Medical image encryption algorithm based on a new five-dimensional multi-band multi-wing chaotic system and QR decomposition

In this study, we propose a medical image encryption algorithm based on a new five-dimensional (5D) multi-band multi-wing chaotic system and QR decomposition. First, we construct a new 5D multi-band multi-wing chaotic system through feedback control, which has a relatively large Lyapunov exponent. Second, we decompose the plaintext image matrix and chaotic sequence into an orthogonal matrix and upper triangular matrix using QR decomposition. We multiply the orthogonal matrix decomposed from the original image by the orthogonal matrix decomposed from the chaotic sequence. In this process, we use the chaotic sequence to control left and right multiplication. Simultaneously, we chaotically rearrange the elements in the upper triangular matrix using the improved Joseph loop and then multiply the two resulting matrices. Finally, we subject the product matrix to bit-level scrambling. From the theoretical analysis and simulation results, we observed that the key space of this method was relatively large, the key sensitivity was relatively strong, it resisted attacks of statistical analysis and gray value analysis well, and it had a good encryption effect for medical images.

the medical image encryption algorithm based on chaos has higher security, stronger anti-attack ability, and good characteristics in terms of complexity 15 .Therefore, experts and scholars have proposed many medical image encryption algorithms based on chaos 1,7-9,13,14, [16][17][18][19][20][21][22][23] .In 2019, Belazi et al. 8 proposed the use of the SHA-256 hash function and DNA coding for medical image encryption.In 2017, Cao et al. 16 proposed the generation of various edge images through various thresholds and edge detectors, and then encrypted each edge image.In 2021, Kamal et al. 18 introduced the use of jagged patterns, rotation, and random arrangement to scramble image blocks.In 2016, Dai et al. 19 proposed encryption in the upper four bits and kept the lower four bits unchanged to improve the efficiency of medical image encryption.In 2020, Bi et al. 20 applied an adaptive function to medical image encryption, which improved the complexity of encryption technology.In 2020, Zhuang et al. proposed the QR decomposition method to decompose the plaintext image matrix and five chaotic sequences into an orthogonal matrix and upper triangular matrix, respectively.Then they multiplied the orthogonal matrix decomposed from the plaintext image matrix by the five orthogonal matrices decomposed from the five chaotic sequences 4 .In the process of multiplication, only the orthogonal matrix decomposed from the plaintext image was left multiplied, and compared with using chaotic sequences to control left and right multiplication, randomness was poor.
Based on appeal analysis, we construct a new 5D chaotic system by adding two feedback controllers w and v, and introduce the nonlinear function sin(x) into the system.Theoretical analysis and simulation experiments demonstrated that the system had a relatively large Lyapunov exponent, and generated multiple bands and multiple wings in multiple directions.Therefore, compared with the traditional chaotic system, the proposed system achieved better randomness and complexity.In terms of encryption technology, we use QR decomposition to decompose the plaintext image matrix and chaotic sequence into orthogonal matrices and upper triangular matrices.We multiply the orthogonal matrix decomposed from the original image by the orthogonal matrix decomposed from the chaotic sequence.In this process, we use the chaotic sequence to control left and right multiplication.Compared with Ref. 4 , this algorithm achieved better randomness.Simultaneously, we chaotically rearrange the elements in the upper triangular matrix using the improved Joseph loop and then multiply the two resulting matrices.Through these treatments, the difficulty of exhaustive attacks increases.All attack methods based on explicit plaintext ciphertext mapping, except exhaustive attacks, are ineffective for this method and have high security.

Improved Joseph traversal mapping
Joseph's problem describes n individuals in a circular order.Counting from the first person, the mth person is eliminated repeatedly until only one person remains 24 .
To increase the permutation variables generated by the Joseph traversal map, the Joseph loop is applied with an interval constraint, which makes the generated permutation irregular.The corresponding Joseph traversal map is denoted by f 1 ysf (n, q, m).

New five-dimensional multi-band multi-wing chaotic system
The famous Lorenz system is as follows: Based on system (1), we introduce two controllers w and v , and make w feedback to the original controller x , v feedback to the original controller y , and the original controller y and z feedback to the new controller w .These three operations can make the five controllers of the system interact with each other, which increases the complexity of the relationship.The newly constructed 5D multi-band multi-wing chaotic system is as follows: where a, b, c, d, e, f, g, h, i, j, and k are the control parameters of the system.

Lyapunov exponential spectrum analysis
When the system parameters are a = 10, b = 11, c = 1, d = 31, e = 1, f = 1, g = 11 3 , h = 1, i = 3, j = 1, and k = 9 , the Lyapunov exponent spectrum of the system is as shown in Fig. 1. Figure 1 shows that the maximum Lyapunov exponent of the system is approximately 15, which indicates that the system has good randomness and complexity. (1) (2)  2) is as shown in Fig. 2. The three-dimensional (3D) phase diagram of the multiple bands and multiple wings generated by system (2) is shown in Fig. 3. Figures 2 and 3 clearly show that the chaotic system can generate multiple bands and multiple wings in multiple directions.

Two-dimensional time series diagram
For the system parameters a , and k = 9 , Fig. 4 shows the sequence diagram of x, y, z, w, and v changing with time t.We can clearly observe from Fig. 4 that system (2) is in a chaotic state.

NIST SP800-22 test
We used the National Institute of Standards and Technology (NIST) SP800-22 test to verify that the output sequence of a chaotic system is better than normal pseudo-randomness.NIST SP800-22 has 15 subtests, each of which yields a corresponding P-value, and proves that the chaotic system passes the NIST test when all p-values are greater than 0.01.The results of the tests are listed in Table 1.Clearly, all the P-values in the table are within the desired range, which indicates that the proposed chaotic system has high chaotic performance.

Chaotic decision tree algorithm
Compared with many classic algorithms for detecting chaotic behavior, the chaotic decision tree algorithm is a more convenient and faster algorithm 25,26 .We tested the proposed system on the chaos decision tree algorithm.The output results are presented in Table 2, which indicates that chaotic behavior is inherent in system (2).
Step 2: Iterate system (2) N1 times to avoid the transient influence of the initial value on the system.Continue iterating M × N times to obtain five sequences b1, b2, b3, b4, b5 .The formula for calculating N1 is as follows: where floor(e) is on the largest integer less than e .Because of the poor randomness of the starting value of the chaotic sequence, the value is taken after 200 values of the chaotic sequence.
Step 3: Treat chaotic sequence bj as follows: where bj(g : h) is the sequence of the gth value to the hth value in bj.
Step 4: Input a gray medical image P .Then decompose P into an orthogonal matrix E and an upper triangular matrix R of size M × N using QR decomposition.
Step 5: Decompose chaotic sequences into n orthogonal matrices and n upper triangular matrices through QR decomposition, denoted by E 1 , E 2 ,..., E n .Then, use the chaotic sequence to control whether E i (i = 1,…,n) and E are left multiplied or right multiplied.Denote the resulting matrix by E1 , that is, E1 = E il ...E i1 EE j1 ...E jk , (k + l = n).Step 6: Convert the upper triangular matrix R into a matrix with one row and M × N columns.Input the initial key m, q for the bidirectional Joseph ring.Disturb the elements of R using the bidirectional Joseph ring.Then convert R into an M × N matrix, which is the disturbed matrix denoted by R1.
Step 8: Convert P1 into matrix P2 with one row and M × N columns.Then map each element in P2 to a value between 0 and 255.The mapping formula is as follows: where round(f ) denotes the rounding of f .
Step 9: Convert P2 into a binary number to obtain matrix P2′ .Then convert P2′ into matrix P3 with one row and M × N × 8 columns.www.nature.com/scientificreports/ Step 10: Input the initial key m1, q1 for the bidirectional Joseph ring.Disturb all the elements in P3 using the bidirectional Joseph ring.Convert the disturbed matrix P3 into matrix P4 of size (M × N) × 8.
Step 11: Convert the elements of P4 into decimal numbers and convert the resulting matrix into matrix P5 with one row and M × N columns.
Step 12: Perform a bitwise XOR operation on P5 and b4 .A new sequence P6 is obtained, which converts P6 into matrix P7 of size M × N .P7 is the final encrypted image.
Step 2: Convert P8 into a binary number and enter the key m1, q1 .The binary number is restored using a bidirectional Joseph ring to obtain matrix P9.
Step 3: Convert P9 into a decimal number to obtain matrix P10 .Then reduce P10 to P1 using the following formula: Step 4: Multiply by the inverses of E il , ..., E i1 , E, E j1 , ..., E jk on the left side of P1 to obtain matrix R1.
Step 5: Convert R1 into M × N columns and enter the key m, q .Reduce the M × N columns using a bidirectional Joseph ring to obtain matrix P11.www.nature.com/scientificreports/ Step 6: Convert P11 into a matrix of size M × N , that is, matrix R , and multiply by E and R to obtain the decrypted image P.

Experimental platform
Experiments were conducted on a PC configured with an Intel (R) Core (TM) i5-9400F CPU running at 2.90 GHz with 16 GB memory and a Windows 10 64-bit operating system.The above encryption algorithm was implemented using MATLAB R2014a.www.nature.com/scientificreports/

Experimental results
In the simulation experiment, Baboon, brain CT, chest CT, DR film, and MRI gray images were selected, and their pixels were 256 × 256. Figure 6 shows the original image, ciphertext image, and decrypted image.

Information entropy
Information entropy is an important factor used to evaluate the randomness of encrypted images.The formula for solving information entropy is as follows: where p(n j ) is the probability of n j and K is the total quantity.For grayscale encrypted images, 8 is the maximum theoretical value of information entropy.The information entropy of Baboon, brain CT, chest CT, DR film, and MRI after encryption and the test values from the literature 11,[29][30][31][32][33][34] are shown in Table 3.
The test values for information entropy demonstrated that this algorithm had a good encryption effect.

Key space analysis
The size of the key space is an important factor for the strength of the image encryption algorithm.The initial key of the proposed method is composed of the initial values y 1 = [x 0 ,y 0 ,z 0 ,w 0 ,v 0 ] and system parameters a, b, c, d, e, f, g, h, i, j, and k.The key space of the algorithm is 10 240 .If the key space of an image encryption algorithm is greater than 2 100 , it is safe 27,28 .Because 10 240 is far greater than 2 100 , the proposed method is sufficiently safe.www.nature.com/scientificreports/

Histogram analysis
A histogram reflects the distribution of image pixel values.The flatter the histogram, the more uniform the distribution of pixel values.The histograms of the Baboon, brain CT, chest CT, DR film, and MRI grayscale images are shown in Fig. 7. Figure 7 shows that the histogram distribution of the encrypted image was relatively uniform.

Fixed-point ratio and average change value of the grayscale
The fixed-point ratio is the percentage of pixels whose grayscale value does not change after the image encryption of all pixels.It can be obtained using where g(k, l) = 1, f kl = c kl 0, f kl � = c kl .Table 4 shows the values calculated using formula (9).www.nature.com/scientificreports/ The average grayscale level change value can better evaluate the degree of gray level change of the encrypted image and can be obtained using www.nature.com/scientificreports/Table 5 shows the average change values of the gray level calculated using formula (10).

Sensitivity analysis
Key sensitivity means that a small change in the initial key causes a great change in the ciphertext.In the experiment, classic Baboon and brain CT images were used as examples, as shown in Fig. 8. Figure 8a,g are the original images of Baboon and brain CT, respectively.The ciphertext images encrypted with the initial key y 1 = [0.5, 0.2, 0.7, 0.5, 0.1] are shown in Fig. 8b,h, respectively.The ciphertext images encrypted with the initial key y 2 = [0.5, 0.2, 0.7, 0.5000000000000001, 0.1] are shown in Fig. 8c,i, respectively.Figure 8e,k, respectively, show the misinterpretation diagrams decrypted with y 2 .Figure 8f,l, respectively, show the misinterpretation diagrams decrypted with y 1 .Figure 8 show that the encryption method had good key sensitivity.

Differential analysis
The more sensitive the ciphertext image to the plaintext image, the better the performance of the algorithm against differential attacks.To resist a differential attack, a good cryptosystem should ensure that any tiny modification in the plain-image should cause a significant difference in the cipher-image.The number of pixels change rate (NPCR) and unified average changing intensity (UACI) are typically used for differential attack analysis: where and are two cipher-images whose plaintext has only a C1 C2 different pixel, and D(i, j)is defined as The ideal values of NPCR and UACI are 99.61% and 33.46%, respectively.Table 6 shows a comparative analysis of the test values calculated by formulas (11) and (12), and the literature 5,29,30,33 .
Table 6 shows that the encryption method had good key sensitivity.

Correlation analysis
In this study, 3000 adjacent pixels were randomly selected from the plaintext and ciphertext images of Baboon, brain CT, chest CT, DR film, and MRI.The correlation coefficients of the original image and encrypted image in the horizontal direction, vertical direction, and diagonal direction can be calculated as follows:    www.nature.com/scientificreports/

Complexity comparison
The key space size of this algorithm is 10 240 , and the comparison results with Refs. 5,11,18,21,35,36are shown in Table 9.
Table 10 shows the test values of the variance of the histogram and their comparison test results.From Tables 9 and 10, it can be seen that the algorithm has good encryption performance.

Conclusion
In this study, we constructed a new 5D chaotic system using feedback control.The chaotic system can generate multiple bands and multiple wings in multiple directions, and the maximum Lyapunov exponent is approximately 15. Simultaneously, we applied the 5D multi-band multi-wing chaotic system to the hybrid image encryption algorithm for physical chaos encryption and algebraic encryption, and conducted a numerical simulation experiment on the hybrid encryption system.The experimental results verified the correctness of the encryption method.Therefore, the proposed encryption algorithm has promising potential applications in medical image encryption.

Figure 2 .
Figure 2. Plane phase diagrams: (a) x-y plane phase diagram; (b) x-z plane phase diagram; (c) x-w plane phase diagram; (d) x-v plane phase diagram; (e) y-z plane phase diagram; (f) y-w plane phase diagram; (g) y-v plane phase diagram; (h) z-w plane phase diagram; (i) z-v plane phase diagram; and (j) w-v plane phase diagram.

Figure 3 .
Figure 3. 3D space phase diagrams: (a) x-y-z space phase diagram; (b) x-y-w space phase diagram; (c) x-y-v space phase diagram; (d) y-z-w space phase diagram; (e) y-z-v space phase diagram; and (f) z-w-v space phase diagram.

Figure 4 .
Figure 4. Two-dimensional time series diagrams: (a) t-x two-dimensional time series diagram; (b) t-y twodimensional time series diagram; (c) t-z two-dimensional time series diagram; (d) t-w two-dimensional time series diagram; and (e) t-v two-dimensional time series diagram.

Figure 7 .
Figure 7. Histograms: (a,c,e,g,i) are the histograms of the plaintext images; and (b,d,h,f,j) are the histograms of the encrypted images.

Figure 8 .
Figure 8. Key sensitivity analysis diagrams: (a) and (g) are the original images; (b,c,h,i) are the ciphertext images; and (e,f,k,l) are the misinterpreted ciphertext images.

Figure 9 .Figure 10 .
Figure 9. Correlation diagrams of Baboon: (a,c,e) are the pixel correlation diagrams of the original image in three directions; and (b,d,f) are the pixel correlation diagrams of the encrypted image in three directions.

Table 2 .
Test results and comparative analysis.

Table 3 .
Information entropy test values and comparative analysis.

Table 4 .
Fixed-point ratio test results.

Table 5 .
Average gray level change.