A Novel Image Encryption Scheme Based on PWLCM and Standard Map

In the past decades, considerable attention has been paid to the chaos-based image encryption schemes owing to their characteristics such as extreme sensitivity to initial conditions and parameters, pseudo-randomness, and unpredictability. However, some schemes have been proven to be insecure due to using a single chaotic system. To increase the security, this work proposes a novel image encryption scheme based on the piecewise linear chaotic map (PWLCM) and the standard map. To the best of our knowledge, it is the first chaos-based image encryption scheme combining the PWLCM with the standard map, which adopts permutation-diffusion structure. Unlike the traditional scrambling way, a hierarchical diffusion strategy, which not only changes the pixel position but also modifies the value, is employed in the permutation phase. ,e operation model of row-by-row and column-by-column is further used to enhance the efficiency in the diffusion process. Consequently, a good trade-off efficiency and security can be achieved. Furthermore, the numerical simulations and performance analyses illustrate that the proposed encryption scheme can be used in practical application scenarios requiring lightweight security.


Introduction
With the rapid development of information technologies, the multimedia security has become more important than ever before. Image, as a special multimedia form, is becoming more popular in our daily life because of its intrinsic properties such as more intuitive and vivid than text. However, it would bring privacy problems when it is transmitted in an insecure channel. erefore, it is very urgent to protect the privacy of image. e encryption scheme is one of the methods to protect the image, which transforms the essential contents of a plain image into a noise-like encrypted image. In the past decades, considerable attention has been paid to design chaos-based image encryption schemes since the chaotic map has many excellent characteristics such as extreme sensitivity to initial conditions and parameters and unpredictability of behavior [1]. Many chaos-based image encryption schemes have been proposed by the researchers working in the field of nonlinear dynamic and information security [2,3].
In 1998, Fridrich constructed the first image encryption scheme based the discretized Baker map using permutationdiffusion structure [4]. However, it was found that the encryption scheme can be broken with chosen encrypted image attack [5,6]. To improve Fridrich's work, numerous chaos-based encryption schemes have been proposed.
In particular, the piecewise linear chaotic map (PWLCM), which is efficient to implement in hardware, was used in the encryption schemes presented in [7][8][9][10][11][12]. Peng et al. designed an image encryption scheme based on PWLCM [7] in 2008, which adopts a modulo addition operation to encrypt plain image with the pseudo-random sequence generated by PWLCM. Although it may be easy to implement, the security level is low because of its too simple structure. In 2011, Abdlrudha et al. utilized a nested PWLCM to encrypt plain image based on permutationdiffusion architecture [8]. e proposed image encryption scheme can achieve both low complexity and high level security performance. Later in 2012, Liu et al. described an image encryption scheme with DNA complimentary and chaotic maps [9]. e PWLCM was used to generate the pseudo-random sequences in the row and column scrambling phase. Similarly, Wang et al. also used the sequence generated by PWLCM to encrypt permuted image in diffusion process [10,11]. In 2020, Patro et al. [12] used a crosscoupled PWLCM system to encrypt plain image, which aims to obtain a higher security than using simple chaotic map.
While the one-dimensional chaotic system has low implementation complexity, the multidimensional chaotic system possess more complex behavior [13]. Specifically, the two-dimensional standard map has larger number of control parameters than the one-dimensional PWLCM, which is the reason for designers choosing it. In 2009, Patidar et al. proposed a permutation-diffusion-based image encryption scheme with the standard chaotic system and the logistic map [14]. In 2011, Patidar et al. further proposed an improved image encryption scheme based on the standard map [15]. e operation model of row-by-row and column-by-column was adopted to preliminary permutation, substitution, and main permutation for increasing the speed of the encryption process. Zhang et al. employed the standard map to scramble the pixels of two plain images [16] in 2013. In 2018, Chen et al. proposed an optical hyperspectral image encryption scheme with the standard map and the gyrator transform [17]. e pixels of plain image were scrambled according to the position sequence generated by the improved standard map. Unlike the most common permutation-diffusion architecture, Chen et al. [18] in 2019 suggested a substitution mechanism in the permutation phase via a chaos-based bit-level shuffling method. us, the same security level can be obtained in fewer encryption rounds.
Recently, Ye et al. in 2017 proposed a spatial image encryption scheme based on chaotic map and pixel frequency [19]. e authors creatively designed a weight factor related to the pixel frequency, which aims to produce key streams associated with the plain image and thus resists the chosen plain image attack. However, one can easily test its weak position sensitivity using the given definition formula. Let plain image P be all zeros except for 1 in one position; its pixel frequency value would be the same if we move 1 to another position. Specifically, the pixel frequency is identical to the previous one due to the fact that the pixel value and its frequency are unchanged before and after moving position.
is may give a chance to the attacker breaking their proposed encryption scheme under the condition of round reduced. Moreover, Patro et al. [20] and Samiullah et al. [21] in 2020 presented a plain image-related encryption scheme by using hash function. As a result, for two different plain images, even a bit of difference would have two different hash values. is means that the hash value should be secretly and timely stored and transmitted to the receiver when performing the real-time decryption process. Namely, for an image database having thousands of images, an equal number of hash values must be generated and securely stored and timely transmitted. is would make the proposed scheme impractical for such a real-time application scenario. In fact, how to securely and timely store and transmit secret key is not easy to process in real world. Besides, setting hash value as part of the secret key against, to some extent, Kerckhoffs' principle, which requires the security of the encryption scheme, completely depends on the secret key [22]. Actually, the encryption and decryption keys should be independent of the plain image in a symmetry encryption scheme. Indeed, many schemes cannot achieve the claimed high security and are impractical for the special application scenario due to the facts pointed in [23][24][25]. For instance, the encryption scheme presented in [26] was proposed by Wu et al. in 2018, which adopted the deoxyribonucleic acid (DNA) approach to diffuse image and used a two-dimensional Hénon-Sine map-(2D-HSM-) based permutation. Unfortunately, their proposal was broken by the chosen plain image attack in 2020 [27]. erefore, constructing an encryption scheme which achieves a good trade-off between security and efficiency would be a hard work [28]. Nevertheless, combining the aforementioned analysis, we tentatively propose a novel image encryption scheme based on the PWLCM and the standard map in this study. It is constructed for application scenarios that require lightweight security. Firstly, an external secret key of 256-bit is employed to generate initial states and parameters of the chaotic maps. en, the permutation-diffusion structure is adopted to encrypt plain image. Different from the pixel-by-pixel way in the permutation process, we perform a bit-level circularly shift operation on the pixels of plain image according to the pseudo-random sequence generated by the PWLCM. us, the position and value of the pixel can change simultaneously to enhance the encryption scheme's security. Moreover, the discretized standard map-based permutation method is further employed to improve the security level of the proposed encryption scheme due to its structure of the resembled Feistel network. To help offset efficiency, the operation model of row-by-row and column-by-column is utilized in the diffusion phase to speed up the encryption performance. Furthermore, combining the PWLCM with the standard map, the cryptanalysis complexity of the proposed encryption scheme, which means adding slightly the number of arithmetic operation, will be bigger than only using single chaotic map. us, the cryptanalysis for the former will be more difficult than the latter one [2,29]. e paper contributes the following. (1) Combining the PWLCM (one-dimensional chaotic map) with the standard map (high-dimensional chaotic map) to design encryption scheme, the analysis complexity is increased. (2) A hierarchical diffusion strategy is employed in the standard mapbased permutation phase, which enhances the security. (3) e operation model of row-by-row and column-by-column is adopted in the diffusion process to promote the encryption efficiency. (4) A good trade-off between security and efficiency can be achieved, which indicates that the proposed encryption scheme can be used in real applications requiring lightweight security. e remainder of this paper is structured as follows. Section 2 briefly describes and analyzes the PWLCM and the standard map. Section 3 illustrates the proposed image encryption scheme and the corresponding experimental results. Security analyses are described in Section 4. e paper finishes with concluding remarks.  [30], which is defined by where x n ∈ (0, 1), n ∈ 0, 1, . . . , { }, x 0 is the initial state of PWLCM, and p ∈ (0, 0.5) is the control parameter of the chaotic system. According to the definition of Lyapunov exponent (LE) [31], one can easily get the LE of PWLCM λ � −0.5 ln[p(0.5 − p)]. Clearly, it gets the minimum value λ min � 2 ln 2 > 0 at p � 0.25 which means the PWLCM has chaotic behavior in the whole definition interval (0, 1). e bifurcations of logistic map [31] and PWLCM are depicted in Figure 1. Figure 2 plots the Lyapunov exponent curves of logistic map and the PWLCM with variation control parameters. From the above results, one can learn that the PWLCM has a wider chaotic range and more complex behavior than logistic map. erefore, the PWLCM is more suitable for designing image encryption scheme.

Standard Map.
e standard map is an area-preserving map [4], which is defined by where (x, y) ∈ [0, 2π] × [0, 2π] and K is a positive constant which determines the degree of chaos. One can verify that (0, 0), (π, 0) are two of the fix points of equation (2). On the other hand, the Kolmogorov-Sinai entropy of the standard map is depicted by h ≈ ln(K/2) valid for K > 4 [32]. e phase space of the standard map at K � 0.971635 is shown in Figure 3, which also plots its Lyapunov exponent curves with variation of parameters. From the figure, it is clear that the standard map is chaotic in domain except for periodic or quasiperiodic points. To conclude, the standard map has complex dynamic behavior and good chaotic properties.
us, it can be used for designing image encryption scheme.
For applying equation (2) to permute the image pixels, it is discretized from [0, 2π] × [0, 2π] to a square lattice with a width of N [4]. By substituting where N is the width of the processed image and K ′ is a new positive control parameter. (x i , y i ) and (x i+1 , y i+1 ) represent the positions of the processed image pixel before and after employing the discretized standard map. Figure 4 plots the permutation results using different rounds of the discretized standard map. From the figure, one can learn that more than 3 rounds should be used to obtain enough security. Accordingly, in this paper, we will apply 3 rounds of the discretized standard map to our proposed encryption scheme, which is deferred further discussion to Section 3.

e Encryption Process.
In this section, we give in detail the encryption process of the proposed scheme. Without loss of generality, let P be the plain image with a size of MN � M × N. Note that Key is the external 256-bit secure secret key. To help understand the framework of our proposal, Figure 5 and Algorithm 1 give the flowchart and the pseudo-random code of the proposed image encryption scheme, respectively.

Improved Permutation Process
Step 1. Generating the initial state and the parameter of be the initial states and the parameters used in permutation and diffusion phases. Given a 256-bit secret Key, we calculate two float numbers { }, based on its first two 64-bit streams, respectively. Similarly, two float numbers x (2) 1 , p (2) 1 are generated by the last two 64-bit streams of Key, respectively.
Step 2. Generating the new initial state and parameter of PWLCM: let x 0 1 , p 1 be the new initial state and parameter, respectively. en, compute their values by 1 ) mod 0.5], where the notation [α mod β] denotes the remainder of α upon division by β. Namely, for any two real numbers Step 3. Creating the pseudo-random sequence: iterate PWLCM MN times with x 0 1 , q 1 to obtain sequence x 1 (1 × MN). To avoid the transient effect, we drop the first N 0 iterated values. We then further quantify x 1 to get step 0 (1 × MN) using step 0 � mod(round((|x 1 | − x 1 × 10 15 ), 8) + 1 where round(x) rounds x to the nearest integer and b � mod(a, m) returns the remainder after division of a by m. Finally, step 0 (1 × MN) is reshaped to step(M × N) from top to bottom and left to right.
Step 4. Initializing the permutation process: firstly, the 256-bit external secret key is divided into four parts. More concretely, the first three parts are the same length of 53-bit, and the length of the last part is 44-bit. en, we set each part as the input of i Key i × 2 i , i ∈ 1, 2, . . . { } and get the sum of each result K 0 . e control parameter PSK is obtained by [K 0 mod 1024].

Complexity 3
Finally, initialize the permuted image as P 1 (M × N).
Step 5. Performing the bit-level circularly shift and the pixel-level permutation simultaneously: firstly, we obtain the bit-level circle shift direction dir by using dir � 2 × dir 0 − 1 where dir 0 � [step(i 1 + 1, i 2 + 1) mod 2]. We then perform a bit shift on the plain image's pixel P(i 1 + 1, i 2 + 1) by a shift amount SA � dir × step(i 1 + 1, i 2 + 1). In particular, positive SA shifts toward the end of binary array and negative SA shifts toward the beginning. At the same time, permute circularly shifted pixel to the corresponding position in permuted image P 1 (s 1 + 1, s 2 + 1). Let P � P 1 and iterate above shuffling method iter p times to obtain the final permuted image P 1 .

High-Speed Diffusion Process
Step 6. Getting chaotic sequences: similar to the way in the permutation phase, we first calculate the new initial state and the parameter for PWLCM. After assigning the first two 64-bit streams of Key to float numbers p (1) 2 , x (1) 2 , their decimal values can obtained by the way in Step 1, respectively. In a similar manner, the float numbers p (2) 2 , x (2) 2 are generated by the last two 64-bit streams of Key, respectively. en, we can obtain the new initial state x (0) 2 and the parameter p 2 by 2 ) mod 0.5]. Lastly, we iterate PWLCM (M + N) times to get  Complexity N)) and further generate a row array x r 2 (1 × M) and a column array x c 2 (N × 1).
Step 7. Generating four seed vectors: firstly, we quantify x r 2 , x c 2 to obtain two chaos-based seed vectors key

Complexity
Step 8. Perform the high-speed diffusion process: set i � 1, 2, . . . , M, performing the element-level circularly shift operation on key r by i shift amounts to get r 1 (1 × M). en, we can obtain the row-by-row diffusion encrypted image P 2 using equation (4). Similarly, set j � 1, 2, . . . , M, we utilize circularly shift process on key c by j steps to get a seed vector c 1 (M × 1). en, we get the column-by-column diffusion encrypted image P 3 based on equation (5). Let P 1 � P 3 ; iterate iter d times to get the final diffusion encrypted image P 3 .
where a⊕b returns the bitwise XOR of a and b.
Step 9. Finally, set P � P 3 , performing repeatedly single round encryption process iter times to get the final encrypted image P 3 .

e Decryption
Process. e proposed image encryption scheme belongs to a symmetry cipher algorithm. us, the decryption process for it is simply the inversion of the encryption process. We do not include the steps here to conserve space.

Plain image
External key Improved permutation Step, PSK  (1) Input the plain image P(M × N).
Calculate (s 1 , s 2 ) and a shift amount SA.
ALGORITHM 1: e proposed image encryption scheme. 6 Complexity

Numerical Experimental Results.
is section discusses the numerical experimental results for the proposed image encryption scheme. Our experiments in this paper are performed on a laptop computer equipped with an Intel(R) Core(TM) i7-5500U CPU @ 2.40 GHz, 4 GB memory, and Windows 7 operating system. We adopt Matlab platform to implement the proposed encryption scheme. On the other hand, three plain images (5.1.11.tiff to 5.1.13.tiff) are randomly selected from the USC-SIPI Image Database [33]. e function rand which returns uniformly distributed pseudo-random numbers is utilized to generate Key. For convenience, we set (iter p , iter d , iter) � (3, 1, 2). It is noted that the value of iter should be large enough to maintain the desired security when it comes to the real-world application. After performing the proposed encryption scheme, the obtained experimental results are shown in Figure 6. From the results, the observer cannot obtain any visual information about plain image. e decrypted images are identical to the plain images. Moreover, even if the encrypted image is chosen by any arbitrary way, the receiver can obtain the original image only using the corrective secret key. is indicates that the proposed encryption scheme is effective in the basic sense of symmetry algorithm.

Histogram
Analysis. An image histogram gives the entire intensity value distribution visually in an image [34]. An ideal encryption scheme should be able to generate final encrypted image uniformly distributed. To see this, Figure 7 plots the histograms of plain images 5.1.11.tiff, 5.1.12.tiff, and 5.1.13.tiff, the final encrypted images generated by the proposed encryption scheme, and the corresponding recovered images, respectively. From the figure, one can obviously observe that the histograms of the plain images are statistically significant while the encrypted images are uniformly distributed. us, the histogram will not leak any useful information to attackers.
In addition, the chi-square test [35] is further applied to quantitatively evaluate the uniformity of the histograms. It is mathematically defined by where f v is the frequency of each gray level v ∈ 0, 1, . . . , 255 { } for a 8-bit gray-scale image and M × N is the size of the tested image. With a significance level of 0.05, the theoretical chi-square value is χ 2 0.05 � 293.2478 [35]. A smaller experimental value indicates the more uniform distribution for a specific image histogram. In our proposed test analysis, we randomly selected 6 gray-scale plain images (5.1.09.tiff through 5.1.14.tiff). e corresponding test results are listed in Table 1. Moreover, we also perform the chisquare tests on the scheme presented in [18]. eir test results are also included in Table 1. Based on the mean value and pass rate in the table, we can conclude that proposed encryption scheme provides better performance than the compared algorithm.

Correlation
Analysis. e adjacent pixels in a natural image are strongly correlated. A good image encryption scheme should have a low correlation in different adjacent directions [13]. To evaluate the proposed encryption scheme, we randomly select 5000 pairs of pixels of the encrypted image in the horizontal, vertical, and diagonal directions, respectively. en, the correlation coefficient of each pair, defined in (7), is calculated.
where x and y are the adjacent pixel sequences selected from the different directions, N � 5000 is the size of the selected pixel sequence, and E(x) and D(x) are the mean and the standard deviation of x, respectively. If the selected pixel sequences have low correlation, their coefficient calculated by equation (7) should be close to 0. Otherwise, it will be close to 1 [13]. Figure 8 shows the selected pixel sequence distributions in different directions, and Table 2 lists the calculated results where H, V, and D denote the horizontal, vertical, and diagonal directions, respectively. Besides, we also calculate the correlation coefficients for the encrypted image generated by the encryption scheme presented in [18], and the results are also included in Table 2. While the distributions in plain image are close to diagonal line, the distributions in the encrypted image are randomly scattered. Similarly, the quantitative results in plain image are close to 1 while the resulting values in the encrypted image are close to 0. erefore, both figures and tables show that the plain image has strong relationships but that weakness exists in the encrypted image. Furthermore, in most cases, the proposed encryption scheme outperforms the compared method. From the above analysis, we infer that our proposed encryption scheme can efficiently eliminate the strong correlation of the adjacent pixels.

Information Entropy Analysis.
Information entropy measures the randomness and unpredictability of a random sequence k [36]. It is defined by where P(k i ), i ∈ 0, 1, . . . , 2 L − 1 , denotes the probability of the ith symbol k i . e ideal entropy value for an image with 2 8 gray levels should be 8 [37]. We randomly test 6 plain images (5.1.09.tiff through 5.1.14.tiff) from the USC-SIPI Image Database. e calculated results of the encrypted images generated by the proposed encryption scheme and the method presented in [18] are listed in Table 3. From the mean value results, we deduce that the proposed encryption scheme provides better randomness. Moreover, the local Shannon entropy (LSE) is adopted to evaluate the randomness of an image from local view [38]. It is computed by      10 Complexity where k is the total number of selected nonoverlapping image block S i and T B is noted as the number of pixel in each block.
With the significance level α � 0.05 and the parameters (k, T B ) � (30,1936), the theoretical LSE interval is (7.9019, 7.9030) for a 8-bit image [38]. To see our proposal, Table 4 gives the LSE values for the proposed method and the compared algorithm presented in [18]. It is obvious that the LSE values of the encrypted images obtained by our proposal are in the theoretical interval, and most of the results are bigger than the compared algorithm, which means that the proposed method has better randomness in terms of local view.

Key Space Analysis.
Key space is composed of all possible secret keys. Specifically, the key space of a high security encryption scheme should larger than 2 100 to counter brute   force attack [39]. In our proposed encryption scheme, the key space is generated by a 256 random bit string, which is large enough to satisfy the standard requirement. Moreover, Table 5 lists the key spaces of five schemes. It is clear that the proposed encryption scheme can resist the brute force attack and can be comparable with the methods proposed in [18,[40][41][42].

Key Sensitivity Analysis.
e key sensitivity means that a slight disturbance of the secret key should generate a totally different result in both the encryption and decryption processes [43]. For a strong robust encryption scheme, it should be extremely sensitive to its secret key variations. e two-dimensional correlation coefficient c AB between two random images A, B is adopted to examine the key sensitivity, which is defined as where H × W is the size of the tested image. Generally, the smaller the coefficient value, the lower correlation between two random images [14,44]. In our proposed key sensitivity analysis, we first randomly generate a 256-bit secret Key. To obtain two new keys with only 1-bit difference, which are denoted as Key i (i � 1, 2), respectively, we repeatedly change one bit of Key two times. We then perform the proposed encryption scheme with Key and Key i on the plain image 5.1.13.tiff to get the respective encrypted images C and C i (i � 1, 2). e different cipher images are shown in Figure 9, which also plots the differences |C − C i |(i � 1, 2). As can be seen, the encrypted images generated by the keys with slight difference are completely different. Additionally, we calculate the respective two-dimensional correlation coefficients between C and C i . Table 6 gives the calculated results which are close to 0. Hence, the proposed encryption scheme is sensitive to its secret key in the cipher process.
For the decryption analysis process, we decipher C with Key and K i (i � 1, 2) to obtain the recovered images D and D i , respectively. e different decipher results are shown in Figure 10, which also plots the differences |D − D i |(i � 1, 2). Moreover, the correlation coefficients between D and D i are listed in Table 7. From the figure and table, one can see that the proposed encryption scheme is sensitive to its secret key in the decipher process. Combining the aforementioned encryption key sensitivity analysis, we conclude that the proposed image encryption scheme is extremely sensitive to secret key.

Noise and Data Loss Attack Analysis.
Traditionally, when an encrypted image is transmitted through an unsecure network or stored in physical medias, it is easy to surfer from the noise perturbation or the data loss. So, a strong robust image encryption scheme should have the ability to minimize the bad effect caused by the noise perturbation and the data loss [45]. In our proposed analysis, we adopt peak signal-to-noise ratio (PSNR) to measure the quality of the reconstruction [46,47]. Given a gray-scale image I 1 with size of M × N and its noisy approximation I 2 , it is defined as where MSE denotes the mean square error between I 1 and I 2 .
Typical values for the PSNR in lossy image compression are between 30 dB and 50 dB, provided the bit depth is 8 bits, where the higher is better [48]. We perform the proposed encryption scheme on plain image 5.1.10.tiff to generate the encrypted image. en, we add salt and pepper noises (SPNs) to the encrypted image with 0.01, 0.02, and 0.03 densities, respectively. As a result, Figure 11 plots these noisy results and their recovered images, respectively. As can be seen, the  Table 8 lists the PSNR (in dB) values which indicates that the proposed encryption scheme can resist noise affect. It also shows the results computed by the compared algorithms presented   in [18,[40][41][42]. Clearly, our proposal can be comparable with the recent works. Likewise, the Gaussian white noise with constant mean and different variances is also applied to evaluate the ability of resisting noise attack. e tested results are given in Table 9 which carries out that our proposal can also resist the Gaussian white noise. Similarly, we perform the occlusion attack analysis. Figure 12       16 Complexity cutting resistance. Combining with above noise attack analysis, we infer that the proposed encryption scheme provides resistance against noise and data loss effects.

Differential Attack Analysis.
e differential attack analysis is referred to how tiny change in the plain image can influence the encrypted image. More specifically, the invader can make a slight change in the plain image, and then examine their encryption difference, which aims to get the information about the secret key. erefore, a high-level security encryption scheme should withstand this kind of attack [29,49]. e number of pixels change rate (NPCR) and the unified average changing intensity (UACI), defined in equation (12), are used to numerically evaluate the ability to resist differential attack.
}, are, respectively, two encrypted images whose plain images have only 1-bit difference.
With the significance level α � 0.05, the theoretical NPCR value is 99.5693% for an image of size 256 × 256. For the UACI, its ideal interval is (33.2824%, 33.6447%) [1]. e closer to the theoretical value or interval, the stronger the ability to resist the differential attack.
In the proposed analysis, we randomly choose one pixel in six plain images and change its value by 1-bit to generate changed six plain images. ey are then encrypted by the proposed encryption scheme and the method presented in [18] to obtain the corresponding encrypted images. Finally, the NPCR and UACI values between these results are listed in Table 11. is indicates that the proposed scheme has qualified performance to resist differential attack in the statistical sense.

Chosen Plain Image and Known Plain Image Attack
Analysis. Security against chosen plain image attack means that the attacker cannot tell which of these two possible plain images were encrypted with probability significantly better than random guessing [50]. In the proposed encryption scheme, we adopt a bit-level circularly shift operation on plain image in the permutation phase. As a result, different encrypted images will be generated by a slightly changed plain image. In addition, chaos-based pseudo-random sequences are further employed to diffuse the permuted image. erefore, the proposed encryption scheme could successfully resist the chosen plain image and known plain image attack.

Time Complexity Analysis.
e time complexity measures the amount of time taken by an encryption scheme to run as a function of the size of plain image [51][52][53]. Clearly, the lower the value of running time, the higher the efficiency. However, a complete comparison would be unfair due to the incommensurable difference in terms of the programming skills and the equipment adopted for testing. Nevertheless, in order to evaluate the proposed encryption scheme, Table 12 lists the one round running times on the same platform and the same plain images (5.1.10.tiff (256 × 256), 5.1.08.tiff (512 × 512), and 5.3.01.tiff (1024 × 1024)) for our proposal and the compared algorithms presented in [18,[40][41][42]. On the other hand, one can learn that the computational cost of the proposed encryption scheme is O(MN) with the big-O notation, where M and N represent the size of the plain image in pixels. It is clear that the proposed scheme can be comparable with the existing algorithms.

Randomness of the Encrypted Image Analysis.
In this section, the National Institute of Standards and Technology (NIST) 800.22 statistical test suite is adopted for the randomness test of the encrypted image generated by the proposed encryption scheme. e test results for plain image 5.1.12.tiff are listed in Table 13. Clearly, each P value corresponding to a particular test is bigger than 0.01 [54]. Hence, the acquired encrypted image can pass all the NIST 800.22 statistical tests at the 1% level of significance, which implies that the encrypted image generated by our proposal possesses qualified randomness.

Graphic Autocorrelation Analysis.
Autocorrelation is the correlation of an image with a delayed copy of itself as a function of delay, which is a mathematical tool for finding repeating patterns in signal processing, such as the presence of a periodic signal obscured by noise [55]. us, a secure encryption scheme should generate an encrypted image that presents a flat and uniform graphic autocorrelation to avoid bad effect [53]. Following the way presented in [53], we compute, respectively, the graphic autocorrelations of the plain image 5.1.10.tiff and its encrypted image generated by the proposed encryption scheme, which are graphically shown in Figure 13. As can be seen, the graphic autocorrelation to the plain image shows waves and a cone in the center, while the encrypted image is uniformly distributed and shows no visible pattern.

Encryption Quality Analysis.
Encryption quality is the difference between the frequency of occurrence for each pixel gray level before and after encryption [56], which is defined by where o i (C) and o i (P) are, respectively, the observed occurrence for gray level i in the encrypted image C and L bit plain image P. For L � 8 bit plain image, the maximal value of EQ is (510 × M × N/2 L × 2 L ) where M × N is the size of plain image. us, the closer to the maximal value, the better the encryption quality of the proposed encryption scheme. Table 14 gives the test values for our cipher algorithm and the compared method. It is clear that our proposed encryption scheme has higher cipher quality than the compared method.

Comparison with Existing
Works. e aforementioned analyses demonstrate the performance features of the proposed encryption scheme. However, when it comes to compare with the existing works, it is not easy to make a fair comparison between two encryption schemes because of the adopted test standard and the purpose used in different real scenarios. Nevertheless, we approximately compute some statistical metrics of the encrypted images generated by the proposed encryption scheme and the compared methods presented in [18,[40][41][42]. For fairness, all the encryption schemes are performed on the same plain image with the equipment described in Section 3.3. Finally, the computed results are listed in Tables 15 and 16, which show that the proposed encryption scheme is comparable with the existing works. In more detail, Table 15 gives the coefficients

Conclusion
is paper proposes a novel image encryption scheme based on the PWLCM and the standard map, which adopts the wellknown permutation-diffusion structure. Different from the traditional pixel-level scrambling way, a hierarchical diffusion process, which not only changes the pixel position but also modifies the pixel value, is employed in the permutation phase. In the pixel diffusion process, the row-by-row and column-bycolumn operation model is further applied to enhance efficiency. e simulations and performance analyses imply that the proposed scheme may achieve a better trade-off between security and efficiency than other state-of-the-art encryption schemes. Moreover, the proposed encryption scheme provides a good flexibility since it supports any size of plain gray-scale image or color image. More specifically, when it comes to color image, we first reshape the 3-dimensional plain image to the 2dimensional one from the top to bottom and left to right and then process it with the proposed encryption scheme to generate the final encrypted image. Furthermore, the proposed encryption scheme can achieve more simplicity than other advanced works due to the fact that it only uses the iterative substitution-permutation architecture. In addition, this work can promote the practical application of the nonlinear dynamic system. In the future, to further evaluate the security, we will try to give a rigorously mathematical proof like the conventional cryptography did. On the other hand, to see a higher efficiency, we will implement the proposed encryption scheme using parallel computing.

Data Availability
e data used to support the findings of this study are available from the corresponding author upon request.

Conflicts of Interest
e authors declare that they have no conflicts of interest.