Selective Image Encryption Based on DCT, Hybrid Shift Coding and Randomly Generated Secret Key

Most of today’s techniques encrypt all of the image data, which consumes a tremendous amount of time and computational payload. This work introduces a selective image encryption technique that encrypts predetermined bulks of the original image data in order to reduce the encryption/decryption time and the computational complexity of processing the huge image data. This technique is applying a compression algorithm based on Discrete Cosine Transform (DCT). Two approaches are implemented based on color space conversion as a preprocessing for the compression phases YC b C r and RGB, where the resultant compressed sequence is selectively encrypted using randomly generated combined secret key. The results showed a significant reduction in image quality degradation when applying the system based on YC b C r over RGB, where the compression ratio was raised in some of the tested images to 50% for the same Peak Signal to Noise Ratio (PSNR). The usage of 1-D DCT reduced the transform time by 47:1 times compared to the same transform using 2-D DCT. The values of the adaptive scalar quantization parameters were reduced to the half for the luminance (Y band) to preserve the visual quality, while the chrominance (C b and C r bands) were quantized by the predetermined quantization parameters. In the hybrid encoder horizontal zigzag, block scanning was applied to scan the image. The Detailed Coefficient (DC) coefficients are highly correlated in this arrangement-where DC are losslessly compressed by Differential Pulse Coding Modulation (DPCM) and the Accumulative Coefficients (AC) are compressed using Run Length Encoding (RLE). As a consequence, for the compression algorithm, the compression gain obtained was up to 95%. Three arrays are resulted from each band (DC coefficients, AC values, and AC runs), where the cipher is applied to some or all of those bulks selectively. This reduces the encryption decryption time significantly, where encrypting the DC coefficients provided the second best randomness and the least encryption/decryption time recorded (3 10 -3 sec.) for the entire image. Although the compression algorithm consumes time but it is more efficient than the saved encryption time.


I. Introduction
Nowadays, internet is considered a major source for information gathering and transmission. Electronic-financing, military and medical applications involve extensive use of digital media [1]. In such scenarios, security plays an important role [2]. One way to achieve security goals is by encrypting the digital media. Visual cryptography is the conversion of image data from their original form to another form that basically hides the content of images and preserves privacy from unauthorized access [3]. Image data have different features than text data, such as high correlation against pixels, bulk capacity, and high redundancy, in addition to their huge size that makes them slow to process and difficult to apply [4] [5].
There are many information hiding techniques such as steganography, watermarking, and cryptography [6]. Traditional encryption techniques provide a good security level but they are not suitable for multimedia data [1]. Another approach that is considered to preserve the security and privacy of images is known as "Selective Encryption of Images", which is obtained by applying cipher to part of the image to produce an obvious reduction in processing time and computational payload [7]. The resultant data are much easier to manipulate and dominate after applying compression algorithms that partition the data according to different aspects and reduces their volume. Then the result is selectively encrypted to provide security [2], [8].
Some of the articles relevant to this work were previously published. Belazi et al. [1] introduced a partial encryption scheme utilizing lifting wavelet transform to compress the image and extract the requisite information to be encrypted. The substitution boxes (S-boxes) generated by linear fractional transform chaotic system are used to encrypt the image components. The confusion and diffusion characteristics are achieved by three phases, namely substitution, block permutation, and diffusion, using dynamic keys in encryption process to produce scrambled image. Kekre et al. [3] introduced a scheme for partial image encryption that the input image is partitioned into four components (LL, HL, LH, HH) using sinusoidal wavelet transform. LL, LH and HH are then scrambled using Walsh sequence and the result is a partially encrypted image, while the HL sub-band is neglected. A Selective encryption technique was proposed by Paraveenkumar et al. [9], where the confusion and diffusion are applied to the input image, producing new values using pseudo-random number generator. Then the result is XORed with the original pixel values, while the modified image is then transformed using Discrete Cosine Transform (DCT) and quantized. Finally, the compressed image is encrypted using Arnold Shuffling to produce a scrambled image. Wen et al. [10] introduced a selective image encryption infrared target-based scheme by using logistic-sine system and block cross encryption. First, the infrared beam targets specific regions of the image that can be effectively detected using geometric active counter model based on partial differential equation (PDE). The detected regions of interest are encrypted using block cross encryption mode based on logistic-sine system to produce scrambled images. Zhou et al. [6] designed a novel scheme for partial encryption by combining discrete fractional random transform with compressive sensing. A measurement matrix and two random circular matrices employed in compressive sensing are generated by using two dimensional logistic modulation maps. The modified image is then encrypted using Arnold Transform and discrete fractional random transform. Choudhary et al. [7] presented a partial encryption scheme where the input image is partitioned into blocks, using block wise shuffling, and permuted by utilizing Arnold map. The permuted blocks are then combined to form the final presentation of the scrambled image. Rehman et al. [11] proposed a selective image encryption approach based on DNA complementary rules and block cipher, where the input image is partitioned into blocks. The most significant bit (MSB) in each block is added, under DNA algebraic addition operation, to the least significant bit (LSB) that is already encrypted by selecting chaotically different DNA rules for each pixel.
The image blocks are permuted using piecewise linear chaotic map (PWLCM) while the selection of encoding and decoding rules is done by logistic sequence for each pixel. Hazarika et al. [12] proposed a partial encryption scheme in which the input image is transformed using Discrete Wavelets Transform (DWT) to four components while only the (LL approximation) is quantized. The bit positions are permuted using two dimensional chaotic logistic maps then the result is XORed with third chaotic logistic map. Finally, the whole image is retransformed using Inverse Discrete Wavelet Transform (IDWT) to generate the encrypted image. Som et al. [13] proposed a non-adaptive scheme based on chaos. They first decomposed the gray scale images to their equivalent 8-bit planes, then encrypted the bit planes using couple tent map binary number generator (PRBNG). The four significant bit planes are determined by the level of significance for each pixel value and encrypted using a key obtained by using the recurrence relation of tent map based on couple tent map binary number generator (PRBNG). The significant bit planes are then combined to produce the cipher image. Parameshachari et al. [14] presented a novel algorithm for partial image encryption using combined phase modulation and sign encryption. First Fourier Transform (FT) is applied to the input image to obtain the phase and magnitude, then the image phase is scrambled using sign encryption that extracts sign bits to obtain partially encrypted image. Bahrami et al. [15] presented a scheme for partial encryption of images using an orthogonal transform known as Discrete Cosine Transform (DCT) that provides good compaction for multimedia data. The DCT coefficients are then quantized and the entropy coding is calculated to produce compressed image. The compressed image is then encrypted using stream cipher with an encryption key generated similarly to the AES key generation process. Then each coefficient is encoded using different stream cipher algorithm. Panduranga et al. [16] proposed a scheme for selective image encryption in which only the region of interest is detected, either manually or automatically, to be encrypted using a morphological operation. The block encryption process has two inputs, namely the selected block and the map image, to encrypt the blocks partially. Complete encryption for the selected blocks can be achieved by using separate map image for each block. Lian et al. [17] introduced two aspects for partial image encryption (sub-band and bitplane). Sub-band layers are dependent on each other, which provides a vulnerable security that the encrypted layers can be recovered from the unencrypted ones, while, bit-planes are independent. The most significant 8-bits of the low frequency blocks are encrypted with AES cipher, while the middle and high frequency blocks are all encrypted with AES cipher to form the scrambled image. Panduranga et al. [18] introduced a scheme for image partial encryption in which the input image is divided into several blocks; i.e., the image is divided each time into different block sizes. Bits in each block are permuted using a chaotic map to generate new sequences and, subsequently, to generate the cipher image. Zang et al. [19] proposed an embedded partial image encryption for compressed colored images based on chaos. The color images is decomposed to RGB components that are going to be transformed to YC b C r . The channels are then transformed using DWT. The coefficients matrix is then encoded by CSPIHT that maintains three sets of data, which are the list of insignificant sets (LIS), list of insignificant pixels (LIP), and list of significant pixels (LSP). The Pricewise Linear Chaotic Map (PWLCM), that is then XORed with the LIP bit stream to produce partially encrypted image, performs the generation of the secret key stream.

II. The proposed method
As mentioned earlier, the main problem of image encryption strategy is the magnitude of the images to be encrypted (or scrambled). Hence, before applying the cipher, a lossy-compression algorithm is used. The Selective Image Encryption starts with color space conversion to the basic three color bands of red, green and blue for RGB color model, or to luminance Y band, chrominance C b , and C r bands for YC b C r color model. Then, DCT is used to transform the data to frequency domain [20]. Quantization is used to reduce the statistical redundancy, while the resultant DCT quantized coefficients are scanned using Zigzag to reorder each block in one dimensional array. This prepares the blocks to be coded and encrypted in the hybrid shift encoder, that processes the DC coefficient of each block with DPCM for the entire image and RLE for AC coefficients. Horizontal block scanning was used in this step. The resultant three 1D arrays from each band of a specific color model were then selectively encrypted by XORing the selected bulks with the randomly generated combined secret key. The same seed is simultaneously fed to two random generators; First, the Linear Feedback Shift Register, where the seed was converted to its binary representation, then the bits comprising the seed were shifted circularly to form the new seed) and, second, the Linear Congruential Generator. The randomly generated sequence of each of the generators is then combined to produce the final secret key) [21]. Finally, the stream is passed through an insecure channel to be transmitted. The Image Reconstruction Unit implies the modules that are functioning in reverse order to the modules of a selective image encryption unit. Figure 1 shows the entire operation of the selective encryption.

A. First Order Entropy
A digital image entropy is described as a statistical measure that states the randomness of colors, and it is defined by the following equation: where Q represents the total amount of bits of the digital image according the agreement , while represents the probability of occurrence of color i, Ki represents the frequency of occurrence of color i in the digital image, and M and N represent the numbers of rows and columns of the image, respectively [22].

B. Second Order Entropy
The second order entropy E2 is calculated as in equation 2 [23]: ∑ ∑ ( ) where N and M represent the dimensions of the digital image according the agreement , while , represents the probability of occurrence of colors i and j, respectively, since the color j= i+1, and Ki represents the frequency of occurrence of color i and j in the digital image [24]. C. Run Test for Randomness A statistical check that was employed to recognize the randomness in data. The run test for randomness is occasionally described as the Geary test, and it is a nonparametric test. This test is a substitute test to check auto-association in the data. Auto-association means that the data has association with its lingered value. To authenticate whether or not the data has association with the lingered value, the run test for randomness is smeared. The following equation was used to calculate the run test value [23]: (3) where: r is the number of runs, µr is the expected number of runs, Ơr is the standard deviation of the number of runs.

IV. Image Test Materials and Results
The developed compression/encryption method was tested using different BMP image files; each image file has different characteristics. Several smooth image files "[Lena.bmp (true color), Lena.bmp (gray), Peppers.bmp] and sharp edge image files [Barbara.bmp (true color), Barbara.bmp (gray), Baboon.bmp], ( with a size of 256 256 were used as image test samples in order to evaluate the compression method performance. Figure-2    The compressed stream was then scrambled by XORing a randomly generated combined secret key with selected bulks of the compressed image data. The compressed data bulks tested are shown in table 1, along with two metrics for measuring randomness caused in the image data (1 st order entropy and 2 nd order entropy) as well as the encryption and decryption time.  Table-1 shows the randomness caused in the image when encrypting different bulks of data under the default quantization parameters. Changing the quantization parameters showed a behavior that the measures of the encrypted image varied regarding the compression gain; the lower the compression gain was, the higher randomness was caused in the image, which is consistent with the randomness in data rule which states that the bigger the data is the higher the caused randomness. Different results were obtained by encrypting each of the bulks mentioned above (  Also, a histogram evaluation was calculated to illustrate the randomization caused in image data after applying the cipher, where the metrics used to measure the randomization were 1 st order entropy and 2 nd order entropy. Figures 5 and 6 show the histogram of the cipher images, Lena Bmp Barbara Bmp, respectively, when different bulks were encrypted.

VI. Conclusions and Future Work
VII. In this paper, a selective image encryption scheme was developed for YCC and RGB color models. The conclusions from or results assessment are abridged in the following remarks: 1. For the compression phase that was based on discrete cosine transform (DCT), the test results indicated that the performance of the developed scheme are encouraging regarding the size reduction that reached up to 95% for the compressed image files.
2. Converting the test image subjects to YCC color model improves both compression ratio and PSNR for the reconstructed images, and gives better results than the RGB color model does.
3. Using 1D discrete cosine transform (1D DCT) decreases the transformation time down to 1:47 sec. as compared to 2D discrete cosine transform that is usually applied for images. 4. Including the encryption process in the hybrid encoder reduces the processing time sufficiently than reading and rewriting the compressed/encrypted binary file. 5. The higher the compression gain is the higher the value of the first order entropy, but the lower the value of the second order entropy for all types of images tested.