1 Introduction

In the era of 5G network coverage, a large number of digital data are spread based on a variety of digital terminals, such as 5G mobile phones, computers, iPads and wearable devices [1, 2]. At present, there are some major threats to digital content data, such as various computer viruses and hacker attacks. Therefore, it becomes a significant problem about the protection and safe use of digital content data. In these numeral content data, one of the typical data is digital image. In addition, digital image transmission requires a strong real-time property in the communication. But traditional encryption technologies are found to be inefficient for these digital images [3], such as Data Encryption Standard and Advanced Encryption Standard. Therefore, researchers have proposed many different image encryption techniques, including one-time keys [4], DNA coding [5, 6], spatial bit-level permutation [7], perceptron model [8], dynamic random growth technique [9]. However, among these technologies, because of many similar properties between chaotic systems and cryptosystems [10,11,12], image encryption schemes using chaotic maps have been widely studied [13,14,15,16,17]. In recent years, researchers have used some new methods to design image encryption algorithms, such as parallel computing system [18], piecewise coupled map lattice [19], matrix semi-tensor product theory [20, 21], fractal sorting matrix [22, 23], compressed sensing [17, 24].

Generating the security key is an important part of an encryption system. We can use 1-D chaos systems and multi-dimensional(MD) chaos systems to generate the security key. At present, according to MD chaos systems, image encryption schemes are widely used [25,26,27,28]. A novel image encryption algorithm was proposed according to a 2-D compound homogeneous hyper-chaotic system [29]. However, their hardware implementations become more difficult because of the complex structures and many parameters of the MD chaos systems. At the same time, 1-D chaos systems have some merits: the simple structure, the easy implementation and lower computation-cost.

Recently, by use of 1-D chaos maps, researchers have put forward a lot of image encryption algorithms [3, 13, 30,31,32]. But 1-D chaotic maps may exhibit drawbacks [33, 34]: (1) their chaotic intervals are finite; (2) their output states are non-uniform. Liu et al. analyzed two image encryption algorithms according to a first-order time-delay system [35]. Some image encryption schemes may be destroyed because of these defects [36, 37]. Thus, it is very important to study a new 1-D chaos system with good chaotic properties.

To address these above issues, a new 1-D chaos system was put forward by use of two common 1-D chaos maps [3]. Similarly, Hua et al. [13] put forward a cosine-transform-based chaotic system (CTBCS) to generate novel chaotic maps. Using the CTBCS, they produced three novel chaotic maps. We can observe that the Lyapunov exponents(LEs) with the three new 1-D chaos systems are maintained at about 1.4. Combining the Logistic map and the Cubic map [32], we can generate the Logistic-Cubic-Cosine (LCC) map by use of the CTBCS. However, we can see that the whole data range cannot be randomly covered by the output of the LCC mapping. This means that the output of the LCC mapping may not have the characteristic of high randomness. At the same time, this paper [13] does not point out the measures to improve the performance of the chaotic system. Therefore, a new 1-D compound Sine chaotic system (CSCS) is proposed with more complex behaviors. Based on two 1-D chaos systems, a novel chaos map can be produced by the CSCS. And we give an effective method to make the output of the novel chaos map randomly covered in the whole range. To obtain larger LEs, our method is simpler than that in Ref. 38. Here we summarize the innovations of this paper, as shown below.

(1) We propose a new 1-D compound Sine chaotic system (CSCS). By utilizing two common 1-D chaos maps, a lot of novel chaos systems with excellent performance can be generated by the CSCS. Then, we produce four novel 1-D chaos maps to confirm the practicability of the CSCS.

(2) We do the performance analyses of four new chaotic maps. A novel method is proposed to make these new mappings obtain larger Lyapunov exponents. And simulations indicate that these maps generated by the CSCS exhibit complex chaos behaviors.

(3) Based on two maps produced by the CSCS, Zigzag transform and Magic confusion, we design a novel fast image encryption scheme.

(4) Experimental data show that our encryption scheme is faster and better than other encryption algorithms.

We organize the rest of the paper as follows. In Sect. 2, we present the CSCS. Then, four novel chaos maps are produced by the CSCS. And it is analyzed about the performances of the four new chaotic maps. Section 3 proposes a new image encryption scheme based on two maps produced by the CSCS, Zigzag transform and Magic confusion. We simulate the proposed algorithm by use of various types of grayscale images in Sect. 4. Then, it is compared with other encryption schemes. Finally, we draw the conclusions in Sect. 5.

2 CSCS

In this section, four existing chaotic maps are first introduced as seed maps. Next discrete cascade chaos [32] and CTBCS [13] are analyzed. Then, a new 1-D compound Sine chaotic system (CSCS) is proposed. Finally, these chaotic maps generated by the CSCS have best chaotic behaviors compared with discrete cascade chaos and CTBCS. Here, bifurcation diagrams, sample entropy [39], NIST SP800-22 [40] and LEs are used to evaluate its chaotic performance.

2.1 Common maps

In the section, four common maps are introduced, including Tent map, Cubic map, Sine map and Logistic map. Mathematically, the four existing common maps can be defined as

  • Tent map: \( x_{n+1}= \mathcal {T}{({\alpha , x_n})}=1-2\alpha \vert {x_n-(2\alpha )^{-1} \vert } \)

  • Cubic map: \( x_{n+1}= {\mathcal {C}({\alpha , x_n})}=\vert 4x_n^3-3\alpha x_n \vert \)

  • Sine map: \( x_{n+1}= {\mathcal {S}({\alpha , x_n})}=\alpha \sin {(\pi x_n)}\)

  • Logistic map: \( x_{n+1}= {\mathcal {L}({\alpha , x_n})}=4\alpha x_n(1-x_n) \)

where \( \vert \cdot \vert \) represents an absolute value operation and \( \alpha \) is the control parameter, while \( \alpha \in (0,1) \).

Table 1 Four cascade chaotic maps
Full size table

2.2 Discrete cascade chaos

It is found that the cascade of chaotic systems can considerably improve the LEs of cascade chaos and increase system parameters and expand parameter regions of chaos mapping and full mapping [32]. We can use the following definition to illustrate discrete cascade chaos.

Definition 1

Given two different discrete chaotic seed maps \( \mathcal {F}_1(a, x_n) \) and \( \mathcal {F}_2(b, x_n) \) , \( x_n \in {\textbf {D}}^{\prime } \), \( \mathcal {F}_1(a, x_n)\in {\textbf {D}}_1 \), \( \mathcal {F}_2(b, x_n)\in {\textbf {D}}_2 \), \( n=0, 1, 2,\ldots \). If \( {\textbf {D}}^{\prime }={\textbf {D}}_1={\textbf {D}}_2\) is satisfied, we can get a new cascaded chaotic map. Discrete cascade chaos is defined as

$$\begin{aligned} x_{n+1}={\mathcal {F}_2(b, \mathcal {F}_1(a, x_n))} \end{aligned}$$
(1)

Here the control parameters include a and b. And we set \( {\textbf {D}}^{\prime }=[0,1] \) in the paper.

By use of two of the four common maps, we can get twelve 1-D cascade chaos maps combining Eq. (1). And here we introduce four cascade chaotic maps as shown in Table 1. For example, we can make use of the Cubic map and the Logistic map to produce the Logistic-Cubic(LC) map. Similarly, we can generate the LS map, the ST map and the LT map.

2.3 Common maps

Mathematically, we can use the following formula to describe the CTBCS.

$$\begin{aligned} x_{n+1}=\cos \{\pi [\mathcal {H}_1(c, x_n)+\mathcal {H}_2(d, x_n)+\gamma ] \} \end{aligned}$$
(2)

where \( \mathcal {H}_1(c, x_n) \) and \( \mathcal {H}_2(d, x_n) \) are two common chaos maps in Sect. 2.1. The control parameters include c and d, and the parameter \( \gamma \) is variable. In the paper [13], authors made use of the Logistic chaos map and the Sine chaos map to produce the Logistic-Sine-Cosine (LSC) chaotic map combining Eq. (2). Similarly, they produced the Sine-Tent-Cosine(STC) chaotic map. They also produced the Tent-Logistic-Cosine(TLC) chaos map. When \( \gamma =0.5 \), the three maps have chaotic intervals. At the same time, the whole data range can be randomly covered by their outputs. This means that their outputs may have the characteristic of high randomness. When the control parameter \( \alpha \) changes from 0 to 1, the LEs of the three chaotic maps are maintained at about 1.4.

According to the Logistic map and the Cubic map [32], we can generate the Logistic-Cubic-Cosine (LCC) map by use of the CTBCS. Mathematically, the LCC system can be represented as

$$\begin{aligned} x_{n+1}=\cos \{\pi [4\alpha x_n(1-x_n)+\vert 4 x_n^3-3(1-\alpha )x_n \vert +\gamma ] \} \end{aligned}$$
(3)

where \( c=\alpha \), \( d=1-\alpha \).

Considering the periodicity of Cosine function, we set \(\gamma \in [-1,1] \). As shown in Fig. 1, we can see that the bifurcation diagrams of the LCC map are different from the above three chaos maps, namely, the LSC chaotic map, the STC chaotic map and the TLC chaos map. Figure 2 presents the LE distributions about the LCC map. From Figs. 1 and 2, when we change the shifting constant \( \gamma \) from \(-1\) to 1, the whole data range cannot be randomly covered by the output of the LCC map. This means that the output of the LCC mapping may not have the characteristic of high randomness. That is, the chaotic performance of the LCC mapping is not as good as that of the three maps [13]. At the same time, there is no method to improve the performance of chaotic systems. A method was proposed and the LEs of Chebyshev–Chebyshev system were maintained at about 1.8 [3]. Some researchers increased the dimension of chaotic system to obtain larger LE [38]. The study show that the system can theoretically generate larger positive LE as long as the dimension of system is sufficiently high. With consideration of these issues, we propose a new 1-D compound Sine chaotic system (CSCS) to produce chaos maps with excellent performance.

Fig. 1
figure 1

Bifurcation diagrams of the LCC mapping: a \(\gamma =-0.8 \); b \(\gamma =-0.5 \); c \(\gamma =-0.2 \); d \(\gamma =-0.1 \); e \(\gamma =0.1 \); f \(\gamma =0.3 \); g \(\gamma =0.5 \); h \(\gamma =0.9 \)

Full size image
Fig. 2
figure 2

LE distributions of the LCC mapping

Full size image

2.4 Structure of CSCS

Aiming at the shortcomings of existing chaotic maps in weak dynamic behavior, a new 1-D compound Sine chaotic system (CSCS) is proposed. The CSCS is represented by the following equation.

$$\begin{aligned} x_{n+1}=\vert \beta \pi \sin \{\pi [\mathcal {U}_1(e, x_n)+\mathcal {U}_2(f, x_n)+\theta ] \} \vert \end{aligned}$$
(4)

where \( \mathcal {U}_1(e, x_n) \) and \( \mathcal {U}_2(f, x_n) \) are two common chaos maps in Sect. 2.1. The parameter \( \theta \) is variable, and e, f and \( \beta \) are their control parameters. Considering the periodicity of Sine function, we set \( \theta \in [-1,1] \). In the following analysis, we set \( e=\alpha \), \( f=1-\alpha \), \( \theta =0.5 \) and \( \beta >0 \). Since the two maps in the CSCS may be any common 1-D chaos map, researchers can flexibly use two different existing maps to generate many novel chaos maps.

By the use of two of the four common maps in Sect. 2.1, we can get six 1-D novel chaos maps combining Eq. (4). And here we introduce four chaotic maps as shown in Table 2. For example, we can make use of the Cubic map and the Logistic map to produce the Logistic-Cubic-Sine (LCS) map. Similarly, we can generate the LSS map, the STS map and the TLS map.

Table 2 Four new chaotic maps generated by the CSCS
Full size table
Fig. 3
figure 3

Bifurcation diagrams of LCS: a \(\beta =0.1 \); b \(\beta =0.3 \); c \(\beta =0.5 \); d \(\beta =1 \); e \(\beta =5 \); f \(\beta =10 \); g \(\beta =20 \); h \(\beta =50 \)

Full size image

Then, we begin to illustrate the excellent performance of the CSCS. Here, we explain it from the following two aspects: the bifurcation diagram and the Lyapunov exponent. By changing the control parameter \( \beta \), we draw eight bifurcation diagrams and eight LE spectra of the LCS map generated by the CSCS. For the convenience of comparison, these bifurcation diagrams are normalized. In other words, the value range of x falls between 0 and 1. As shown in Figs. 3 and 4, when the control parameter \( \beta \) is small, for example, \( \beta =0.5 \), the whole data range cannot be randomly covered by the output of the LCS map and the LEs of the LCS map are relatively small and not all greater than 0; the whole data range can be randomly covered by the output of the LCS map and the LEs of the LCS map are getting bigger when we increase the control parameter \( \beta \). When \( \beta =50 \) and \( \alpha \in [0,1] \) , the LEs of the LCS map are about 16.7. So we can increase the control parameter \( \beta \) to enhance the system performance. Shen et al. increased the dimension of chaotic system to obtain larger LE [38]. When the dimension of the system is 21, they can get a maximum LE of 15.3671. Obviously, our approach is simpler. Therefore, when a new chaotic map is generated by the CSCS using other existing 1-D maps as seed maps, we give an effective method to make the whole data range randomly covered by the output of the LCS map and to obtain larger LE.

Fig. 4
figure 4

LE distributions of LCS

Full size image
Fig. 5
figure 5

Bifurcation diagrams of these maps: a LSS; b STS; c TLS; d LCS; e LSC; f STC; g TLC; h LCC; i LS; j ST; k LT; l LC; m Logistic; n Sine; o Tent; p Cubic

Full size image

2.5 Analyses on the system performance

To confirm the excellent performance about our chaos systems, we discuss performance comparison and analyses about four types of chaotic maps, namely, our method, Hua’s method [13], Wang’s method [32] and common maps in Sect. 2.1. Then, bifurcation diagrams, sample entropy [39], NIST SP800-22 [40] and LEs are used to evaluate its chaotic performance.

2.5.1 Bifurcation diagram

When the control parameters of a map change, the topology of the map will change accordingly, and a bifurcation may occur. Using the bifurcation diagram of a dynamic system, researchers can observe the chaotic behaviors of the dynamic system. These bifurcation diagrams are shown in Fig. 5 when \( \alpha \) varies from 0 to 1. In the first row of Fig. 5, four bifurcation diagrams about LSS( \( \beta =23 \), Normalized), STS( \( \beta =225 \), Normalized), TLS(\( \beta =8 \), Normalized) and LCS(\( \beta =1 \), Normalized) are generated by the CSCS; Four bifurcation diagrams in the second row are generated by the CTBCS [13]; Four bifurcation diagrams in the third row are generated by discrete cascade chaos [32]. At the same time, we can see that only part of the phase planes is covered by the output states of the four common maps in the fourth row of Fig. 5. Similarly, only part of the phase planes is covered by the output states about four cascade chaotic maps. Moreover, only part of the phase plane is covered by their output states of the LCC map generated by CTBCS, too. But the four maps generated by the CSCS are full mapping when \( \alpha \) varies from 0 to 1. And the whole phase planes are randomly covered by the output states. In other words, this shows that the dynamic behaviors of these chaotic maps generated by our method are more robust and more random.

2.5.2 Lyapunov exponent

Chaotic dynamic systems have some important characteristics, such as its initial value sensitivity and unpredictability. In many chaotic evaluation techniques, the LE as a quantitative measurement method is used to judge whether a dynamic system is a chaotic system or not. We can use the following definition to illustrate the LE.

Definition 2

Given one-order difference equation \( x_{n+1} = Q(x_n) \), if Q(x) is differentiable, denoted as \( Q^{\prime }(x_n) \), then the LE is mathematically defined by

$$\begin{aligned} \lambda _{Q(x_n)}=\lim _{i\rightarrow \infty } \left[ \frac{1}{i} \sum _{n=0}^{i-1} \vert Q^{\prime }(x_n) \vert \right] \end{aligned}$$
(5)

When the LE of a dynamical system is greater than 0, the dynamical system has chaotic behavior. And then the system exhibits non-chaotic behavior if it is negative or zero. The larger the LE is, the faster the trajectories diverge. And the corresponding chaotic system has better system performance. As shown in Fig. 6, we plot the LEs about 16 chaotic maps. By the use of the CSCS, we can get four chaos maps, namely the LSS map, the STS map, the TLS map and the LCS map. Based on the CTBCS, we can get three maps, namely the LSC map, the STC map and the TLS map [13]. When \( \alpha \) is between 0 and 1, all LEs of the above seven maps are greater than 0. The LEs of the remaining 9 of the 16 maps are different from that of the above 7 maps. In other words, the LEs of these nine chaotic maps are sometimes greater than 0 and sometimes less than 0. In these four types of chaotic maps, that is, the maps generated by the CSCS, the maps generated by the CTBCS, the maps generated by cascade chaos and the common maps in Sect.  2.1, the first two have larger chaotic intervals than the last two. And we can observe that the maps generated by the CSCS have larger LEs compared with the maps generated by the CTBCS. Moreover, based on the analysis in Sect. 2.4, by increasing the control parameter \( \beta \), the maps generated by the CSCS can get larger LEs. Therefore, these chaotic maps generated by our proposed CSCS have more random chaotic behaviors.

Fig. 6
figure 6

LE comparisons of different chaos maps: a LSS, LSC , LS and Logistic; b STS, STC, ST and Sine; c TLS, TLC, LT and Tent; d LCS, LCC, LC and Cubic

Full size image

2.5.3 Sample entropy

At present, there are many methods to survey the regularity of a chaotic series, for example, the Kolmogorov entropy(KE) [41, 42], the approximate entropy(AE) [43, 44] and the sample entropy (SE)[39]. According to these research work [41, 45], a novel theory called AE was put forward to survey the regularity about a chaotic series. However, the AE has two obvious shortcomings, that is, the heavy reliance on the length of chaotic sequence and the lack of relative consistency [39]. In order to make up for these deficiencies, a new method called SE was put forward.

The SE effectively measures two aspects of discrete time series, namely complexity and randomness. When the SE of a dynamical system is greater than 0, then the dynamical system is a chaotic system. The larger the SE is, the more random the chaos series is. We can use the following definition to illustrate the SE.

Definition 3

For a u-dimensional time series \( {\textbf {P}}=\{p_1, p_2,\ldots , p_W\} \), the SE is given as follow:

$$\begin{aligned} SE(u, v, W)= -\log \frac{E_1}{E_2} \end{aligned}$$
(6)

where the template vector \( {\textbf {P}}_{u}(i)=\{ p_i, p_{i+1}, \ldots , p_{i+u-1} \} \). And \( G[{\textbf {P}}_{u} (i), {\textbf {P}}_{u} (j)] \) denotes the distance between the template vector \( {\textbf {P}}_{u}(i) \) and the template vector \( {\textbf {P}}_{u}(j) \) [44]. Let \( E_1 \) be the amount of vectors with \( G[{\textbf {P}}_{u+1}(i), {\textbf {P}}_{u+1}(j)]<v \). Similarly, \( E_2 \) denotes the amount of vectors with \( G[{\textbf {P}}_{u}(i), {\textbf {P}}_{u}(j)]<v \). Here we make u equal to 2 and v equal to 0.2 times of the standard deviation about the chaotic sequence.

Fig. 7
figure 7

SE comparisons of different chaos maps: a LSS, LSC, LS and Logistic; b STS, STC, ST and Sine; c TLS, TLC, LT and Tent; d LCS, LCC, LC and Cubic

Full size image

In Fig. 7, we compare the SEs of 16 different chaotic maps. Obviously, in general, we can see that the four chaotic maps designed utilizing our proposed method possess the biggest SEs. This means that our proposed method can develop chaotic maps with more random chaotic sequences.

2.5.4 NIST statistical test

A chaos pseudo-random series must satisfy the random characteristic of cryptography system. The chaos pseudo-random series must be inestimable for image encryption system. In order to illustrate that it is suitable for applying the maps designed utilizing the CSCS to image encryption, we use NIST SP800-22 to test the randomness of time series of the four maps generated by the CSCS. There are 15 sub-tests about NIST SP800-22 to examine the randomness of chaos series. Then, we will calculate the value of parameter p about the four new sequences produced by the CSCS. When the value of parameter p is greater than 0.01, we think the test is passed [40]. According to NIST’s recommendations, we test at least 100 binary streams. And the length of each binary stream is 1000000 bits. As shown in Table 3, the binary sequences generated using LSS( \( \alpha =0.2 \) ), STS( \( \alpha =0.8 \) ), TLS(\( \alpha =0.8 \)), and LCS( \( \alpha =0.8 \) ) can pass 15 sub-tests. In other words, the maps generated by the CSCS can generate pseudo-random series, which can be applied to image encryption.

Table 3 NIST test results about four sequences produced using LSS( \( \alpha =0.2 \) ), STS( \( \alpha =0.8 \) ), TLS(\( \alpha =0.8 \) ), LCS( \( \alpha =0.8 \) )
Full size table

3 Chaotic image cryptosystem

When a chaotic mapping is applied to cryptography, the security level about the cryptography system is seriously affected by the complexity of the chaos map. In this section, we use the LSS map and the LCS map in Sect. 2.4 to develop a new image encryption scheme, namely LSSLCS-based image encryption scheme (LSSLCS-IES). As we can see from Fig. 8, we give the flow chart of our new image encryption scheme. In order to make our encryption algorithm have excellent encryption effect, we design four scrambling operations, two image rotations and two diffusions in the encryption scheme. To facilitate the interpretation about our encryption scheme, the definitions of the LSS map and the LCS map are rewritten as follows:

$$\begin{aligned} x_{n+1}&=\vert \pi \beta _1 \sin \{\pi [4\alpha _1 x_n(1-x_n)\nonumber \\&\quad +(1-\alpha _1)\sin (\pi x_n)+\theta _1 ] \} \vert \end{aligned}$$
(7)
$$\begin{aligned} x_{n+1}&=\vert \pi \beta _2 \sin \{\pi [4\alpha _2 x_n(1-x_n) \nonumber \\&\quad +\vert 4x_n^3-3(1-\alpha _2)x_n \vert +\theta _2 ] \} \vert \end{aligned}$$
(8)
Fig. 8
figure 8

The flow chart of the proposed LSSLCS-IES

Full size image
Fig. 9
figure 9

Secret key structure

Full size image

3.1 Key generation

3.1.1 Secret key structure

As shown in Fig. 9, there are ten parts about the secret key of cryptosystem, including six system control parameters \( \alpha _1 \in [0,1] \), \( \beta _1 >0 \), \( \theta _1\in [-1,1] \), \( \alpha _2 \in [0,1] \), \( \beta _2 >0 \), \( \theta _2 \in [-1,1] \), two system initial values \(x_0 \in (0,1]\), \( y_0 \in (0,1]\), parameters \( N_d \) and \( N_r \) . Here \( N_d \) represents the number of discarded elements. And \( N_r \) denotes the rotating parameter in Image rotation 2 of the block diagram of LSSLCS-IES.

3.1.2 Generation of secret key

In order to expand the key space and enhance the ability to resist the chosen plaintext attack, we utilize SHA-256 function to generate the key. First of all, using SHA-256 function based on an original image, we can obtain 256-bit hash value \( {\textbf {K}} \). Then, we divide \( {\textbf {K}} \) into 32 blocks, each of which is 8 bits. The detailed description is as follows:

$$\begin{aligned} {\textbf {K}}={\textbf {k}}_1 {\textbf {k}}_2 \ldots {\textbf {k}}_{32}, {\textbf {k}}_i=k_{i1} k_{i2} \ldots k_{i8} \end{aligned}$$
(9)

where \( 1\le i \le 32 \). Then six system control parameters, namely, \( \alpha _1 \), \( \beta _1 \), \( \theta _1 \), \( \alpha _2 \), \( \beta _2 \), and \( \theta _2 \), are updated as follows:

$$\begin{aligned}&\alpha _1=\alpha _1+0.001\times (({\textbf {k}}_1 \oplus {\textbf {k}}_2 )\oplus {\textbf {k}}_3)\div 255 \end{aligned}$$
(10)
$$\begin{aligned}&\beta _1=\beta _1+0.001\times (({\textbf {k}}_4 \oplus {\textbf {k}}_5 )\oplus {\textbf {k}}_6)\div 255 \end{aligned}$$
(11)
$$\begin{aligned}&\theta _1=\theta _1+0.001\times (({\textbf {k}}_7 \oplus {\textbf {k}}_8 )\oplus {\textbf {k}}_9)\div 255 \end{aligned}$$
(12)
$$\begin{aligned}&\alpha _2=\alpha _2+0.001\times (({\textbf {k}}_{10} \oplus {\textbf {k}}_{11} )\oplus {\textbf {k}}_{12})\div 255 \end{aligned}$$
(13)
$$\begin{aligned}&\beta _2=\beta _2+0.001\times (({\textbf {k}}_{13} \oplus {\textbf {k}}_{14} )\oplus {\textbf {k}}_{15})\div 255 \end{aligned}$$
(14)
$$\begin{aligned}&\theta _2=\theta _2+0.001\times (({\textbf {k}}_{16} \oplus {\textbf {k}}_{17} )\oplus {\textbf {k}}_{18})\div 255 \end{aligned}$$
(15)

where the symbol \( \oplus \) denotes the bitxor operation. And we use Eqs. (16) and (17) to update initial values, namely \(x_0\) and \(y_0\).

$$\begin{aligned}&x_0=x_0+0.001\times (({\textbf {k}}_{19} \oplus {\textbf {k}}_{20} )\oplus {\textbf {k}}_{21})\div 255 \end{aligned}$$
(16)
$$\begin{aligned}&y_0=y_0+0.001\times (({\textbf {k}}_{22} \oplus {\textbf {k}}_{23} )\oplus {\textbf {k}}_{24})\div 255 \end{aligned}$$
(17)

In our encryption scheme, we also use two other parameters, namely \( N_d \) and \( N_r \), as the security key. Here the size of the original gray image is \( M \times N \) and the image matrix is denoted as \(({\textbf {I}}_0)_{M \times N} \). Using Eqs. (7) and (8), we iterate the two normalized chaotic systems \((M \times N+N_d)\) times. When the former \( N_d \) elements of original sequences are discarded, we can generate two novel sequences with \( M \times N \) elements. Then, the two new sequences are converted into the matrix \(({\textbf {S}}_1)_{M \times N} \) and the matrix \(({\textbf {S}}_2)_{M \times N} \). These two parameters are defined as follows:

$$\begin{aligned}&N_r=({\textbf {k}}_{25} \oplus {\textbf {k}}_{26} )\times M \div 4 \end{aligned}$$
(18)
$$\begin{aligned}&N_d={\textbf {k}}_{27} + {\textbf {k}}_{28} + {\textbf {k}}_{29} + {\textbf {k}}_{30} + {\textbf {k}}_{31} + {\textbf {k}}_{32} \end{aligned}$$
(19)

3.2 Image encryption scheme

Then, we will introduce the detailed process of our image encryption scheme as shown in Fig. 8.

3.2.1 Column confusion

According to the normalized chaos matrix \( {\textbf {S}}_1 \) produced by the LSS map, these pixel positions about a plain image are randomly shuffled by use of the column confusion. The column confusion is defined by

$$\begin{aligned} {\textbf {I}}_1=CC({\textbf {I}}_0, {\textbf {S}}_1) \end{aligned}$$
(20)

And then we use Table 4 for explaining the detailed process of the column confusion operation. At the same time, we give a numerical example about the column confusion as shown in Fig. 10. Here \( {\textbf {O}}_1 \) is the index matrix associated with the chaotic matrix \( {\textbf {S}}_1 \). And the pixels are shuffled through the column confusion operation.

Table 4 Column confusion
Full size table
Fig. 10
figure 10

A numerical example of column confusion

Full size image

3.2.2 Zigzag confusion

Recently, some scrambling algorithms have been proposed based on Zigzag transform [46, 47]. In the section, we propose a novel scrambling algorithm according to Zigzag transform. Zigzag confusion is defined by

$$\begin{aligned} {\textbf {I}}_2=ZC({\textbf {I}}_1) \end{aligned}$$
(21)

The detailed process about Zigzag confusion is described in Table 5. And we give a numerical example in Fig. 11. In the j-th column and the i-th row in the image, we use \( {\textbf {I}}_1 (i, j) \) to record the value of the pixel. And the calculation method of the corresponding index of this element is \( (i-1)\times M + j \), denoted as \( {\textbf {O}}_2 (i, j) \).

Table 5 Zigzag confusion
Full size table
Fig. 11
figure 11

A numerical example of Zigzag confusion

Full size image

3.2.3 Diffusion 1

Firstly, we can get the diffusion matrix \( {\textbf {S}}_{2N} \) by the following equation.

$$\begin{aligned} {\textbf {S}}_{2N}=mod(floor({\textbf {S}}_2 \times 10^{14}, 256) \end{aligned}$$
(22)

Here the function floor is used to take the nearest integer value in the direction of negative infinity. And this is the result of mod operation to ensure that each element of \( {\textbf {S}}_{2N} \) is an integer and is in the range of [0, 255]. Then, we can obtain the image pixel matrix \( {\textbf {I}}_3 \) by the following diffusion equation.

$$\begin{aligned} {\textbf {I}}_3={\textbf {S}}_{2N}\oplus {\textbf {I}}_2 \end{aligned}$$
(23)

3.2.4 Image rotation 1

In the section, by use of the rot90 function of MATLAB, the image \( {\textbf {I}}_3 \) is rotated 90 degrees counterclockwise to get a new image pixel matrix \( {\textbf {I}}_4 \).

3.2.5 Row confusion

According to the normalized chaos matrix \( {\textbf {S}}_2 \) developed by the LCS map, these pixel positions about the image pixel matrix \( {\textbf {I}}_4 \) are randomly shuffled by use of the row confusion. Here we use Eq. (24) to define the row confusion.

$$\begin{aligned} {\textbf {I}}_5=RC({\textbf {I}}_4, {\textbf {S}}_2) \end{aligned}$$
(24)

And then we use Table 6 for explaining the detailed process of the row confusion operation. At the same time, we give a numerical example about the row confusion as shown in Fig. 12. Here \( {\textbf {O}}_3 \) is the index matrix associated with the chaotic matrix \( {\textbf {S}}_2 \). And the pixels are shuffled through the row confusion operation.

Table 6 Row confusion
Full size table
Fig. 12
figure 12

A numerical example of row confusion

Full size image

3.2.6 Magic confusion

In the section, using the magic function of MATLAB, let’s do Magic confusion operation. First of all, supposing that the size about the image \( {\textbf {I}}_5\) is \( M \times N \) , we use the following definition to explain the parameter \( P_M \).

$$\begin{aligned} P_M=Max \{M, N \} \end{aligned}$$
(25)

Then, we can get a magic matrix \( {\textbf {M}}_M \) based on the magic function. The generation rules of the index matrix \( {\textbf {O}}_4 \) are as follows: If M equals N, let \( {\textbf {O}}_4= {\textbf {M}}_M \); if M is not equal to N, we discard \( P_M \times P_M- M \times N \) elements in matrix \( {\textbf {M}}_M \) because the number of these elements about the magic matrix is greater than \( M \times N \). As shown in Fig. 13, we give a numerical example about the generation the index matrix \( {\textbf {O}}_4 \) when we let \( M=4 \) and \( N=3 \). Here Magic confusion is defined by

$$\begin{aligned} {\textbf {I}}_6=MC({\textbf {I}}_5, {\textbf {O}}_4) \end{aligned}$$
(26)

The detailed process of Magic confusion operation is described as shown in Table 7. And here we give a numerical example as shown in Fig. 14.

Fig. 13
figure 13

A numerical example of the generation the index matrix \( {\textbf {O}}_4 \)

Full size image

3.2.7 Diffusion 2

In the section, we can get the diffusion matrix \( {\textbf {S}}_{1N} \) by the following equation.

$$\begin{aligned} {\textbf {S}}_{1N}=mod(floor({\textbf {S}}_1 \times 10^{14}, 256) \end{aligned}$$
(27)

And we can get the cipher image pixel matrix \( {\textbf {I}}_7 \) by the following diffusion equation.

$$\begin{aligned} {\textbf {I}}_7={\textbf {S}}_{1N}\oplus {\textbf {I}}_6 \end{aligned}$$
(28)

3.2.8 Image rotation 2

In the section, we firstly convert the gray scale image \( {\textbf {I}}_7 \) into the 1-D image pixel array \( {\textbf {S}}_{I7} \)

by the use of the reshape function of MATLAB. Then, we can obtain a new image pixel array \( {\textbf {S}}_{I8} \) by rotating the array \( {\textbf {S}}_{I7} \) to the left according to the number of \( N_r \). And the security key \( N_r \) is defined by Eq. (18) in Sect. 3.1.2. \( {\textbf {S}}_{I8} \) can be calculated as follows:

$$\begin{aligned} \left\{ \begin{array}{lr} {\textbf {S}}_{I8}(i-N_r)={\textbf {S}}_{I7}(i), &{} i-N_r \ge 1 \\ {\textbf {S}}_{I8}(i-N_r+M \times N)={\textbf {S}}_{I7}(i), &{} else \end{array} \right. \end{aligned}$$
(29)

The rotating operation can increase the strength of the image encryption [3]. Finally, we convert the image array \( {\textbf {S}}_{I8} \) into a new cipher image pixel matrix \( {\textbf {I}}_8 \) by the use of the reshape function of MATLAB, too.

Table 7 Magic confusion
Full size table
Fig. 14
figure 14

A numerical example of Magic confusion

Full size image

3.3 Image decryption scheme

We employ the same key and the same chaos series between the image encryption process and the image decryption process in our proposed scheme. At the same time, these confusion operations in the encrypted scheme are all reversible; the bitxor operation is also reversible. Based on these analyses, we know that its decryption process is the reverse process of image encryption. Considering the limitation of the length of our paper, we omit the detailed introduction of the decryption.

4 Experimental results and performance analysis

In the section, we have performed many experiments on general image sets to prove the effectiveness of our developed scheme. Here we choose some pictures from the USC-SIPI image database to do experimentsFootnote 1. MATLAB 2019b is utilized to implement the encryption and decryption program. The software and hardware configuration of the computer is as follows: \( i7-7700HQ \quad CPU@2.80 GHz \) , 32 GB memory and Windows 10 operating system. Compared to other advanced schemes, simulation tests show that our scheme not only has higher security but also faster encryption speed.

The specific experimental results are analyzed in detail as follows.

4.1 Simulation results

Three images with various characteristics and sizes are selected to illustrate our image encryption and decryption process. In the illustration experiment, we choose images 5.1.13(\( 256 \times 256 \)), elaine.512(\( 512 \times 512 \)), 7.2.01(\( 1024\times 1024 \)), All-black(\( 512 \times 512 \)) and All-white(\( 512 \times 512 \)) to show the universality of the proposed algorithm. We give the image encrypted results and the image decrypted results in Fig. 15. From Fig. 15, we can see that both the encrypted images and the original images are totally different. In other words, we cannot obtain any valid information about the plain images based on their encrypted images.

Fig. 15
figure 15

Plain image, ciphered image, and decrypted image of the test images: a 5.1.13; b elaine.512; c 7.2.01; d All-black; e All-white

Full size image

Generally speaking, digital images require a strong real-time property in the communication. So encryption efficiency is also one of the important performance indicators of an encryption scheme. In order to facilitate time complexity analysis, we assume that the encrypted image size is \( M \times N\). The proposed encryption algorithm is mainly divided into two parts, namely the confusion operations and the diffusion operations. The time complexity analysis of the confusion mainly includes six parts: column confusion, Zigzag confusion, row confusion, magic confusion, rotation 1 and rotation 2. The total time complexity required for the confusion phase is calculated as \( \Theta (M \times \log M + N \times \log N + 5 \times M \times N)\) . The time complexity analysis of the diffusion mainly includes two parts: diffusion 1 and diffusion 2. The total time complexity of the diffusion phase is calculated as required \( \Theta (2 \times M \times N)\). Therefore, the time complexity of the proposed encryption algorithm is \( \Theta (M \times \log M + N \times \log N + 7 \times M \times N)\). The encryption time about our developed scheme is shown in Table  8, and comparisons with other algorithms are shown in Table 9. The given time for encrypting one image is the average value of 10 tests. As shown in Table 9, encryption time consumptions about our proposed scheme are the least, that is, encryption efficiency of our algorithm is the best.

Table 8 Encryption time consumptions (seconds) using our scheme
Full size table
Table 9 Encryption time consumptions (seconds) using different schemes
Full size table

4.2 Security analysis

4.2.1 Key space

Having enough key space is one of the important performance indexes of a good encryption algorithm. The key space needs to be at least \( 2^{100} \) [25, 53, 54]. Theoretically, the larger key space provides stronger algorithm security. In our image encryption system, there are two types of keys as follows: (1) initial values \( x_0 \) and \( y_0 \), the control parameters \( \alpha _1 \), \( \beta _1 \), \( \theta _1 \), \( \alpha _2 \), \( \beta _2 \), and \( \theta _2 \); (2) the starting index \( N_d \), the rotating index \( N_r \).

If each of the first eight parameters has an accuracy of \( 10^{-14} \), the first type of key space is \( 10^{14 \times 8} \). And we can get the starting index \( N_d \in [0, 1530] \) and \( N_r \in [0, 255 \times M \div 4] \) based on Sect. 3.1.2. M denotes the number of lines of an original image. The key space can be calculated as follows:

$$\begin{aligned} S_k&=10^{14 \times 8} \times 1531 \times (255 \times M \div 4+1)\nonumber \\&\approx 1.5482M \times 2^{388} \gg 2^{100} \end{aligned}$$
(30)

Obviously, our proposed cryptosystem has enough key space to resist brute-force attack.

4.2.2 Statistical analyses

We discuss the resistance ability of an image encryption scheme for statistical attacks from the following four aspects: histogram, correlation, information entropy and local Shannon entropy [55]. In this part, we employ many experiments to prove the reliability of our designed algorithm as follows.

(1) Histogram

In digital images, the histogram represents the statistical relation of the number of occurrences about per gray level [56, 57]. In order to resist statistical attacks, an encrypted image of an excellent encryption scheme must have a flat and uniform histogram. As we can see from Fig. 16, the three histograms of the plain images are unevenly distributed and fluctuates greatly, but the three corresponding encrypted images have almost flat histograms.

Fig. 16
figure 16

Histograms: ac 5.1.13, elaine.512, 7.2.01; df encrypted 5.1.13, encrypted elaine.512, encrypted 7.2.01

Full size image

Next, we employ the histogram variance analysis and the chi-square test to evaluate uniformity of the image. Here, we assume that the encrypted image size is \( M \times N \) and the range of image gray value is 0 to 255. Then, the variance of a histogram is defined as follows:

$$\begin{aligned} Var(Z)= \sum _{i=0}^{255} \sum _{j=0}^{255} \frac{(z_i-z_j)^2}{2 \times 256^2} \end{aligned}$$
(31)

and the Chi-square test \((\chi ^2)\) is defined as follows:

$$\begin{aligned} \chi ^2 = \sum _{k=0}^{255} \frac{(w_k-w_e)^2}{w_e} \end{aligned}$$
(32)

where \(Z =\{z_0, z_1, \ldots , z_{255}\}\) is the vector of the histogram values, \( z_i (z_j) \) represents the number of pixels with gray value i(j) in the image, \( w_k \) is the frequency of occurrence of pixel value k and \( w_e = M \times N /256 \).

When the value of the Var is lower, the grayscale uniformity of a histogram is better. That is, the effect of the cipher scheme is better [58]. When the test degree is 0.05, we can get the standard value \( \chi ^{2}_{0.05} = 293.2478\). If the calculated \( \chi ^{2} \) result is less than the standard value, the Chi-square test is passed [17]. The calculated results about the Var and the Chi-square are listed in Table 10. On the one hand, the Var of the cipher image is obviously lower than that of the original image. On the other hand, the \( \chi ^{2} \) of all encrypted images are smaller than the standard value, which means that the pixel value distributions of these encrypted images are uniform. Therefore, our encryption scheme has high security.

Table 10 Var and \( \chi ^{2} \) of the histogram
Full size table

(2) Correlation between adjacent pixels

Generally speaking, having a correlation coefficient close to 0 is one of the important performance indicators of an excellent encryption scheme. Then, we give the three formulas to calculate the correlation coefficients from three directions, namely the horizontal direction, the vertical direction and the diagonal direction.

$$\begin{aligned}&r_{xy}=\frac{cov(\eta , \rho )}{\sqrt{D(\eta )D(\rho )}} \end{aligned}$$
(33)
$$\begin{aligned}&cov(\eta , \rho )=\frac{1}{N} \sum _{i=0}^{N} (\eta _i-E(\eta ))(\rho _i-E(\rho )) \end{aligned}$$
(34)
$$\begin{aligned}&D(\eta )=\frac{1}{N} \sum _{i=0}^{N} (\eta _i-E(\eta ))^2, \quad E(\eta )=\frac{1}{N} \sum _{i=0}^{N} \eta _i \end{aligned}$$
(35)

where we use \( \eta \) and \( \rho \) to record gray values about two adjoining pixels in a digital image. \( E(\eta ) \) represents its mean. \( D(\eta ) \) represents its variance. And \( cov(\eta , \rho ) \) represents the covariance of the corresponding pairs of pixel values.

Table 11 Correlation coefficients of encrypted images
Full size table

As shown in Table 11, we can clearly see that the correlations are very small. There are about \( 40\% \) of the cipher images whose absolute value of correlation coefficients is less than 0.0001. Moreover, the minimum correlation value of the ciphered test images is \( -2.45 \times 10^{-5} \). As we can see from Figs. 171819, we draw the correlation coefficient graphs of three original images and three corresponding encrypted images. Obviously, it is very strong about the correlations of the three original images in three directions. But the points of these ciphered images are randomly covered in the entire space. Therefore, the effect of our encryption scheme is satisfactory.

(3) Information entropy

Generally speaking, we can use information entropy (IE) to describe the randomness of digital image information. For a whole image \( {\textbf {S}} \), we can describe the mathematical definition of image IE utilizing the following equation.

$$\begin{aligned} H({\textbf {S}})= - \sum _{i=0}^{2^n-1} P_1(s_i)\log _2(P_1(s_i)) \end{aligned}$$
(36)

where \( P_1 (s_i) \) represents the probability about the occurrence of \( s_i \). And \( s_i \) is the pixel value from 0 to 255 for an 8-bit gray image. In theory, a 256-level grayscale image has \( 2^8 \) possibilities of grayscale value. Therefore, the ideal value is equal to 8 about IE of this kind of image. In this sense, if the IE of the encrypted image obtained by a certain encryption scheme is closest to 8, then the effect of the encryption scheme is the best.

As we can see from Table 12, we give the IE results of plain images and the ciphered images utilizing three encryption algorithms. In the 28 test images, the scores of the IE of 20 encrypted images with our designed scheme are the largest. And the three average scores of the information entropy with our algorithm are also the largest for three different sizes of images.

Fig. 17
figure 17

Correlation of 5.1.13: ac Horizontal, Vertical, Diagonal (5.1.13); df Horizontal, Vertical, Diagonal (ciphered 5.1.13)

Full size image
Fig. 18
figure 18

Correlation of elaine.512: ac Horizontal, Vertical, Diagonal (elaine.512); df Horizontal, Vertical, Diagonal (ciphered elaine.512)

Full size image
Fig. 19
figure 19

Correlation of 7.2.01: ac Horizontal, Vertical, Diagonal (7.2.01); df Horizontal, Vertical, Diagonal (ciphered 7.2.01)

Full size image

In addition, we also made a comparative test with the other two image encryption algorithms. As shown in Table 13, the IE of the encrypted Lena obtained by our encryption algorithm is closest to 8. And we can see that the encrypted image is most random.

(4) Local Shannon entropy

Global Shannon entropy, that is the information entropy introduced in the previous chapter, has some known weaknesses, including the inaccuracy, the inconsistency and the low efficiency [55]. To overcome these weaknesses, the local Shannon entropy (LSE) has been proposed. The LSE is calculated as

$$\begin{aligned} H_{k, T_{\textbf {B}}}({\textbf {S}})= - \sum _{i=0}^{k} \frac{H({\textbf {S}}_{{\textbf {B}}_i})}{k} \end{aligned}$$
(37)

Here let’s divide the whole image \( {\textbf {S}} \) into k sub image blocks. At the same time, any two sub image blocks cannot overlap. We use \( {\textbf {B}}_i (1 \le i\le k) \) to record sub-blocks. There are \( T_{\textbf {B}} \) pixels in each sub-block. In order to facilitate the comparative experiments with other encryption algorithms, we let \( \alpha _3=0.05 \), \( k=30 \) and \( T_{\textbf {B}} =1936 \) [14]. When the score of the LSE about a ciphered image is between 7.901901305 and 7.903037329, the LSE test is passed [55]. According to the above settings, we can obtain its theoretical value, namely 7.902469317. As we can see from Table 14, we give the LSE results. From Table 14, we can see that the pass rate of our algorithm is 26/28, which is significantly higher than the values of 24/28 [14], 20/28 [52] and 17/25 [12]. At the same time, the average value of the LSE obtained by our algorithm is 7.902454 and the standard deviation is 0.000376. In the comparison results, the average value of the LSE about the cipher images produced by our proposed scheme is very close to 7.902469317. And the corresponding standard deviation is the smallest. Thus, our proposed scheme has higher security.

4.2.3 Differential attack analyses

In general, we discuss the resistance ability for differential attacks from the following two aspects: NPCR and UACI, namely the number of pixels change rate and the unified average changing intensity [60]. Suppose that \( C_1 \) and \( C_2 \) are different ciphered images, and there is only one different pixel value about their corresponding plain images. Here we can use the following two formulas to describe the definitions of NPCR and UACI.

$$\begin{aligned}&NPCR= \sum _{i,j} \frac{D_d (i,j)}{M \times N} \times 100\% \end{aligned}$$
(38)
$$\begin{aligned}&UACI= \sum _{i,j} \frac{\vert C_1(i,j)-C_2(i,j) \vert }{M \times N \times \sigma } \times 100\% \end{aligned}$$
(39)

where all images have the same size, that is \( M \times N \). And \( \sigma \) represents the maximum pixel value. \( D_d \) records the difference between \( C_1 \) and \( C_2 \), which is defined as

$$\begin{aligned} D_d (i,j)= {\left\{ \begin{array}{ll} 0, &{} \text{ if } C_1 (i,j)= C_2 (i,j); \\ 1, &{} \text{ if } C_1 (i,j)\ne C_2 (i,j). \end{array}\right. } \end{aligned}$$
(40)

We use \( I_{NPCR} \) to record the theoretical value of the NPCR, which is 99.6094 % [25]. Similarly, we use \( I_{UACI} \) to record the theoretical value of the UACI, which is 33.4635%. In addition, Wu \( et al. \) [61] developed more accurate criteria for the NPCR and the UACI. Based on a given significance level, namely \( \alpha _4 \), we can use the following formula to calculate the critical value of the NPCR, namely \( N^*_{\alpha _4} \).

$$\begin{aligned} N^*_{\alpha _4}=\frac{\sigma -\Phi ^{-1} (\alpha _4) \sqrt{\sigma /(M \times N)}}{\sigma +1} \end{aligned}$$
(41)

where \( \Phi (\alpha _4)\) represents its cumulative density function when the parameter \( \alpha _4 \) obeys the standard normal distribution. And \( \Phi ^{-1} (\alpha _4)\) represents the corresponding inverse function. Then, we start to analyze the NPCR test. The NPCR test is considered to have passed if the NPCR score of an image encryption scheme is greater than \( N^*_{\alpha _4} \). Similarly, the UACI test is considered to have passed if the UACI score of an image encryption scheme is between \( U^{*-}_{\alpha _4} \) and \( U^{*+}_{\alpha _4} \) [61].

Table 12 Information entropy analysis
Full size table

In our experiment, we select the 28 gray scale images from the USC-SIPI image database. For the sake of generality, we randomly select a pixel in a plain image and then change its pixel value. And the test result of each image is the average of 100 test values. The specific rule is as follows:

$$\begin{aligned} s_i= {\left\{ \begin{array}{ll} s_i +1, &{} \text{ if } s_i \ne 255; \\ s_i -1, &{} \text{ if } s_i= 255. \end{array}\right. } \end{aligned}$$
(42)

Here \( s_i \) is the pixel value. It is shown from the results about the NPCR test and the UACI test of our proposed scheme for different images in Table 15. There are an approximately 94.69 cent pass rate for the NPCR test and an approximately 92.11 cent pass rate for the UACI test when \( \alpha _4 \) is equal to 0.05. In addition, by the use of different encryption scheme, the comparisons of the NPCR test and the UACI test of these encrypted images are shown as in Table 16. And our scheme can pass two types of tests for 28 images. At the same time, the average value of the NPCR about our scheme is the second closest to 99.6094%. Similarly, the theoretical value and the mean of the UACI about our scheme are the closest. Using our encryption scheme, we can get the minimum standard deviation of the NPCR and we can get the second smallest standard deviation of the UACI. In conclusion, the image encryption scheme designed by us has the strong resistance ability for differential attacks.

4.2.4 Key sensitivity

In general, a complex chaotic system can produce two completely different series when two initial conditions are slightly different. A good cipher scheme must be highly sensitive to the key. Initial value sensitivity is an important characteristic of chaotic mapping. Therefore, chaotic map is very suitable for encryption algorithm. The key of our algorithm involves 10 parameters.

To check the key sensitivity about our algorithm, the image called elaine.512 is firstly encrypted by use of the following key:

K1: \( x_0 \), \( y_0 \), \( \alpha _1 \), \( \beta _1 \), \( \theta _1 \), \( \alpha _2 \), \( \beta _2 \), \( \theta _2 \), \( N_d \), \( N_r \).

Then, we change one of the ten parameters with a tiny change and the rest remain unchanged during the encryption process and the decryption process. Several modified keys are listed as follows:

K2: \( x_0+10^{-14} \), \( y_0 \), \( \alpha _1 \), \( \beta _1 \), \( \theta _1 \), \( \alpha _2 \), \( \beta _2 \), \( \theta _2 \), \( N_d \), \( N_r \).

K3: \( x_0 \), \( y_0 +10^{-14} \), \( \alpha _1 \), \( \beta _1 \), \( \theta _1 \), \( \alpha _2 \), \( \beta _2 \), \( \theta _2 \), \( N_d \), \( N_r \).

K4: \( x_0 \), \( y_0 \), \( \alpha _1 +10^{-14} \), \( \beta _1 \), \( \theta _1 \), \( \alpha _2 \), \( \beta _2 \), \( \theta _2 \), \( N_d \), \( N_r \).

K5: \( x_0 \), \( y_0 \), \( \alpha _1 \), \( \beta _1 \), \( \theta _1+10^{-14} \), \( \alpha _2 \), \( \beta _2 \), \( \theta _2 \), \( N_d \), \( N_r \).

K6: \( x_0 \), \( y_0 \), \( \alpha _1 \), \( \beta _1 \), \( \theta _1 \), \( \alpha _2 \), \( \beta _2 +10^{-14} \), \( \theta _2 \), \( N_d \), \( N_r \).

In the encryption process, by the use of six slightly different keys, we can get six encrypted images, that is, \(P_0\), \(P_1\), \(P_2\), \(P_3\), \(P_4\) and \(P_5\). As shown in Fig. 20, these six encrypted images are noise-like images. Here the NPCR and the UACI are used to quantitatively evaluate the key sensitivity about our proposed scheme [62, 63]. According to Eqs. (38) and (39), we can obtain the values of the NPCR and the UACI between the encrypted image \(P_0\) and the encrypted image \(P_1\). Similarly, we can get the values of the NPCR and the UACI between the encrypted image \(P_0\) and the encrypted image \(P_2\) in Table 17. From Table 17, we can see that the values of the NPCR and the UACI are close to the ideal values, that is, \( I_{NPCR} =99.6094\% \) and \( I_{UACI} =33.4635\% \) [25]. This means that these encrypted images obtained with slightly different keys are almost completely different. In the decryption process, we decrypt the cipher image \(P_0\) by the five keys, namely K2, K3, K4, K5, K6. As we can see from Fig. 21, the original image cannot be decrypted correctly as long as the key changes slightly. That is to say, our algorithm has high key sensitivity.

4.2.5 Randomness of encrypted images

To resist statistic attacks, the pixel distribution of an ideal encrypted image should obey uniform distribution. In Sect.  2.5.4, we used NIST SP800-22 to test the randomness of chaos series. Similarly, we employ NIST SP800-22 to test the randomness of encrypted images. The NIST test results are shown in Table 18. Due to the insufficient cycle number length of binary sequences of encrypted elaine.512 and encrypted 7.2.01, these two test items, namely “Random-Excursions” and “Random-Excursions Variant,” are not applicable [64]. At the same time, we can see that other test items have smoothly passed about these two encrypted images. To obtain binary sequences with sufficient number of cycles, we use the method in Ref. 13. In our test, 120 digital images, that is, filenames from 1.pgm to 120.pgm, are selected from the BOWS-2 databaseFootnote 2. By the use of the LSSLCS-IES, we can get 120 encrypted images and 120 corresponding binary sequences. Then, the 120 binary sequences called ChenTZN are used as input in our test. At this time, the binary sequence is long enough [13]. As shown in Table 18, these encrypted images generated by our encryption scheme can pass all 15 sub-tests. In conclusion, the above analyses show that these encrypted image distributions are high random.

Table 13 Comparison of information entropy
Full size table
Table 14 Comparative analysis of local Shannon entropy
Full size table
Table 15 Test analyses of NPCR (%) and UACI (%) for our scheme
Full size table
Table 16 Test analyses of NPCR (%) and UACI (%) for different schemes
Full size table
Fig. 20
figure 20

Encrypted images according to different keys: a \( P_0(K1) \); b \( P_1(K2) \); c \( P_2(K3) \); d \( P_3(K4) \); e \( P_4(K5) \); f \( P_5(K6) \)

Full size image

4.2.6 Four classical types of attacks

Generally speaking, there are four classical types of attacks, that is, ciphertext only, chosen plaintext, known plaintext and chosen ciphertext. We know that chosen plaintext attack is the most difficult attack to resist [65]. As long as an encryption system can resist the attack, it can resist the remaining three types of attacks. In order to enhance the ability to resist the chosen plaintext attack, we utilize SHA-256 function to generate the key. As shown in key sensitivity analysis, our cipher scheme is highly sensitive to initial values \( x_0 \), \( y_0 \), the control parameters \( \alpha _1 \), \( \beta _1 \), \( \theta _1 \), \( \alpha _2 \), \( \beta _2 \), \( \theta _2 \), the starting index \( N_d \), and the rotating index \( N_r \). Therefore, our proposed algorithm can resist the chosen plaintext attack.

4.2.7 Encryption quality measurement

(1) Energy

The energy is the sum of the square of the element values of the gray level co-occurrence matrix (GLCM), which reveals the gray level distribution of the image. The lower the energy value, the more uniform the grayscale distribution of the image. It is defined as

$$\begin{aligned} Ene= \sum _{i,j} p^2(i, j) \end{aligned}$$
(43)

where p(ij) is the number of GLCM matrices [66]. The energy calculation results of different encrypted images generated by different algorithms are shown in Table 19. From the results, the proposed encryption algorithm can effectively reduce the value of energy. At the same time, it has considerable encryption performance compared with other algorithms.

(2) Contrast

The contrast of an image reflects the clarity of the image, that is, the clarity of the texture. The greater the contrast, the deeper the texture grooves of the adjacent pixels of the image [67]. Therefore, a secure ciphertext image should have a large contrast to prove that its texture is non-homogeneous [68]. The contrast is defined as

$$\begin{aligned} Con = \sum _{i} \sum _{j} (i-j)^2 p(i, j) \end{aligned}$$
(44)
Table 17 Values of the NPCR and the UACI of encrypted images
Full size table
Fig. 21
figure 21

Decrypted images according to different keys: ae K2, K3, K4, K5, K6; f the correct key K1

Full size image

where p(ij) is the number of GLCM matrices. The contrast calculation results are shown in Table 19. The results show that the contrast of the encrypted image is greatly improved, so the proposed encryption algorithm has better encryption performance.

(3) Homogeneity

The homogeneity is used to describe how close the distribution of elements in the GLCM is to the diagonal of the GLCM [68]. A secure ciphertext image should have small homogeneity. It is defined as

$$\begin{aligned} Hom = \sum _{i} \sum _{j} \frac{p(i, j)}{1+abs(i-j)} \end{aligned}$$
(45)

where p(ij) is the number of GLCM matrices. The range of homogeneity value is [0, 1]. The homogeneity calculation results are shown in Table 19. The results show that the proposed encryption algorithm can effectively reduce the value of homogeneity indicating that the ciphertext image is secure.

Table 18 NIST test results about three encrypted images
Full size table
Table 19 Encryption quality analysis results
Full size table
Fig. 22
figure 22

Simulation results of cropping attacks: a the ciphered plain image and the recovered image; bd the ciphered images (1/16 loss, 1/8 loss, 1/4 loss) and the corresponding recovered images

Full size image
Fig. 23
figure 23

Simulation results of noise attacks: a the ciphered plain image and the recovered image; be the ciphered images (1% salt and pepper noise, 1% Gaussian noise, 1% speckle noise, Poisson noise) and the corresponding recovered images

Full size image

4.2.8 Robustness analysis of noise and clipping attacks

When we transmit encrypted images in 5G communication networks, hackers often use some techniques to prevent the information receiver from obtaining the correct decryption information. These techniques include noise attacks and clipping attacks. Therefore, an excellent encryption scheme should not only have the ability to resist clipping attacks and noise attacks, but also have good robustness. In the following experiments, we choose elaine.512 as the test image.

To test the clipping attack, 1/16, 1/8, and 1/4 of the cipher images are permanently damaged, respectively. The damaged cipher images are decrypted separately. The experimental results are shown in Fig.  22. The results show that even if the encrypted image loses 1/4 of the information, the relevant decrypted image can still recover a large amount of original image information. Therefore, the proposed algorithm can effectively resist the clipping attack.

To confirm the robustness of our designed scheme, four kinds of noises, namely salt and pepper noise(SPN), Gaussian noise(GN), speckle noise(SN) and Poisson noise(PN), are added to the encrypted image. The noise intensity(NI) of four kinds of noises is 1%. Then, the correct key is used to decrypt the noisy images, respectively, and the related experimental results are shown in Fig. 23. In addition, according to Eqs. (38) and (39), we can calculate the NPCR and UACI values between different noisy encrypted images and original encrypted images, respectively. At the same time, the PSNR values are also calculated between the relevant decrypted images and the original image, as shown in Table 20. Table 21 shows the comparative experimental results of the anti-noise attack capabilities of different encryption schemes. Although the encrypted image is polluted by various noises, the decrypted images can still recover a lot of original image information. It shows that the proposed scheme can against noise attacks.

Therefore, our scheme not only has the strong ability to resist clipping attacks and noise attacks but also has good robustness.

Table 20 Robustness analysis of four kinds of noises
Full size table
Table 21 Comparison with other algorithms under different noises
Full size table

5 Conclusion

In the paper, a new 1-D compound Sine chaotic system called CSCS is firstly proposed. Using four existing 1-D chaotic maps and the CSCS, then we obtain four new 1-D chaotic maps. Through the analysis of bifurcation diagrams, the comparison of Lyapunov exponents, the comparison of sample entropy and the experiments of NIST statistical test, the four chaotic maps generated by the CSCS show significantly superior chaotic performance. Secondly, we propose a new image encryption scheme known as LSSLCS-IES based on the LSS map and the LCS map produced by the CSCS. Finally, by employing the comparisons of encryption time, key space analyses, the analyses of resistance to statistical attacks, the experiments against differential attacks, the GLCM analysis, and the analyses of resistance to clipping attacks and four types of noise attacks, our scheme has higher security and less time consumption than several other advanced image encryption schemes.