A Novel Color Image Encryption Scheme Based on Cellular Neural Network and Chen’s Chaotic System

With the explosive development of communication technology, digital images are more widely stored and transmitted on the network as a medium of communication among people. At the same time, the security of the digital image has become the focus of people’s attention, and it is also the hotspot and difﬁculty of current research. Therefore, a novel color image encryption scheme is proposed in this paper by combining the 6-dimensional cellular neural network (CNN) and Chen’s hyperchaotic system. In the proposed scheme, the initial keys and switching function generated by the plaintext image are utilized to control the CNN to complete the scrambling operation. Then, using the Chen’s hyperchaotic system to diffuse the scrambled image for realizing higher security. Finally, the simulation tests and security performance analyses on the proposed encryption scheme are carried out. Experimental results demonstrate that the proposed scheme has an excellent encryption effect compared with other advanced image cryptography systems.


Introduction
With the rapid development of information technology, the importance of the network and its impact on society are also increasing. A large amount of information is stored and transmitted on the network in the form of short messages, videos, images, audio, etc. At the same time, the problem of information security has become increasingly serious. The digital image is widely used in communication for its vividness and clarity. Also, the continuous update of electronic equipment makes the transmission of images on the network more and more convenient, thus the image encryption technology is particularly important. The chaotic signal is suitable for secure communication technology especially because of its noise-like, initial value sensitivity, and long-term unpredictability 1,2 . And the algorithms based on chaos show outstanding characteristics in security, complexity, speed, and computing power 3,4 .
In recent years, the research of chaotic cryptography on image encryption has also attracted the attention of many scholars [5][6][7][8][9][10][11] . For instance, a novel image encryption approach based on the "permutation-substitution" network and the chaotic system is proposed in Ref. 12 . Liang et al. 13 introduced a quantum algorithm based on quantum XOR operations generated with the logistic map to encrypt gray-level information, while the generalized affine transform is used to encode position information. In Ref. 14 , a 2-D Logistic map is used to generate the pseudorandom number generator (PRNG) to control the combination of position permutation and diffusion with XOR. Broumandnia 15 generates an incoherent cryptographic image by harnessing modular chaotic maps, which hides any information about the original image. Chai et al. 16 proposed a color image encryption algorithm based on dynamic DNA encryption and chaos, utilized the hash function and external parameters to calculate the initial value, which can effectively resist the known-plaintext attacks with better security. Wang et al. 17 proposed an encryption scheme for color images that uses the 1-D and 2-D logistic map to generate a chaotic matrix. Then, these two chaotic maps are repeatedly replaced in sequence. The experimental results prove the security and applicability of the scheme. Fu et al. 18 proposed a fast color image encryption scheme, which is based on permutation and substitution in the quantized sequence extracted from the orbit of Chen's chaotic system. Sundari and Karthika 19 presented an image encryption and decryption algorithm based on the concept of Logistic map. However, the encryption scheme of a single chaotic system can no longer meet the security and real-time requirements of modern life rhythm for image communication. Researchers have discovered that when CNN theory is applied to the chaotic encryption algorithm, hyperchaotic systems provide more complex dynamic behaviors, with strong randomness, unpredictability, and higher security performance 20 .
CNN is a nonlinear analog processor with locally interconnected, double-valued output signals, which was first proposed by Chua and Yang in 1988 21 . It is an artificial neural network formed by the improvement of Hopfield neural network and cellular automata 22 , which adopts the local connection of cellular automata and at the same time resolves the difficulty of

Preliminaries Cellular neural network
The basic component unit of CNN is called a cell. Besides, each cell can be equivalent to a nonlinear first-order circuit composed of the linear resistor, the linear capacitor, and the voltage-controlled current source as shown in Fig. 1. CNN is formed by the regular arrangement and connection of the same cell neurons in space. Each neuron is only connected with the adjacent 8 neurons and the cells that are not directly connected influence each other through continuous and dynamic propagation effect 33 . Each neuron has the input and output states. A of size M × N is composed of M rows and N columns of cells. A 3 × 3 cellular neural network is constructed in Fig. 2, where C(i, j) represents the cells in the i-th row and j-th column in the cellular neural network. The chaotic phenomenon of the 6-dimensional CNN hyperchaotic system is described in Ref. 34 . The state equation of the 6-order fully interconnected CNN is shown in Eq. (1): where j = 1, 2, . . . , 6.

Chen's hyperchaotic system
In 1999, Chen 37 discovered a system with more complex dynamic behaviors than Lorenz system when studying chaotic feedback control. The chaotic attractor of Chen's system has more complex and abundant dynamic characteristics than that of Lorenz system. The mathematical model of Chen's hyperchaotic system is expressed as follows.
where a, b and c are system parameters, when a = 35, b = 3, c = 28, the system is in a chaotic state 38

Encryption and decryption on color images
In this section, the detailed design process of the proposed color image encryption scheme combining the 6-dimensional CNN and Chen's hyperchaotic system will be given, which is based on the classical "Confusion-Diffusion" framework. For the sake of generality, assuming the plaintext image PI with the size of M × N × 3. In addition, the ciphertext image is CI with the size of M × N × 3. The specific encryption steps and corresponding decryption steps are shown below.

Initial keys
The initial keys k 1 to k 6 are inputted into the CNN chaotic system as the initial conditions, which is one of the initial conditions for the generation of the chaotic sequences, and the process of generation of the initial keys are as follows. A three-channel color plaintext image with a size of M × N × 3 is inputted and converted into a single-channel grayscale image. And as shown in We calculate the sum of gray values of each cell respectively, and record them as sum1, sum2, ..., sum6, then let k 1 , k 2 , ..., k 6 denote their sine values.

Switching key
The function of switching key d is to control the selection of dimensions. In the process of confusion, in order to facilitate the implementation, we choose one dimension in the 6-dimensional chaotic sequences generated by CNN to construct a matrix for image confusion. As shown in Fig. 6, when the value of d is 1, the switch K 1 is closed, that is, the first-dimensional chaotic 4/18 sequence D 1 is selected. And when the value of d is 2, the switch K 2 is closed, that is, the second-dimensional chaotic sequence D 2 is selected, and so on. We take the gray average value a of the gray image and do the following operation (where fix is the rounding function and mod is the modulus function).
this ensured that the output value of d is an integer within the range 1 to 6.

Scrambling
We input the initial keys k 1 , k 2 , ..., k 6 and the control parameters into the CNN chaotic system, and at the same time, input the switching key d which is used to select a sequence by controlling the opening and closing of the switch K 1 -K 6 . Then one sequence is selected from the generated 6-dimensional chaotic sequences. We discard the first 1000 elements of the selected sequence and then extract the remaining M × N elements. These elements are denoted as the sequence S. The quantitative formula of the sequence S is given as follow.
Eq. (5) is equivalent to extracting the three digits after the decimal point of the chaotic sequence's absolute value, and then converting it to a value between [0, 255]. The processed chaotic sequence is transformed into a two-dimensional matrix, and the elements in the matrix are traversed according to columns. After incremental sorting, the elements are put into the new empty matrix by columns, namely, the sorted chaotic matrix SCS. Besides, the original position of elements in SCS are recorded in another new empty matrix, namely, the position matrix ICS. If the elements in the increment sorting process are found equal, the element traversed first is placed first. Next, the plaintext pixel matrix is rearranged according to the position matrix ICS. That is to say that the scrambling transformation is completed. In order to better understand the proposed scrambling algorithm, an example of the scrambled process is demonstrated in Fig. 7, where M = 3, N = 4. Fig. 7 (a)-(b) represent a two-dimensional chaotic matrix CS and the corresponding sorted two-dimensional scrambling matrix SCS, respectively. Then the position matrix ICS that represents the original position of elements in sorted chaotic matrix is shown in Fig. 7 (c). Using the matrix ICS to scramble the plaintext matrix. Ultimately, the resulting scrambled matrix is displayed in Fig. 7 (e).

Diffusion
The 501st to 503rd values of the sequence selected in the scrambling process are taken as the initial values of the Chen's hyperchaotic system, denoted as x 1 , x 2 , x 3 . They are inputted into Chen's system, and the fourth-order Runge Kutta method was

5/18
Ciphertext image CI Integrating The 4-th dimensional chaotic sequence D 4 The 5-th dimensional chaotic sequence D 5 The 6-th dimensional chaotic sequence D 6 The 1-st dimensional chaotic sequence D 1 The 2-nd dimensional chaotic sequence D 2 The 3-rd dimensional chaotic sequence D 3  utilized to solve Chen's system iteratively for M × N times. Then we perform the following operation on the generated chaotic sequence C 1 , C 2 , C 3 with a length of M × N in three dimensions.

R component of SI
That is, we calculate the mean of the three sequences and define it as the new sequence C. Then the sequence C is quantified according to Eq. (5). The quantized data is structured into a diffusion matrix DM with the size of M × N. The XOR operations are performed on it and the three components of the scrambled image SI respectively. And the ciphertext image CI in the form of RGB will be obtained after integration.

First decryption
We input the initial keys k 1 , k 2 , ..., k 6 and control parameters into the CNN chaotic system, and at the same time input the switching key d. Extracting M × N elements from the resulting chaotic sequence produced by CNN to acquire the position matrix ICS and the initial values x 1 , x 2 , x 3 of Chen's hyperchaotic system. The initial values x 1 , x 2 , x 3 are inputted into Chen's system. Then the sequence C can be generated by averaging the 3-dimensional chaotic sequence acquired from Chen's system. After processing, the diffusion matrix DM is obtained, then we XOR the diffusion matrix DM with the three components of the ciphertext image CI, respectively. The first stage of the decryption process is completed after integration, and the scrambled image SI is obtained.

Reverse scrambling (second decryption)
The position matrix ICS obtained in the first stage of decryption process was utilized to reverse scramble the RGB components of the scrambled image SI and integrate the results into the RGB form, that is, the second stage of the decryption process was completed.
Step to encrypt and decrypt color images Steps to encrypt • Step 1: Initial keys k 1 , k 2 , ..., k 6 , switching key d, and control parameters are inputted into the CNN hyperchaotic system, and the position matrix ICS will be obtained. Then the matrix ICS is utilized to scramble the plaintext image PI and complete the first encryption.
• Step 2: We input the initial values x 1 , x 2 , x 3 into Chen's hyperchaotic system. Then the diffusion matrix DM can be obtained, which is XORed respectively with the three components matrices of the plaintext image obtained after the first encryption to complete the second encryption.
• Step 3: For higher security, the above steps can be repeated n times.
The block diagram of the encryption process is shown in Fig. 6, and the encryption effect is shown in Fig. 8 (c). It is obvious that the ciphertext images present a uniform carpet-like distribution, and no valuable information can be distinguished from it. It is indicated that the encryption scheme proposed in this paper can cover up the original image information successfully.
Steps to decrypt • Step 1: Initial keys k 1 , k 2 , ..., k 6 , switching key d, and control parameters are inputted into the CNN hyperchaotic system, the position matrix ICS and the initial values x 1 , x 2 , x 3 of Chen's system will be obtained.
• Step 2: Input the initial values x 1 , x 2 , x 3 into the Chen's system, and the diffusion matrix DM will be obtained. The matrix DM is XORed respectively with the three components matrices of the ciphertext image CI. After the integration, the first decryption is completed and the scrambled image SI is obtained. The decryption effect is shown in Fig. 8 (d). It can be seen that there is almost no visual difference between the decrypted image and the original plaintext image, indicating that the scheme proposed in this paper can successfully decrypt the color image.

Experimental results and security analysis
In this section, we conduct simulation tests to evaluate the performance of the proposed encryption scheme. All simulation tests are carried out in the experimental environment of Matlab R2015b with a 2.90GHz CPU and 8GB memory. The parameters of the standard test images used in the experiments are as follows: the color Lena image with a size of 512 × 512 × 3, the color Baboon image with a size of 512 × 512 × 3, the color Perppers image with a size of 512 × 512 × 3, the color Airplane image with a size of 512 × 512 × 3, the color Barbara image with a size of 787 × 576 × 3, and the color House image with a size of 256 × 256 × 3.

Histogram analysis
The histogram is one of the indexes to measure the performance of encryption scheme. For encrypted information, if the histogram of the ciphertext information is unevenly distributed, it will be easily cracked by the ciphertext attack. The histogram comparisons of partial test images before and after encryption are shown in Fig. 9. It can be intuitively seen that the distributions of original images are uneven before encryption, that is, there is a significant difference in the probability of grayscale. After encryption, the histograms of ciphertext images become very uniform, with good statistical characteristics, which increases the difficulty of deciphering, and can effectively resist statistical attacks.
The variance of a histogram can also be used to describe quantitatively the distribution characteristics of the histogram 39 , which is calculated by Eq. (7): where N denotes the number of gray levels of an image. Z is a vector and z i and z j are the numbers of pixels with gray values equal to i and j respectively. The smaller the variance of a histogram is, the flatter the histogram is, and the number of each gray level pixel in the image tends to be equal. The ideal value of var(z) is 0, which means z i = z j for all i and j. The variances of histograms of the tested plaintext images and the corresponding ciphertext images are listed in Table 1. It can be seen that the variance of the cipher images encrypted by our scheme is greatly reduced. Thus, our scheme has good performance in resisting statistical attacks.

Correlation of adjacent pixels
One of the important features of an image is the high correlation between adjacent pixels. Attackers generally use it to decipher the ciphertext image, so in order to prevent the attacker from inferring the key or plaintext from the relationship between adjacent pixels, it is necessary to destroy the correlation of adjacent pixels. The encryption scheme is considered to be effective if the information of the encrypted image cannot be obtained through adjacent pixels. The correlation calculation formula of
cov(x, y) where x and y are the gray values of two adjacent pixels in the image, cov(x, y) is the covariance, D(x) is the variance of the variable x, and E(x) is the expectation of variable x. The pixel distribution of plaintext image and ciphertext image in R, G, and B components of the scheme presented in this paper is shown in Fig. 10. It can be seen that the adjacent pixels of the original image are concentrated in the diagonal region, which is closely related, whereas the encrypted image pixels are distributed in the whole region irregularly, which means that the correlation of the encrypted image has been effectively reduced. Table  2 describes the correlation between the three components of the plaintext image and the ciphertext image in the horizontal, vertical, and diagonal directions. It can be seen that the two adjacent pixels in the plaintext image are highly correlated, whereas the correlation tends to zero in the encrypted image. Table 3 shows the correlation comparison between the scheme proposed in this paper and the scheme proposed in other references. It can be seen that the performance of the scheme proposed in this paper is better. In other words, it is not feasible for attackers to crack ciphertext images by using the correlation of pixels. Therefore, our scheme is security and free from statistical attacks.

Information entropy
Information entropy is utilized to measure the randomness of a random variable 41 , which is defined in Eq. (12).

Plaintext sensitivity
The differential attack is a kind of chosen-plaintext attack. In the case of altering one or more pixels of the plaintext and encrypting the original plaintext and the slightly altered plaintext respectively. If the change of position or degree of the obtained two ciphertext pixels is not obvious or shows a regular pattern, then the attacker can use the differential attack to obtain the key. Therefore, a good encryption scheme should be highly sensitive to changes in the plaintext, so as to effectively resist differential attacks 42 . The performance of resisting differential attacks is usually measured by the number of pixel of change rate (NPCR) and the unified average changing intensity (UACI). The NPCR obtains the difference between two images by evaluating the different number of pixels in the two images, which is defined in Eq. (13): where M and N represent the height and width of a image, D(i, j) is the difference value of the pixels corresponding to the two encrypted images C 1 and C 2 , which is defined in Eq. (14): The UACI measures the average intensity difference between two different images, which is defined in Eq. (15): The closer the NPCR value is to 100% and the UACI value is to 33%, the better the encryption quality is. When the plaintext is changed by 1 bit, we respectively test the NPCR and UACI values of the scheme proposed in this paper, the test results are shown in Table 5. It can be seen that the NPCR and UACI values of this scheme are very close to the theoretical values. It shows that the encryption system proposed in this paper has good sensitivity to plaintext and has a strong ability to resist differential attacks.

Key space
In order to resist the brute force attacks, there must be a large enough key space. In the scheme of this paper, the key includes the switching key d ranging from 1 to 6 and the initial values k 1 , k 2 , ..., k 6 generated by the plaintext image, it is declared as double-precision type, the key space of the encryption scheme is 6 × 2 192 . Compared with other references, as shown in Table  6, the key space of the scheme proposed in this paper is huge, which is much larger than the theoretical requirement value 2 128 , which is enough to resist brute force attacks.

Robustness analysis
Robustness refers to the ability to decrypt the original image when the encrypted image is polluted or attacked by noise during transmission 43 . We added Pepper & Salt noise and Gaussian noise with different noise densities to the cipher image respectively, and analyzed the robustness of the encrypted image when it is polluted. Figure 12  In addition, we conducted a cropped attack test on the scheme proposed in this paper. We cropped and removed parts of the cipher image, and then applied the same key to test its decryption effect. Figure 13 (a)-(c) shows that 6.25%, 25% and 50% of the cipher image is removed where 255 is inserted to the cropped pixels. Fig. 13 (d)-(f) shows the decrypted image is obtained using the proposed scheme. We can easily observe that by cropping a reasonably area, such as 6.25% or 25% of the cipher, the quality of the reconstructed images are still recognizable and acceptable. Even if there is only a half of the cipher image remained, the deciphered image can still be recognized. Therefore, the scheme proposed in this paper has good robustness.

Randomness tests analysis
SP800-22 is a software package released by the national institute of standards and technology (NIST) for randomness testing, which includes 16 randomness tests 44,45 . These tests are used to determine whether the data flow satisfies the characteristics of randomness. In this part, we will use SP800-22 to make a qualitative judgment on the randomness of color cipher images.
The experimental results are shown in Table 7. By analyzing the data in Table 7, it can be seen that the generated color cipher images have successfully passed the test. Therefore, the color cipher images generated in this paper have good randomness.

Conclusion
In this paper, a novel color image encryption scheme based on the combination of the 6-dimensional CNN hyperchaotic system and Chen's system was proposed. The advantages of the scheme are as follows.
• The key changes with the change of the plaintext image, so that it can resist the known plaintext or ciphertext attacks, and effectively overcome the shortcomings of traditional stream ciphers that are not sensitive to changes in the plaintext.
• The use of the 6-dimensional CNN hyperchaotic system increases the key space greatly, making the scheme sufficient to resist various brute force attacks.
• Compared with the traditional encryption scheme based on a single chaotic system, combining CNN with a highdimensional chaotic system can achieve higher security.
Simulation tests and security analysis showed that the scheme proposed in this paper is highly sensitive and the degree of scrambling of the ciphertext image is relatively high. Moreover, in this paper, the correlation between adjacent pixels is effectively reduced. Also, the information entropy value is close to the ideal value and the key space is huge. Above all, the scheme can effectively resist various attacks and the encryption effect is excellent. It can not only be applied to the encryption and transmission of real-time images but also be widely used in other fields of information security.