sensitive to the secret keys. In this study, the iteration times, (i.e., m and n) can be used as keys as well as the parameters r 0 and x 0 of a logistic map. Moreover, the precision of parameters of the logistic map can be used as keys as it can influence the performance of chaotic sequences. The key space is proportional to the parameter precision: m (≥1) and n (≥1). If the precision is 10 −20 , the key space size can be at least m × 10 40 . Hence, the key space is big enough to resist brute-force attacks. Moreover, using keys (r 0 , x 0 ) only to recover the original image is very difficult as the range of pixel values is changed after using the proposed encryption algorithm. Figure 13 shows two decrypted DEM A with wrong keys.

Security Analysis
A good encryption algorithm should be capable of resisting all attacks. In this section, we perform a security analysis on the proposed encryption algorithm.

Key space and sensitivity analysis
A good encryption approach should be sensitive to the secret keys. In this study, the iteration times, (i.e., m and n) can be used as keys as well as the parameters and of a logistic map. Moreover, the precision of parameters of the logistic map can be used as keys as it can influence the performance of chaotic sequences. The key space is proportional to the parameter precision: m (≥1) and n (≥1). If the precision is 10 , the key space size can be at least m × 10 . Hence, the key space is big enough to resist brute-force attacks. Moreover, using keys ( , ) only to recover the original image is very difficult as the range of pixel values is change

Classical attacks
Attackers have many methods of attack. Four classical types of attacks [7] are listed as follows: • Selected plaintext: The opponent chooses a plaintext string and constructs the ciphertext string when temporary access to the encryption machine is granted.
• Selected cipher text: The opponent obtains a ciphertext string and constructs the

Classical attacks
Attackers have many methods of attack. Four classical types of attacks [7] are listed as follows: • Selected plaintext: The opponent chooses a plaintext string and constructs the ciphertext string when temporary access to the encryption machine is granted. • Selected cipher text: The opponent obtains a ciphertext string and constructs the corresponding plaintext string when temporary access to the encryption machine is granted.

•
Known plaintext: The opponent owes a plaintext string and its corresponding ciphertext.

•
Ciphertext only: The opponent owes a ciphertext string The selected plaintext attack is considered the most powerful one. The proposed encryption approach is highly sensitive to the initial parameters for a logistic map. Moreover, at the fusion phase, the encryption data are related to not only the one in the confusion phase but also the one predicted by the three-point prediction technique used at the diffusion stage. Moreover, different encrypted numerical raster data are derived from various former ones because m and n are variable. This means that the encrypted data are able to resist the chosen plaintext attack, indicating that it can resist the remaining attacks.

Decryption Results with True Keys
To decrypt the encrypted DEMs A and B, the true keys tabulated in Tables 3 and 5 are used. The decryption of an image is the inverse process of its encryption. With true keys, the reconstructed DEMs A and B are illustrated in Figure 14. The selected plaintext attack is considered the most powerful one. The proposed encryption approach is highly sensitive to the initial parameters for a logistic map. Moreover, at the fusion phase, the encryption data are related to not only the one in the confusion phase but also the one predicted by the three-point prediction technique used at the diffusion stage. Moreover, different encrypted numerical raster data are derived from various former ones because m and n are variable. This means that the encrypted data are able to resist the chosen plaintext attack, indicating that it can resist the remaining attacks.

Decryption Results with True Keys
To decrypt the encrypted DEMs A and B, the true keys tabulated in Tables 3 and 5 are used. The decryption of an image is the inverse process of its encryption. With true keys, the reconstructed DEMs A and B are illustrated in Figure 14.

Conclusions
DEM is a digital representation of terrain information. Information security for DEMs is an important topic due to the openness of computer and network communication. By using encryption, the information from DEMs can be well protected. In this study, an algorithm based on chaos system and linear prediction is proposed. To optimize the proposed encryption algorithm, configurational entropy is employed. At the confusion stage, the one with the maximum relative configurational entropy different from the original is selected for the diffusion stage, where the one with the maximum absolute configurational

Conclusions
DEM is a digital representation of terrain information. Information security for DEMs is an important topic due to the openness of computer and network communication. By using encryption, the information from DEMs can be well protected. In this study, an algorithm based on chaos system and linear prediction is proposed. To optimize the proposed encryption algorithm, configurational entropy is employed. At the confusion stage, the one with the maximum relative configurational entropy different from the original is selected for the diffusion stage, where the one with the maximum absolute configurational entropy is chosen for the sake of obtain the best encryption performance and the one with the minimum absolute configurational entropy is chosen to reduce the burden on transmission and storage. Two DEMs are taken as experimental data and encrypted 10 times. From the experimental results and analysis, we draw the following major conclusions

•
The proposed encryption algorithm is valid, and its security is high. • Configurational entropy is helpful for optimizing the encryption process.
On the other hand, three areas are recommended for future research. The first is to investigate the effects of different predictors in the diffusion phase of an encryption performance. The second is to explore multiscale DEM encryption with the help of absolute configurational entropy. Finally, more advanced chaos systems and watermark signature techniques [36][37][38][39] are expected to be employed as one part of this study to provide excellent performance in only one encryption round.   Table 1. All encrypted DEMs are available upon request.