Image Encryption Using the Chaotic Josephus Matrix

This paper presents a new image encryption solution using the chaotic Josephus matrix. It extends the conventional Josephus traversing to a matrix form and proposes a treatment to improve the randomness of this matrix by mixing chaotic maps. It also derives the corresponding encryption primitives controlled by the chaotic Josephus matrix. In this way, it builds up an image encryption system with very high sensitivities in both encryption key and input image. Our simulation results demonstrate that an encrypted image of using this method is very random-like, that is, a uniform-like pixel histogram and very low correlations in adjacent pixels. The design idea of this method is also applicable to data encryption of other types, like audio and video.


Introduction
Encryption is the process of transforming information (referred to as plaintext) using an algorithm (referred to as a cipher) to make the encrypted information (referred to as ciphertext) unreadable to anyone except those authorized users with special knowledge (referred to as a key) [1].Encryption has been long used by militaries and governments to facilitate secret communications.Since the digital revolution in the 1980s, the demands of digital encryption in various applications have quickly increased because digital storage and communication are widely used.Encryption is now commonly used in protecting information within many types of civilian systems, like personal emails and patient documents.
Digital image is a major data type of two dimensions.Although a digital image can be extracted in order and becomes a one-dimensional data, its distinctive characteristics make conventional ciphers developed for one dimensional data unsuitable [2], for example, those based on Data Encryption Standard (DES) [3] and Advanced Encryption Standard (AES) [4].As a result, digital image encryption has become an attractive research area in the past decade [5][6][7][8][9][10][11].
The chaotic map is considered a wise choice for data encryption because of its ergodicity, mixing property, high sensitivity to the initial conditions, high deterministic properties, high unpredictable random behaviors, and so forth [2,5,9,[12][13][14][15].However, the chaotic encryption method is criticized for its vulnerability to attacks via certain basin structures [16], its low efficiency for encrypting the whole image [2], its deteriorated randomness property from its use of the finite precision with fixed-point arithmetic [17], and nonuniform distribution of the chaos sequence [18].
In computer science [19] and mathematics [20], the Josephus problem is a theoretical problem related to a certain counting-out game.If the counting-out order is recorded as a sequence, a Josephus traversing is obtained because all elements in the game are traversed without repetition.The Josephus traversing has already been used in data encryption field for years.The Josephus traversing is simple to realize and fast to compute, but previous attempts focused more or less on the scrambling purposes [21,22].However, scrambling based encryption is vulnerable to statistical attack, ciphertextonly attack, and known plaintext attack [23] because it never changes pixel values.
In order to achieve higher security level, many recent efforts adopt the hybrid idea to use one encryption system to suppress disadvantages of another system while keeping advantages unchanged.For example, [24] incorporates the chaotic map to DES; [25,26] combine the chaotic map into Input: , the initial total number of persons in a circle , the starting position in the circle , the counting period Output:   , the Josephus permutation sequence according to parameter set (, , ) count = 0; done = 0; pos = ; label = zeros ( conventional transform domain encryption; [27,28] add chaotic map to Sudoku puzzles for encryption.In this paper, we develop a new image encryption method by combining the ideas of the chaotic map, the Josephus traversing sequence, and conventional substitution and transposition ciphers.The remainder of the paper is organized as follows: in Section 2, the Josephus permutation and the Logistic chaotic map are briefly reviewed; in Section 3, the CJPM and its generator are given; in Section 4, the proposed image encryption method based on CJPM is fully discussed including its flowchart and functions for each part; in Section 5, simulation results are shown and various security analyses are applied; in Section 6, the paper is concluded.

Josephus Permutation. The Josephus permutation or
Josephus problem is well known in computer science and mathematics.It is named after Flavius Josephus, a Jewish historian lived in the 1st century.It is a theoretical problem related to a certain counting-out game that works by having  people standing in a circle, with consecutive tags from 1 to .Starting at predetermined person, you count around the circle.Once you reach the th person, take them out of the circle and have the members to close the circle.Then repeat the process, until only one person is left.That person wins the game.If we record the tags of people who have been taken out at each round as a sequence, then this sequence is a permutation of a natural number sequence and is called Josephus permutation sequence.

Chaotic Logistic Map.
The Logistic map is a polynomial mapping of degree two.It was introduced by the biologist Robet May in 1976 [31].The Logistic map is written as (5), where symbol L is used to denote the Logistic map;   ∈ [0, 1] and represents the population at year  and hence  0 represents the initial population at year 0;  is a positive number and represents the combined rate for reproduction and starvation [32].This map is often cited as an example of how complex chaotic behaviors can arise from a very simple nonlinear dynamic equation.Consider The Logistic map has been well studied.The plots of the first few iterations of the Logistic map and its bifurcation diagram are shown in Figure 1.It is well known that when  ∈ [3.57, 4] (approximately), the Logistic map has chaotic behaviors for most values, but there are still certain isolated ranges of  that show nonchaotic behavior; for example,  ≈ 3.83, which corresponds to a big gap in its bifurcation diagram.

Chaotic Josephus Permutation Sequence (CJPS).
From previous sections, it is clear that the Josephus permutation sequence   and the chaotic permutation sequence   are obtained from different mechanisms.The Josephus permutation sequence   is easy to obtain but not completely randomlike, while the chaotic permutation sequence   is randomlike but requires a large amount of computations for maintaining accuracy.It is desirable that a permutation sequence be random-like and only costs moderate computations.In order to achieve the above objective, the new Josephus permutation sequence based on a chaotic permutation sequence   is defined, whose initial positions on the circle are not consecutive numbers like those in the conventional Josephus problem.This new problem can be restated as follows: (1)  people with numbered tags stand in a circle (these numbers together form a permutation sequence according to sorting a chaotic sequence); (2) starting at predetermined person, you count around the circle until you reach the th person; take him out of the circle and have the members to close the circle and record his tag number; (3) repeat the process, until only one person is left.If we record the tags of people who have been taken out of the circle as a sequence, then a chaotic Josephus permutation sequence is obtained.
It is noticeable that the chaotic Josephus problem has parameters for both the chaotic Logistic map and for the conventional Josephus problem.In other words, a chaotic Josephus permutation sequence   is determined by (11), where parameters , ,  have the same meanings as in (1),  0 and  are parameters in the Logistic map, and  determines the number of thrown-away samples in the chaotic Logistic sequence.Consider   =  (, , ,  0 , , ) . (11) In the conventional Josephus problem (controlled by parameters (, , ); see ( 1)), a natural number sequence 1 to  is used to denote the tags for people standing in the circle, while a permutated sequence   (controlled by parameters ( 0 , , , ); see ( 6)) is used in the chaotic Josephus problem as the tags.In order to match the sequence lengths of   and   ,  =  is the condition that has to be satisfied.The conventional Josephus problem and the chaotic Josephus problem for  =  = 12 are illustrated in Figure 2.
Therefore, the new Josephus permutation sequence   can be denoted as a composed function of a conventional Josephus permutation sequence   and a chaotic permutation sequence   : For example, if   = (18, 1, 4) in ( 2) and   = (0.4,3.8, 18, 0) in ( 10) are preknown,   = (18, 1, 4, 0.4, 3.8, 0) is obtained as (13) shows by using (12).Similarly, ( 14)-( 16) can be also obtained.Consider Compared to the previous conventional Josephus permutation sequence (see ( 2)-( 4)), the chaotic Josephus permutation sequences (see ( 12)-( 15)) are more random-like because (1) the difference between its very first elements is not related to its counting period anymore; (2) the difference between two   s, which are only different in their starting positions, is no longer equal to the difference of their starting positions; (3) slight perturbations in chaotic map parameters lead to big changes in resulting   s; (4) two neighbor elements in   may or may not be consecutive.Therefore, the chaotic Josephus permutation sequence is more random-like than the conventional Josephus permutation sequence.

Chaotic Josephus Permutation Matrix (CJPM).
Based on chaotic Josephus permutation sequence(s), a chaotic Josephus permutation matrix can be generated via various ways.Among these methods, Algorithm 2 illustrates a straightforward method to obtain a CJPM via a CJPS by rearranging CJPS elements to a matrix.
It is noticeable that Algorithm 2 is equivalent to rearranging a sequence of elements into a matrix following the order illustrated in Figure 3.
Therefore, a CJPM is determined by the same set of parameters controlling a CJPS.In order to emphasize the matrix property, the parameter  in CJPS is replaced by two parameters of height  and width , where  = .Similarly, a CJPM is uniquely determined by a set of parameters (, , , ,  0 , , ) as for a CJPS.Mathematically, this claim can be denoted as  = CJPM (, , , ,  0 , , ) . ( t N x r , y r , w p = L(X 0 , s, n) cq = cJ(t, s, n, X 0 , r, m)

Image Encryption Algorithm Based on CJPM
In 1949, Claude Shannon, the father of "Information Theory, " proposed that confusion and diffusion are two properties of the operation of a secure cipher, where the term confusion refers to making the relationship between the encryption key and the ciphertext a very complex and developed one  [33], and the term diffusion refers to the property that the redundancy in the statistics of the plaintext is "dissipated" in the statistics of the ciphertext [33].In other words, for a secure cipher, it has to have good confusion and diffusion properties: (1) different ciphertexts are desired to have similar statistics; (2) any slight change in a plaintext is desired to lead to big difference in its ciphertext.The image encryption algorithm based on CJPM is proposed in this section to meet these two criteria.

Flowchart of Image Encryption Algorithm Based on CJPM.
Since the CJPM is parametric and random-like, it can be used for image encryption directly.However, considering the requirements from confusion and diffusion properties, the encryption procedure can be described as Figure 5 shows.The plaintext image is first sent to the CJPM generator, which is a preparation stage for generating a CJPM  for future use.Later, this CJPM  is used as a reference matrix to permute and substitute image pixels for each image block in the stages of pixel permutation and pixel substitution, respectively.The decryption procedure is simply to reverse the encryption procedure.

Key Schedule.
It is clear that the CJPM is the core of the cipher and thus key is related to the used CJPM reference matrix .Initial key is composed of parameters (  ,   , , , , , , , ), where (  ,   , ) is used in CJPM generator for obtaining plaintext-dependent parameter  0 used in the Logistic map; (, ) are used as the parameter  in (1) and the parameter  in (6).The functions of each part of the initial key are shown in Figure 6.
The output encryption key is composed of (, , , ,  0 , , ), all of which are directly required for determining a CJPM according to (17).Among these parameters, , , , , and  are restricted to integers;   ,   , , and  0 are decimals.More specifically,  and  should be positive integers smaller than the plaintext image size;  and  should be positive integers below the product of ;  should be a number in between [3.6, 4]; (  ,   ) is an arbitrary point on  plain with weight  and  is a nonnegative integer.

CJPM Generator.
In order to enhance the resistance to differential attacks, the CJPM generator used in Figure 5 is designed to be plaintext dependent.Recall that a CJPM is determined by a set of parameters (, , , ,  0 , , ) shown in (17).In the CJPM generator for image encryption, only the parameter  0 is not directly given by the initial key but by the plaintext and a reference point (  ,   ) controlling the weight in calculating the center of gravity.Once  0 is generated, it is stored in the encryption key.The whole procedure of translating the initial key to a plaintext-dependent CJPM matrix  and encryption key is shown in Figure 7.
A plaintext is considered as an object of pixels where its upper-left corner pixel is the reference point located at (1, 1).Correspondingly, pixels next to it along  and  directions are (2, 1) and (1, 2), respectively.The center of gravity of this plaintext is calculated via (18), where   denotes the th pixel intensity value and   and   denote the location of the th pixel in the image with respect to the upper-left corner.Once the center of gravity (  ,   ) is obtained, the initial value of Logistic map  0 is also determined via (19), where arctan(⋅) is the arc tangent function and sin(⋅) is the sine function.It is easy to verify that the range of ( 19) is [0, 1], which satisfies restrictions for the initial value  0 in the Logistic map.Finally, all required parameters for a CJPM, that is, (, , , ,  0 , , ), are obtained and thus a CJPM  is generated.Meanwhile, the used parameters are stored as the encryption key, which can be used in the decryption process.Consider It is worth noting that the plaintext-dependent CJPM generator guarantees that the proposed cipher has good diffusion property: any slight changes in plaintext lead to big difference in ciphertext.This is because the resulting preknowing the reference point's coordinate (  ,   ) and its weight , there is no way to slightly change plaintext image pixels so that its gravity center is unchanged.

Pixel Substitution.
Pixel substitution refers to the process of changing pixel values.From the point of view of statistics, this process is to change the statistics of a plaintext image, so that the statistics of resulting ciphertext image is completely different.Moreover, it is desired that different ciphertext images have similar statistics, which implies that ciphertext images tell little information about keys and plaintext images.As a result, the confusion property is achieved.
The proposed pixel substitution block is shown in Figure 8, where symbol  = 2  and  denotes the number of bits supported by the format of the plaintext image.For example, if plaintext  is an 8-bit gray image, then  = 2 8 = 256; if plaintext  is a binary image, then  = 2 1 = 2.It can be noticed that the reference CJPM  is first to convert to   , whose format is compatible with the format of the plaintext image; later   and  are added over the space of ; finally the encrypted image  is obtained.
Because elements in a CJPM matrix  are uniformly distributed on integer set [1, ], after "Mod" operation,   still has a uniform-like distribution for its elements on [0, ].As a result, when this   is used to randomly shift the pixel value in plaintext, the resulting pixel value in ciphertext has an equal opportunity to be any value on [0, ].As a result, a uniform-like histogram is achieved in the ciphertext.
Pixel substitution results based on CJPMs are shown in Figure 9.It is clear that histograms before and after pixel substitution are very different and ciphertext histograms are very flat compared to plaintext ones.It is also noticeable that as the size of the reference CJPM increases the ciphertext has a better encryption quality from the point view of human visual inspection.

Pixel Permutation.
Pixel permutation refers to the process scrambling the positions of pixels in plaintext to disguise information contained in an image.Denote an image before and after pixel permutation as  and , respectively.Assume the way of indexing image pixels is the same as the order to rearrange elements in a CJPM as Figure 3 shows.Then the pixel permutation process can be mathematically defined as a permutation   between domain  and range : ∀,  ∈ {1, 2, . . ., }, ∃  =   =    () , where  is the total number of pixels in the image.As we mentioned in previous sections, a CJPM is generated from a CJPS, which is a permutation sequence.Therefore, a CJPM can be directly used for pixel permutation that is given a CJPM , and its pixel permutation can be defined as   () = ().
For example, Figure 10 illustrates pixel permutation results of the "Tufts" logo image for different CJPMs.It is clear that pixels are well shuffled within the image block.As long as the size of CJPM/processing image block increases, the resulting shuffled image looks better and better.When the block size reaches to or over 128-by-128, pixels in the plaintext are almost evenly shuffled.
It is clear that images after pixel permutation look very different from the plaintext image.It is also worth noting that a CJPM also depends on a set of parameters besides the size and that any change in other parameters will lead to a completely different permutated image.

Simulation Results and Security Analysis
An excellent encryption method should be both robust and effective.Robustness means that the cipher should be applicable to any plaintext image written in a supported format.Effectiveness implies that the cipher is able to generate eligible ciphertext images, which hide information from possible intruders.
In this section, we focus on discussing the performance of the CJPM based image cipher described in Section 4. It is worth noting that all following computer simulations are run under MATLAB 2010a and Windows XP environment with Core 2 Quad 2.6 GHz processors.

Histogram Analysis.
Histogram analysis is one of the most straightforward evaluations for ciphertext quality for it directly analyzes the pixel distribution of a ciphertext image.
Figure 11 illustrates image encryption results for various plaintext images: image "113" is a binary handwriting scanned image selected from ICDAR 2009 database; image "Lena" is a commonly used image of gray type; image "5.1.13"and "testpat.1k"are used to mimic the possible complex patterns in plaintext and they are both selected from USC-SIPI database.It is worth noting that the used CJPM is at size of 256-by-256.It is clear that no matter what histogram a plaintext image has, the histogram of its ciphertext image is flat, which implies that the pixel distribution is almost uniform.Complex patterns and large homogenous regions in plaintext images are completely unintelligible and become randomlike in ciphertext images.These results imply that the proposed image encryption method based on CJPM is robust and effective for various image formats and contents.

Adjacent Pixel Autocorrelation (APAC) Analysis.
High correlations of adjacent pixels can be utilized to carry out cryptanalysis.Therefore, a secure encryption algorithm should break the high correlation relationship between adjacent pixels.
In statistics, the autocorrelation   of a random process  describes the correlation between values of the process at different points in time, as a function of the two times or of the time difference.The autocorrelation coefficient   is defined in (20), where  is the time difference,  is the mean value defined by (21), and  is the standard deviation defined by (22); the definition of mathematical expectation is given in (23): The closer to zero this coefficient is, the weaker the relationship two different time functions have.Specifically, in adjacent pixel correlation test, we let  be the image pixel sequence and let  be 1; that is, compare to the adjacent pixel sequence.
Based on the reference direction, there are three ways of extracting a two-dimensional image to a one-dimensional sequence and they are the horizontal adjacent correlation coefficient, the vertical adjacent correlation coefficient, and the diagonal adjacent correlation coefficient.
"Lena" image in the 2nd column of Figure 11 is used as the test plaintext image because its APAC is widely reported by other encryption methods.Peer comparison results of the proposed CJPM cipher and cited encryption methods on APAC are shown in Table 1 (best results are bolded).
In addition, Figure 12 shows the result of randomly selected 1024 pairs of two adjacent pixels from the plaintext and the ciphertext along horizontal, vertical, and diagonal directions, where and -axes denote the intensity values of a randomly selected pixel and its adjacent pixel, respectively.It is clear that after applying the CJPM based image cipher, the high correlations between adjacent pixels in plaintext are broken.

Plaintext Sensitivity Analysis.
In order to test the resistance of the cipher to differential attacks, plaintext sensitivity analysis is required for a secure cipher.In differential attacks, an adversary attempts to extract meaningful relationship between a plaintext image and its ciphertext image by making a slight change, usually only one pixel, in the plaintext image while encrypting the plaintext image with the same encryption key.By comparing the change in ciphertext images, the encryption key might be cracked and furthermore the information contained in ciphertext might be leaked.
Although there are other measures [34,35] to evaluate the resistance of plaintext attacks, two classic measures are the Number of Pixel Change Rate (NPCR) and Unified Average Table 2 shows the NPCR and UACI results for one pixel change in the "Lena" image.It is clear that, for CJPMs at various sizes, the proposed cipher has good performances in both the NPCR and UACI analyses.Simulation results fit the expectations of the ideal cipher very well.
Figure 13 shows a differential attack on "Lena" image while keeping the encryption key unchanged.It is noticeable that the difference between two plaintext images is the pixel on Lena's nose.However, the ciphertext images are so different that the image of their difference is still randomlike.As a result, the one pixel change in the plaintext image is "dissipated" in ciphertext.From this point view, this plaintext sensitivity is closely related to the diffusion property of a cipher.In other words, it is reasonable to claim that a cipher has good NPCR and UACI results if it has good diffusion properties.

Key Space Analysis.
The encryption key in the proposed image encryption method using CPJM is composed of a set of parameters (  ,   , , , , , , , ), where (  ,   ) is an arbitrary point on  plain;  is a nonnegative decimal;  and  should be positive integers smaller than the plaintext image size;  and  should be positive integers below the product of ;  should be a number in between [3.6, 4]; and  is a nonnegative integer.Therefore, theoretically, the key space of the proposed cipher is infinitely large.
Because the chaotic Logistic map is used as the trigger for pseudorandom sequences, the proposed cipher has high key sensitivities as well.The results of key sensitivity analysis are shown in Figure 14, where the set of parameters written in parenthesis is the used key.It is clear that unless the correct decryption key is applied, a ciphertext image cannot be restored.

Conclusion
In this paper, we discussed the generation of a chaotic Josephus permutation matrix by using the conventional Josephus permutation sequences and the logistic chaotic map.The proposed CJPM is parametric and is uniquely dependent on the set of parameters, which is sufficiently large to provide a secure size of key space.As another heritage from the chaotic Logistic map, the CJPM is highly sensitive to its initial values (parameters).Any slight change in parameters leads to significant differences in resulting CJPM.Simulation results show that (1) the ciphertext image is random-like from the perspective of human visual inspection; (2) the encryption quality is almost independent of the plaintext image; (3) the proposed encryption method is able to encrypt plaintext images with large homogeneous regions to secure ciphertext images; (4) histogram analysis also shows that different ciphertext images tend to have the uniform distribution on [0, ]; (5) adjacent pixel correlation analysis shows that neighbor pixels in ciphertext have lower correlations than many existing encryption methods; (6) the proposed cipher is highly sensitive to encryption key and plaintext; (7) experimental UACI results of the proposed cipher are very close to those of the ideal one.
The proposed cipher can be used for various image types, for example, binary images, 8-bit gray images, 16-bit gray images, RBG images, and so forth.The same encryption idea may also be applied to audio, video, or other types of digital formats.

Figure 4
Figure 4 illustrates various CJPMs via Algorithm 2 according to different parameter sets.It is clear that CJPM is very sensitive to its parameters and small changes in the parameter set lead to distinct CJPMs.

Figure 11 :
Figure 11: Histogram analysis for image encryption based on CJPM.

Figure 12 :
Figure 12: APAC analysis for image encryption based on CJPM.