An Image Encryption Algorithm Based on Hyperchaotic System and Variable-Step Josephus Problem

,


Introduction
With the rapid development of modern information technology, more and more image information is transmitted on social networks, and many of these digital images carry private information. How to protect private information from being leaked has become a research hotspot [1]. Some traditional encryption methods such as Data Encryption Standard (DES) or Advanced Encryption Standard (AES) are mainly used for text information. Unlike text information, there are some inherent characteristics such as strong correlation and high redundancy between adjacent pixels in digital images. erefore, the traditional encryption algorithm has the disadvantage of low efficiency when encrypting digital images [2]. Based on the huge demands for protecting information security, in recent years, many researchers have proposed a number of new encryption algorithms to protect information security [3][4][5][6][7][8].
us, finding a suitable image encryption algorithm has been the goal pursued by researchers.
In 1997, Fridrich proposed an encryption algorithm based on the chaotic map, which applied the chaotic system to image encryption for the first time [9]. e chaotic system is a kind of nonlinear dynamic system [10]. It has complex pseudorandomness, neither periodicity nor convergence.
e chaotic system is very sensitive to the initial values of the system. Slight changes in the initial values will affect the evolution of the whole system, it is of great value in cryptography. Because of the sensitivity to the initial values and the characteristics of strong track ergodicity, the chaotic system is often used as the pseudorandom number generator. e encryption algorithm using the chaotic system has high security, which can make up for the shortcomings of the traditional encryption algorithm. In recent years, many image encryption algorithms based on chaotic systems have been proposed, and chaotic systems have gradually evolved from low-dimensional chaotic systems to hyperchaotic systems, multilevel chaotic systems, and hybrid chaotic systems [11][12][13].
ese new chaotic systems enrich the content of cryptography.
However, most of the previous chaotic-based encryption technologies are based on low-dimensional discrete chaotic maps [14][15][16][17]. In view of the limitation of computational accuracy, low-dimensional chaotic systems have the weaknesses of small periods and fewer periodic orbits, leading to weak cryptographic systems security. In order to overcome the fixed point and dynamic key space problems of one-dimensional chaotic systems, the literature [18] upgrades two one-dimensional chaotic maps into two-dimensional chaotic maps, and then encrypts the image. Hua et al. [19] proposed a two-dimensional chaotic sequence generation model combining a sine map and logistic map in 2015. e model uses sine mapping and parameters to adjust the output of a logistic map to enhance the nonlinearity of the two-dimensional chaotic sequence. And randomness improves the security of the encryption system to a certain extent. Due to its large key space and two or more Lyapunov exponents, hyperchaotic systems have more complex and unpredictable nonlinear behaviors. ey have great application potential in the field of image encryption and have aroused strong research interest among scholars. In 2014, Benyamin proposed a simple, sensitive, and secure image encryption algorithm based on hyperchaotic systems [20].
is algorithm uses the randomness of pseudorandom sequences generated by hyperchaotic systems, and uses only one scrambling process to achieve a good scrambling effect. e chaotic sequence generated by the hyperchaotic system is a pseudorandom sequence, and its structure is very complex and difficult to analyze and predict. erefore, the hyperchaotic system can improve the security of our image encryption system. is article will also use hyperchaotic systems to increase the security of the system.
While new chaotic image encryption algorithms are constantly proposed, cryptographic analysis of the chaotic image encryption algorithms is also continually carried out. Many image encryption algorithms based on chaotic systems have been cracked due to their inability to resist selectedplaintext attacks and known-plaintext attacks [21]. Some studies combine other encryption techniques to improve the security of chaotic image encryption [22]. In 2012, Ye and Wong proposed a new algorithm for image encryption using the hyperchaotic system and DNA sequence [23]. is algorithm uses a four-dimensional hyperchaotic system to generate pseudorandom sequences, converts pseudorandom sequences into DNA molecular sequences, and performs image diffusion operations. is algorithm can effectively resist plaintext attacks and has good encryption effect. In 2018, Wang et al. proposed an encryption algorithm based on the combination of Josephus traversal and four onedimensional chaotic systems [24], which used Josephus traversal to scramble pixel positions and the chaotic system to displace pixels. e analysis results show that the algorithm satisfies the basic requirements of image encryption algorithm. In the same year, Patro and Acharya proposed a secure multilevel permutation operation to encrypt color image [25], and the proposed encryption technique uses three levels of permutation operation to permutation color image.
To improve the coupling of the confusion and diffusion structure and improve the efficiency of encryption, image encryption algorithms based on pixel bit position permutation are widely studied. e permutation of the pixel bit can not only change the position of the bit but also diffuse the pixel value. In this paper, based on the traditional Josephus traversal method and the pseudorandom sequence generated by the hyperchaotic system, a random-step Josephus traversal method is proposed and applied to image scrambling process. is scrambling method simplifies the scrambling process by eliminating the need to sort the pseudorandom sequences, and the degree of scrambling cipher using this scrambling method is no less than that of the chaotic sequence sorting scrambling algorithm. e remaining parts of this paper are organized as follows: Section 2 introduces the basic theory of the chaotic system and Josephus problem. Section 3 introduces the encryption scheme, and Section 4 analyzes the security of this scheme. e last section concludes the paper.

Josephus Problem.
e Josephus problem is a countingout problem, and it originated from the story of the famous Jewish historian Josephus [26]. When the Jews were invaded by the Romans, Josephus and his friends were hiding in a hole with 39 Jews. ese 39 Jews did not want to be caught by the enemies, so they decided to suicide. ey stood in a cycle and reported numbers one by one. e man who reported the number 3 must suicide, then restart counting from the next person. However, Josephus and his friends did not want to die. How to be the last two people to be recycled? Josephus carefully calculated and placed him and his friends in the 16th and 31st positions. Finally, they escaped from the death game. e Josephus problem is described as follows: rearranging M elements into a circle. en, we repeat looping the circle by deleting the Nth element and restart counting by the N + 1th element [24,27]. We repeat doing these operations until the last element is selected.
ere is another solution to these problems. Still taking f(8, 3) as an example, first we rearrange the elements {1, 2, 3, 4, 5, 6, 7, 8} into a one-dimensional sequence; then, the total of these elements is 8, we calculate mod (3, 8) � 3 and delete the 3rd element which is 3. en, we rearrange the remaining elements into a new sequence {4, 5, 6, 7, 8, 1, 2}, because the total of the elements in the new sequence is 7, and we calculate mod (3, 7) � 3 and delete the 3rd element in the new sequence which is 6. Repeat doing these operations until the last element is selected. By using this method, the Josephus problem can be solved quickly.
In order to increase its diversity, some scholars had added the starting point International Journal of Optics the cycle direction. When D � 1, it represents a clockwise loop will be done, and when D � − 1, it represents a counterclockwise loop will be done. e parameter L is the number space, and it represents report one number every L counts.
is paper continues to improve the Josephus problem based on the above expansion methods and proposes a variable-step Josephus problem. is method combines the Josephus problem with the chaotic system and expands the parameter N into a pseudorandom sequence N ′ � N 1 ′ , N 2 ′ , . . . , N M ′ . When traversing the Josephus circle, the parameter N in the ith looping is N � n i ′ . Because the elements in sequence N′ have pseudorandomness, they can be expanded infinitely, and the solution of the Josephus problem is greatly increased. For example, when N′ � {1, 2, 3, 4, 5, 6, 7, 8}, the result of the function f e proposed method can also be used to expand parameters D and L, and it will not be described here. Finally, this expanded Josephus problem will have a solution method in M! 2.2. Hyperchaotic System. In 2019, Zhang et al. proposed the new hyperchaotic system, which is used to scramble and permute operations in this encryption algorithm [29]. e definition of the hyperchaotic system is shown: where a, b, c, d, e, f, and g are the system parameters. When a � 1.55, b � 1.24, c � 0.25, d � 0.05, e � 2.6, f � 0.21, and g � 0.48, the system is in a hyperchaotic state. It is proved in the reference that when the chaotic system is in a hyperchaotic state, it has positive Lyapunov coefficients. is chaotic system has passed the NIST test [29], and it has extreme security. Iterating the hyperchaotic system by the Runge-Kutta method with the step size of 0.002, the phase diagram of the hyperchaotic system is shown in Figure 1

Encryption Scheme
e encryption scheme consists of key generation, scrambling process, and permutation process. e details of these processes are as follows.

Key Generator.
is encryption scheme uses SHA-256 algorithm as a key generation function. e SHA-256 algorithm is a type of hash function, and it can convert any length of data into a series of 256-bit binary hash sequences. e SHA-256 algorithm has a key space of 2 128 , which can resist brute force attack. By inputting the original image into the SHA-256 algorithm, a 256-bit binary sequence H as the key of the encryption algorithm is obtained. e hyperchaotic system used for encryption algorithm has four initial values. In order to obtain these initial values, the sequence H is divided into 32 equal-length sequences as h 1 , h 2 , h 3, . . ., h 32 , and then the initial values x 1 , y 1 , z 1 , w 1 of the hyperchaotic system are calculated by Here, x 1 ′ , y 1 ′ , z 1 ′ , w 1 ′ are the given initial values. After the initial values are obtained, the chaotic system is iterated and the values of the first 1000 iterations are discarded to remove the transient effect. en, four pseudorandom sequences X, Y, Z, and W for scrambling and permutation are obtained.

Scrambling Method.
Scrambling is a commonly used method for changing the position of the pixels. It can be applied to encrypt the sequence with a certain rule. e scrambling method used in this paper is matching the position of the elements in the original sequence with the position of the elements in the pseudorandom sequence s � s 1 , s 2 , s 3 , . . . , s M of equal length, and then the new sequence s ′ � s 1 ′ , s 2 ′ , . . . , s M ′ is obtained by rearranging the sequence s � s 1 , s 2 , s 3 , . . . , s M under a certain rule. e original sequence is scrambled to a new sequence according to this rule and the encrypted sequence is obtained. e flowchart of the scrambling process is shown in Figure 2. e decryption process of the scrambling method is the inverse process of encryption, and it will not be described again.
In this paper, the scrambling method is used to scramble the pixel position and the bit position. In this pixel position scrambling method, the parameter N′ in Josephus problem is generated by the hyperchaotic system and the index sequence In the bit position scrambling method, the bit position in pixel is disordered by the fixed step size Josephus problem. e pixels in the image can be converted to 8-bit binary numbers. So, the total number M is 8, and the index sequence generated by the Josephus problem is s′ � f (8, N). Finally, the bits of the pixel are scrambled by the rules of s � {1, 2, 3, 4, . . ., 8}⟶s ′ � s 1 ′ , s 2 ′ , . . . , s 8 ′ .

Pixel Permutation.
is paper uses a 2-bit binary number addition and subtraction method to perform a permutation operation on the pixels. In the 2-bit binary numbers, there is a special addition and subtraction rule International Journal of Optics regardless of the carry and borrow in the addition and subtraction process. Only the last two binary digits in the operation result are retained. For example, '10' + '11' � '01' and '01' − '10' � '11'. ere are 32 possible cases when using this addition and subtraction rules. ese 32 cases are shown in Table 1.
When permuting two pixels with the 2-bit binary number addition and subtraction rules, the pixels should first be converted into two 8-bit binary numbers, and then the 8-bit binary numbers are split into 2-bit binary numbers. For example, using 225 and 108 for two-bit binary number addition and subtraction, first 225 and 101 should be converted into 8-bit binary digits "11100001" and "01101100", respectively, and then the two numbers are split into 2-bit binary numbers for addition. e result of the calculation is "00001101". We convert this number into a decimal number, and the result is 13. e two-bit binary addition and subtraction operations are reciprocal process.

Encryption Process.
In this paper, an image encryption algorithm based on the hyperchaotic system and variablestep Josephus problem is proposed. Assuming the size of the original image is height × width, the steps of the encryption scheme are as follows: Step 1. A 256-bit binary sequence H is obtained by inputting the original image into the SHA-256 function, and the initial values of the hyperchaotic system are calculated by formula (2) Step 2. Four pseudorandom sequences X, Y, Z, and W are obtained by iterating the hyperchaotic system. And in the chaotic system, the values of the first 1000 iterations are discarding to remove the transient effect.
Step 3. e sequence X is converted into a new matrix X 1 by formula (3), and then we input each row sequence in the matrix X 1 as the parameter N′ into the Josephus problem function to scramble each row pixel sequence in the original image. e cipher image I 1 is obtained: Original sequence   Step 4. Converting the sequence Y into a new matrix Y 1 by formula (4), each element in matrix Y 1 is in the interval [1,29]. e elements are used in matrix Y 1 as the parameter N to scramble the pixel corresponding to its position in cipher image I 1 to achieve pixel bit scrambling. e cipher image I 2 is obtained: Step 5. e sequence Z is converted into a new matrix Z 1 by formula (5), and then we input each column sequence in the matrix Z 1 as the parameter N′ into the Josephus problem function to scramble each column pixel sequence in cipher image I 2 . e cipher image I 3 is obtained: Step 6. Converting the sequence W into a new matrix W 1 by formula (6), each element in matrix W1 is in the interval [0, 255]. A cipher image C is obtained by using a 2-bit binary number addition operation to encrypt the cipher image I 3 with matrix W 1 : e flowchart of the encryption process is shown in Figure 3. e decryption process of the encryption algorithm is the inverse process of encryption, which will not be described again.   is encryption algorithm uses the SHA-3 algorithm to generate the encryption key. And the initial values of the hyperchaotic system are generated by the key. Among them, the key space of SHA-3(256) is 2 128 , and the key spaces of the four initial values of the hyperchaotic system are 10 40 . erefore, the key space of the encryption algorithm is 3.4028 × 10 78 .

Encryption Key Sensitivity Analysis.
During the encryption process, a small change in the key will cause a great change in the cipher. is phenomenon becomes the encryption sensitivity of the key. We usually use NPCR (pixel change rate) and UACI (pixel average change intensity) to measure the sensitivity of the encryption key. NPCR and UACI are shown in the following equations: e expected values of NPCR and UACI are 100% and 33.4635%, respectively. Taking the cameraman 256 × 256 image as an example, when the key is changed by 10 − 12 , the values of NPCR and UACI between the cipher image and the original cipher image are shown in Table 2. It can be seen from the comparison that the algorithm has strong sensitivity to key encryption.

Decryption Key Sensitivity Analysis.
e sensitivity of the key is more obvious in the decryption process. When the key is changed slightly, the decrypted image is significantly different from the original image. e plain cameraman image and decrypted images when the keys change slightly are shown in Figure 5. Generally, NPCR, UACI, MSE, and PSNR are used to measure the differences between these images. MSE (mean square error) and PSNR (peak signal-tonoise ratio) are two indicators to measure the similarity of two images. In general, when MSE ≤ 30 dB, there is no significant difference between the two images. When MSE > 30, the closer the MSE value is to 30, the smaller the difference between the two images. PSNR reflects the  International Journal of Optics magnitude of image distortion. e larger the PSNR, the smaller the image distortion. MSE (mean square error) and PSNR (peak signal-to-noise ratio) are shown in the following equations: When the key changes slightly, the indicators of the difference between the decrypted image and the original image are shown in Table 3. By comparison, the algorithm has strong sensitivity to key decryption. When the key changes slightly, the image cannot be decrypted.

Differential Attack Analysis.
e differential attack analysis refers to making minor changes to the original image and encrypting it, then analyzing the cipher image and analyzing its sensitivity to plaintext. NPCR (number of pixels change rate) and UACI (unified average changing intensity) are used to measure the ability of resisting differential attacks. Table 4 lists the values of NPCRs and UACIs between the cipher images and the cipher images when the original image changes by 1 bit. e data in Table 4 are close to the theoretical values. is reflects that there is a strong correlation between the cipher image encrypted by this encryption algorithm and the original image. Even if the original image changes slightly by 1 bit, the cipher image encrypted by this encryption algorithm will undergo a thorough change.
is algorithm is effective against differential attacks.

Histogram Analysis.
e histogram is an indicator of statistics in the image, which reflects the total pixel numbers of each value in the image [30]. e histograms of the original cameraman 256 × 256 image and brain 256 × 256 image and their cipher images are listed in Figure 6. By comparing and analyzing the histograms of the original images and the cipher images, it can be seen that the distribution of the pixel values of the original images is relatively centralized, which has certain statistical characteristics and has no resistance to brute force attacks. However, the pixels of cipher image are distributed more uniform, which breaks the rule of distribution of pixels and does not have statistical characteristics. e attacker cannot use statistical characteristics to restore the original information of the image, so it can resist statistical attacks well. e distribution law of the pixel histogram is measured by the chi-square (χ 2 ) distribution, using hist i (i � 0, 1, ..., 255) represents the histogram of an image, and the formula for calculating the χ 2 distribution is described in the following formula: e histogram obeys the chi-square distribution with 255 degrees of freedom. Given a significant level of α, make P χ 2 ≥ χ 2 α (n − 1) � α, namely, χ 2 < χ 2 α (n − 1), accept the hypothesis. When a significant levels α � 0.01, 0.05, and 0.   Table 5 passed the test. By comparison, it can be seen that the algorithm greatly changes the histogram distribution of the image and has a good ability to break the statistical characteristics of the plain images.

Information Entropy Analysis.
e information entropy is a concept used to quantify and measure information. It is used to measure the randomness and uniform distribution of pixels in an image. For a grayscale image, 256 states may    International Journal of Optics appear for each pixel, so the probability of each state for each pixel will be 1/256. For a completely random image, its ideal information entropy should be 8. e calculation method of information entropy is shown as formula (12). p(i) denotes the probability of each pixel: Table 6 lists some information entropies of the images encrypted by the proposed encryption algorithm. By comparison, the cipher images have good information entropies, which is close to the ideal value of 8, and the cipher images have good randomness.
In order to quantify the degree of randomness in the local area of the image, we used the concept of local Shannon entropy to test the cipher image. e local Shannon entropy can be defined as follows: In formula (13), k represents the total blocks. S 1 , S 2 ,. . .,S k are nonoverlapping blocks with T B pixels randomly selected in the image, and H(S i ) means the entropy of the chosen pixels in S i . When k � 30 and T B � 1936, the results of the local Shannon entropy are shown in Table 7. It can be seen from the results that the cipher image possesses high randomness.

Correlation Analysis.
For the original images, the values of adjacent pixels in most regions are very close. e correlation between the values of adjacent pixels in the image is very strong. Figure 7 shows the correlation analysis of the cameraman plain image and cipher image in three directions. Breaking the strong correlation between adjacent pixels is of great significance to resist statistical attacks. e calculation method of correlation coefficient between adjacent pixels is shown in formula (14).
We randomly selected 5000 pairs of pixels to calculate the correlation coefficients of the original image and cipher image in horizontal, vertical, and diagonal directions. e statistical results are shown in Table 8. Statistical results show that in the original image, the correlations between randomly selected pixels are very strong, while in the cipher image, the correlation coefficients between pixels are close to 0. e proposed algorithm can better disturb the correlations between pixels, so it can better resist statistical attacks.

Noise Attack Analysis.
In the process of information transmission, it is often interfered by various kinds of noise, resulting in signal distortion. Common noise interferences include Gaussian noise, Poisson noise, and salt and pepper noise. e recovery ability of cipher disturbed by noise is one of the standards to evaluate the performance of encryption algorithm. Here, the salt and pepper noise with intensity of 0.01, 0.05, and 0.1 are interfered to the cipher, and the decrypted images are shown in Figure 8.
Correlations, NPCR, UACI, MSE, and PSNR are used to measure the recovery degree of the algorithm suffered from noise attack, and the details are shown in Table 9. According to the data in Table 9, the encryption algorithm has a strong recovery ability against the noise interference and can resist the noise attack very well.

Data Loss Attack
Analysis. Data loss attacks are attacks that intercept cipher images and delete some data. A certain amount of data are lost after the cipher image is attacked. If   International Journal of Optics the recovery ability of the decryption algorithm is bad, the decrypted image of the cipher image after losing information cannot provide enough effective information. e test and analysis of data loss attacks refers to deleting some pixels of cipher image, then comparing, and analyzing the decrypted image with the original image through corresponding decryption algorithm, and its statistic recovery degree. Figure 9 shows the cipher images and corresponding decrypted images after data loss attacks. Correlations, MSE, PSNR, NPCR, and UACI are as indicators to measure the similarity of the two images. Table 10 lists the indicators of decrypted cameraman images after data loss attacks. rough comparison, it can be seen that the algorithm has recovery ability when it is attacked by data loss and has resistance ability to data loss attacks.

Classical Attack Analysis.
ere are four classical types of attacks: cipher-only attack (COA), known-plaintext attack (KPA), chosen-cipher attack (CCA), and chosen-plaintext attack (CPA). Among these four classical types of attacks, the COA refers to the attack performed under the cipher is known; the KPA refers to the attack under attacker masters a certain plaintext and the corresponding cipher; the CCA  refers to when the attacker uses this encryption algorithm to construct the cipher corresponding to plaintext; the CPA refers to when the attacker knows the plaintext corresponding to a certain number of ciphers. In these four attack methods, if the encryption algorithm can effectively resist CPA, it must be able to resist the other three classical types of attack methods. Attacker mostly use special image, such as white and all black to attack the image encryption methods and find the key. In this proposed algorithm, the scramble process and the pixel permutation process all related to the hyperchaotic system, and the initial values of the hyperchaotic system are very sensitive to the plain images; this has been proven in the key analysis and differential attack analysis, and so this algorithm can resist the CPA very well. e proposed algorithm can effectively resist the four classic attacks. Figure 4 shows the encryption results of all-black and all-white images of size 256 × 256. Tables 6 and 8 show the information entropy and three kinds of correlation of images.

Performance Comparison Analysis.
is section lists and analyzes the security analysis of some image encryption algorithms in the references. e comparison analysis of the literature results can illustrate the security of the encryption algorithm very well. Table 11 lists some security analysis indicators of the encryption algorithm. It can be shown in Table 11 that the proposed encryption algorithm has good encryption performance and can be applied in the field of image encryption.

Randomness Test of Cipher
Image. SP800 is a series of guidelines on information security issued by the National Institute of Standards and Technology (NIST). In the NIST standard series of documents, although NIST SP is not a formal statutory standard, in actual work, it has become a de facto standard and authoritative guide widely recognized by the United States and the international information security community.
is paper selects 14 test methods given in  e simulation platform and the computer configuration environment are shown in Section 4. Table 13 shows the encryption time to encrypt common images using the proposed algorithm. It can be seen that the proposed algorithm can encrypt the original image very fast.

Test Images of USC-SIPI Miscellaneous Database.
In order to further verify the performance of this scheme. e proposed scheme has been tested on the USC-SIPI miscellaneous database. Performance evaluations include differential attack, correlation coefficients, and information entropy. e results are shown in Table 14.

Conclusions
By analyzing and improving the Josephus problem, an image encryption algorithm based on the hyperchaotic system and variable-step Josephus problem is proposed in this paper. is method combines pseudorandom sequences generated by the hyperchaotic system with the Josephus problem, adds rules for the Josephus problem, and adds a method for scrambling pixel positions. e experimental results of the encryption algorithm show that the algorithm has a large key space to resist brute attacks and also can resist statistical attacks, differential attacks, data loss attacks, and other typical attacks. It can be widely used in the security transmission of images.

Data Availability
e data used to support the findings of this study are included within the article.

Conflicts of Interest
e authors declare that they have no conflicts of interest.