A New Chaotic-Based RGB Image Encryption Technique Using a Nonlinear Rotational 16 × 16 DNA Playfair Matrix

: Due to great interest in the secure storage and transmission of color images, the necessity for an efﬁcient and robust RGB image encryption technique has grown. RGB image encryption ensures the conﬁdentiality of color images during storage and transmission. In the literature, a large number of chaotic-based image encryption techniques have been proposed, but there is still a need for a robust, efﬁcient and secure technique against different kinds of attacks. In this paper, a novel RGB image encryption technique is proposed for encrypting individual pixels of RGB images using chaotic systems and 16 rounds of DNA encoding, transpositions and substitutions. First, round keys are generated randomly using a logistic chaotic function. Then, these keys are used across different rounds to alter individual pixels using a nonlinear randomly generated 16 × 16 DNA Playfair matrix. Experimental results show the robustness of the proposed technique against most attacks while reducing the consumed time for encryption and decryption. The quantitative metrics show the ability of the proposed technique to maintain reference evaluation values while resisting statistical and differential attacks. The obtained horizontal, vertical and diagonal correlation is less than 0.01, and the NPCR and UACI are larger than 0.99 and 0.33, respectively. Finally, NIST analysis is presented to evaluate the randomness of the proposed technique. The results show that the respect to and NIST analysis is presented to randomness ability proposed technique.


Introduction
Information security is one of the most important fields that has been gaining more attention for data protection, privacy preservation and data leakage prevention. The process of securing information systems includes monitoring and analyzing all data flows and behaviors of different components that comprise the system, such as people that interact with the system; hardware, such as network infrastructure, routers and domain name servers; and software configurations and keys. It is a necessity to ensure that the system is fully functioning while protecting its components from known and unknown threats. The basic requirement for any security system is to achieve the following requirements: integrity, confidentiality and availability. Other requirements also include accountability and authentication. Encryption, also known as cryptography, is the most widely used approach to achieve confidentiality and verify integrity. It is also the main way to secure governments, social data and personal transactions, since all of these entities require a great amount of protection against known/unknown attacks and threats. In this sense, cryptography is the most fundamental building block in the design of secure information systems. As a result, it has attracted the main interest of many researchers, allowing thousands of competing research articles to offer new ways for fast and robust encryption.
Cryptography is divided into two broad categories: symmetric cryptography and asymmetric cryptography. Symmetric cryptography uses a single key for both encryption and decryption, also known as single-key cryptography. Some examples are the

Literature Review
Incorporating DNA encoding into cryptography has encouraged many researchers to determine different scientific techniques for DNA cryptography. There are a huge number of techniques that use DNA to achieve security requirements while maintaining encryption and decryption speed. In this section, several recent papers related to DNA cryptography and chaotic systems are explored. Xue et al. [3] summarized DNA cryptographic techniques into five broad categories: DNA fixed coding, DNA dynamic coding, different types of base complement operations, different DNA sequence algebraic operations and combinations of multiple DNA operations. Then, they proposed a new encryption technique by combining the optimal coding mechanism with the optimal DNA coding operation. Zhang et al. [4] proposed a new image encryption technique based on DNA sequence addition operations and chaos. Kumar et al. [5] presented a DNA cryptography technique for RGB images based on the work of Lorenz and Rossler, involving a chaotic system and a 2D logistic map. Zhentao et al. [6] presented an RGB image encryption technique based on dynamic DNA and 4D memristive hyper-chaos. After generating chaotic matrices, RGB channels are encoded using dynamic DNA, and then dynamic confusion and diffusion are applied. Chen [7] proposed a new technique for DNA-based molecular cryptography. Gehani et al. [8] presented DNA cryptography using one-time pads. It works in two ways: the first is a substitution method using a dictionary of distinct randomly generated pads for a pair-wise mapping, and the second is an XOR scheme using molecular computation and a randomly generated key. These techniques are used to encode natural DNA as well as to manually encode DNA from binary data. Guesmi et al. [9] suggested a new medical image encryption technique depending on a hybrid model of DNA masking, SHA-2 and a new hybrid chaotic map. Wu et al. [10] proposed a new image encryption technique based on a two-dimensional Hénon-Sine map (2D-HSM) and the DNA approach. They found that applying DNA cryptography can greatly improve the efficiency of image permutation and diffusion. Wang et al. [11] presented an image encryption technique based on a four-wing chaotic system combined with compressed sensing (CS) and DNA coding. They used CS to reduce the image, and then they combined the Kronecker product (KP) and the chaotic system to produce a high dimensional seed matrix, which is used to control the DNA coding and is used in the XOR operation. Xiuli et al. [12] proposed a color image encryption technique based on an improved genetic algorithm and a matrix semi-tensor product (STP). The encryption is accomplished in five stages: pre-processing, DNA encoding, crossover, mutation and DNA decoding. Lu et al. [13] presented an image encryption technique based on a compound chaotic map and single S-Box. They proposed a new discrete compound chaotic system called the Logistic-Sine system (LSS), which is used to construct an S-Box. Then, they used that S-box to perform a round of permutations and two rounds of substitution. Zhang and Hu [14] proposed a multiple-image encryption algorithm based on a 3D scrambling model and dynamic DNA coding, in which they combined a generalized version of Zigzag transformation and the two-dimensional Henon-Sine map (2D-HSM). The method is able to encrypt multiple images at once. Liu and Zhang [15] proposed an image encryption technique based on multidimensional chaotic and DNA coding. Cui et al. [16] proposed a new image encryption technique based on DNA dynamic encoding and a hyper-chaotic system, in which they used SHA-3 and other processing to generate an S-box for use in encryption. Wang et al. [17] proposed a color image encryption technique based on Fisher-Yates scrambling and four DNA operations, called the DNA subsequence elongation operation, DNA subsequence truncation operation, DNA subsequence deletion operation and DNA subsequence insertion arithmetic. They used a Chen system to generate chaotic sequences, and then they used the Fisher-Yates scrambling method to encrypt red, green and blue channels. Huang and Zhou [18] proposed an image encryption technique that combines a 6D non-degenerate discrete hyperchaotic system and a 2D discrete cosine Stockwell transform with DNA-level modulus diffusion.

DNA Cryptography
DNA cryptography is considered one of the most appealing directions in cryptography. Huge amounts of parallelism and exceptional data thickness make the attributes of DNA suitable for being used in cryptography applications, such as encryption, confirmation and digital signatures [19]. DNA cryptography is a broad category in cryptography, which involves improved encoding and a great amount of randomness. DNA cryptography uses some encoding techniques to convert binary streams into DNA sequences, and then it uses different concepts related to DNA, such as nucleotides, proteins, amino acids and complementary rules to perform encryption, decryption and key generation. DNA steganography is another interesting field, in which secret data are embedded into the biological structure of natural DNA. First, the secret data are transformed into a DNA sequence. Then, this sequence is merged with a real DNA pattern in such a way; therefore, the output of this operation is a natural DNA sequence. DNA is available in the NCBI database (National Center for Biotechnology Information). DNA cryptography is always used along with DNA steganography to further protect sensitive data. In this case, data is first encrypted and then hidden inside a DNA sequence. DNA cryptography depends on DNA calculations, as the motive for its use is to simulate natural tasks occurring in DNA sequences.
Deoxyribonucleic acid (DNA) (https://www.msdmanuals.com/home last accessed on 7 June 2022) is a complex chemical compound found in all organisms and is of great importance because it contains all necessary information to generate all kinds of proteins in a cell. DNA consists of two linked strands that wrap around each other and is called a double helix. DNA is composed up of four base units called nucleotides: adenine (A), thymine (T), guanine (G) and cytosine (C). The nucleotides in the first strand are connected with the nucleotides in the second strand to form chemical bonds, called base pairs. Adenine (A) is connected only to thymine, and vice versa. Guanine (G) is connected only to cytosine (C), and vice versa. A gene is a short segment of DNA, and it contains specific genetic information because it contains the code for specific protein that performs some function in one or more types of cells in the human body. There is another important concept called a chromosome, which is a structure existing inside a cell's nucleus, and chromosomes contain genes. A chromosome may contain hundreds or thousands of genes.
As mentioned before, genes contain DNA. DNA is a blueprint (code) which is responsible for synthesizing a protein. Proteins are the basic building blocks for skin, muscles and other parts of the human body, but the importance of proteins is that they are responsible for making enzymes, which are responsible for all chemical processes and reactions inside the human body. The body is controlled by thousands of enzymes. Therefore, the amount and type of proteins control the functions and structures of the whole body. In this sense, the synthesis of proteins is the most important operation that affects all aspects regarding the structures and functions of the human body.
Proteins are long chains of amino acids connected to each other. The instructions for synthesizing proteins are stored in DNA, where nucleotides inside DNA are arranged in groups. Each group contains three consecutive nucleotides. Each group is also called a codon, and a codon is a group of three adjacent nucleotides. Each codon is considered an instruction to add a specific amino acid to the protein chain. For example, the GCT codon is an instruction to add the amino acid alanine. Therefore, the sequence of amino acids inside a protein chain is specified by the order of the codons in the gene for that protein. The process of turning DNA into a protein is caried out by two subprocesses called transcription and translation. In transcription, the instructions in DNA are copied (transcribed) to ribonucleic acid (RNA). RNA is similar to a strand of DNA, but thymine (T) is replaced by uracil (U). RNA typically contains codons of three bases, similar to DNA. Table 1 shows the binary representations of mRNA codons. In translation, the mRNA that is obtained from DNA is translated into an amino acid [20]. The main differences between DNA and RNA are that the sugar in DNA is deoxyribose, whereas the sugar in RNA is Cryptography 2022, 6, 28 5 of 27 ribose. Moreover, RNA uses uracil (U) instead of thymine (T). RNA codons are codons that are used during a process called transcription, but each mRNA molecule acquires its sequence of nucleotides by transcription from the corresponding gene of DNA. This process occurs in the nucleus. In this process, information in DNA is copied into the mRNA. This process is conducted in three stages. (1) Initiation: This phase occurs when the enzyme RNA polymer is associated with DNA in a place called a promoter. Consequently, the enzyme is able to read DNA in one part and form the RNA strand.
(2) Elongation: At this stage, the RNA strand elongates by adding nucleotides. The RNA polymer reads a DNA part and forms mRNA using a complementary base, and mRNA uses uracil (U) instead of thymine (T). (3) Termination: This is the last stage of transcription and occurs when the mRNA is completed and separated from the DNA.
A genetic code can be defined as the relationship between the nucleotide sequences of genes and the amino acid sequences of proteins, which is determined by the rules of translation. It consists of three-letter 'words' called codons, formed from a sequence of three nucleotides (e.g., UCA or GAC). Each codon specifies one amino acid in a protein. It can be expressed as either a DNA codon or an RNA codon. The process of protein production or translation occurs after the transcription process. Table 2 shows all possible codons and their corresponding amino acids. There are 20 different amino acids that can be used in protein synthesis. The protein-building process is stopped when the process arrives at the three "stop" codons (UAG, UAA, UGA) [7].
The rest of this section presents one of the most used rules in DNA cryptography, which is the DNA complementary base pairing rule. As mentioned before, DNA consists of two strands of nucleotides called a double helix. The nucleotides are cytosine (C), guanine (G), adenine (A) or thymine (T). They are bound by hydrogen bonds. For example, A with T includes two hydrogen bonds, and C with G includes three hydrogen bonds. This chemical structure of the bases is called the Watson-Crick complementary base pairing principle. Arranging these rules helps to calculate and store information. The encoding rule is the following: (A-00), (C-01), (G-10) and (T-11), and the complementary numbers of them are (00-11), (01-10), (10-01) and . There are eight cases of combinations that satisfy complementary base pairing, as shown in Table 3 [21].

Chaotic System
A chaotic system is a system that performs different actions in an unpredictable manner. It seems to perform random behavior, but it actually is a deterministic behavior predetermined by mathematical equations. The system is controlled by nonlinear dynamic systems with certain conditions. These dynamic systems are very sensitive to the initial conditions provided by chaotic maps. There are many chaotic maps that can generate chaotic motion of a single dimension. Sridevi et al. [22] presented a color image encryption technique based on chaos, which uses confusion and diffusion based on chaotic maps. They used a logistic map, the Lorenz Attractor, a Tent map and the Lu attractor with different initial conditions and different initial values. Liu et al. [23] proposed a color image encryption technique based on a diffusion matrix generated from the Hopfield chaotic neural network (HCNN). Wu et al. [10] proposed a two-dimensional Hénon-Sine map (2D-HSM), which has better ergodicity and pseudo randomness. Joshi et al. [24] proposed a new image encryption technique using the 2D multiple parameter fractional discrete Fourier transform, a baker chaotic map and the 3D Arnold transform.
In this subsection, we present the most usable chaotic function, which is widely used to achieve complete randomness within chaotic sequences [25]. A logistic map is a chaos map that creates a chaotic signal of random sequences and is extremely sensitive to the previous sequence and the initial parameter λ. A logistic one-dimensional map with an unexpected degree of complexity is defined in Equation (1).
where λ controls the degree of randomness by folding or stretching the interval of generated sequences and 0 < λ ≤ 4. All sequences are generated with a great amount of randomness. The value of λ is always set to a value greater than 3.57 to show great chaotic behavior. All generated sequences are in the interval 0 < x i < 1. It is impossible to detect the convergence of iterative values after any number of repetitions [26]. A graph of a logistic map shows folding and stretching of values between 0 and 1, and for λ, it shows values between 3.47 and 4. In this sense, randomly generated sequences are suitable for many operations, such as key generation.

General Framework of the Proposed Strategy
After presenting the fundamentals of DNA cryptography, complementary rules and the logistic chaotic map, we introduce our algorithm based on DNA cryptography. Before encryption, the communication parties should provide a secure channel for exchanging the secret key between the sender and the receiver. Therefore, if an attacker is listening to the communication, he is still unable to determine the key [20]. They can use any key exchange algorithm, such as Diffie-Hellman to exchange the secret key. Image encryption is considered one of the most important techniques used for protecting images from unauthorized view or modification. Recently, deoxyribonucleic acid (DNA) technology has had an influence on several sectors, including the medical system, cryptography, computing and other fields in information technology. DNA is a grouping of four nucleic bases: A (adenine), C (cytosine), G (guanine) and T (thymine). The image is divided into three color channels: red (R), green (G) and blue (B). The data from these three channels are encoded in binary matrices. These matrices are then encoded using DNA encoding principles. DNA operations are used on the encoded matrices to remove similarities between pixel values. After that, decoding methods are used to transform them back into binary matrices. Finally, to create a cipher-colored image, three color channels are converted to decimal and are joined again. Chaotic maps are widely used in secure communication and are seen to be a good compromise between security and computing efficiency. A chaos-based encryption method has various characteristics, including sensitivity to initial values and parameters selected. True randomness of the generated patterns and accurate values are regenerated if the same parameters and initial values are provided [27].
In this section, we go step by step to illustrate the proposed RGB image encryption technique. An RGB image is shown by a linear set of three unique channels, which are R (Red), G (Green) and B (Blue), as shown in Figure 1. In our algorithm, we go through 16 rounds to produce the encrypted image; therefore, it becomes practically impossible for an attacker to figure it out by brute force or other known attacks. It is important for any conventional encryption technique to be built based on the Feistel structure. Feistel proposed utilizing transpositions and substitutions interchangeably across several rounds. The encryption calculation should be reversible, which implies that it can scramble the plain content and unscramble the obtained cipher. The proposed algorithm consists of 16 rounds, and each round consists of a set of random substitutions and transpositions defined in the following subsections. The last key obtained after each round is used as the starting key for the next round. The pseudo code for the proposed algorithm is as follows: For decryption, the above stages are performed in reverse after generating the same 15 keys plus the initial key, and the last key 15 is used first and applied to the pixels in the backwards direction. The XOR operation with the current key is performed directly with the encrypted pixels in the red and green vectors before performing decoding using
Original RGB image I of size M × N 2.
16-character (128 bit) key K Output: Encrypted Image I Encryption Algorithm: 1. Use a logistic map to generate 15 round keys as described in Section 4.1.

2.
Repeat steps 3-15 sixteen times, using one key from the 16 keys (Initial key + 15 generated keys) in each round. A round includes the execution of all steps from 3 to 15.

3.
Convert red, green and blue channels into three vectors, vec_R, vec_G and vec_B, of Circular left shift vec_R by the decimal value of K(0 : 15).
For each pixel P = P r , P g , P b in the obtained image after circular shifts of individual channel vectors: 8.1. Convert P r , P g , P b into their 8-bit binary representations Bits(P r ), Bits P g , Bits(P b ).

8.2.
Construct a 24-bit binary string S by concatenating Bits(P r ), Bits P g , Bits(P b ).

8.3.
Permutate the string S according to the 6 × 4 final map obtained from step 7.

9.
Construct an initial 16 × 16 DNA Playfair matrix of all possible combinations of 4-DNA nucleotides, starting from AAAA to TTTT as described in Section 4.3. 10. Divide the 128-bit round key into two halves, each of which is 64 bits. Use the left half to permutate the rows of the 16 × 16 DNA Playfair matrix, and use the right half to permutate the columns of the 16 × 16 DNA Playfair matrix as described in Section 4.3. 11. If the round index is odd, then pick 1 pixel from the red vector and 1 pixel from the green vector in the forward direction; otherwise, pick 2 pixels from the red and green vectors in the backwards direction. 12. Apply the modified Playfair procedure as described in Section 4.3 to substitute the 2 pixels' values with their corresponding values. 13. After encrypting 8 pixels in the red vector and 8 pixels in the green vector, combine the encrypted pixels in 1 vector, the 8 encrypted pixels in the red vector, followed by the 8 encrypted pixels in the green vector. Then, perform the XOR operation between the current key and the 128 bits of the 16 pixels, as described in Section 4.5. 14. Repeat steps 10-13 until all pixels in the red vector and green vectors are substituted; consider the direction based on the round index. 15. Encrypt the blue channel using the complementary rules in Table 3 as described in Section 4.4.
For decryption, the above stages are performed in reverse after generating the same 15 keys plus the initial key, and the last key K15 is used first and applied to the pixels in the backwards direction. The XOR operation with the current key is performed directly with the encrypted pixels in the red and green vectors before performing decoding using the 16 × 16 DNA matrix. Finally, the 6 × 4 matrix is used for rearrangement.

Round Key Generation
In our algorithm, an initial key of 128 bits is entered. This key is used to generate 15 round keys, each of which is 128 bits. Sixteen chaotic logistic functions are used to generate each key, as described in Table 4. The input key is used for the first round and is used to generate another key which is used for the second round. Then, each round key is used to scramble the temporary image at this round and is also used to generate the next key. The procedure works as follows: i. The current key is divided into 16 groups, each of which is 8 bits. ii.
Each group is converted to a decimal value. iii.
Each decimal value is divided by 256. iv.
For each decimal value obtained in the previous step, the first three decimal places are kept, and the remaining digits are simply chopped off. The result is used as the initial value for the logistic function. v.
The logistic function defined by Equation (1) is applied to each three-digit decimal value, with λ = 3.99 to increase the randomness of the chaotic sequence. vi.
For each decimal value obtained in the previous step, the first three decimal places are kept, and the remaining digits are simply chopped off. vii.
The result of each group is multiplied by 1000 to remove all decimal digits and to obtain an integer value. viii.
The remainder of dividing the obtained integer value by 256 is calculated for each group. ix.
The obtained remainder is converted back to an 8-bit binary value. x.
The first 8 binary groups are merged together to form a 64-bit left key, and the second 8 binary groups are merged together to form a 64-bit right key. Combining the groups in Table 4 produces the following: left = 00001001110001011101000110101010-00010000110011001010110110101010 right = 11010001101010100110100001110010011-11100100001011000111010010101 xi.
Perform one left shift on each part, then combine the result into a single key. In the previous example, key = 00010011100010111010001101010100001000011001100101-011011010101001010001101010100110100001110010011111001000010110001110100101011 xii.
Repeat steps i-x on the obtained key, and combine all binary groups together to produce the final 128-bit round key.

Initial Permutation of Merged Bit String
In this section, we explain the basic steps for performing the initial permutation of the input RGB image using the key. To make things simple and clear, we go step by step in the first round, where the proposed approach accepts an RGB image and a 128-bit secret key. Let the secret key = "DinaElbana123456". The first eight steps of our algorithm are related to random permutations of the pixels' bits. These steps are repeated 16 times, 1 at the beginning of each round. At each round, the round key is used, which is generated according to the logistic function defined in Equation (1) as described in Section 4.1. The first step is to extract the three color channels from the RGB image, which are the red channel R, the green channel G and the blue channel B, as shown in Figure 1. These channels are considered three matrices, and each one has the same number of rows and columns. Each matrix of these matrices is converted into its corresponding vector.
Let the three channels be defined as follows: The second step is to convert the 16-character key into its binary 128-bit equivalent. In our case, we choose the key "DinaElbana123456", so the bit representation is as follows: Key = 01000100011010010110111001100001 01000101011011000110001001100001 01101110011000010011000100110010 00110011001101000011010100110110

RedChannelMatrix
Next, the first 16 bits are extracted from the key and assigned to Red_shi f ts. The second 16 bits are extracted and assigned to Green_shi f ts, and the third 16 bits are extracted and assigned to Blue_shi f ts. Then, all these bits are converted into their decimal values. In our case: Red_shi f ts = 0100010001101001 = (17513) Green_shi f ts = 0110111001100001 = (28257) Blue_shi f ts = 0100010101101100 = (17772) Next, we use these values to determine the amount of circular left shifts that we should perform on the red vector, green vector and blue vector. Different kinds of shifts (right or left) may be performed to increase the amount of randomness. However, you should remember the order in which different kinds of shifts have been made to be able to decrypt the cipher image. The rotation is performed by the obtained decimal values. When applying to previous vectors corresponding to 4 × 4 matrices, it seems as though the shifts are being repeated too much, but regarding an actual image of size 512 × 512, for example, the vector is 262, 144, which is larger than the maximum possible number of shifts, which is 65, 536. When applying the previous step to the three vectors, the red vector vec_R is shifted left by 17, 513, the green vector vec_G is shifted left by 28 The last step is to construct a random matrix of 6 × 4, which contains numbers from 0 to 23 as follows: 4 5 6 7  8 9 10 11  12 13 14 15  16 17 18 19  20 21 22  In our example the first 24 bits of the key are 010001000110100101101110, so we perform the following: i.
The first row is rolled left by (01) b = 1, and then the first column is rolled up by The second row is rolled left by (00) b = 0, and then the second column is rolled up by (101) b = 5. iii.
The third row is rolled left by (01) b = 1. iv.
The fourth row is rolled left by (00 The fifth row is rolled left by (01) b = 1, and then the third column is rolled up by The sixth row is rolled left by (10) b = 2, and then the fourth column is rolled up by (110) b = 6 , which is equal to rolling up by 0.
After applying these shifts, the final map is: The final map matrix is converted into a vector that represents the permutation of 24 bits merged from the red, green and blue channels of the current pixel. The map vector is as follows: Map = [16,21,22,0,20,2,3,7,5,10,6,1,4,9,11,15,13,18,14,8,19,23,12,17] This means that bit number 16 is the first bit, bit number 21 is the second bit, etc. For example, the pixel at the second row and second column in the original matrices for red, green and blue is (209, 51, 185). Remember that we should work on already rotated vectors, but this is only for the illustration of the permutation process. Each value is converted into binary, and the 3-bit strings are merged together as follows:

Nonlinear Rotational 16 × 16 DNA S-Boxes
The initial Playfair cipher constructs a 5 × 5 matrix which contains all alphabetic letters, with the exception of a letter = or . A secret keyword is chosen, and then a 5 × 5 matrix is constructed by arranging the letters of the keyword without repetition from left to right and top to bottom, followed by the rest of letters in the alphabet [28]. The message to be encrypted is divided into diagrams or groups of two letters. When the two letters in the group are similar, another character is used as a separator and is placed between them. If the number of characters in the message is odd, a padding letter is added at the end. Substitution occurs according to the three rules listed below: 1-If the two letters are on the same row, they are replaced with the two letters to the right. When one of the letters is at the end of the row, it is replaced by the first letter in the row. 2-If the two letters are on the same column, they are replaced by the two letters below them. If one of the letters is at the end of the column, it is replaced by the first letter in the column. 3-If the two letters are not on the same row or the same column, a rectangle shape is made with letters, and the letters on the opposite corners are used to replace them.
In our proposed technique, we first construct an initial Playfair matrix of all possible combinations of four DNA nucleotides, starting from AAAA to TTTT. This constructs a 16 × 16 DNA matrix, where each entry is four DNA nucleotides, as shown in Figure 3. Rows are numbered from 0 to 15, and columns are numbered from 0 to 15.

Nonlinear Rotational 16 × 16 DNA S-Boxes
The initial Playfair cipher constructs a 5 × 5 matrix which contains all alphabetic letters, with the exception of a letter I = J or Q. A secret keyword is chosen, and then a 5 × 5 matrix is constructed by arranging the letters of the keyword without repetition from left to right and top to bottom, followed by the rest of letters in the alphabet [28]. The message to be encrypted is divided into diagrams or groups of two letters. When the two letters in the group are similar, another character is used as a separator and is placed between them. If the number of characters in the message is odd, a padding letter is added at the end. Substitution occurs according to the three rules listed below: 1.
If the two letters are on the same row, they are replaced with the two letters to the right. When one of the letters is at the end of the row, it is replaced by the first letter in the row.

2.
If the two letters are on the same column, they are replaced by the two letters below them. If one of the letters is at the end of the column, it is replaced by the first letter in the column. 3.
If the two letters are not on the same row or the same column, a rectangle shape is made with letters, and the letters on the opposite corners are used to replace them.
In our proposed technique, we first construct an initial Playfair matrix of all possible combinations of four DNA nucleotides, starting from AAAA to TTTT. This constructs a 16 × 16 DNA matrix, where each entry is four DNA nucleotides, as shown in Figure 3. Rows are numbered from 0 to 15, and columns are numbered from 0 to 15.

Nonlinear Rotational 16 × 16 DNA S-Boxes
The initial Playfair cipher constructs a 5 × 5 matrix which contains all alpha letters, with the exception of a letter = or . A secret keyword is chosen, and th 5 × 5 matrix is constructed by arranging the letters of the keyword without repet from left to right and top to bottom, followed by the rest of letters in the alphabet [28] message to be encrypted is divided into diagrams or groups of two letters. When the letters in the group are similar, another character is used as a separator and is pl between them. If the number of characters in the message is odd, a padding letter is ad at the end. Substitution occurs according to the three rules listed below: 1-If the two letters are on the same row, they are replaced with the two letters to right. When one of the letters is at the end of the row, it is replaced by the first l in the row.  Next, we use the round key to randomly permutate the entries of the matrix defined in Figure 3. The original key consists of 128-bit, and we divide it into two parts. Each part consists of 64 bits. The first part is organized into 16 groups. Each group consists of 4-bits, and each group is a decimal value from 0 to 15. This decimal value is used to rotate one of the rows in the original Playfair matrix to the left. Similarly, the second part, which is 64-bit, is organized into 16 groups. Each group consists of 4-bits, and each group is a decimal value from 0 to 15. This decimal value is used to rotate up one of the columns in the Playfair matrix. The rows are shifted left first, then the columns are shifted up. Other variants of this proposed algorithm include shifting one row to the left followed by shifting one column up. However, remember the order on which shifts are performed to be able to restore the Playfair matrix. After applying these shifts using our initial key, the produced Playfair matrix is as is shown in Figure 4. Next, we use the round key to randomly permutate the entries of the matrix defined in Figure 3. The original key consists of 128-bit, and we divide it into two parts. Each part consists of 64 bits. The first part is organized into 16 groups. Each group consists of 4bits, and each group is a decimal value from 0 to 15. This decimal value is used to rotate one of the rows in the original Playfair matrix to the left. Similarly, the second part, which is 64-bit, is organized into 16 groups. Each group consists of 4-bits, and each group is a decimal value from 0 to 15. This decimal value is used to rotate up one of the columns in the Playfair matrix. The rows are shifted left first, then the columns are shifted up. Other variants of this proposed algorithm include shifting one row to the left followed by shifting one column up. However, remember the order on which shifts are performed to be able to restore the Playfair matrix. After applying these shifts using our initial key, the produced Playfair matrix is as is shown in Figure 4. After producing the nonlinear random 16 × 16 DNA Playfair matrix through keybased rotating operations, we use this matrix to encrypt the red and green channels. The operation is performed by taking one pixel from the red channel and the corresponding pixel in the green channel. Let the two values be 124 and 78. Each value of these pixels is eight bits, i.e., 124 corresponds to 01111100 in binary, and 78 corresponds to 01001110 in binary. Now, we make the substitution using Playfair but with a novel idea that increases the randomness and nonlinearity of the proposed algorithm. The idea is that, instead of using static coding for converting binary strings to DNA nucleotides, we make the coding random and nonlinear based on the position that is determined by the row corresponding to the first four bits and the column corresponding to the second four bits of the 8-bit word that is being searched for in the 16 × 16 DNA Playfair matrix. Therefore, each one of these bit strings is divided into two four-bit groups; one is used to determine the row, and the other is used to determine its column in the final 16 × 16 DNA Playfair matrix.
The first value, 01111100, is divided into 0111 and 1100, which means that it is located at row 0111 (row number 7) and column 1100 (the column number 12). Note that we are starting from row 0. In the Playfair matrix, it corresponds to TGTG. The second value 01001110 is divided into 0100 and 1110, which means it is located at row 0100 (the row number 4) and column 1110 (the column number 14). In generated Playfair matrix, it corresponds to AGAC. After finding the two four-base DNA words, TGTG and AGAC, we apply rule three of Playfair because they are not in the same row or column, and the After producing the nonlinear random 16 × 16 DNA Playfair matrix through keybased rotating operations, we use this matrix to encrypt the red and green channels. The operation is performed by taking one pixel from the red channel and the corresponding pixel in the green channel. Let the two values be 124 and 78. Each value of these pixels is eight bits, i.e., 124 corresponds to 01111100 in binary, and 78 corresponds to 01001110 in binary. Now, we make the substitution using Playfair but with a novel idea that increases the randomness and nonlinearity of the proposed algorithm. The idea is that, instead of using static coding for converting binary strings to DNA nucleotides, we make the coding random and nonlinear based on the position that is determined by the row corresponding to the first four bits and the column corresponding to the second four bits of the 8-bit word that is being searched for in the 16 × 16 DNA Playfair matrix. Therefore, each one of these bit strings is divided into two four-bit groups; one is used to determine the row, and the other is used to determine its column in the final 16 × 16 DNA Playfair matrix.
The first value, 01111100, is divided into 0111 and 1100, which means that it is located at row 0111 (row number 7) and column 1100 (the column number 12). Note that we are starting from row 0. In the Playfair matrix, it corresponds to TGTG. The second value 01001110 is divided into 0100 and 1110, which means it is located at row 0100 (the row number 4) and column 1110 (the column number 14). In generated Playfair matrix, it corresponds to AGAC. After finding the two four-base DNA words, TGTG and AGAC, we apply rule three of Playfair because they are not in the same row or column, and the two values are replaced by ATGA and GGTT, which are equal to 01111110 and 01001100. We also use the 4-bit row number followed by the 4-bit column number of each word of the substituted words. The encoding is performed by replacing the four DNA nucleotide code with the corresponding 8 bits. The first 4 bits are the row number, and the second 4 bits are the column number.
We go through the red vector and the green vector to perform the same operation with one constraint after encrypting eight bits from the red and green channels. The current key has the XOR performed on it with the sixteen encrypted pixels' values (eight encrypted pixels in the red vector followed by eight encrypted pixels in the green vector), and the new Playfair matrix is generated again. The operation is described in Section 4.4, and it is necessary to defeat differential attacks and to make the whole obtained cipher values different if only one bit is changed in the plain image. The 16 × 16 DNA Playfair matrix after the first XOR with 16 encrypted pixels in the red and green channels is shown in Figure 5.
We go through the red vector and the green vector to perform the same operati with one constraint after encrypting eight bits from the red and green channels. T current key has the XOR performed on it with the sixteen encrypted pixels' values (eig encrypted pixels in the red vector followed by eight encrypted pixels in the green vecto and the new Playfair matrix is generated again. The operation is described in Section 4 and it is necessary to defeat differential attacks and to make the whole obtained ciph values different if only one bit is changed in the plain image. The 16 × 16 DNA Playf matrix after the first XOR with 16 encrypted pixels in the red and green channels is show in Figure 5.

Complementary Rules for Scrambling Blue
Finally, the blue channel is encrypted using one of the complementary rules in Tab 3, and the procedure is as follows: i. After encrypting eight pixels in the red and green vectors, by using the current ke the corresponding eight pixels in the blue channel are selected and combined into o vector. ii. The pixel values are converted into 8-bit binary values, and then these binary valu are combined together to form a 64-bit string . iii. The string is divided into 32 pairs of 2 bits. iv. The current 128-bit key is divided into 32 groups, each of which is 4-bit. Each gro is used to scramble one pair of . v. Each group is converted into its decimal equivalent , which is between 0 and 15 vi. We calculate two values as follows: rule_number = 8; and = 4. vii. Each pair of is encrypted by choosing the suitable rule from Table 3 according to rule_number, and the rule is applied times. viii. After obtaining the 64 encrypted bits, they are merged again into one string and a shifted left by the decimal value of _ [101: 106]. Then, they are divided in 8 groups, each of which is 8 bits. ix. Each group is converted to its decimal equivalent and is stored as an encrypted pi value in the blue vector.

Complementary Rules for Scrambling Blue
Finally, the blue channel is encrypted using one of the complementary rules in Table 3, and the procedure is as follows: i.
After encrypting eight pixels in the red and green vectors, by using the current key, the corresponding eight pixels in the blue channel are selected and combined into one vector. ii.
The pixel values are converted into 8-bit binary values, and then these binary values are combined together to form a 64-bit string S. iii.
The string S is divided into 32 pairs of 2 bits. iv.
The current 128-bit key is divided into 32 groups, each of which is 4-bit. Each group is used to scramble one pair of S. v.
Each group is converted into its decimal equivalent D, which is between 0 and 15. vi.
We calculate two values as follows: rule_number = D mod 8; and T = D mod 4. vii.
Each pair of S is encrypted by choosing the suitable rule from Table 3 according to its rule_number, and the rule is applied T times. viii.
After obtaining the 64 encrypted bits, they are merged again into one string and are shifted left by the decimal value of current_key[101 : 106]. Then, they are divided into 8 groups, each of which is 8 bits. ix.
Each group is converted to its decimal equivalent and is stored as an encrypted pixel value in the blue vector.

Key Mixing
After encrypting 8 pairs of pixels from the red channel and green channel, the current key has the XOR operation performed on it with the 16 obtained encrypted pixels. In more detail, the current key is used to encrypt 8 pairs of pixels in the red and green channels and to choose a suitable complementary rule to encrypt 8 pixels in the blue channel. The encrypted 8 pixels in the red channel and the encrypted 8 pixels in the green channel are arranged into 1 vector. This vector is converted into 128 binary bits and has the XOR operation performed on it with the current key. This guarantees that changes in 1 bit in any channel greatly affects the encrypted image. The final encrypted image and the encrypted three channels are shown in Figure 6.
Cryptography 2021, 5, x FOR PEER REVIEW 17 of 28 changes in 1 bit in any channel greatly affects the encrypted image. The final encrypted image and the encrypted three channels are shown in Figure 6.

Security Analysis and Evaluation
In this section, a security analysis of the proposed technique is presented and compared with existing techniques. The robustness of any encryption technique is measured by the amount of distortion that it causes to the cipher image. The cipher image should be completely distorted and scrambled. If an attacker obtains a copy of the cipher image, he should still be unable to determine even small numbers of pixels of the original image. In addition to qualitative metrics and visual properties, there are many quantity metrics that are used to evaluate the robustness of encryption techniques. In subsequent subsections, we present each metric along with an analysis and discussion of the proposed technique. These metrics are used to evaluate the robustness of encryption techniques and their ability to resist different kind of attacks, such as cryptanalytic, statistical, brute force and differential attacks. A statistical analysis, key space analysis, sensitivity analysis, resistance to differential attacks and other types of analyses are presented.

Key Space and Analysis
The basic idea of a brute force attack is that every single possible key is tried until breaking the cipher image. The key should be long enough to make it impossible or practically unfeasible to try all possible keys. On average, half of the possible keys should be tried before the key is found. Once the key is found, all past and future messages that are encrypted with that key are compromised. The overall objective for handling a brute force attack is not to keep data secured forever, but to make the cost of breaking it unfeasible with respect to time consumed and resources. The time consumed to crack a secure message should be very long in such a way that, when the information is found, it becomes useless. Therefore, the only way to resist brute force attacks is to use a large key size to make the algorithm computationally secure. To evaluate the robustness of the proposed technique against brute force and dictionary attacks, a key space analysis and key sensitivity are presented.

Key Space Analysis
The key space should be extremely large to guarantee that it is computationally unfeasible for the brute force attack to find the key and decrypt the cipher image. The total number of possible keys for a cryptographic technique is called the key space. To resist all

Security Analysis and Evaluation
In this section, a security analysis of the proposed technique is presented and compared with existing techniques. The robustness of any encryption technique is measured by the amount of distortion that it causes to the cipher image. The cipher image should be completely distorted and scrambled. If an attacker obtains a copy of the cipher image, he should still be unable to determine even small numbers of pixels of the original image. In addition to qualitative metrics and visual properties, there are many quantity metrics that are used to evaluate the robustness of encryption techniques. In subsequent subsections, we present each metric along with an analysis and discussion of the proposed technique. These metrics are used to evaluate the robustness of encryption techniques and their ability to resist different kind of attacks, such as cryptanalytic, statistical, brute force and differential attacks. A statistical analysis, key space analysis, sensitivity analysis, resistance to differential attacks and other types of analyses are presented.

Key Space and Analysis
The basic idea of a brute force attack is that every single possible key is tried until breaking the cipher image. The key should be long enough to make it impossible or practically unfeasible to try all possible keys. On average, half of the possible keys should be tried before the key is found. Once the key is found, all past and future messages that are encrypted with that key are compromised. The overall objective for handling a brute force attack is not to keep data secured forever, but to make the cost of breaking it unfeasible with respect to time consumed and resources. The time consumed to crack a secure message should be very long in such a way that, when the information is found, it becomes useless. Therefore, the only way to resist brute force attacks is to use a large key size to make the algorithm computationally secure. To evaluate the robustness of the proposed technique against brute force and dictionary attacks, a key space analysis and key sensitivity are presented.

Key Space Analysis
The key space should be extremely large to guarantee that it is computationally unfeasible for the brute force attack to find the key and decrypt the cipher image. The total number of possible keys for a cryptographic technique is called the key space. To resist all kinds of brute force attacks, the key space should be increased dramatically. In our proposed technique, the key length is 128 bits, which implies that there are 2 128 possible keys. This complies with NIST standards. For example, the original AES algorithm also uses 128 bits key. In the optimistic case that the attacker succeeds in half of the attempts, the attacker requires 2 127 attempts, or 170141183460469231731687303715884105728 attempts. The attacker finds it impossible to try this key space even with very large distributed computing units.

Key Sensitivity Analysis
Another important measure when evaluating an encryption technique is to evaluate its sensitivity to small changes in the key. If the key changes slightly, the cipher image should be completely changed. Moreover, if one bit is changed in the original key, it should be unable to decrypt the cipher image. In the proposed technique, if a single bit is changed in the key, a completely different cipher image is produced. Moreover, trying to decrypt a cipher image using a key with a single bit modified produces a scrambled image. The percentage of change in the encrypted image and decrypted image using a single-bit modified key exceeds 99%. This indicates that the proposed technique is very sensitive to a slight change in the key; hence, it is able to resist different kinds of brute force attacks. Additionally, the proposed technique depends mainly on the chaotic function, which makes it very sensitive, even to slight changes in initial values.
In this sense, we can guarantee that attackers are not able to restore blocks of pixels, even if they possess a cipher/plain pairs of other pixels. To analyze the amount of change that occurred, a detailed statistical analysis is presented in the next subsection. It is worth noting that the proposed technique is prepared to reflect alterations or modifications to the encrypted image, which means that it can also be used for integrity checks. Therefore, if the encrypted image is cropped or affected by different kinds of noise, it is impossible to recover the original image. However, this happens because the proposed algorithm is pixel-based at the image level. However, our algorithm can also work as block-based by using the initial round key at the beginning of each block, and in this case, all blocks can be restored except the ones that contain modified pixels.

Statistical Analysis
Statistical analysis is an important metric for evaluating the robustness of a proposed technique against common statistical attacks. A statistical analysis of the encrypted image evaluates the quality of the encryption algorithm with respect to randomness, correlation with the original image and resistance to different kinds of statistical attacks. A statistical analysis of the proposed technique is demonstrated by an entropy analysis and correlation analysis.

Entropy Analysis
Entropy is a statistically random measure that shows how gray pixels are uniformly distributed across an image. It is a common metric that is used to show the randomness of data. An encryption algorithm is evaluated to be robust if the entropy value of the encrypted image approaches eight. For most existing encryption techniques in the literature, the entropy approaches eight, which indicates that the gray scales are uniformly distributed. The value of each pixel is an integer from 0 to 255. If each gray scale occurs in the encrypted image with a probability of 1/256, the entropy of the encrypted image reaches 8 in the ideal case. The entropy [29] is calculated using Equation (2): where N is the number of bits used to represent gray scales, and P(s i ) is the probability of occurrence of the variable s i . In Table 5, the obtained entropy values for standard images are presented. All obtained values are averages of the values obtained when encrypting the same standard image using 50 different keys. All obtained values are approximately above 7.99, which indicates the robustness and randomness of the proposed technique.  Table 6 compares the values obtained for entropy analysis using the proposed technique and existing techniques on the Lena image. The recorded values for the proposed technique are the average values obtained after encrypting the Lena image using 50 different keys. The results show that the proposed technique has competitive comparable results with those that are state-of-the-art. As is clear, all obtained values are above 7.99, which approaches the ideal case. It indicates that the gray scales used in each channel in the encrypted image are evenly distributed. For all tests performed, we carried out an experiment to encrypt the same plain image using 50 different keys and report the averages. We present the averages for metrics to ensure the stability of the proposed technique.

Correlation Analysis
Correlation analysis is the most basic tool used to evaluate the similarity between two images. In cryptography, it is a metric to evaluate the similarity between the encrypted image and the original image. The correlation between adjacent pixels in a plain image and an encrypted image is considered a very important metric for evaluating different encryption techniques. Usually, the correlation between adjacent pixels in a plain image approaches one, because the adjacent pixels are very similar. However, the correlation between adjacent pixels in encrypted images should approach zero to indicate that there is no relation between adjacent pixels. The correlation analysis [29] is estimated using Equations (3)- (6). where where N is the total number of pixels selected in our experiments. We randomly pick up 1200 pairs of adjacent pixels (in vertical, horizontal and diagonal directions) from both the original image and the encrypted image. Then, we calculate the correlation between each group. All obtained values for standard images are illustrated in Table 7. Table 8 compares the values obtained for correlation analysis between different techniques when being applied to the Lena image. All reported values for the proposed technique are averages of the values obtained when encrypting the same image using 50 different keys.
As is clear, all obtained values are lower than 0.009, which approaches the ideal case.

Differential Attack
A differential attack is the most widely used attack in order to analyze the relation between the plain image and the cipher one. In this attack, attackers encrypt the plain image using some key, and then they modify the plain image slightly and encrypt it again with the same key. Then, they compare the two cipher images to try to find the difference between them. The overall objective is to find some relation describing the effect of change in the plain image on the cipher image. Therefore, the attackers always try to make slight changes in the input image and compare the differences between obtained cipher images. This allows the attackers to understand the relationship between the original and encrypted images. The attackers try to determine if a minor change in the gray level of one pixel in the original image has a huge effect on the gray levels of the encrypted image.
To evaluate the effect of a small change in the plain image on the encrypted image, there are two metrics: NPCR and U ACI. NPCR is the change rate of the number of pixels [12], and it is calculated using Equations (7) and (8).
where M and N are the number of rows and columns in the cipher images, respectively; C 1 and C 2 are the two obtained cipher images after making a slight change to the plain image and encrypting it using the same key. The UACI is the unified average changing intensity [12], which calculates the mean intensity of the pixel difference in two ciphered images. It is defined by the Equation (9): where C 1 (i, j) and C 2 (i, j) are two corresponding pixels in two cipher images. The cipher images C 1 and C 2 are obtained by encrypting the plain image to produce C 1 . Then, one pixel is modified in the plain image and is encryped again using the same key to produce C 2 . The values of NPCR and UACI obtained for the standard images are shown in Tables 9 and 10, along with the values for the compared techniques. The reported values for the proposed technique are averages of 50 experiments. In each experiment, we use a different key to encrypt the standard image, and then we modify one pixel within the plain image, encrypt it again with the same key and record the NPCR and UACI.

Time Analysis
Since our technique is based on the direct manipulation of the bits of each pixel, the complexity of the cryptographic speed is determined by the pixel count in the image, and that makes the proposed technique very efficient with respect to time consumed for encryption and memory allocation. To evaluate the running time of the proposed technique on a core i5 processor with 8GB of RAM, the proposed approach takes 7-9 s on average to encrypt a 256 × 256 RGB image. However, the proposed algorithm is 16 rounds, which is a large amount of work. A smaller number of rounds can be used, such as 4 rounds of DES, to reduce time constraints, and it is still robust and secure. In the future, we intend to present a parallel version of the algorithm to make it more efficient. Moreover, a customized parallel version of the algorithm can divide the image into blocks, and encrypting these blocks in parallel as if each block was an independent image can reduce the time greatly.

NIST Analysis
In order to evaluate the randomness of the proposed technique, we examined the proposed technique using the NIST Suite. The NIST tests are published by the National Institute of Standards to test the randomness of encryption techniques. The outcomes of the NIST are listed below, which indicate that the proposed technique passes all random tests and can produce a higher level of randomness, which makes the algorithm resistant

Conclusions
In this paper, a novel technique for RGB image encryption is proposed based on chaotic systems and a nonlinear 16 × 16 DNA Playfair matrix. The proposed technique uses a logistic function to generate round keys, and then it goes through several rounds of DNA encoding, transpositions and substitutions to encrypt individual RGB image pixels. The basic contribution of the proposed technique is that it generates a large number of DNA matrices that are random and nonlinear in nature; it uses a modified version of Playfair to substitute individual pixels at once; and it defeats all kinds of differential attacks by mixing the key with already encrypted pixels. The proposed technique is evaluated and analyzed against common attacks, such as brute force and statistical and differential attacks. The results show that the proposed technique is promising with respect to robustness and randomness. Finally, NIST analysis is presented to ensure the randomness ability of the proposed technique.