High-Performance Encryption Algorithms for Dynamic Images Transmission

: With the proliferation of the internet, the issue of image tampering has escalated, necessitating robust image encryption schemes. Despite the multitude of proposed image encryption algorithms, challenges such as slow computational speed, weak security, and suboptimal visibility persist. This study addresses these challenges by introducing a high-performance encryption al-gorithm tailored for dynamic images—QEDI (Quick Encryption Algorithm for Dynamic Images). QEDI leverages elliptic curve-based asymmetric encryption algorithms and hash algorithms. The process involves using a hash algorithm to calculate the hash of the dynamic image slated for encryption, employing the elliptic curve algorithm to generate public and private keys, and utilizing the asymmetric encryption algorithm to process the image hash, resulting in a signature ciphertext. This ciphertext is embedded into the dynamic image, completing the encryption process. To enhance the execution speed without compromising the image quality and visibility, the bit depth of the dynamic image is reduced before hash calculation, and custom information fields are encapsulated to embed the signature ciphertext into the dynamic image. Experimental evaluations, conducted within a dynamic image generation system, encompassed assessments of security, encryption algorithm execution time, and image quality. The results indicate that utilizing QEDI for dynamic image encryption yields better security compared to EDI (Encryption Algorithm for Dynamic Images). QEDI exhibits minimal impact on image quality, with a noteworthy 69.77% reduction in execution time compared to EDI. Furthermore, when compared to existing algorithms employing image conversion for encryption, QEDI-encrypted images demonstrate enhanced visibility, better image quality, and expedited encryption speed.


Introduction
The rapid evolution of the internet has facilitated widespread image transmission through public networks.However, this convenience comes with heightened susceptibility to security threats, such as eavesdropping, illegal modification, and duplication.As a consequence, the demand for image encryption schemes founded on modern cryptography has surged [1].Safeguarding image content against potential malicious tampering has become an imperative aspect of numerous applications.Encryption technology serves the pivotal role of converting plaintext messages into ciphertext messages, ensuring that only authorized users possessing the decryption key can restore the original message [2].
Currently, various image encryption algorithms exist, including chaos-based, DNAbased, cellular automata-based, metaheuristic-based, elliptic curve, and fuzzy-based image encryption technologies [3].However, these algorithms contend with challenges such as slow computation speed and weak security.Furthermore, many existing image encryption algorithms compromise the visibility of encrypted images.While these algorithms effectively hinder unauthorized individuals from intuitively comprehending the image content, they simultaneously lead to poor visibility, necessitating decryption to reveal the original image.Visibility holds significant importance in practical applications, especially for dynamic images-a category encompassing three-dimensional matrix images, such as videos.
To address these challenges, we propose a novel algorithm named QEDI, founded on elliptic curve-based asymmetric encryption algorithms and hash algorithms.The method involves generating a hash value for each frame of the image and a tree-top hash value for every 10 frames.Subsequently, each tree-top hash value is encrypted using an asymmetric encryption algorithm to produce a signature ciphertext.QEDI encrypts dynamic images by embedding invisible signature ciphertexts within them.In contrast to methods that transform images, this approach ensures visibility and image quality while maintaining faster computation speed.The encrypted signature ciphertext, written in hexadecimal format, is embedded into the stream of the dynamic image, bolstering the credibility and visibility of the dynamic image.Extraction of the signature ciphertext from the stream requires the determination of specific flag bits, and decryption of the ciphertext necessitates a key, rendering the method less susceptible to unauthorized access.The QEDI-encrypted signature ciphertext resists attacks and is challenging to crack.Minor image changes lead to notable ciphertext alterations, enhancing its attack resistance.
The subsequent sections of this paper are organized as follows: Section 2 presents a literature review of existing encryption algorithms, Section 3 details the proposed QEDI method, Section 4 provides an analysis, Section 5 presents the experimental results, and Section 6 concludes the paper.

Overview
The landscape of image encryption algorithms encompasses five main types.Chaosbased techniques, known for their sensitivity, determinism, and ergodicity, split the image into two stages to generate passwords, offering a balanced compromise between security and computation speed [4].DNA-based methods decompose images into RGB color channels, converting them into binary matrices for encoding [5].Cellular automata-based approaches offer a larger space and enhanced parallelism, albeit with computational speeds comparable to DNA-based techniques [6].Metaheuristic-based encryption optimizes constant parameters for improved security but falls short in computational speed [7].Elliptic curve and fuzzy-based encryption rely on elliptic curve technology, offering a small key data footprint but facing challenges in algorithmic computational complexity [8].Despite these diverse approaches, challenges persist in achieving both efficient computation speed and robust security in existing image encryption technologies.
In recent years, researchers have been actively addressing the challenges of slow computational speeds and weak security in existing image encryption technologies.Azam et al. proposed an enhanced public key image encryption scheme [9], where both the sender and receiver uniformly leverage a common elliptic curve.The scheme incorporates random numbers and dynamic replacement boxes, performing pixel masking and scrambling on the isomorphic elliptic curve.The computational complexity of this approach remains independent of the specific points generated on the elliptic curve.In another study [10], Wassim Alexan et al. introduced a color image encryption algorithm that combines the KAA map with multiple chaotic maps.This algorithm employs Shannon's concepts of security, executing image encryption through bit confusion and diffusion.Confusion is achieved using two encryption keys: the first key is generated from the 2D Logistic Sine map and a Linear Congruential Generator, while the second key is derived from the Tent map and the Bernoulli map.Benssalah et al. proposed a generalized cryptographic system in [11], introducing a new ECIES to ensure entity authentication and shared matrix keys.
They redefined key matrix negotiation as the password for the Elliptic Curve Integrated Encryption Scheme (ECIES).Guodong Ye et al. presented a double image encryption algorithm in [12], incorporating compressed sensing and public key elliptic curve using ImproBsys.The algorithm initially performs a discrete wavelet transform on two plane images of the same size, followed by thresholding on wavelet transform coefficients.Subsequently, the quantization matrix is compressed through compressed sensing, reducing the compressed matrix to half the size of the original.Finally, the two compressed matrices are spliced together to form a new matrix, which is encrypted using elliptic curve cryptography to obtain the encrypted image.In [13], Wassim Alexan et al. proposed an RGB Image Encryption through Cellular Automata, S-Box, and the Lorenz System.The scheme is implemented in three stages: the first utilizes Rule 30 cellular automata to generate the first encryption key; the second employs a well-tested S-box involving transformation, modular inverses, and permutation; and the third stage uses a solution of the Lorenz system to generate the second encryption key.In [14], two types of fractional-order memristors were introduced.One of these types was demonstrated to exhibit extreme multistability, local activity, and non-volatility.Utilizing memristors to simulate the autapse of a neuron and to describe the phenomenon of electromagnetic induction resulting from electromagnetic radiation, a new 5D FOD memristive HNN (FOMHNN) model was developed.In [15], Xinxin Kong et al. introduced a method for constructing 2n + 1 dimensional Hamiltonian conservative chaotic systems (HCCSs).Building on this, we present a five-dimensional HCCS (FHCCS) with minimal terms but diverse dynamic behaviors, including hyperchaotic flows and multistability.Using a limited set of chaotic sequences, our system achieves robust encryption with strong sensitivity, high entropy, low correlation, and a vast key space.While these methods have enhanced the computational speed and security, the visibility of images encrypted by these approaches is suboptimal, which is crucial, especially for dynamic images.Addressing the need for high-performance encryption algorithms for dynamic images, we propose a novel algorithm named QEDI to tackle these challenges.

Algorithms
In the encryption of dynamic images, a combination of hash algorithms and elliptic curve-based asymmetric encryption techniques is employed.While encryption algorithms play a crucial role, the selection and generation of keys are equally vital.Regardless of the sophistication of the encryption algorithm, improper or overly simplistic key choices can compromise the security of the encrypted content.To address this, the algorithm utilizes elliptic curve cryptography (ECC) to generate keys with a length of 256 bits.In comparison to the RSA algorithm, ECC offers superior security with shorter keys and faster computation speeds [16].The elliptic curve equations guiding this process are as follows: The elliptic curve is defined by coefficients a, b, and P, with G being a fundamental point on the curve.The selection of the elliptic curve and point P (x p , y p ) is a crucial step.An integer d ∈ [1, n − 2] is generated using a random number generator, and P is derived from Equation (2).Here, the integer d serves as the private key, and P becomes the public key.Following the acquisition of public and private keys, a hash is computed for 10 frames of images.To manage computational complexity, a tree-top hash is employed.The equations for the tree-top hash are outlined as follows: In the context of the asymmetric encryption algorithm, the tree-top hash value (H(F 1 , F 2 )) generated from two adjacent frames, F 1 and F 2 , undergoes encryption using the private key.This process results in the creation of a signature ciphertext as illustrated in Figure 1.
The hashing process involves the generation of hash values for frame0 and frame1 (hash0 and hash1, respectively).These hash values are then used to generate hash p1.Subsequently, hash2, derived from frame2, is calculated with Hash p1 to generate hash p2, and so forth.This iterative process continues until the top of the tree hash, hash pn, is obtained.The private key is then utilized to encrypt the top of the tree hash, producing a signature ciphertext.In scenarios involving dynamic images with a substantial number of frames, the computational burden remains significant, even with the application of top hashes [17] for calculation.To address this, preprocessing of the image becomes essential before hash computation.The preprocessing involves converting the image from a 24-bit RGB format to an 8-bit color image in "P" mode.This transformation simplifies the complexity of the image digital matrix, significantly improving the calculation speed of the hash.Following the encryption of the dynamic image hash with the public key, a signature ciphertext is generated and integrated into the dynamic image, completing the encryption process.Subsequently, the dynamic image undergoes conversion into a hexadecimal file, and its file structure is analyzed.According to the SVAC standard definition [18], the hexadecimal file is segmented into independent NALU data blocks that are interconnected.The detailed structure of the hexadecimal file is illustrated in Figure 2. Examining the structure of the hexadecimal file, each NALU unit commences with the start code 0x000001, signifying the initiation of an NALU unit.Following the start code, the subsequent two hexadecimal digits represent NRI, denoting the type of the NALU unit.Within this specified format, a specific type of NALU unit stands out-Supplemental Enhancement Information (SEI).Identified by a type flag of 0x06, SEI is utilized for storing user-defined information in dynamic images.The format for custom information encapsulation is depicted in detail in Figure 3. Upon reading the hexadecimal file, the combination of the start code, type flag (0x06), and end code facilitates the identification of custom information.The byte length of this NALU unit type and the UUID content are crucial for encapsulating the custom information following the format depicted in Figure 3.After encapsulation, the original NALU unit of this custom information type in the dynamic image is deleted.The process involves locating the first I frame in the dynamic image based on the type flag, determining the I frame length, and inserting the encapsulated custom information after the I frame.This integration of the signature ciphertext completes the encryption of the dynamic image.Notably, the QEDI encryption method, involving the incorporation of the signed ciphertext into the stream, surpasses the readability of images encrypted through alterations.This approach ensures enhanced readability while preserving credibility in the encrypted dynamic image.The pseudocode of QEDI is shown in Algorithm 1.
In comparison to employing the ffmpeg tool for writing, the QEDI method of writing encapsulated custom information streamlines the process by requiring only a single pass through the hexadecimal file.This approach ensures the accurate identification of the writing position, thereby improving the speed of signature ciphertext incorporation with minimal impact on the image quality.In summary, QEDI enhances the execution time through two key strategies:

•
Reducing bit depth: Before hash calculation, QEDI decreases the bit depth of dynamic images, contributing to faster processing.

•
Encapsulating custom information: The method of encapsulating custom information is utilized to seamlessly write the generated signature ciphertext into the dynamic image, achieving a balance between the execution speed and image quality.

Experiment
To evaluate the effectiveness of QEDI, a dynamic image generation system is meticulously designed and implemented.The system's composition is illustrated in Figure 4A.The dynamic image generation system is composed of several integral components, each playing a specific role in the process: 1.
Dynamic Image Capture System: Responsible for capturing dynamic images and generating initial dynamic images.

2.
Initial Dynamic Image: The starting point for image processing within the system.

3.
Hash: Generated from the initial dynamic image at intervals (every 10 frames) by the dynamic image capture system.4.
Signature Ciphertext: Resulting from encrypting the hash with a private key.

5.
Spatiotemporal Plaintext: A component contributing to the generation of the final dynamic images, overlaying plaintext, ciphertext, and plaintext QR codes.6.
Bitstream File: The transcoded file representing the superimposed dynamic image.7.
Plaintext QR Code: Generated from spatiotemporal plaintext and certificate system.8.
Certificate System: Includes private keys and public keys for securing and authenticating information (show in Supplementary Materials certificate.crt) The dynamic image capture system captures dynamic images and generates initial dynamic images.The hash, derived from the initial dynamic image, is encrypted using a private key to produce a signed ciphertext.The spatiotemporal plaintext, along with the certificate system, contributes to generating plaintext QR codes for querying spatiotemporal certificate information from the certificate server.The final step involves overlaying the initial dynamic image with time-space plaintext and plaintext QR codes.The resulting superimposed dynamic image is transcoded into a stream file, which is then written into the signed plaintext, yielding the ultimate dynamic images overlaying plaintext, ciphertext, and plaintext QR codes.
The flowchart of the dynamic image generation system is shown in Figure 4B.Firstly, obtain the certificate system which contains public and private keys, and the certificate server which is used to store spatiotemporal certificates.Then, the dynamic image capture system collects dynamic images to generate the initial dynamic image.A hash is generated every 10 frames, and the hash is encrypted with the private key to obtain the signature ciphertext.At the same time, the spatiotemporal plaintext of the operating system is obtained.The plaintext QR code is generated by the spatiotemporal plaintext and the certificate system.The dynamic image is converted into a bitstream file, and the signature ciphertext is written into the bitstream file.Finally, the dynamic image is generated after transcoding and overlaying the plaintext and the plaintext QR code.
The dynamic image generation system follows a systematic flow as depicted in Figure 4B: 1.
Initialization: Acquire the certificate system containing public and private keys.Establish a certificate server responsible for storing spatiotemporal certificates.

2.
Dynamic Image Capture: Utilize the dynamic image capture system to collect dynamic images, forming the initial dynamic image.Generate a hash every 10 frames, encrypting it with the private key to produce the signature ciphertext.
QR Code Generation: Generate a plaintext QR code using the spatiotemporal plaintext and the certificate system. 5.
Bitstream File Conversion: Convert the dynamic image into a bitstream file.6.
Signature Ciphertext Integration: Write the signature ciphertext into the bitstream file.7.
Dynamic Image Overlay: Transcode the combined bitstream file into a final dynamic image and overlay the dynamic image with plaintext and the plaintext QR code.
The result is a dynamic image that incorporates spatiotemporal information, plaintext, and a QR code for further authentication and information retrieval.
The intricate processes of encryption and decryption are elucidated in Figure 5, with Figure 5A depicting the encryption process and Figure 5B detailing the decryption process.In the encryption process illustrated in Figure 5A: 1.
Hash Computation: Compute the hash value of each frame of the dynamic image sequentially.

2.
Tree-Top Hash Generation: Generate a tree-top hash value every 10 frames, encrypting it with the private key to produce the signature ciphertext.

3.
Signature Ciphertext Generation: Employ a private key to encrypt the tree-top hash value, producing a signature ciphertext.4.
Custom SEI Encapsulation: Introduce flags before and after the signature ciphertext, encapsulating it as a custom SEI. 5.
Bitstream File Conversion: Convert the dynamic image into a bitstream file.6.
SEI Replacement: Remove the original SEI from the bitstream file and write the custom SEI into the bitstream file.7.
Overlaying Process: Overlay the modified bitstream file with spatiotemporal plaintext and QR code.8.
Dynamic Image Conversion: Convert the processed bitstream file back into a dynamic image.
This comprehensive encryption process ensures the integration of the signature ciphertext, spatiotemporal information, and QR code into the dynamic image, enhancing security and information content.In the decryption process depicted in Figure 5B: 1.
Plaintext Verification: Verify the plaintext to ensure it matches the expected content.

2.
Ciphertext Extraction: Convert the dynamic image into a video stream.Extract the signed ciphertext based on flag bits from the video stream.

3.
Ciphertext Decryption: Decrypt the extracted signed ciphertext using the public key.Obtain the top of the tree hash value from the decrypted ciphertext.4.
Hash Verification: Verify whether the obtained top of the tree hash value matches the expected value.

5.
Dynamic Image Verification: If both plaintext and ciphertext verifications are true, the dynamic image is considered authentic.
This meticulous decryption process ensures the integrity and authenticity of the dynamic image by confirming the consistency of both plaintext and ciphertext components.
The experimental environment for this research is as follows: • Development Platform: IDE: PyCharm, Python Version: 3.8.
This environment provides the foundation for conducting experiments and implementing the proposed algorithms.The specifications, including the Python version, development IDE, and hardware details, contribute to the consistency and reliability of the experimental results.

Results
Firstly, the security of the QEDI algorithm was rigorously evaluated using four key indicators: NPCR (Normalized Correlation Coefficient of Ratio), UACI (Unified Average Changing Intensity), IE (Image Entropy), and MI (Mutual Information).NPCR measures the color change rate of each pixel, offering insights into the similarity between the original and encrypted images.A higher NPCR value signifies increased similarity, indicating effective preservation of the original image's structural information-a crucial aspect of image encryption for maintaining visual content and facilitating decryption without significant loss [19].UACI, assessing the average color difference between the encrypted and original images, serves as an indicator of the perceptibility of pixel intensity changes.A lower UACI value is preferred in image encryption, implying successful concealment of the original content.This results in visually random encrypted images, enhancing security against unauthorized access [20].NPCR and UACI act as objective metrics for evaluating the quality and security of image encryption algorithms.Higher NPCR values indicate superior preservation of structural information, while lower UACI values signify more effective concealment of the original content.These metrics are crucial for assessing the algorithm's resistance to differential attacks.Generally, an NPCR above 90% [19] and UACI below 10% [20] indicate robust performance and heightened strength in encryption algorithms.
MI and IE stand as pivotal metrics in the assessment of image encryption.They play a crucial role in evaluating the security of both the key and signature ciphertext.IE acts as a gauge of the randomness or uncertainty inherent in an image, serving as an indicator of the randomness within the key and signature ciphertext.In the realm of image encryption, IE helps evaluate the extent of diffusion and randomness achieved by the encryption algorithm.A high IE value implies that the encrypted image exhibits a high degree of randomness, making it more challenging to extract meaningful information or discern patterns.This attribute is desirable in image encryption, as it bolsters the security of the encrypted image.A higher IE value correlates with increased difficulty in cracking the corresponding cryptosystem [21].On the other hand, MI measures the statistical dependency between the original image and its encrypted counterpart.It quantifies the shared information between the two images, indicating their level of similarity or correlation.In image encryption, a low MI value signifies that the encrypted image contains less information about the original image, pointing to a higher level of security.Conversely, a high MI value suggests that the encrypted image retains a significant amount of information from the original image, posing a potential risk to confidentiality.The correlation between the key and signature ciphertext is crucial; a high correlation makes the cryptosystem vulnerable to attacks such as statistical analysis.Hence, lower mutual information is preferred, signifying a less obvious relationship between the key and signature ciphertext and higher security [22].The results of the security testing are presented in Table 1.Secondly, we conducted a differential attack analysis.Differential attack analysis is a cryptographic analysis technique commonly employed to break symmetric key cryptography systems.This attack leverages differences in the system's response to various inputs or keys to extract information about the password system.The objective of a differential attack is to acquire key or plaintext information from observed input-output pairs.The results of the differential attack analysis are presented in Figure 6.In Figure 6, Figure 6A represents the analysis result of EDI, while Figure 6B represents the analysis result of QEDI.Image1 corresponds to the original image, Image2 is the encrypted image, and the third image is the difference map obtained after differential attack analysis.It is evident that, in comparison to EDI, the difference graph of QEDI is predominantly black, indicating minimal differences.This suggests that QEDI is more responsive to subtle changes in plaintext compared to EDI.Consequently, even minor alterations in the plaintext result in significant changes in the ciphertext, thereby enhancing the resistance against password cracking.Therefore, QEDI demonstrates better performance in safeguarding image content.
Thirdly, the execution time (ET) is used to measure the total time to execute a given image encryption technique [8].To evaluate the execution time (ET) of EDI, QEDI, and the algorithms mentioned in references [10,12,13], we conducted a comparative experiment involving 100 frames and 200 frames for two distinct image sizes: 640 × 480 and 720 × 560.The outcomes of this experiment are presented in Table 2.
Figure 7 illustrates the findings from Table 2. Through a comparison of the execution times of EDI and QEDI under identical conditions, as well as an examination of the variations in the execution time with changes in the image size and frame count, it can be deduced that QEDI exhibits a 69.77% increase in speed compared to EDI.Additionally, the running time of QEDI is notably shorter than that reported in [12], showcasing superior running speed.In comparison to [10] and [13], QEDI demonstrates a slightly faster runtime.
Finally, a comparative analysis is conducted on Figure 8A-F to evaluate the influence of distinct encryption algorithms on image quality.The six images are depicted in Figure 8. SSIM (The Structural Similarity Index), PSNR (Peak Signal-to-Noise Ratio), and SDR (Signal Distortion Ratio) are employed as metrics to assess image quality.These commonly used measures evaluate the fidelity of encrypted images in image encryption.SSIM signifies the similarity between the original image and the encrypted image, with values ranging from 0 to 1.A value closer to 1 indicates greater similarity, suggesting that the encryption algorithm has maintained the structural information and visual quality of the original image by considering factors such as luminance, contrast, and structure [23].PSNR gauges the quality difference between the original and encrypted images.A higher PSNR value signifies a closer quality match between the encrypted and original images.It quantifies the ratio between the maximum possible signal power (the original image) and the power of the noise (the difference between the original and encrypted images).A higher PSNR value indicates lower distortion, reflecting the encryption algorithm's success in minimizing information loss during the encryption process [24].SDR assesses the dissimilarity between two images by measuring the ratio between the signal power (the original image) and the distortion power (the difference between the original and encrypted images).A higher SDR value suggests less distortion in the encrypted image, bringing it closer to the original image [25].The outcomes of the comparison among the three images are presented in Table 3 and depicted in Figure 9.  [10], (E) is the image encrypted by [12], and (F) is the image encrypted by [13].

Conclusions
This study explores high-performance dynamic image encryption algorithms, introducing QEDI as a novel solution.QEDI optimizes image preprocessing and employs a custom information encapsulation method during signature ciphertext writing, reducing the impact on image quality, shortening the execution time, and enhancing visibility.Key contributions include: 1.
QEDI employs a hash algorithm for dynamic image hashing.Through custom SEI writing and image bit-depth reduction pre-encryption, the computational speed increases, leading to reduced execution times.Comparative analysis shows a 69.77% reduction compared to EDI and shorter execution times than the algorithms in [10,12,13].2.
QEDI enhances the readability and image quality by encrypting through signature ciphertext writing, surpassing the encryption methods in [10,12,13].Notably, it shows improved image quality compared to EDI.

Figure 2 .
Figure 2. Hexadecimal file structure: orange represents start code, red represents NRI, yellow represents payload type, green represents UUID, blue represents user data length, purple represents user data, and pink represents end code.

Figure 3 .
Figure 3. Custom information format.*** represents no fixed or custom content.The custom information within the hexadecimal file initiates with a start code, signaling the beginning of a new NALU unit.Identified by a type flag of 0x06, this structure safeguards the original content of the dynamic image.Key components of the custom information include: • UUID (User-Defined Identification Code): represents a unique identifier for custom information, preventing conflicts with existing data in the dynamic image.• User Data Section: stores the signature ciphertext intended for integration into the dynamic image.• End Code: marks the conclusion of the custom information.

Figure 4 .
Figure 4. Composition diagram and operation flowchart of dynamic image generation system: (A) composition diagram, (B) operation flowchart.

Figure 6 .
Figure 6.Results of differential attack analysis: (A) represents the analysis result of EDI, (B) represents the analysis result of QEDI.

Figure 8 .
Figure 8.Comparison between the original images and encrypted images: (A) is the original image, (B) is the image encrypted by EDI, (C) is the image encrypted by QEDI, (D) is the image encrypted by[10], (E) is the image encrypted by[12], and (F) is the image encrypted by[13].

Table 1 ,
QEDI exhibits notable performance metrics.The Normalized Correlation Coefficient of Ratio (NPCR) is recorded at 95.14%, coupled with a Unified Average Changing Intensity (UACI) of 4.48%, both indicative of superior encryption performance.For the key and signature ciphertext, Information Entropy (IE) values stand at 9.3521 and 9.2271, underscoring a substantial amount of information content.Mutual Information (MI) for both is recorded at 0.09375, signaling the independence of the key and signature ciphertext.These results collectively affirm commendable security attributes of QEDI.