Visually Meaningful Image Encryption Scheme Based on DWT and Schur Decomposition

A visually meaningful image encryption scheme with an asymmetric structure based on the discrete wavelet transform (DWT) and Schur decomposition is proposed in this study. First, the RSA algorithm is used to generate the initial values for the chaotic system to produce the random sequence. ,en, both scrambling and diffusion operations are performed on the plain image to obtain the preencrypted image. Moreover, the Schur decomposition is applied on the preencrypted plain image to obtain the upper triangular and orthogonal matrices. Second, the cover image is scrambled followed by a DWToperation. Four subbands are then formed, namely, LL, HL, LH, and HH. Finally, the former upper triangular matrix and orthogonal matrix are embedded into subbands LH and HH produced by the cover image. After the application of the inverse DWTand inverse scrambling operation, the final visually meaningful cover image embedded with a secret plain image can be obtained. No one can identify any useful information about the plain image from the final embedded cover image, nor can anybody know that there is any hidden secret image. Experimental simulations show that the normalized correlation values between the original cover image and the final visually meaningful cover image are approximately 0.9997.,erefore, the proposed encryption scheme is imperceptible for secret image communications.


Introduction
In the era of high-speed information operations manifested by the rapid development and wide applicability of network and multimedia technologies, an increased amount of information is spread conveniently and quickly on the network. is introduces inconvenience to the vast number of network users. With the rapid development of network information, there are specific hidden dangers associated with the data transmitted on the network. e issue of privacy leakage has also surfaced in recent years. Information security has affected all areas of human social life and has spanned aspects of personal work and life, social economic development, and even strategic policy on national security. erefore, research on information security has become increasingly important. Furthermore, the protection of information security has also become a hot topic in international research. For a long time, data security technologies have mainly included data encoding, message authentication, and data hiding [1][2][3]. Data encoding involves the use of a key in a specific encryption algorithm to encrypt plaintext data into a disorderly distribution similar to garbled ciphertext information. is ensures that illegal users cannot obtain any useful plaintext information from the ciphertext information. Message authentication is used to realize the legal identity and data integrity of the sender and receiver through the use of related passwords or digital signature technology. Data encryption hiding is a method used to hide plaintext information, digital signatures, and digital certificates into publicly transmitted information subject to the premise of safe transmission of information. In this method, even if an attacker intercepts the information transmitted on the network, he cannot identify or extract effective information from it. For a deterministic system, its characteristics are convergence, divergence, and periodicity. e characteristics of chaotic systems are nonconvergence, nondivergence, and nonperiodicity. Because chaotic systems are highly sensitive to initial conditions and parameter values, this satisfies the sensitivity to the keys required in image encryption. e chaotic system obtains exponentially separated orbits after multiple iterations that are in line with the requirement of multiple rounds of scrambling and diffusion to disrupt the plaintext in image encryption. e topological transfer and chaotic characteristics of the chaotic system can satisfy the diffusion and confusion characteristics of image encryption. Based on the above analysis, it can be observed that the chaotic system meets our requirements for image encryption, so the chaotic system is extensively used in image encryption algorithms [4][5][6][7][8][9]. Nezhad et al. [4] proposed a new fingerprint image encryption method based on deoxyribonucleic acid (DNA) encoding and tent maps. First, the plaintext and chaotic maps were encrypted using DNA sequences. e encrypted plaintext image and the chaotic map then executed XOR operations to obtain the final encrypted image.
e experimental results show that the proposed encryption algorithm has a good encryption effect.
However, owing to the short cipher cycle and low accuracy of the low-dimensional chaotic system, this causes difficulties in the security of image encryption, and it is easy to decompose. erefore, a method for combining highdimensional chaotic systems and image encryption was proposed. Wang et al. [5] introduced an image encryption method based on a time-delayed chaotic system. First, a time-delayed chaotic system was introduced that has complex dynamic behavior characteristics. Based on this new system, a new image encryption algorithm was implemented. e final experiment showed that the algorithm had good security characteristics. In turn, Firdous et al. [6] proposed a new chaotic system based on new power-exponential structures of chaotic maps (PESCM) to perform confusion and XOR operations on the rows and columns of the three channels (R, G, and B) extracted from the color image. e color image encryption algorithm proposed by Tong et al. [7] through a hyperchaotic system can compress and encrypt the image according to the requirements of the reconstructed image quality. It has certain flexibility and a large key space and can resist brute force attacks. Zhou and Wang [8] proposed an encryption scheme based on a hyperchaotic system which was used to change the value in each pixel block and achieve closed-loop diffusion. Cheng et al. [9] used a hyperchaotic mapping system and scrambling-diffusion algorithm to encrypt and transform color images. e chaotic system used in this study is a new high-dimensional chaotic system that hides the chaotic attractor for image scrambling-diffusion encryption operations.
ere are many encryption algorithms such as one-time key based, bit-level permutation based, DNA rule based, and applied mathematical model based ones [10] that have shown good performance.
e encryption system can be symmetric [11,12] or asymmetric [13][14][15][16][17][18][19][20]. For a symmetric encryption system, the encryption and decryption processes use the same key that requires the transmission channel to be as safe as possible during the key transmission process. However, it is more difficult to achieve this. e encryption and the decryption keys in the asymmetric cryptosystem are different and can solve the problems caused by the symmetric key system. Wu et al. [15] proposed a scalable asymmetric image compression and encryption method using the discrete wavelet decomposition (DWT) and nonlinear operations in the cylindrical diffraction domain. e DWT reduces the amount of data and is more conducive to data transmission. Kumari et al. [19] proposed a new asymmetric color image encryption method that uses a discrete cosine transform in the Fresnel domain to encrypt and compress color images. First, the color image was divided into the three color channels R, G, and B. Each channel image was then converted into a phase image, combined with an amplitude mask, and was then subjected to Fresnel transformation. Phase reservation (PR) and phase truncation (PT) were then applied on the generated image with the phase-preserved part as the private key followed by the application of the Fresnel and DCT transforms. Finally, each channel was combined to form the final secret map. e final experimental simulation proved that the asymmetric encryption algorithm can resist various existing attacks and that security characteristics have improved. To propose a scheme with a larger key space compared with the traditional cryptosystems in the fields of Fourier transform (FT) and fractional FT (FRFT), Ren et al. [20] proposed an asymmetric image encryption scheme in conjunction with a phase-truncated discrete, multiparameter FRFT. e authors performed the pixel scrambling operation and random phase masking on the image and then used phase truncation to obtain asymmetric ciphertext with stable white noise.
Because traditional image encryption uses various encryption technologies, the original plaintext image was encrypted into meaningless noise-like images or texture-like images. ese surface features attract the attention of the attacker. is renders the encrypted image more vulnerable to attacks. Bao and Zhou [21] first proposed a new encryption scheme: encrypting the original image into a visually meaningful ciphertext image. After the DWT was applied on the cover image, the preencrypted plaintext image was embedded in the intermediate frequency and high-frequency subbands of the cover image to form a meaningful ciphertext image. Compared with traditional image encryption algorithms, this visually meaningful image encryption method effectively hid the existence of plaintext images making it impossible for an attacker to see whether there are plaintext images in all visual images, thus achieving the hiding effect. To a certain extent, the security of plaintext images was improved. Based on this encryption framework, many visually meaningful image encryption algorithms have been proposed [22][23][24][25][26][27][28][29][30]. Pan et al. [28] proposed a new, visually meaningful image encryption method based on compressed sensing. First, the plaintext image was divided into blocks followed by a DWT transformation, and a zigzag operation was used for scrambling. A logistic map was used to generate the compressed sensing matrix, and the Logistic-Tent map was then used for scrambling and diffusion operations. Finally, the encrypted plaintext image was embedded into the carrier image. e experimental results showed that the algorithm had good imperceptibility and good reconstruction quality. Chai et al. [29] combined compressed sensing with the least significant bit to propose a visually meaningful image compression sensing encryption scheme. In the preencryption process, compressed sensing technology and zigzag scrambling were used to obtain the encrypted plaintext. e image, the random sequence generated by the three-dimensional (3D) mapping, and the encrypted plaintext image are then embedded with the least significant bits to obtain the final, visually meaningful encrypted image.
In this paper, a new visually meaningful image encryption algorithm is proposed by combining the 3D chaotic system, public-key cryptography algorithm, DWT, and Schur decomposition. By using the 3D chaotic system and the public-key cryptography algorithm, the initial value of the chaotic system is encrypted. en, the plain image is scrambled and diffused, and then, Schur decomposition is performed.
en, the embedding operation is performed after performing scrambling and DWT on the carrier image. Finally, IDWT and inverse scrambling transform are performed to get the encrypted image with a meaningful visual.
Our contributions are as follows: (1) by using the embedding method, the secret plain image can be hidden in a cover image with imperceptible effect; (2) by employing the asymmetric RSA to generate the initial value of the chaotic system, it can solve the distribution of the key between the receiver and sender. e organizational structure of the rest of the article is as follows. Section 2 introduces a 3D chaotic system and the RSA algorithm. e image encryption and decryption process of the proposed method is described in Section 3. Section 4 presents the simulation experiments.
en, security analysis is given in Section 5. Finally, Section 6 presents the conclusions of the whole paper.

Fundamental Techniques
2.1. 3D Chaotic System. A new chaotic system with a hidden attractor is designed in reference [31]. e experiment proves that the chaotic system has strong chaotic behavior. A detailed description can be found in Reference [31]. e chaotic system consisted of two second-order nonlinear equations. e specific equations used to describe the system are as follows: In the above equation, x 2 x 3 and x 2 2 are quadratic nonlinear terms and α, β, c, and θ are the system parameters. When α � 0.1, β � 0.05, c � 0.1, and θ � 1, the Lyapunov exponent of the system [31] are L 1 � 0.02207, L 2 � 0, and L 3 � −0.02432. erefore, it shows chaotic behavior. is study uses this system to generate random sequences. According to the Runge-Kutta method, the iterative results of equation (1) are the two-dimensional projections on (x, y), (x, z), and (y, z), and the sequence diagrams of the three chaotic sequences x, y, and z generated are shown in Figure 1. Compared with the other low-dimensional chaotic system, the above 3D chaotic system is used with a large key space. Table 1 shows the NIST test for the random sequence produced from the 3D chaotic system.

RSA Encryption Algorithm.
e RSA public-key algorithm was proposed by Rivest, Shamir, and Adleman, which is a universal public-key algorithm that is extensively accepted and implemented and has now become an international standard for public-key cryptography. e mathematical foundation of the algorithm is Euler's theorem in elementary number theory, and its security is based on the difficulty of factoring large integers. e specific description of the RSA public-key cryptosystem is as follows: Step 1: generate the secret key (1) Randomly and secretly choose two large prime numbers p and q, and compute n � p × q and φ(n) � (p − 1)(q − 1) (2) Randomly select e in the range of 1 < e < φ(n), set gcd(e, φ(n)) � 1, and calculate the decryption key d, where d � e − 1 mod(φ(n)) (3) e public key is (e, n), and the private key is d Step 2: encryption For plaintext m < n, the corresponding ciphertext is c � m e modn Step 3: decryption For ciphertext c, the corresponding plaintext is m � c d modn

Image Encryption Process.
e framework of the proposed image encryption scheme is shown in Figure 2. e specific encryption steps are as follows: Step 1: the receiver selects large prime numbers p and q and calculates the public key eandn and the private key d. Make public keys e and n public, and keep the private key d for yourself.
Step 2: the sender randomly selects three numbers that are not less than zero and denotes them as a 1 , a 2 , and a 3 . Calculate the pixel sum S � M i�1 N j�1 P(i, j) of P from the plain image P of size M × N, and use the public keys e and n of the receiver to encrypt a 1 , a 2 , a 3 , and S with the RSA encryption algorithm to obtain the public parameters b 1 , b 2 , b 3 , and R.
Step 3: use a 1 , a 2 , and a 3 to generate the initial value x 0 , y 0 , and z 0 required by the chaotic sequence; the specific operations are as follows: x 0 � sin a 1 sin a 1 , Proof: because a 1 is an integer greater than zero and the value range of the sine function is between [−1, −1], after taking the absolute value, the value range is Security and Communication Networks between [0, −1]; thus, 0 < a 1 |sin(a 1 )| < a 1 . So, the final value range of x 0 is between [0, 1] and can take any value. In the same way, it can be inferred that y 0 , z 0 satisfies [0, 1] and can take any value.
Step 5: the random sequence x, y, and z are mapped into the range of [0, 255] by the following equation: where the symbol ⌊⌋ denotes the rounding-down operator.
Step 6: perform a scramble operation on the plaintext image P. First, M + N numbers are taken from the random sequence Xto form a sequence X � x 1 , x 2 , . . . , x M+N }. Perform row scrambling on P to obtain P ′ , and then, perform column scrambling on P ′ to obtain P ″ . e specific operations are expressed as follows: where i � 1: M and j � M + 1: M + N.
Step 7: M × N numbers are taken from 1 to form a sequenceY � y 1 , y 2 , . . . , y M×N , and convert it into a matrix E with size M × N. e modulo-diffusion operation on P ′ ' to obtain A by matrix E is as follows: where i � 1: M and j � 1: N.
Step 8: perform Schur decomposition on A to obtain p Uandp T.
Step 9: read the cover image Q with the size of 2M × 2N. First, 2M × 2N numbers are taken from the random sequence Z to form a sequence Z � z 1 , z 2 , . . . , z 2M+2N . Perform the row scrambling  operation on Q to obtain Q ′ , and then, perform the column scrambling operation on Q ′ to obtain Q ″ as follows: where i � 1: 2M and j � 2M + 1: 2M + 2N.
Step 10: perform DWT transformation on Q ″ to obtain an approximate matrix q LL and three detail matrices q HL, q LH, and q HH.
Step 12: perform the IDWT transformation of q_LL, q_HL, q_LH′, and q_HH′ to obtain B, and then, perform an inverse scrambling operation on B according to equation (8) to obtain the visual image C:
Step 3: perform a scrambling operation on the visual image C, and then, perform a DWT transformation to obtain an approximate matrix dq LL and three detailed matrices dq HL, dq LH, and dq HH. Extract p_U and p_T from dq LH and dq HH according to the following equation: where k � (x 0 + y 0 + z 0 )/3.
Step 4: perform the inverse Schur transform F � p U × p T × p U ′ to obtain F.
Step 5: inverse diffusion operation is performed on F to obtain I, and then, inverse scrambling operation is performed on I to obtain the decryption image D as follows: F ′ (:, j) � mod(F(:, j) − E (:, j), 256),

Experimental Results
e encryption algorithm presented in this study was implemented in MATLAB (version R2019a) on the Windows 10 platform with a 3.20 GHz processor. In this algorithm, the private keys are p, q, d, a 1 , a 2 , a 3 , and S, and the public keys are α, β, c, θ, e, n, b 1 , b 2 , b 3 , and R. e values of the parameters used in this test are listed in Table 2. Among them, S and R are related to the plaintext, and these values are not uniformly assigned. In the experiment, grayscale images and color images were selected for the simulation. Figure 3 shows the grayscale image encryption test results, and Figure 4 shows the color image encryption test results. As one can observe from the figure, it is impossible to know from the visual image that other images are hidden in the meaningful image, and the decryption restores the plain image more effectively. Table 3 gives the NIST test for an encrypted image.

Key Space.
e key space is a collection of all algorithmic keys. An encryption algorithm with a large key space can resist brute violent attacks effectively and has enhanced security. In this algorithm, the initial values a 1 , a 2 , a 3 , and Sare used in the chaotic system. Because a 1 , a 2 , and a 3 are arbitrary positive integers, the combination can be greater than 2 100 . For directly to the keys x 0 , y 0 , and z 0 , if the computational accuracy is set as 10 − 14 , the key space can reach 10 14 × 10 14 × 10 14 � 10 44 ≈ 2 146.1 > 2 100 . erefore, the proposed algorithm has a large key space that can effectively resist violent attacks.

Key Sensitivity Analysis.
is part mainly tests the key sensitivity of the proposed algorithm. When the decryption key changes slightly, the original plaintext image cannot be decrypted so the decryption key of the algorithm is more sensitive. A good image encryption algorithm requires a strong key sensitivity to effectively resist violent attacks. As shown in Figure 5, we choose the Lena image as the plaintext image and the Male image as the cover image for the test. First, a set of secret keys was used to encrypt and embed the plain image to obtain a visually meaningful encrypted image. en, encrypt and embed the plain image to obtain another visually meaningful encrypted image. It can be observed 6 Security and Communication Networks from Figure 5(e) that when the secret key changes slightly, it has a minor effect on the visual image. However, it can be observed from Figures 5(f ) and 5(g) that although the visual images are not much different, the plain image cannot be decrypted even if the secret key is slightly changed for decryption. is shows that the algorithm has high key sensitivity and can resist brute force attacks.

Statistical Analysis.
e histogram is used to show the distribution of each pixel value in an image, and the hidden effect of the encryption scheme that we propose is also displayed in the form of a histogram. We chose to hide the plain image (grayscale image Cameraman and color image Boat with a size of 256 × 256) in a different cover image, and the test result is shown in Figure 6.  Figure 6 that the final visual image and the histogram of the cover image are very similar, thus indicating that the hiding effect is very good.
By using variance of the histogram, we can evaluate uniformity of a cipher image easily. Lower value of variance indicates the higher uniformity of the cipher image. e variance of the histogram is presented as follows: where Z is the vector of the histogram value with Z � {z 1 , z 2 , . . ., z 256 } and z i and z j are the numbers of pixels equalling to i and j, respectively. As seen from Table 4, the variance value of the visual image is very close to that of the carrier image. So, our algorithm has a good hiding effect. Table 5 gives the comparisons of different methods. It is easy to see that the values are smaller in the encrypted images. Chi-squared analysis is employed to test the plain image and cipher image, which is defined as follows: where exp i � (M × N/256), M × N is the image size, and exp i and obs i are the expected and observed frequencies, respectively. Table 6 shows the results of Chi-square with all values pass.

Quality Analysis.
In this study, the plaintext image is hidden in the cover image by asymmetric encryption. us, the imperceptibility of the algorithm is particularly important. e following compares and analyzes the normalized correlation coefficient (NC) and information entropy (H) between the cover and the visual images. Generally, the larger the NC value is, the higher the similarity of the two images is, that is, the better the hiding effect. Additionally, the values of H of the cover and the visual images are close, thus indicating that the two images are also approximately similar. e definitions of NC and H are as follows: H � − P(X(i, j))log 2 P (X(i, j)).
Among them, X and Y are two different images, P(X(i, j)) is the number of times X(i, j) appears, and the size of the image is M × N. Table 7 shows the NC and H values between different cover images and visual images of grayscale images, and Table 8 lists the NC and H values between different cover images and visual images of color images. It can be observed from Tables 7 and 8 that irrespective of whether it is a color image or a grayscale image, the NC value between the cover image and the corresponding visual image is approximately 0.9997, which is very close to the theoretical NC value of one. Moreover, the information entropy between the cover and the visual images are also very close, thus indicating that our encryption scheme has a good hiding effect.

Classical Attacks.
ere are four classical types of attacks which are as follows: (1) ciphertext-only attack; (2) known-plaintext attack; (3) chosen-plaintext attack; (4) chosen-ciphertext attack. Chosen-plaintext attack CPA and known-plaintext attack KPA are two most important types of attacks that attackers use to make an illegal attack. In our encryption process, the generated random sequence is related to the plaintext, and the chaotic system is sensitive to the initial value. erefore, any attacker cannot extract Security and Communication Networks useful information by encrypting certain selected images because the encrypted output is only relevant to the selected image. erefore, the proposed algorithm can resist CPA and KPA.
As to the black image and white image, Figure 7 shows the simulation results for them with different size, i.e., 256 × 256, 256 × 512, and 512 × 512. By observing the encrypted images, we can find that it is impossible to extract any information from the encrypted images.

Computational Complexity and Time Complexity
Analysis. For a plain image of size M × N and a cover image of size 2M × 2N, the computational complexity to generate randomly based on the 3D chaotic system is O (5 × 4MN) � O(20MN). In the encryption stage, the computational complexity is O (2MN). So, the overall computational complexity to perform encryption operation is O (20MN + 2MN) � O(22MN).
at is to say, for a message with length n � MN, the computational complexity  is O(n) besides of DWT and Schur decomposition. Moreover, Table 9 lists the time cost for both grayscale and color images.

Mean Square Error and Peak Signal-to-Noise Ratio
Analysis. Mean square error (MSE) measures the difference between two images. e bigger value of MSE shows the larger difference. MSE is defined by the following equation: where P, E, D, C, and V represent the plain image, encrypted image, decrypted image, cover image, and visual image, respectively, and MSE PE , MSE PD , and MSE CV are the MSE between plain image and encrypted image (PE), plain image and decrypted images (PD), and cover image and visual images (CV), respectively. PSNR measures the fidelity of an image. e low value of PSNR shows the large difference of the encrypted and plain image. e peak signal-to-noise ratio (PSNR) between two images is as follows: PSNR PE � 10log 10 2 n − 1 2 MSE PE , where n is the number of bits, which is equal to 8 for a gray image and PSNR PE , PSNR PD , and PSNR CV are the PSNR between plain image and encrypted image (PE), plain image and decrypted image (PD), and cover image and visual image (CV), respectively. Table 10 and 11 show the test resutls for MSE and PSNR. From Table 10, we can see that the MSE PE is very large, and the PSNR PE is very small. is shows that the encrypted image is very different from the plain image. e MSE PD is zero, and the PSNR PD is infinite. is shows that the decrypted image and the plain image are the same. e MSE CV is small, and the PSNR CV is around 44. is shows that the visual image and cover image are very similar. Moreover, compared with Reference [32] and Reference [33], the encryption effect of our scheme shows better performance.
From Table 11, the PSNR values between the cover image and the visual image (CV) are bigger by using our method. Figure 8 is a bar chart showing the data in Table 11. So, the visual hiding effect of the proposed encryption scheme is in better performance.

Differential Attack Analysis.
Two common measurements to evaluate the effect of differential attack, i.e., NPCR (number of pixels change rate) and UACI (unified average changing intensity), can be computed as follows: where M and N represent the width and height of the image and C 1 and C 2 are the ciphered images before and after one pixel of the plain image being changed, respectively. For the pixel at position (i, j), if C 1 (i, j) ≠ C 2 (i, j), let D(i, j) � 1; else, let D(i, j) � 0. NPCR and UACI tests of our algorithm are listed in Table 12. Table 13 shows some comparisons of NPCR and UACI. erefore, there is strong plaintext sensitivity in our encryption scheme to resist differential attack.            Reference [36] Reference [37] Reference [38] [11] 99.60 33.48 Reference [17] 99.6395 33.3992

Conclusions
By using DWT and Schur decomposition, an asymmetric, visually meaningful image encryption scheme was described in this study. A secret image was embedded into another cover image to effectively hide the secret image and fully realize visually meaningful image encryption. In our method, the asymmetric encryption algorithm RSA was chosen to solve the key management and distribution problems caused by the symmetric encryption structure. Moreover, the plain image feature was extracted from our encryption scheme and used in the image encryption process to select the random sequence. is can effectively resist the chosen plaintext and known plaintext attacks. Schur decomposition was employed on the preencrypted image to embed the secret image into a cover image within its DWT domain that made the final visual cover image more imperceptible with an increased NC value.
In the future work, due to the large redundancy of the image, compressive sensing technology is suggested and applied into the image encryption algorithm. As a result, we do not need to process every pixel in the process of encryption. By using compressive sensing technology to compress and encrypt the image, it can improve the speed and effect of encryption effectively. However, it will also lead to much time cost to reconstruct the image. So, there are still a lot of works that should be considered in the future.

Data Availability
e data used to support the findings of this study are available from the corresponding author upon request.

Conflicts of Interest
e authors declare that they have no conflicts of interest.