Remote-Sensing Image Encryption Algorithm Using the Advanced Encryption Standard

Abstract

With the increasing use of multimedia in communications, the content security of remote-sensing images attracts much attention in both the academia and industry. The Advanced Encryption Standard (AES) is a famous symmetric cryptosystem. A symmetric remote-sensing image encryption algorithm using AES is presented. Firstly, to reduce the encryption times, the sender groups 16 pixel values together, and converts them into big integers; secondly, the sender encrypts big integers with AES and the chaotic system; finally, the encrypted image is obtained from encrypted big integers. Simulation data show that our algorithm exhibits both the high security and efficiency.

1. Introduction

Remote sensing is a non-contact and long-distance measuring technology, which acquires the information of an object or phenomenon. This technology plays a highly significant role in many fields, such as resource survey, environment protection, weather forecast and disaster evaluation. Most of remote-sensing images involve business secrets and even national security. Internet development and multimedia easy distribution make the content security of remote-sensing images become an important issue for scientists and engineers.

The chaotic system is a commonly applied means to encrypt images for its extreme sensitivity to initial values and parameters, ergodicity, etc. [1]. The experts of information security have designed lots of image encryption schemes with the chaotic systems recently [2,3,4,5,6,7]. Nevertheless, the security of the low-dimensional chaotic system is a little weak for its disadvantage of short code period. Researchers pay more attention to more complex chaotic systems, such as the high-dimensional chaotic systems and compound chaotic systems [8,9,10,11,12,13].

Advanced Encryption Standard (AES) is an excellent symmetric cryptosystem, which has the advantages of strong ability to resist attacks, so it is widely used in data encryption. At present, several experts of image encryption viewed that AES is fairly safe, but it isn’t suitable for encrypting image. The reason is that the image data is huge and has more redundancy than the text data [14]. However, Zhang et al. designed an image encryption algorithm with AES [15]. Authors group the pixel values of the plain image into data blocks with the size of 128 bits. They permute the first data block with the initial vector. After that, AES encrypts other data blocks with the cipher block chaining mode. Although authors stated that their algorithm can achieve high encryption speed, the efficiency can be further improved. Therefore, to protect the content of remote-sensing images, this paper presents a symmetric remote-sensing image encryption algorithm with AES and chaos. Experimental results and algorithm comparative analyses display that the proposed algorithm is desirable in terms of the security and efficiency.

The content structure of this paper is: Section 2 introduces AES, chaotic system, and secure hash algorithm in brief. A novel remote-sensing image encryption algorithm is designed in Section 3. Some similar algorithms are described in Section 4. Experiments are carried out in Section 5. Comparisons are drawn in Section 6. Section 7 makes the conclusions.

2. Theoretical Principle

2.1. AES

The National Institute of Standards and Technology (NIST) recruited a new data encryption standard for symmetric cryptosystem to be instead of the old version, i.e., Data Encryption Standard (DES) on 2 January 1997. Rijndael algorithm has been chosen by NIST and became the new advanced encryption standard, i.e., AES, on 2 October 2000 [16]. This algorithm is designed by Joan Daemen and Vincent Rijmen. AES is a block cipher, whose block size is 128 bits. AES core parameters are listed in

Table 1. Advanced Encryption Standard (AES) core parameters.

Key Length	Block Size	Rounds
128	128	10
192	128	12
256	128	14

. Each round is comprised of the four functions, i.e., SubBytes(·), ShiftRows(·), MixColumns(·), and AddRoundKey(·). Their detailed explanations can be found in Reference [16].

2.2. Chaotic System

The Piece-Wise Linear Chaotic Map (PWLCM) is defined by:

$$x_{\mathrm{i}+1}=F_{\mathrm{q}}\left(x_i\right)=\{\begin{array}{c}\frac{x_{\mathrm{i}}}{q}0\le x_i<q\\ \frac{x_{\mathrm{i}}-q}{0.5-q}q\le x_i<0.5\\ F_{\mathrm{q}}\left(1-x_i\right)0.5\le x_i<1\end{array}$$

(1)

where $x_{\mathrm{i}}\in \left[0,1\right)$ and $q$ is the control parameter [17]. When $q\in \left(0,0.5\right)$, this chaotic system can provide an excellent and random chaotic sequence, which is suitable for image encryption.

2.3. Secure Hash Algorithm

Secure Hash Algorithms (SHA) are a kind of hash functions, which is released by NIST. SHA is mainly applied to the integrity security services [18]. SHA-256 is a popular SHA, which outputs the message digest with the length of 256 bits.

The proposed algorithm uses SHA-256 to generate the initial value $x_0$ and variable $q$ of PWLCM. For the plain image, the proposed algorithm adopts SHA-256 to generate hash value $K$, which can be segmented into 8-bit parts, i.e.,:

$$K=k_1,k_2,\cdots ,k_{\mathrm{i}},\cdots ,k_{32},i=3,4,\cdots ,31$$

(2)

The variables $x_0$ and $q$ of PWLCM are computed by:

$$x_0=\frac{k_1⨁k_2⨁\cdots k_{\mathrm{i}}\cdots ⨁k_{16}}{255},i=3,4,\cdots ,15$$

(3)

where $⨁$ denotes the exclusive OR (XOR) operation in the binary system.

$$q=\frac{k_{17}⨁k_{18}⨁\cdots k_{\mathrm{i}}\cdots ⨁k_{32}}{510},i=19,20,\cdots ,31$$

(4)

3. Proposed Image Encryption Algorithm

For easy description, the sender and recipient are Alice and Bob, respectively. The following subsections describe the core technology of the proposed image encryption algorithm.

3.1. Sender’s Encryption Process

Figure 1 is the image encryption flowchart of the proposed algorithm. Alice performs the following steps to encrypt the plain image.

Step 1: Chaotic Sequence Generation

Let the plain image be $I_{\mathrm{m}\times \mathrm{n}}$. The variables $x_0$ and $q$ of PWLCM can be generated with the method described in Section 2.3. Alice iterates Equation (1) $m\times n$ times with $x_0$ and $q$, and she obtains a chaotic sequence $\mathrm{X}={\left\{x_{\mathrm{i}}\right\}}_{\mathrm{m}\times \mathrm{n}}$.

Step 2: Chaotic Image Generation

If 16 digits exists after the decimal point for all the $x_{\mathrm{i}}\in X_{\mathrm{mn}}$, Alice computes:

$$y_{\mathrm{i}}=\mathrm{mod}\left(x_{\mathrm{i}}\times {10}^{16},256\right)$$

(5)

where $Y={\left\{y_{\mathrm{i}}\right\}}_{\mathrm{m}\times \mathrm{n}}$, and $\mathrm{mod}(·)$ is the modulo operation. After that the sender can convert the vector $Y$ into a matrix $C_{\mathrm{m}\times \mathrm{n}}$, named as the chaotic image.

Step 3: Group Pixels

The pixel value in binary form is an 8-bit number. Here, Alice uses AES-256 to encrypt the 128-bit data blocks. Therefore, Alice groups 16 pixel values together to form a big integer number with the 128-bit length. The first big integer is:

$$b_1=I_{1,1}^{\mathrm{b}}{I}_{1,2}^{\mathrm{b}}\cdots I_{1,\mathrm{i}}^{\mathrm{b}}\cdots I_{1,16}^{\mathrm{b}},i=3,4,\cdots ,15$$

(6)

where $I_{1,1}^{\mathrm{b}}{I}_{1,2}^{\mathrm{b}}\cdots I_{1,\mathrm{i}}^{\mathrm{b}}\cdots I_{1,16}^{\mathrm{b}}$ denote the pixels of $I$ in binary form. Alice can obtain $\left(m\times n\right)/16$ plain big integers $\left\{b_1,b_2,\cdots ,b_{\left(\mathrm{m}\times \mathrm{n}\right)/16}\right\}$ for $I$ in total. Similarly, Alice can also obtain $\left(m\times n\right)/16$ chaotic big integers $\left\{r_1,r_2,\cdots ,r_{\left(\mathrm{m}\times \mathrm{n}\right)/16}\right\}$ for $C$.

Step 4: AES Encryption

Alice calculates:

$$c_1={\mathrm{AES}}_{\mathrm{e}}\left(K_1,b_1\right)⨁r_1$$

(7)

$$c_{\mathrm{i}}=b_{\mathrm{i}}⨁c_{\mathrm{i}-1}⨁r_{\mathrm{i}},i=2,3,\cdots ,\left(m\times n\right)/16$$

(8)

where $\left\{c_{\mathrm{i}}\right\}$ are encrypted big integers, ${\mathrm{AES}}_{\mathrm{e}}(·)$ is the encryption function of AES, whose input parameters are the key $K_1$ and $b_1$.

Step 5: Recovering Pixels

Alice divides $c_{\mathrm{i}}$, $i=1,2,\cdots ,\left(m\times n\right)/16$ into 16 parts, and converts them into pixel values $\left\{p_1^{\mathrm{i}},p_2^{\mathrm{i}},\cdots ,p_{\mathrm{j}}^{\mathrm{i}},\cdots ,p_{16}^{\mathrm{i}}\right\}$, $j=3,4,\cdots ,15$ as shown in Figure 2. According to the pixel positions, she rebuilds these pixel values into an encrypted image $E$ with the size $m\times n$.

3.2. Recipient’s Decryption Process

Figure 3 is the image decryption flowchart of the proposed algorithm. Bob decrypts the encrypted image $E$ with the steps as follows.

Step 1: Chaotic Sequence Generation

Bob iterates Equation (1) $m\times n$ times with the variables $x_0$ and $q$ of PWLCM, and obtains a chaotic sequence $X={\left\{x_{\mathrm{i}}\right\}}_{\mathrm{m}\times \mathrm{n}}$.

Step 2: Chaotic Image Generation

Bob can get the $Y={\left\{y_{\mathrm{i}}\right\}}_{\mathrm{m}\times \mathrm{n}}$ with Equation (5), and convert it into a matrix $C_{\mathrm{m}\times \mathrm{n}}$.

Step 3: Group Pixels

Bob groups 16 pixel values together to form a big integer number with the 128-bit length. For the encrypted image $E$, Bob can obtain $\left(m\times n\right)/16$ encrypted big integers $\left\{c_{\mathrm{i}}\right\}$. For the chaotic image $C$, Alice can also obtain $\left(m\times n\right)/16$ chaotic big integers $\left\{r_{\mathrm{i}}\right\}$.

Step 4: AES Decryption

Bob computes:

$$d_1={\mathrm{AES}}_{\mathrm{d}}\left(K_1,c_1⨁r_1\right)$$

(9)

$$d_{\mathrm{i}}=c_{\mathrm{i}}⨁c_{\mathrm{i}-1}⨁r_{\mathrm{i}},i=2,3,\cdots ,\left(m\times n\right)/16$$

(10)

where $\left\{d_{\mathrm{i}}\right\}$ are decrypted big integers, and ${\mathrm{AES}}_{\mathrm{d}}(·)$ is the decryption function of AES, whose input parameters are the key $K_1$ and $c_1⨁r_1$.

Step 5: Recovering Pixels

Bob divides $d_{\mathrm{i}}$, $i=1,2,\cdots ,\left(m\times n\right)/16$ into 16 parts, and converts them into pixel values. According to the pixel positions, he rebuilds these pixel values into a decrypted image $D$ with the size $m\times n$.

4. Existing Similar Algorithms

4.1. Zhang’s Algorithm

Zhang et al. designed an image encryption scheme with AES (short for Zhang’s algorithm) [15]. Alice performs the following steps to encrypt the plain image $I_{\mathrm{m}\times \mathrm{n}}$.

Step 1: divide $I_{\mathrm{m}\times \mathrm{n}}$ into $t$ pixel blocks with the size $4\times 4$ to form 128 bits;

Step 2: Tent map is used to generate the initial vector $IV$ of AES;

Step 3: for the first block $I_1$ of $I_{\mathrm{m}\times \mathrm{n}}$, encrypt it by:

$$C_1={\mathrm{AES}}_{\mathrm{e}}\left(K,IV⨁I_1\right)$$

(11)

where $K$ is the secret key, and $C_1$ is the first encrypted block;

Step 4: for the $i$th block $I_{\mathrm{i}}$ of $I_{\mathrm{m}\times \mathrm{n}}$, encrypt it by:

$$C_{\mathrm{i}}={\mathrm{AES}}_{\mathrm{e}}\left(K,C_{\mathrm{i}-1}⨁I_{\mathrm{i}}\right),i=2,3,\cdots ,\mathrm{t}$$

(12)

where $C_{\mathrm{i}}$ is the $i$th encrypted block.

4.2. Kalubandi’s Algorithm

Kalubandi et al. designed an image encryption scheme using AES and visual cryptography (short for Kalubandi’s algorithm) [19]. Alice performs the following steps to encrypt the plain image $I_{\mathrm{m}\times \mathrm{n}}$.

Step 1: encode $I_{\mathrm{m}\times \mathrm{n}}$ with the Base64 standard;

Step 2: initiate the AES 256-bit key;

Step 3: encrypt the Base64 encoded text with AES;

Step 4: convert the cipher text of AES into the encryption image.

4.3. Hraoui’s Algorithm

Hraoui et al. designed an image encryption scheme with AES (short for Hraoui’s algorithm) [20]. Alice performs the following steps to encrypt the plain image.

Step 1: segment $I_{\mathrm{m}\times \mathrm{n}}$ into $4\times 4$ pixel blocks;

Step 2: convert these blocks into 128-bit sequences;

Step 3: encrypt these 128-bit sequences with AES;

Step 4: convert the cipher text of AES into $4\times 4$ encrypted pixel blocks;

Step 5: combine these encrypted pixel blocks into the encrypted image.

5. Experiments

The experimental purpose is to encrypt the plain image with the proposed algorithm and three similar algorithms, i.e., Zhang’s algorithm, Kalubandi’s algorithm and Hraoui’s algorithm. The plain image is Airfield as shown in Figure 4a, whose size is $512\times 512$. The computer configuration used in the experiments is shown as follows: Yoga 2 notebook PC of Lenovo Group, Beijing, China, Intel [email protected] GHz Processor, 8 GB RAM, Window 8 operating system and Matlab R2016a. $K$ is the SHA-256 value of Airfield. Therefore, the variables $x_0$ and $q$ of PWLCM can be calculated with the method described in Section 2.3. For the proposed algorithm, Zhang’s algorithm, Kalubandi’s algorithm and Hraoui’s algorithm, the AES keys are $K_1,K_2,K_3,K_4$ respectively. The above variable values are given in

Table 2. Variables and their values.

Variables	Values
K	B40608C3183BC9E3D9933DE8B4DB1366FA970574CD8C12D8D9AD0E7DCF37C0FE
x0	0.960784313725490
q	0.150980392156863
K1	84AAC 12F54AB666ECFC2A83C676908C8BBC381B1F11EF5B2B433F3962493F52C
K2	1D7EB543FF740AA264768900CCD5120B787F41AE0F84B16941D6D7D58736B2F2
K3	453CFC8A74A14B81F983F9294B817FCE3611DA5014041B1DD7175BEC79F94F1E
K4	CA9A7C77EA9A03627B40A335FEC53098

.

For the proposed algorithm, Figure 4b is its encrypted image. Bob can decrypt the encrypted image with the key to obtain the plain image. The decrypted image is the same with Figure 4a. For three similar algorithms, the encrypted images are shown in Figure 4c–e, respectively. These encrypted images are very chaotic. Therefore, all these four algorithms have excellent encryption effect.

6. Algorithm Analyses

For an excellent image encryption algorithm, it can resist several commonly used attacks, such as the brute-force attack and differential attack. This paper analyzes the performance of the proposed algorithm in terms of the key space, histogram, correlation, differential attack, information entropy, and encryption efficiency.

6.1. Key Space Analysis

For a desirable encryption algorithm, its key space should be large enough to resist the brute-force attack. (1) For Zhang’s algorithm, the AES key is also the key of Zhang’s algorithm. This algorithm security main depends on the used key length, i.e., 128, 192, or 256 bits. Therefore, the size of key space is also $2^{128}\approx 3.4\times {10}^{38}$, $2^{192}\approx 6.3\times {10}^{57}$, or $2^{256}\approx 1.16\times {10}^{77}$; (2) For Kalubandi’s algorithm, authors adopt AES-256 during the process of image encryption. Therefore, the key space is $2^{256}\approx 1.16\times {10}^{77}$; (3) For Hraoui’s algorithm, authors adopt AES-128 during the process of image encryption. Therefore, the key space is $2^{128}\approx 3.4\times {10}^{38}$; (4) for the proposed algorithm, the keys are the AES key, the variables $x_0$ and $q$ of PWLCM. In our experiment, we used AES-256 to encrypt the plain image. If 16 digits exists after the decimal point for the key, then the key space is ${10}^{32}\times 2^{256}\approx 1.16\times {10}^{109}$. Therefore, the proposed algorithm has the largest key space to withstand the brute-force attack.

6.2. Histogram Analysis

The histogram can reflect the statistical feature of pixel value distribution. For a desirable encryption scheme, the histogram of the encryption image is always uniform [21]. Figure 5a is the histogram of Airfield, and Figure 5b–e are the histograms of Figure 4b–e. The experimental results show that all the histograms of Figure 4b–e are distributed uniformly, which are totally different from Airfield’s. Therefore, all these four algorithms can effectively resist the statistical attack.

6.3. Correlation Analysis

To evaluate the performance of pixel correlation, we carry out some simulations. The correlation coefficient of each pair is calculated by:

$$r_{\mathrm{x},\mathrm{y}}=\frac{E\left(x-E\left(x\right)\right)E\left(y-E\left(y\right)\right)}{\sqrt{D\left(x\right)D\left(y\right)}}$$

(13)

$$E\left(x\right)=\frac{1}{N}{\displaystyle \sum }_{\mathrm{i}=1}^{\mathrm{N}}{x}_{\mathrm{i}}$$

(14)

$$D\left(x\right)=\frac{1}{N}{\displaystyle \sum }_{\mathrm{i}=1}^{\mathrm{N}}{\left(x_{\mathrm{i}}-\mathrm{E}\left(x\right)\right)}^2$$

(15)

where $E(·)$ is the expectation function and $D(·)$ is the variance function.

For the proposed algorithm, 5000 pairs of adjacent pixels are randomly chosen from Figure 4a–e. For Figure 4a,b, Figure 6 reflects their relevance for adjacent pixels in the horizontal, vertical, and diagonal directions, respectively.

For the proposed algorithm, Zhang’s algorithm, Kalubandi’s algorithm, and Hraoui’s algorithm have their correlation coefficients of Figure 4a–e given in

Table 3. Correlation coefficients.

Directions	Horizontal	Vertical	Diagonal
Plain image	0.9402	0.9423	0.9032
The proposed algorithm	−0.0047	0.0025	0.0014
Zhang’s algorithm	−0.0039	0.0022	−0.0020
Kalubandi’s algorithm	−0.0012	0.0007	0.0034
Hraoui’s algorithm	−0.0026	−0.0009	0.0007

. Experimental data display that the values of the plain image are close to 1, but the values of all the encrypted images are close to 0. Therefore, all these four algorithms can destroy the pixel relevance completely.

6.4. Differential Attack Analysis

The differential attack is used to check the plaintext sensitivity for an image encryption algorithm [22]. Therefore, if we make a slight change to the plain image, a desirable encryption algorithm can spread this influence over the whole encryption process. To evaluate the ability to resist the differential attack, the Number of Pixels Change Rate (NPCR) and Unified Average Changing Intensity (UACI) are defined by:

$$NPCR=\frac{{{\displaystyle \sum }}_{\mathrm{i}=1}^{\mathrm{m}}{{\displaystyle \sum }}_{\mathrm{j}=1}^{\mathrm{n}}f\left(i,j\right)}{\mathrm{m}\times \mathrm{n}}\times 100\%$$

(16)

$$UACI=\frac{{{\displaystyle \sum }}_{\mathrm{i}=1}^{\mathrm{m}}{{\displaystyle \sum }}_{\mathrm{j}=1}^{\mathrm{n}}\left|I^{\prime }\left(i,j\right)-I^{″}\left(i,j\right)\right|}{255\times m\times n}\times 100\%$$

(17)

where $I^{\prime }\left(i,j\right)$ is the encryption image of the plain image, $I^{″}\left(i,j\right)$ is the encryption image of the modified plain image, and $f\left(i,j\right)$ is defined by:

$$f\left(i,j\right)=\{\begin{array}{c}0I^{\prime }\left(i,j\right)=I^{″}\left(i,j\right)\\ 1I^{\prime }\left(i,j\right)\ne I^{″}\left(i,j\right)\end{array}$$

(18)

To evaluate the performance of the plaintext sensitivity, the simulation changes the pixel value $I\left(1,1\right)$ of the plain image into 200. For the proposed algorithm, Zhang’s algorithm, Kalubandi’s algorithm, and Hraoui’s algorithm, have their NPCR and UACI results of Figure 4a listed in

Table 4. Number of Pixels Change Rate (NPCR) and Unified Average Changing Intensity (UACI) results for Figure 4a.

Algorithms	NPCR	UACI
The proposed algorithm	99.62%	33.38%
Zhang’s algorithm	99.36%	33.14%
Kalubandi’s algorithm	0	0
Hraoui’s algorithm	0	0

. For the proposed algorithm and Zhang’s algorithm, NPCR and UACI results are very large. Therefore, their plaintext sensitivity is very strong. However, for Kalubandi’s algorithm and Hraoui’s algorithm, NPCR and UACI results are 0. The reason is that both the proposed algorithm and Zhang’s algorithm use the mode of cipher block chaining to encrypt Figure 4a. Meanwhile, for the proposed algorithm, the variable $x_0$ and $q$ of PWLCM are generated by the SHA-256 value of Figure 4a. Even if two images are very similar, but only one bit is different. Their hash values of SHA-256 are completely different [21]. The results imply that both the proposed algorithm and Zhang’s algorithm are strong to withstand the differential attack.

6.5. Information Entropy Analysis

Information entropy can reflect the indeterminacy of image information. For an ideal encryption image, its information entropy is close to 8 [23]. For the gray image $I$, we describe the information entropy as:

$$H\left(m\right)=-{\displaystyle \sum }_{\mathrm{i}=0}^{255}P\left(m_{\mathrm{i}}\right){\log }_{2}P\left(m_{\mathrm{i}}\right)$$

(19)

where $m_{\mathrm{i}}$ is the $i$th gray level, and $P\left(m_{\mathrm{i}}\right)$ is the emergence probability of $m_{\mathrm{i}}$.

For the plain image, its entropy value is 7.1206. For the encrypted images of the proposed algorithm, Zhang’s algorithm, Kalubandi’s algorithm and Hraoui’s algorithm, their entropy values are given in

Table 5. Entropy values.

Algorithms	Entropy
The proposed algorithm	7.9991
Zhang’s algorithm	7.9994
Kalubandi’s algorithm	7.9994
Hraoui’s algorithm	7.9991

. Simulation data display that all these four algorithms have the ability to resist the statistical attack.

6.6. Encryption Efficiency Analysis

The encryption efficiency is the significant performance for an encryption algorithm. The core encryption times can directly affect the encryption speed. For the proposed algorithm, Zhang’s algorithm, Kalubandi’s algorithm, and Hraoui’s algorithm have their core operation is AES encryption times. The AES encryption times for these algorithms are given in

Table 6. Comparison on the AES encryption times (unit: times).

Algorithms	AES Encryption Times
Zhang’s algorithm	16,384
Kalubandi’s algorithm	21,846
Hraoui’s algorithm	16,384
The proposed algorithm	1

. The unit is times. A 128-bit data block is encrypted with the encryption function of AES, i.e., ${\mathrm{AES}}_{\mathrm{e}}(·)$, viewed as once AES encryption times. The data in Table 6 view that the proposed algorithm can obviously reduce AES encryption times. We analyze the AES encryption times of these algorithms in detail as follows.

(1) In Zhang’s algorithm, authors divide the pixel values into pixel blocks, and then encrypt them with AES. For the plain image with the size $512\times 512$, it has 262,144 (i.e., $512\times 512$) pixel values. These pixel values can be converted into 16,384 (i.e., 262,144/16) pixel blocks. Therefore, to protect the plain image, this algorithm should encrypt 16,384 pixel blocks with Equation (11) or (12), i.e., 16,384 AES encryption times;

(2) In Kalubandi’s algorithm, authors encode the plain image with the Base64 standard. And then they encrypt the Base64 encoded text with AES. For the plain image with the size $512\times 512$, it has 262,144 pixel values. Each Base64 code represents with 6 bits of the pixel value, so three 8-bit pixel values can be represented by four 6-bit Base64 codes. If there are only two pixel values, they can be represented by three Base64 codes. If there is only one pixel value, it can be represented by two Base64 codes [24]. Therefore, for the plain image, 262,144 pixel values can be encoded with 349,526 (i.e., $\left(\mathrm{62,143}/3\times 4\right)+2$) Base64 codes, where 262,143 is multiples of 3,262,143 pixel values can be encoded with 349,524 Base64 codes, and the last pixel value can be encoded with 2 Base64 codes. The plain image can be encoded with 349,526 Base64 codes in total. These Base64 codes can be converted into 21,846 (i.e., $\left(\mathrm{349,520}/16\right)+1$) 128-bit data blocks, where 349,520 is multiples of 16. The 349,520 Base64 codes can be converted with 21,845 128-bit data blocks, and the last 6 Base64 codes can be converted with one 128-bit data block. Therefore, to protect the plain image, this algorithm should encrypt 21,846 128-bit data blocks with ${\mathrm{AES}}_{\mathrm{e}}(·)$, i.e., 21,846 AES encryption times;

(3) In Hraoui’s algorithm, authors divide the image into $4\times 4$ pixel blocks, and then encrypt them with AES directly. The plain image with the size $512\times 512$ can be divided into 16,384 (i.e., $\left(512\times 512\right)/16$) pixel blocks. Therefore, to protect the plain image, this algorithm should encrypt 16,384 pixel blocks with ${\mathrm{AES}}_{\mathrm{e}}(·)$, i.e., 16,384 AES encryption times;

(4) In the proposed algorithm, Alice groups 16 pixel values together to form a big integer number with the 128-bit length. We consider that the AES operation is more complex than the XOR operation. The proposed algorithm only encrypts the first big integer with Equation (7), i.e., only once AES encryption times, and encrypt other big integers with the previous encrypted big integer and chaotic big integers, i.e., Equation (8).

7. Conclusions

To protect the remote-sensing image, this paper presents an image encryption algorithm with AES and chaos. Simulation data display that the proposed algorithm is very strong to resist several commonly used attacks. Comparing with three similar algorithms, the superiority of the proposed algorithm is obvious in terms of the security and encryption speed.