FPGA Implementation of Improved Security Approach for Medical Image Encryption and Decryption

Securing medical images is a great challenge to protect medical privacy. An image encryption model founded on a complex chaos-based Pseudorandom Number Generator (PRNG) and Modiﬁed Advanced Encryption Standard (MAES) is put forward in this paper. Our work consists of the following three main points. First, we propose the use of a complex PRNG based on two diﬀerent chaotic systems which are the 2D Logistic map in a complex set and Henon’s system in the key generation procedure. Second, in the MAES 128 bits, the subbytes’ operation is performed using four diﬀerent S-boxes for more complexity. Third, both shift-rows’ and mix-columns’ transformations are eliminated and replaced with a random permutation method which increases the complexity. More importantly, only four rounds of encryption are performed in a loop that reduces signiﬁcantly the execution time. The overall system is implemented on the Altera Cyclone III board, which is completed with an SD card interface for medical image storage and a VGA interface for image display. The HPS software runs on μ Clinux and is used to control the FPGA encryption-decryption algorithm and image transmission. Experimental ﬁndings prove that the propounded map used has a keyspace suﬃciently large and the proposed image encryption algorithm augments the entropy of the ciphered image compared to the AES standard and reduces the complexity time by 97%. The power consumption of the system is 136.87mw and the throughput is 1.34 Gbit/s. The proposed technique is compared to recent image cryptosystems including hardware performances and diﬀerent security analysis properties, such as randomness, sensitivity, and correlation of the encrypted images and results prove that our cryptographic algorithm is faster, more eﬃcient, and can resist any kind of attacks.


Introduction
Currently, the fast growth of the Internet makes Electronic Healthcare (e-healthcare) feasible and popular. E-Healthcare refers to an internet-based system where the patient can contact an expert doctor for the diagnostic. Some medical images are stored and transmitted over the Internet. ese images may contain much privacy of patients and are very confidential and sensitive. erefore, the best significant way to protect this privacy issue is data encryption. Medical images have some characteristics, such as redundancy, big data volume, and great pixel correlation, compared to the normal images [1]. Medical image encryption algorithms require not only great security but also fast encryption speed.
e Advanced Encryption Standard (AES) has been designed for different applications. However, it is inappropriate for securing large medical images. us, it is necessary to improve the AES making it suitable to secure medical images against attacks. A random number generator is used to generate a sequence of random numbers for encryption. When the generated number is more random, the encryption effect is better. Chaos systems are used in the designing of the Pseudorandom Number Generator (PRNG) to generate good keys for encryption. is technique has several significant advantages against other generators, such as the true random number generator (TRNG) and the Linear Feedback Shift Register (LFSR), It is very sensitive to initial conditions, characterised by a, long periodicity, and provides large keyspace. us, combining a chaotic system and improved AES can provide great performances in terms of security and run time. Beyond algorithm strictness, an efficient implementation technique of one cryptosystem is required. In a software implementation, an algorithm is executed in a sequential way. is technique is not sufficient to provide good performance enough in real-time applications. In addition, the algorithm is vulnerable to software attacks. However, the hardware implementation is required to get good performance enough and protection against attacks from running an algorithm [2]. Increasing system performance is based on two basic concepts: increasing the processor clock frequency and using specific processors. In the hardware implementation, we have two choices: an ASIC and an FPGA. e first choice is the most expensive. e second choice is a promising solution. FPGAs allow the designer to create a custom circuit implementation of an algorithm using a standard component made up of basic programmable logic elements. An FPGA offers significant cost advantages over an ASIC development effort and offers the same level of performance in most cases. Another advantage of the FPGA against IC is its ability to be dynamically reconfigured. Based on a NIOS II softcore processor and a cyclone III FPGA, a strong prototype platform for medical image processing is designed in our work. e aim of this paper is to design a real-time medical image encryption system based on a strong cryptographic model with the image input from an SD card interface and an output to a VGA interface. We propose a chaotic encryption algorithm combined with high-dimensional chaotic mapping and improved confusion and diffusion of MAES and implemented on SoPC FPGA. We focus to gain an overall great performance and a high level of security.
In history, medical image encryption models have been reported. Laiphrakpam and Khumanthem [3] suggested the use of ElGamal encryption algorithm to encrypt medical images. In this paper, the data expansion problem was resolved. However, the use of an asymmetric algorithm to encrypt images was highly time-consuming. In 2018, Elhoseny et al. [4] propounded a hybrid encryption scheme that mixed both AES and Rivest-Shamir-Adleman (RSA) calculations. e cryptosystem started by encoding the mystery data; at that point, it concealed the outcome in a cover image employing 2D-DWT-1L or 2D-DWT-2L. Both shading and dark scale images were employed as cover images to disguise diverse content sizes. While the level of security was improved, the use of two cryptographic algorithms could increase the run time for image processing and could cause delays during transmission. Zhang et al. [5] proposed an image encryption system based on the combination of the AES-128 and the Cipher Block Chaining mode (CBC) standards. For this, the plain image was fragmented into subblocks sized 128 bit. After that, an initial vector, named IV with a size equal to 128 bit was generated by the Tent chaotic map and XORed with the initial plain subblock. Secondly, the AES-128 was applied to obtain the first ciphered subblock. Finally, the rest of the different subblocks were scripted sequentially following the same steps applied on the first one block. According to the results presented in [5], we notice that the encryption systems based on the existing AES algorithm caused a long execution time because of the multiple iterations, and it was not secure enough to protect image privacy because of predefined procedures. is disadvantage affected directly the global quality of the system in the case of online encryption. In the other case, the use of the CBC mode has many disadvantages such as its sequential architecture, which could cause a slowdown in encryption systems. Another disadvantage of the CBC standard was the propagation of an error may occur easily and could affect all blocks. Toughi et al. [6] used the Elliptic Curve Cryptography (ECC) operations as an initial number generator and proposed the encryption via a standard AES to create a novel pseudorandom to mask all pixels. However, the use of a sequential way to encrypt the image augmented the time complexity. Chaos-based encryption has been suggested as an efficient way to deal with the intractable issue of rapid and secure images. is is due to many strengths of chaos such as the deterministic pseudorandom number generation (PRNG), the long periodicity, the sensitivity to the initial conditions, and the large keyspace. Hu et al. [7] suggested an ameliorated cryptographic system based on chaotic map and Latin square. e parameter of the chaotic system was calculated by the original image. However, the keyspace was less than 2 100 . Authors in [8] proposed cooperation between ECC and a chaotic system. In this paper, authors utilized cyclic elliptic curves with LFSR and a chaos system for the keystream sequences' generation. en, image encryption was performed using the key streams. e suggested method was vulnerable to the Chosen Plain Text Attacks (CPA) [9]. Yu et al. [10] suggested an image cryptosystem based on a combination between the 3D orthogonal Latin squares (3D-OLSs) and a matching matrix. Firstly, the 3D sine map was used to generate three chaotic sequences. Next, a 3D orthogonal Latin square and a matching matrix were produced by using the chaotic sequences.
en, the 3D-OLSs and the matching matrix were jointly used to permute the original image. After that, all planes of the permuted matrix were divided into sixteen blocks of the same size. e chaotic sequence was sorted and a position matrix was generated. According to the position matrix, the blocks of each plane were linked and shifted by using a cyclic shift operation; then, a new matrix was generated. Finally, the encrypted image was generated by executing a diffusion operation for the new matrix. Xiuli et al. [11] proposed a medical image encryption model that combined Latin square and a chaotic system. Ben Sliman et al. [12] suggested an efficient technique to generate a novel chaotic system using the amalgamation between the Logistic map in a complex set, Julia's fractal process, and chaotic attractors.
e Lyapunov exponents were calculated to demonstrate the chaotic state of the new behaviour.
is approach, using the fractal process and Logistic map with chaotic attractors, could facilely be implemented and simulated. en, they suggested a secure cryptosystem for image encryption based on the proposed chaotic system. e algorithm contained the Shannon principle of confusion and diffusion.

Scientific Programming
A new image encryption algorithm based on DNA sequence operations, Single Neuron Model (SNM), and chaotic map was proposed in [13]. A 512 bit hash value dependent to the original image was proposed for initial conditions; then, a confusion-diffusion was adopted as an architecture of the cryptosystem. e 2D Logistic-adjusted-Sine map (2D-LASM) was used to confuse the pixels of color components simultaneously, while SNM was utilized to create the keystream; otherwise, the hash value of the clear image was injected additionally in the diffusion procedure.
Ben Sliman et al. [14] suggested an image encryption model based on the 2D Logistic map in a complex set and nonuniform cellular automata using the secure hash algorithm SHA-2. e proposed algorithm adopted confusiondiffusion as architecture. An efficient image encryption scheme based on the nested chaotic map and deoxyribonucleic acid (DNA) was proposed in [15]. In this paper, the secure hash algorithm SHA-256 was used for the initial condition values' generation of the nested chaotic system. e cryptosystem consisted of two main layers: confusion and diffusion. In the first layer, the nested chaotic map was used to create a scrambled image. e scrambled image was obtained via the ascending sorting of the first component of the nested chaotic index sequence. For a high level of sensitivity, complexity, and security, DNA sequence and DNA operator were used additionally with the nested chaotic map and hash algorithm to modify the pixels values. Results showed improvement of NPCR, UACI, and entropy. Elgendy et al. [16] suggested an image encryption algorithm based on two-dimensional (2D) chaotic maps, including a standard map, baker map, and cat map. Findings showed a reduction in execution time, but the results of security analysis, such as correlation, entropies, and differential attacks, were not ideal values compared to other propounded models.
Our work makes the following contributions: (1) Designing a complex chaos-based PRNG with the goal to generate high-quality encryption keys.
(2) Designing an improved cryptosystem for medical images encryption and decryption, which combines the complex PRNG and a modified AES (MAES), where the subbytes' operation is performed using four different s-boxes generated by the chaotic system. en, both shift-rows and mix-columns are eliminated and replaced with a random permutation method. is increases the complexity of the system. Finally, only four rounds of encryption are performed in a loop that reduces significantly the execution time.
(3) Designing a strong prototype platform for secure medical images based on the NIOS II processor and FPGA.
(4) Undertaking in-depth experimental measurements in FPGA for several medical images with different types, contents, and sizes to evaluate the strength of the proposed cryptosystem against the new generation of attacks. In [17,18], a scheme is proposed to verify the randomness of the image, named "Shannon's local entropy." We employ the Shannon local entropy analysis to validate the suggested method [19,20]. (5) Undertaking in-depth evaluation study of the performance of the execution and comparing the results with other recent works.
is paper is structured as follows. Section 2 presents the designed complex chaotic system and the proposed image cryptosystem algorithm. Section 3 describes the implementation of the medical image encryption system on the FPGA followed by experimental results. Security analysis and evaluation are detailed in Section 4, and finally, Section 5 concludes the paper and recommends some future works.

Cryptosystem Design
In this section, we introduce the designed image cryptosystem based on MAES and chaos-key generator. e general view of the proposed image cryptosystem architecture is depicted in Figure 1. We firstly describe the chaosbased PRNG for the key generation, which is composed of two different chaotic systems: the Logistic map in a complex set (2D) and Henon's map (2D). Secondly, the MAES is clearly detailed.

Pseudorandom Number Generator.
PRNGs are used to generate keys useful for encryption. Chaotic systems are an effective solution for good key generation. Chaos systems are very sensitive to the initial condition and have long periodicity, good entropy, and good statistical behaviour of randomness [21][22][23][24][25]. In the literature, several chaotic systems have been investigated for key generation. In our work, we have selected to use Henon's map and 2D Logistic map in the complex set since they have good chaotic behaviour [13,21,22].
Henon's map is defined by equation (1). e system has a state of two variables (X, Y) and two parameters a and b. It is under chaotic behaviour when a � 1.4 and b � 0.3 [28][29][30]. n represents the number of iteration. e initial state (x 0 , y 0 ) of Henon's map is derived from the initial key ki: e 2D Logistic map in the complex set is defined by equation (2). e system has a state of two variables (x, y) and one parameter λ. For λϵ[0, 4], the system is under chaotic behaviour. e initial state (Xl, Yl) of the 2D Logistic map is derived from the initial key ki:

Scientific Programming
To generate high-quality keys, a complex architecture of PRNG is proposed which employs both Henon's map and 2D Logistic map in the complex set. e general architecture is depicted in Figure 2. It includes three data processing blocks: an Initial State Generator (ISG), a Complex Chaotic Design (CCD), and a Convertor block. e overall system has one input and one output each sized 128 bit, and it involves a state of four variables (Xh, Yh, Xl, Yl).
e ISG is employed to generate implicitly an initial state (Xh 0 , Yh 0 , Xl 0 , Yl 0 ) for the chaotic system from its 128 bit initial secret key input. For that, the initial key ki is divided into 8 bit blocks as in equation (3). erefore, the variables of the initial state (Xh0, Yh0, Xl0, Yl0) are computed separately using equations (4)- (7): e use of the same initial key permits obtaining the same random number sequence always. e converter block is employed to convert the underlying state of the chaotic design into 32 bit numbers suitable for encryption equations (8)- (11). erefore, a sequence of 128 bit random numbers' PRNS is obtained which presents high statistical behaviour of randomness (equation (12)): YH � Yh i × 10 12 mod2 32 , XL � Xl i × 10 12 mod2 32 , YL � Yl i × 10 12 mod2 32 , PRNS � Concat(YH, XL, YL, XH).

Modified AES.
e AES is one of the most known encryption algorithms for data protection. Invented in 1998 by Joan Daemen and Vincent Rijmen and proved in 2000 by the NIST, the AES has been widely deployed, thanks to its high performance. It involves key sizes and block sizes. e size of the information block is 128 bits, and the length of the key can be 128, 192, or 256 bits [23]. e repetitions and size of the key determine the complexity of the algorithm. A higher repetition or an elevated key size provokes higher CPU usage and complexity. For 128 bits key, about 2 128 attempts are needed to crack, but it is not appropriate in multimedia data because multimedia information is characterized by great redundancy.
us, only utilizing the existing AES cryptosystem cannot attain good quality of encryption. To solve the issue of the AES encrypted images, we mix the features of a 4D chaotic system for good key generation and improvement in confusion and diffusion in the AES. Our method augments the complexity of encryption and enhances the security level. Figure 3 depicts the flowchart of the image encryption algorithm using MAES and the proposed chaotic key generator. e decryption cryptosystem is the reverse procedure of the encryption algorithm.
For the encryption operation, we need 4 rounds. Each round transformation is performed as a set of iterations, which includes the subbytes' operation using four different S-boxes, a random permutation, and an add-round key operation.
(1 )Process 1 (subbytes): consists of replacing each byte of the state matrix with another value. e substitution S-box guarantees Shannon's principle of confusion. Four different S-boxes:S-box1, S-box 2, S-box 3, and S-box 4, are used for the substitution that increases the complexity of the algorithm. (2) Process 2 (random permutation): block's pixels are randomly permuted using two predefined methods. It guarantees the Shannon diffusion principle. Figure 4 illustrates the process of the random permutation. e condition of the parity of block position has been adopted which permits using the permutation method 1 or method 2: (a) If the position of the block is odd, then, the block's pixels are permuted using method 1 (b) If the position of the block is even, then, the block's pixels are permuted using method 2 (3) Process 3 (add-round key): each byte in the matrix uses Xor to manipulate the round key. A subkey is obtained from the main PRNG. It guarantees the Shannon diffusion principle.

FPGA Implementation
3.1. System Design Hardware Implementation. In this paper, the FPGA-based NEEK development board including Cyclone III (Altera) is required. e suggested System on Programmable Chip (SoPC) includes the NIOS II processor which is a 32 bit embedded processor specialized for the Altera family of FPGAs, internal memory controllers, a timer to perform the run time, a JTAG UART for the debug, and IPs for image storing and displaying which are, respectively, the SD card and the VGA monitor. e principal processing core of the embedded image system is the NIOS II processor. With the help of Qsys (System Integration tool of Quartus II), the CPU is connected with all modules via an Avalon bus, as depicted in Figure 5. Both SD card and VGA interfaces are connected to the processor, and the SRAM memory and remaining IPs' hardware are interfaced via the bus. e transmission of information between the SD card, VGA interface, and SRAM can be done by using the processor. e three required components are clearly described in this section.

NIOS II Processor.
In this work, the FAST version of the CPU is used. It is a 32 bits scalar RISC architecture [24]. e extensibility, flexibility, and adaptability constitute the significant things, to be interested in, for this CPU. e NIOS II design is depicted in Figure 6.

SDI/O Card Interface.
e SD card is portable which permits the information stored to be transmitted to other devices. e Altera board has SD card ports. It permits the SD card to be connected to the FPGA. e SD card FPGA is designed as a hardware IP with the use of the Qsysimplemented system. e overall system contains the NIOS II CPU and other modules. Information stored in the SD card can be processed by simple programs executed on NIOS II CPU. As depicted in Figure 7, the SD card interface is composed in the following blocks: (  Scientific Programming (2) e buffer block: two FIFO having the same size compose this module. In fact, when the writing is given by the DMA in the first FIFO, the VGA control block assures the reading of the information from the second FIFO. e writing on the FIFO is synchronized in 50 MHz while the reading is synchronized   All hardware IPs are developed in VHDL language in ALTERA Quartus tools. Once hardware is designed, we have implemented the application on the board. For this, we have firstly ported the derivative of Linux kernel (μClinux) on the processor to facilitate the implementation of the suggested image encryption on the chosen hardware platform.

Encryption System
Architecture. Several AES hardware architectures have been reported in the literature [33]. In this paper, the goal is to design an improved architecture of the algorithm to speed up execution on 32 bit processors with memory constraints available in the embedded systems. e NIOS II 32 bit processor and the arithmetic logic unit (ALU) architectures are founded on the address buses, data buses, and registers of 32 bits data path. Every transformation of the AES cryptosystem maps a 128 bit as the input state and a 128 bit as the output state. To optimize the size of the MAES hardware conception, the 128 bit data block is split into four 32 bit blocks and is required at one column or at one row via the 32 bit data bus. Only the random permutation operation demands the accessibility of the totality of data (128 bits) before starting. us, four registers (32 bits) are required. On the contrary, four different S-boxes are needed in our proposed architecture. e encryption datapath processes a complete 32 byte block in parallel and the total round transformation is executed in a one-clock cycle. us, four clocks are needed for the entire encryption. e proposed architecture is depicted in Figure 9. It includes four components: (1) e Input_Buffer and the Output_Buffer as well as many internal communication data paths are 32 bits in width and used to hold the plaintexts of 128 bits before being processed and to memorize cipher texts until processing the overall 128 bits (2) Control unit is used to generate control signals for all components (3) Key expansion PRNG unit is employed to generate a set of round keys (4) MAES transformation round is employed to encrypt data input e proposed cryptographic algorithm is interfaced with the SoPC as a hardware accelerator. e system designed is generated and downloaded successfully in Cyclone III FPGA NEEK developed board. e control part of the system is developed in C language in NIOS II IDE. In fact, a C code is downloaded on the soft processor to communicate with the proposed algorithm accelerator. e result of communication between the processor and the IP block is acquired. e ciphered image is forward to the PC via JTAG_URAT to perform findings in 32 bit frames. Figure 10 presents the results of the suggested security system design (storage, processing (encryption/decryption), and display of the image signal) where the input is from the SD card interface and the output is on the VGA display interface. Both encryption and decryption procedures are implemented on the NEEK board. e encrypted result of the image is shown in Figure 10(a), whereas the decrypted result of the original image is as illustrated in Figure 10  e proposed cryptosystem is implemented on the NEEK board featuring Cyclone III FPGA. Table 1 illustrates the performances utilization extracted from Quartus II implementation software. e system needs 14% of logic elements, 12% of combinational functions, 8% of logic registers, and 22% of memories. Finally, it runs at 167.83 MHz clock frequency, consumes 137.06 mW at the power, and can achieve a great throughput of 1.34 (Gbits/s). e system throughput is an important metric that provides the number of bits processed in a second, which is computed using Concluding the obtained results, the proposed cryptosystem hardware design occupies a small hardware area and reaches 1.34 Gbits/s of throughput. e execution time is a parameter that is significant to perform the real-time encryption processes. e proposed method has the aim to reduce the maximum processing time. Only four rounds of encryption are performed in a loop instead of 10 rounds that reduces significantly the execution time. e encryption datapath processes a complete 32 byte block in parallel and the total round transformation is executed in a one clock cycle. us, only four clocks are needed for the entire encryption.
From Table 2, the time required to encrypt Lena's (512 × 512 × 3) standard test image using complex PRNG-   MAES is 0.02457 s, whereas, for the current standard AES implemented in the hardware device featuring a NIOS II softcore processor, it is 68,2218 s [37]. e suggested algorithm is about 97% faster compared to the standard AES. Similarly, a comparison of the execution time with other algorithms implemented in an FPGA is illustrated in the same table. e results prove that the processing time of the proposed model is much less than the existing works.

Security Analysis and Interpretation
In this part, we evaluate the system on FPGA for several ordinary and medical images with different types and sizes. For ordinary color images, we use the standard Lena, Peppers, and Baboon images of size (512 × 512 × 3) (Figure 11). For medical images, seven different types of images are selected which are depicted in Figure 12. Medical images are obtained by ultrasound device, 3D Scanner, magnetic resonance device MRI, X-ray, radiography, endoscopy, and computerized tomography (CT-scan). Simulation findings and performance analysis for the chosen images are given in this section highlighting the quality analysis of images, statistical analysis, key analysis, and algorithm performance.

Statistical Analysis.
In this section, we use image histogram, information Entropy, 2D Normalized Correlation (NC), and correlation coefficient (ρ).

Histogram Analysis.
e image histogram is a twodimension statistical curve showing the distribution of Gray scales according to their values. Figure 13 shows the original images and their corresponding encrypted images and histograms of the original images and their corresponding encrypted images.
As seen in Figure 13, we note that the histogram of the resultant encrypted image is uniformly distributed and dissimilarly compared to the histogram of the original image in Figure 13 which contains large spikes. erefore, the original image's pixels and the encrypted image's pixels are completely different.

NC Analysis.
e normal correlation (NC) is a performance that evaluates the grade of similitude between two objects. If the original and the encrypted are different, therefore, the correlation factor of the cipher image is well low or highly close to zero. Results in Table 3 show that the NC values are reduced which proves that there is no correlation between original and ciphered images. As a consequence, the proposed system is safe against statistical attacks.

Global and Local Shannon Entropy Analysis.
e global Shannon entropy is measured by applying equation (14) to the image. e entropy parameter is considered as the standard to test randomness. e entropy coefficient is utilized to obtain the incertitude performed in the ciphered image. If the entropy is elevated, the confidentiality is higher. Note that the utmost entropy value for a gray scale image is 8 bits/pixel. e average value for H (m) for numerous preceding works was between 7.90 and 7.99. is value is depending on the image, the size of the key, and the cryptographic model. Entropy is computed as where H(m) is the Entropy image, P(mi) is the probability mass function, and 2N − 1 presents the number of gray levels.
is technique fails to measure the real degree of randomness of an image. It has many weaknesses such as unfair random comparisons between images of different sizes, the inability to discern the randomness of images before and after image encrypting, and possible inaccurate scores for the synthesized images. However, it cannot be used for universal measures of randomness. To overcome this problem, local Shannon should be applied. e local entropy is measured by computing the mean of global Shannon entropies over all the nonoverlapping blocks of size 1936 pixels in the image. Table 4 introduces the simulation results of global and local Shannon entropy found for each image.
Analysing the results, the encrypted image's global entropy value is highly close to the ideal value 8 and the mean of local entropy is very important. is indicates that the pixels of the cipher image are random. As a result, the proposed system is safe against entropy and statistical attacks. Table 5 compares the global entropy value with the existing AES and other encryption algorithms. Our results are more successful than other works which prove the efficacity of the proposed cryptographic model.

Correlation Coefficient Analysis.
In a clear image, the correlation of the adjacent pixels is close to one. Unlike in an encrypted image, the adjacent pixels must be not correlated [35]. Let x and y be two Gray scale values of two adjacent Scientific Programming pixels in the image, and the correlation of the adjacent pixels is computed using equations (15)- (18): where E(x) is the expectation of x, D(x) is the estimation of the variance in x, and cov (x, y) is the estimation of the covariance between x and y. Figure 14 shows the distributions of 2000 pairs which are randomly selected adjacent pixels of the original and encrypted 3D original medical scanner Ankle image, respectively, in each channel. Table 6 shows the distributions of 2000 pairs which are randomly selected adjacent pixels of the original and encrypted images, respectively. e results clearly show that the correlation coefficient of the original images is close to 1, while the encrypted images are close to zeros. In addition, the distribution of adjacent pixels is inconsistent, i.e., there is no correlation between them. is indicates that the algorithm eliminates the correlation of adjacent pixels in the plain image, and it makes an encrypted image with no correlation. e proposed cryptographic method is         [3] 7.9993 Ref. [38] 7.99932 Ref. [34] 7.9969 Ref. [35] 7.9989 Ref. [36] 7.9994 Ref. [9] 7.9975 Ref. [6] 7.9998 Ref. [8] 7.9973 Ref. [39] 7.9978 Ref. [40] 7.999329

Differential Attack Analysis
Keyspace. e keyspace of a safety encryption scheme should be very large to resist the brute-force attack. In the proposed algorithm, for an initial key Ki, there are 2 128 dissimilar keys, which are very large. Certainly, the key brute-force attacks are computationally infeasible.

Key Sensitivity.
e key sensitivity analysis warrants the safety of one cryptographic algorithm. An enhanced encryption model should be greatly sensitive to key changes. Similarly, the suggested model must be resistant to the bruteforce attack obtained by large keyspace. To check the encryption process, the plain image is encrypted by three various keys: the first is the main key, the second is the same key with a small change in one bit, and the last is a variance between the two keys. e finding of three different ciphered images is presented in Figure 15. Similarly, the ciphered image is decrypted by two keys: one is the original key and the other is the modified key. e changed key does not allow retrieval of the clear image, as seen in Figure 16. As result, the suggested model is greatly sensitive to the key changes.
Both Number of Pixels' Change Rate (NPCR) and Unified Average Changing Intensity (UACI) are utilized for the verification of the performance against differential attacks. According to [43], only one-bit modification over the clear image can result in a considerable modification in the encrypted picture. NPCR and UACI parameters are presented in equations (19) and (20): where C1 and C2 are the ciphered images, M is the size of images, and D presents the bipolar matrix determined from C1 and C2. e NPCR measures the pixel number that modifies the value in differential attack. e elevated value is considered better. e UACI computes the average variance between two paired encrypted images where a minimal value is the best. Table 8 denotes the NPCR R, G, B and UACI R, G, B values for various medical color image sizes using the propound cryptographic method. Results prove that the encryption model has great performance, and it is characterized by high sensitivity to small modifications in the clear image. Table 9 compares both NPCR and UACI results using the suggested algorithm with the existing AES, and some existing works and findings prove that the propound cryptographic technique has met the desired objective for resisting differential attacks.

Randomness Analysis.
Random analysis can be achieved using NIST 800-22. e test is useful to test random and Pseudorandom Number Generators [44] to determine whether or not a PRNG is appropriate for data encryption. e analysis contains 15 tests that assess key streams to meet important necessities. It focuses on different nonrandom aspects that can be found in a key sequence.
e test results of 262,144 sequences of 128 bit generated by the proposed RNG are shown in Table 10. e sequences pass successfully all tests. is demonstrates that the generated pseudorandom numbers have good statistical properties such as highly unpredictable, random, independent, and uniformly distributed.

Know Plain Text (KPA) and Chosen Plain Text Attack (CPA).
is kind of attack has been utilized to crack some of the cryptographic models. In general, an adversary utilizes whole black or whole white to discover the possible patterns in the cryptographic model. us, the whole white and whole dark images are ciphered utilizing the suggested method. Figure 17 presents the ciphered images and no pattern is apparent. e entropy value of images is self-same as other images and correlation coefficients are ideal. Table 11 illustrates the correlation between adjacent pixels and the entropy values of both images. Results prove that the system is greatly secure to these kinds of attacks.

Robustness against Noise Attack.
During the picture transmission via the network, the ciphered image can lose information or can be influenced by noise. Various cryptographic systems are sensitive to noise where a small change to the ciphered image can produce a strong distortion into the deciphered image. Figure 18 shows that the deciphered images keep the global clear image information for the person's eye when the ciphered image is affected by Salt and pepper noise with various percentages. us, the suggested method is robust and resist against noise attack.

Discussion
rough the experimental results, it is shown that the histogram of a ciphered image has uniform distribution and the correlation between pixels is reduced. e average entropy value of the cipher scanner ankle image with the proposed algorithm is 7.99999 (close to the ideal value). e variance of entropy between the propound model and the existing AES is 0.13069. Our method augments the entropy by about 18% compared to the standard one. us, more randomness can be created. Equally important is that the suggested cryptographic model has an efficient encryption effect, a large keyspace, and it is highly sensitive to key changes. Furthermore, findings prove that the proposed model can resist the noise attack with varied intensity, KPA, CPA, and differential attacks. e complex PRNG is tested by NIST, and the result proves that it generates a high-quality key. e run time of the proposed scheme is also executed, and findings prove that the proposed algorithm requires much less calculation time than the existing AES implemented in the hardware device. All in all, results show that a fast (1.34 Gbit/s) and highly secure data encryption is achieved with  [3] −0.0008 0.0016 0.0043 Ref. [38] −0.000483 −0.001001 −0.001015 Ref. [34] 0.0025 0.006207 0.003041 Ref. [35] 0.004639 0.006763 0.010818 Ref. [36] 0.000101 0.00000958 0.000131 Ref [9] 0.0070 −0.0102 0.0030 Ref. [6] −0.000400 −0.0018 0.0001 Ref. [8] 0.001 0.0017 0.0125 Ref. [39] 0.0031 --Ref. [40] 0.000751 0.001133 0.001253 Ref. [12] Proposed     [3] 99.62 33.41 Ref. [38] 99.6040 33.4614 Ref. [34] 99.6140 33.4805 Ref. [35] 99.6162 33.3979 Ref. [36] 99.61 33.48 Ref. [9] 99.62 33.56 Ref. [6] 99.60 33.48 Ref. [8] 99.50 33.30 Ref. [39] 99.6100 33.5000 Ref. [12] Proposed  [41] 99.65950 33.83002 Ref. [42] 99.6315 33.8300 low power consumption (137.06 mw) and that the cryptosystem is robust, which makes it suitable to secure medical images in an embedded system. A comparison study is performed and the results prove that our algorithm outperforms other existing work in terms of speed of computation and safety level.

Conclusion and Future Work
An improved cryptographic system that mixes the use of a complex chaos-based PRNG and MAES is proposed in this paper. e complex chaos-based PRNG is put forward to generate a great-quality encryption key. e generated key presents high randomness, high entropy, and high complexity. In the MAES, the subbytes' operation is performed using four different S-boxes (S-box 1, S-box 2, S-box 3, and S-box 4) which increases the complexity. In addition, both shift-rows and mix-columns transformations are eliminated and replaced with a random permutation method for more complexity. Only four rounds of encryption are performed in a loop that reduces significantly the execution time. e encryption data path processes a complete 32 byte block in parallel, and the total round transformation is executed in a one clock cycle. us, only four clocks are needed for the entire encryption. e global cryptosystem is implemented in the NEEK board and great results are gained in terms of execution time, area occupation, power consumption, and throughput. However, the utilized NIOS II CPU is a relatively powerful one amongst embedded processors. e security analysis of our method proves that it is resistant to known attacks. e entropy, the correlation of adjacent pixels, and the histogram of encrypted images are performed successfully and findings are promising. As future work, we aim to propose a real-time video security approach that enhances the security of surgical telepresence during surgery between the site of surgery (local site) and the site that hosts the expert surgeon (remote site).

Data Availability
e data used to support the findings of this study are included within the article.

Conflicts of Interest
e authors declare no conflicts of interest.

Authors' Contributions
All the authors helped to conceive these simulation experiments. Amal Hafsa and Mohamed Gafsi designed and   Malek, and Mohsen Machhout contributed to the interpretation of the results as well as the revision and writing of the paper.