Improved Chaos-Based Cryptosystem for Medical Image Encryption and Decryption

In the medical sector, the digital image is multimedia data that contain secret information. However, designing an efficient secure cryptosystem to protect the confidential images in sharing is a challenge. In this work, we propose an improved chaos-based cryptosystem to encrypt and decrypt rapidly secret medical images. A complex chaos-based PRNG is suggested to generate a highquality key that presents high randomness behaviour, high entropy, and high complexity. An improved architecture is proposed to encrypt the secret image that is based on permutation, substitution, and diffusion properties. In the first step, the image’s pixels are randomly permuted through a matrix generated using the PRNG. Next, pixel’s bits are permuted using an internal condition. After that, the pixels are substituted using two different S-boxes with an internal condition. In the final step, the image is diffused by XORing pixels with the key stream generated by the PRNG in order to acquire an encrypted image. R rounds of encryption can be performed in a loop to increase the complexity. -e cryptosystem is evaluated in depth by his application on several medical images with different types, contents, and sizes. -e obtained simulation results demonstrate that the system enables high-level security and performance. -e information entropy of the encrypted image has achieved an average of 7.9998 which is the most important feature of randomness. -e algorithm can take full advantage of parallelism and pipeline execution in hardware implementation to meet real-time requirements. -e PRNG was tested by NIST 800-22 test suit, which indicates that it is suitable for secure image encryption. It provides a large key space of 2 which resists the brute-force attack. However, the cryptosystem is appropriate for medical image securing.


Introduction
In the medical sector, the digital image is multimedia data that contain secret information. However, designing an effective cryptosystem to protect medical image content is a challenge. Using public or shared digital networks, images are vulnerable to potentially more destructive attacks such as replay or human-based attacks, brute-force, and statistical attack.
e need for effective cryptographic solutions for medical image requires the development of an improved algorithm and implementation. To protect the image against new generations of attacks, encryption solutions should guarantee the confidentiality of the image. Confidentiality is achieved by encryption to make data unintelligible and unusable even if the data is lost or hacked. Among encryption schemes, symmetric encryption is the best cryptographic solution that permits the confidentiality of large volume data. In this innovative idea, chaos is an effective axis of modern cryptography challenging existing traditional symmetric encryption systems like the Advanced Encryption System (AES) [1]. Chaos systems have many significant advantages such as highly sensitive to initial conditions, deterministic random numbers, ergodicity, structure complexity, large key space, flexibility, and large periodicity.
Unlike asymmetric encryption, symmetric encryption has several modes of operation. Since 2001, five modes have been recommended by NIST which are ECB, CBC, OFB, CTS, and CTR. Among these, the CTR mode of encryption is commonly used in high-speed networks thanks to its high performance. e CTR architecture can take full advantage of parallel and pipelining execution and can achieve a highlevel performance using reasonable hardware resources.
After this innovative idea was investigated, many researchers turned to design chaos-based symmetric cryptosystem algorithms for ordinary and medical image encryption. is is using different types of chaotic models such as the Lorenz and Chen system, skew tent map, and logistic map [2,3]. Jeevitha [4] presented a cryptosystem algorithm for medical image encryption. In the first step, the medical image was decomposed into some planes using discrete wavelet transform. Edge maps were generated with the same or different thresholds from the original image and the binary images of equal size considered as with the original planes. en, the XOR diffusion between the edge maps and the planes was carried out. Next, the positions of the obtained plane at the last step were scrambled. Finally, planes were combined to form the encrypted image. Jizhao [5] put forward a simple cryptosystem algorithm for medical image protection. A PRNG based on a four-dimensional chaotic system was proposed to generate the key. e original medical image was encrypted using a diffusionconfusion as architecture. e confusion property was done by a simple substitution S-box. However, the diffusion property was obtained by XORing the image pixel with a key stream. Tsafack et al. [6] presented an image encryption system based on a simple chaotic system. To generate the encryption key, an electronic circuit based on a dynamical four-dimensional chaotic system is designed.
is implementation mainly increases the execution time. For image encryption, a simple confusion and diffusion architecture was designed. Firstly, the substitution S-box and a key stream were produced by utilizing the PRNG. en, the image's pixels were substituted using the S-box. Finally, the result pixels were XORed by the key stream in order to obtain the encrypted image. eir proposed cryptosystem was tested on some medical images. Xingyuan [7] proposed a chaos-based cryptosystem for colour image encryption. Firstly, the image was divided into four blocks. en, the blocks were scrambled by employing Arnold's chaotic map. Next, the image's blocks were diffused by a combination method between the Boolean network and semitensor products. Finally, the blocks were combined to form the encrypted image. Yasir et al. [8] suggested an image cryptosystem based on confusion and compression. Firstly, the simple lossless Lempel-Ziv-Welch (LZW) data compression algorithm was used to compress the original image. en, the Chebyshev chaotic map was used to select an S-box from a collection of 40,320 available S-boxes. Finally, the compressed image was encrypted by substituting the pixels with the selected S-box. Using only a confusion process to encrypt the secret image is not secure against attacks. Huijuan [9] proposed a simple cryptosystem algorithm for image encryption. A PRNG based on the two-dimensional logistic-adjusted sine map was designed for encryption key generation. Two mechanisms were used for orbit perturbation and dynamic state variable selection. eir proposed image encryption algorithm includes a permutation and a XOR diffusion procedure. Hongjun [10] put forward an image cryptosystem based on DNA sequence and two chaotic maps. e scheme is symmetric and they adopt a confusion-diffusion as encryption architecture. e initial parameters of chaos maps are generated using the MD5 hash.
e image was confused using PWLCM map and confused using DNA and Chebyshev map. Zhou [11] suggested an image cryptosystem based on a combination between the 3D orthogonal Latin squares (3D-OLSs) and a matching matrix. Firstly, the 3D sine map was used to generate three chaotic sequences. Next, a 3D orthogonal Latin square and a matching matrix were produced by using the chaotic sequences. en, the 3D-OLSs and the matching matrix were jointly used to permute the original image. After that, all planes of the permuted matrix were divided into sixteen blocks of the same size. e chaotic sequence was sorted and a position matrix was generated. According to the position matrix, the blocks of each plane were linked and shifted by using a cyclic shift operation, and then, a new matrix was generated. Finally, the encrypted image was generated by executing a diffusion operation for the new matrix. Zhang [12] proposed a simple cryptosystem algorithm for image encryption. In designing, he has used transformation, permutation, and XOR diffusion as encryption architecture. e transformation was obtained by employing the discrete wavelet transform of the image. e permutation was carried out by substitution S-box. However, the diffusion property was obtained by scrambling the image's pixels with a key stream that was generated by a simple PRNG based on the PWLCM chaotic map. In the substitution step, Yong adopts the S-box of the AES standard, which was not a secure substitution method because the S-box of AES was not dynamic. e challenge is that traditionally, key generation, encryption, authentication, and integrity have been complex and computationally costly to execute while keeping in mind the issue related to the security level. All mentioned image cryptosystems have many weaknesses. It is sequential, too long in design and calculation, which greatly increases the execution time. In this work, we propose an improved chaos-based symmetric cryptosystem for fast image encryption and decryption. e goal is to achieve high-level security and high performance with low computational complexity and reasonable resources. Our contribution is as follows: (i) Design of improved chaos-based PRNG with the goal to enlarge the key space, increase the entropy, randomness, and complexity, and avoid the key's sequence relationship and determinism. is permits the generating of high-quality key streams with high randomness behaviour, unpredictability, and complexity. (ii) Design of fast and secure encryption and decryption architecture based on permutation, substitution, and diffusion properties. is permits enhancing the randomness and decreasing the correlation. e goal is to achieve a high-level performance with low computational cost and with reasonable resources. (iii) Undertake in-depth experimental measurements for medical images with different type, content, and size to evaluate the strength of the proposed cryptosystem against the new generation of attacks. (iv) Undertake an evaluation study of the performance of the execution and compare the result with other recent works.
is paper is planned in four parts as follows: in Section 2, the proposed image cryptosystem algorithm is described.
e simulation, analysis, evaluation, and validation of the proposed algorithm are given in Section 3. Section 4 concludes the work.

Proposed Cryptosystem Algorithm
e symmetric cryptographic scheme is the best solution to encrypt and decrypt large volume data. e proposed cryptosystem algorithm is a symmetric scheme based on confusion and diffusion properties. To generate a highquality key, a complex chaos-based PRNG is suggested. e general view of the proposed cryptosystem is depicted in Figure 1.

Pseudorandom Number Generator.
PRNGs are used to generate key useful for encryption. e proposed PRNG is a chaos-based key generator. A complex PRNG architecture is designed with the goal to increase the key complexity, entropy, randomness, sensitivity, and key space and to avoid determinism, correlation, and key dependence. e proposed PRNG is illustrated in Figure 2. It includes three data processing blocks: a dynamical state generator (DSG), a complex chaotic design (CCD), and a convertor block.
ree different chaotic systems are employed in designing to enhance the complexity of the key. e chaotic systems are maintained in parallel. is permits generating many key streams at a time that enlarge the key length and the key space. e PRNG requires a 256-bit external secret key to initialize the underlying system (equation (1)). is secret key is used to generate the initial state of the PRNG. However, the use of the same initial key permits always obtaining the same random number sequence. To avoid transient effects, key sequence relationship, dependence, and determinism, a random state generator is attached to the complex chaotic design to perturb the underlying system dynamically. However, the PRNG exhibits complex chaotic behaviour. It depends not only on the initial key but also on intermediate random states.
is permits to increase the complexity of the key against attacks.
Ki � k 1 |k 2 |k 3 | · · · |k 32 . (1) After random values generation by the chaotic design, the convertor block is used that permits modulating the generated values into 32-bit numbers (equation (2)). As a result, a sequence of independent numbers PRNS is obtained and its properties are statistically independent, uniformly distributed, and unpredictable. In addition, the proposed PRNG depends not only on the initial secret key but also on internal random states generated dynamically: PRNS � n i × 10 12 mod 2 32 .
(2) e used chaotic systems are the Henon map, 2D logistic map in a complex set, and the Baker map. eir mathematical models are described in equations (3)-(5), respectively: e Henon map has a state of two variables (x, y), and a and b are the system parameters. It exhibits chaotic behaviour for certain parameter values and initial conditions. When a � 1.4 and b � 0.3, the system has chaotic behaviour [13]. e initial state (x 0 , y 0 ) of the Henon map is derived from the initial key ki:  Scientific Programming e 2D logistic map in a complex set has a state of two variables (x, y) and one parameter λ. For λ ϵ [0, 4], the system has chaotic behaviour [14]. e initial state (x 0 , y 0 ) of the 2D logistic map is derived from the initial key ki: , py n , e Baker map has a state of two variables (x, y) and one parameter p. For p � 0.5, the system has chaotic behaviour [15]. e initial state (x 0 , y 0 ) of the Baker map is derived from the initial key ki.

Encryption Phase.
A symmetric scheme is adopted for image encryption. e cryptosystem uses the Secure Hash Algorithm (SHA-256) to generate a unique 256-bit hash value fully related to the secret image I as follows: e image's hash value is considered as the initial secret key of the cryptosystem that is named ki. is key is used to initialize the PRNG. An improved PRNG-based symmetric scheme is designed to encrypt the secret image. e general architecture is depicted in Figure 3. Both confusion and diffusion properties are employed in encryption architecture. e confusion property is obtained by pixel permutation and substitution. However, the diffusion property is obtained by XORing the image's pixels with a key stream. Data encryption steps are as follows:  Figure 4 illustrates the process.
(1) If the position of the pixel is pair, then the pixel's bits are permuted by cycling right shift of 2 bits: (iii) Step 3: random permutation of the pixel's position. Here, a permutation matrix (PM) of size M × N is generated using the PRNG. e matrix contains random indices that to be followed to permute the position of the image's pixels. e principle to generate the matrix PM is illustrated in Figure 5. Firstly, the PRNG is iterated to produce a sequence of M × N random numbers. en, the numbers are sorted in ascending order, while keeping the index of each random number. Next, reshape the sequence of indices into M × N cases to obtain the MP matrix. Finally, the image's pixels are permuted according to the indices in the PM.
is process is detailed for 4 × 4 pixels in Figure 6.
(2) If the position of the pixel is impair, then the pixel's bits are permuted by cycling left shift of 2 bits: (iv) Step 4: image's pixels substitution using two different S-boxes. Here, two S-boxes are generated using the PRNG. e same idea used for PM generation is used again for the generation of S-boxes. However, the PRNG is iterated 256 + 256 times in order to generate two streams of 256 pseudorandom 8-bit numbers N1 and N2, respectively. e pseudorandom numbers are used to create two different S-boxes. Figure 7 illustrates the process.
(v) Afterward, an internal condition is used for block's pixel permutation that permits utilizing the S-box1 or the S-box2 according to the permuted pixel obtained at the last step: (3) If the position of the permuted pixel is pair, then the pixel is substituted by the state of the S-box1: (4) If the position of the permuted pixel is impair, then the pixel is substituted by the state of the S-box2: (vi) e S-box is a 256-case substitution table. Let I be an 8bit coded image per pixel, X and Y are binary numbers obtained from the pixel of the image as follows: (vii) Each pixel of the image block is substituted by the state of the table which corresponds to the intersection of X with Y. Table 1 shows an example of S-box. Let us take an example: I ij � (134) 10 � (10000110) 2 , so X � 0110 and Y � 1000; the value of the image pixel is substituted by the value of the state S. (viii) Step 5: pixels XOR diffusion with a key stream. us, e PRNG is iterated again for N × M times in order to generate a key stream PRNS. N and M are the image's dimensions. en, the obtained image in the last step is diffused by XORing the pixels with the PRNS. Following this process, an intermediate encrypted image (IEI) is obtained as follows: (ix) Step 6: repeat all last steps R rounds in order to produce the final encrypted image.

Decryption Phase.
After the encryption step, the encrypted image can be stored or transmitted to a well-defined destination using an insecure network (diffusion step). At the reception, the image must be processed by the decryption system to find the plain image. e decryption system is an inverse algorithm of the encryption algorithm.
In the substitution step, inverse S-boxes are used. Table 2 shows the inverse S-box of the S-box presented in Table 1.

Experimental Results and Interpretation
In this section, a thorough assessment of the proposed cryptosystem is detailed. Several indicators are used, which are the most used in the image cryptography community. Using the proposed cryptosystem, we can perform R rounds of encryption to improve the complexity of the encrypted image against hackers. However, we evaluate the cryptosystem with only one round of encryption. Several ordinary and medical images with different types, contents, and sizes are used for the test. For ordinary colour images, we use the standard Lena, peppers, and baboon images of size 512 × 512 × 3 ( Figure 8). For medical images, height different types of images are selected that are illustrated in Figure 9: medical image obtained by magnetic resonance device (MRI), 3D scanner, X-ray, radiography, endoscopy, computerized tomography (CT) scan, and ultrasound device. Simulation results and performance analysis for the selected images are given in this section. is part includes qualitative analysis of encrypted images, statistical analysis, noise and data loss analysis, key analysis, and algorithm performance analysis.
From Table 3, the PSNR value of encrypted images is lower than 8 dB, and the SSIM value is close to 0. is indicates that the encrypted image produced by the proposed cryptosystem has a very poor quality. As a result, it is very difficult to predict the plain image from the encrypted one.

Statistical Analysis.
e statistical analysis of the plain and encrypted image includes the analysis of histogram, entropy, two-dimensional normalized correlation (NC), and the correlation coefficient (ρ) [19][20][21].

Histogram Analysis.
e image histogram is a twodimensional statistical curve showing the distribution of gray scales according to their values. Figure 10 shows the original images and their corresponding encrypted images, and histograms of the original images and their corresponding encrypted images.

Global and Local Shannon Entropy Analysis.
Shannon entropy is a measure of the degree of randomness associated with an image. It is defined as follows: e global Shannon entropy is measured by applying equation (16) to the whole image. is way fails to measure the real degree of randomness of an image. It has many weaknesses such as unfair random comparisons between images of different sizes, the inability to discern the   Scientific Programming randomness of images before and after image encrypting, and possible inaccurate scores for the synthesized images. However, it cannot be used for universal measures of randomness. To overcome this problem, local Shannon should be applied. e local entropy is measured by computing the mean of global Shannon entropies over all the nonoverlapping blocks of size 1936 pixels in the image [3]. Table 5 introduces the simulation results of global and local Shannon entropy found for each image.
Analysing the results, the encrypted image's global entropy value is highly close to the ideal value 8 and the mean of local entropy is very important. is indicates that the pixels of the encrypted image are random. As a consequence, the proposed system is safe against entropy and statistical attacks. Table 6 introduces a comparative study of image entropy with several other recent works.
e proposed system gives the best result.

Correlation Coefficient Analysis.
e ρ tool computes the correlation coefficient in the horizontal, vertical, and diagonal directions of an image. Let x and y two grayscale values of two adjacent pixels in the image, and the correlation of the adjacent pixels is computed using equation (14): where E(x) is the expectation of x, D(x) is the estimation of the variance in x, and cov(x, y) is the estimation of the covariance between x and y. Table 7 shows that the correlation coefficient of the original images is close to 1, while the encrypted images are close to zeros. is indicates that the original image's pixels are correlated, unlike the encrypted image's pixels are not correlated. Figure 11 shows the distributions of 3000 pairs of randomly selected adjacent pixels of the original image Lena in the horizontal, vertical, and diagonal directions, respectively. Also, Figure 12 presents the distribution of pixels of the original medical image ankle. Figure 13 shows the distributions of 2000 pairs of randomly selected adjacent pixels of the encrypted Lena image in the horizontal, vertical, and diagonal directions, respectively. Also, Figure 14 presents the distribution of pixels of the encrypted medical image ankle. We note that the distribution of the pixels of the plain image is consistent, unlike the encrypted image is inconsistent. is indicates that the encrypted image's pixels are not correlated. As a result, we cannot predict any information using a statistical correlation between the encrypted image pixels that permits recovering of the original image.

Noise and Data Loss Analysis.
Using digital networks for transmission, image is vulnerable to several types of noise and loss. However, having any noise or loss in the encrypted image can result in difficulty to recover the clear image using the decryption algorithm. Noise and loss refer to random errors in pixels values of the image acquired during image transmission. A good cryptosystem algorithm should recover the plain image when the encrypted image was affected by any treatment. In this part, we evaluate the robustness of the proposed cryptosystem against Gaussian white noise and "salt and pepper" data loss. Firstly, we produce an encrypted image using the encryption system. en, we attack it with an attack which results in a modified encrypted image. Afterward, we try decrypting the modified encrypted image by the decryption system. Finally, we evaluate the decrypted image using the NC, PSNR, and SSIM tools where the original image is the reference [23][24][25][26][27]. e selected attacks are the most common and have been used with different intensities to properly test the robustness of the algorithm. Salt and pepper noise is added to an image by the addition of both random on and off pixels, i.e., random bright with a pixel value of 255 and random dark with 0 pixel value, all over the image. Table 8  Following the obtained results, the proposed algorithm proves its performance to a certain extent. is is due to the main feature that our algorithm does not allow any propagation error.

Known-Plaintext and Chosen-Plaintext Attack Analysis.
In the proposed algorithm, the diffusion process is performed by the XOR operation. us, it is very essential to evaluate its robustness against the chosen-plaintext attack.
is type of attack uses the encrypted image with arbitrary plaintext data to crack the cryptosystem algorithm. According to reference [28], if equation (15) is determined, the algorithm will be vulnerable to chosen-plaintext attacks. Otherwise, the algorithm resists chosen-plaintext attacks:         Figure 17 shows that the XOR of encrypted image and clear image is not equal, i.e., the proposed cryptosystem algorithm resists chosen-plaintext attack.
In general, an attacker uses whole black or whole white images to find out the possible patterns in the cryptosystem algorithm. However, the whole white and whole black images of 512 × 512 × 3 size are encrypted by the proposed algorithm. Figure 18 presents the encrypted images and no pattern can be perceptible. e entropy value of images is selfsame as other encrypted images and correlation coefficients are highly close to zeros. Table 10 shows the result simulation of global and local image entropy and correlation coefficient.

Key Analysis.
e analysis of the key includes the key space, key sensitivity, and randomness analysis test to evaluate the strength of the cryptosystem against brute-force and differential hackers.

Key Space.
e key space of a safety encryption scheme should be very large to resist the brute-force attack. e designed PRNG has six outputs each with 32bit length.
us, there is a 2 3×64 � 2 192 possible key. Following reference [29], the key brute-force attacks are computationally infeasible. Table 11 gives a comparative study of the key space with other recent encryption algorithms.    e PRNG should be sensitive to a small change in the initial key ki. Exactly, a change of 1 bit in ki will cause a considerably significant change in the encrypted image. e sensitivity test is applied at the encryption phase, as much as at the decryption phase. e sensitivity test can be achieved using the NPCR and UACI tests to assess the robustness of the encrypted image against differential hackers [30]. NPCR and UACI are described as follows:

Scientific Programming
where S is the size of the image and D(i, j) is a logical value affected by the following cases: d is the difference between two pixels on the image with the same coordinates: Encryption Phase: in this phase, a change of one bit in ki must provide a considerable change in the encrypted image. For the test, let us consider two initial secret keys ki1 and ki2, where ki2 is different by one bit from ki1: erefore, we encrypt the same Lena image using the ki1 and the ki2, respectively. Figures 19(a) and 19(b) show the result images of each key, respectively. Figure 19(c) shows the difference between image Figures 19(a) and 19(b). Table 12 gives the simulation results of the NPCR and UACI values found between the two encrypted images.
Like the aforementioned results, NPCR and UACI percentages are important. In addition, the NC coefficient is very weak; i.e., the images are dissimilar. We conclude that the proposed cryptosystem is highly sensitive to a one-bit change in the given initial key.
Decryption Phase: at the decryption step, a change of one bit in ki must provide a considerable change in the decrypted image. For the test, ki1 is used to decrypt the image in Figure 15(b); i.e., we try to decrypt an encrypted image by a wrong key which is different by one bit from the right key. Figure 20 shows the result decrypted image. e NC value between the original and the image in Figure 20 is close to zero, NC � −0.0037. is indicates that the recovered image and the original image are completely different and have not a relationship. As a consequence, it is impossible to recover the original image using the wrong key which is different by one bit from the right key.

NIST 800-22 Test.
e analysis of the randomness of a key stream can be achieved using the NIST 800-22 test. e test is useful to test random and pseudorandom number generators to determine whether or not a PRNG is appropriate for data encryption [31]. e analysis contains 15 tests that assess key streams to meet important necessities. It focuses on different nonrandom aspects that can be found in a key sequence.
e test results of a sequence of 262400 bytes generated by the proposed PRNG-CTR are shown in Table 13. e sequence passes successfully all parts of the test. is demonstrates that the generated pseudorandom numbers have good statistical properties: unpredictable, random, independent, and uniformly distributed.
3.6. Cryptosystem Performance and Discussion. In real-time image processing, the execution time is a major constraint. In a software implementation, the speed of execution mainly depends on CPU performance. e proposed algorithm is implemented using the Matlab R2017a software running on a personal computer with CPU Intel Core i7-3770 3.4 GHz frequency. We can use the approximate equations (19) and (20) to compute the speed (S) and the number of cycles per byte (CpB) taken by an encryption algorithm running on a specific processor [32]: where DS is the data size, T is the time taken to execute the algorithm on a CPU, and CpS is the CPU frequency. e proposed cryptosystem executes four processes in each encryption round: pixel's bit permutation, random permutation of pixel's position, S-box substitution of pixels, and XOR diffusion. However, it uses two permutation processes, one substitution process, and one diffusion process. Each process takes a time that to be executed. In Table 14, we have introduced the time taken by each process to encrypt the colour Lena image of size 512 × 512 × 3 that presents 786432 megabytes of volume. Analysing the results, we note that the permutation process takes more time than substitution, while the XOR diffusion takes less time. e XOR process is a simple operation that can be done in parallel and pipeline processing. We suggest comparing our work to the works presented in reference [5-7, 10, 11]. To properly compare the systems, we introduce the comparison Table 15 that remembers the time taken by an encryption algorithm according to the number of processes. From reference [7,10], the designers employ only the XOR diffusion process. However, it is logical that their cryptosystems take less execution time than other more complex architecture, but their algorithms cannot permit secure encryption according to the Shannon theory [33]. From reference   [5,11], the designers employ a permutation and a XOR diffusion process. According to the architecture complexity of the permutation, the proposed permutation process takes less time than their algorithms. Completing with reference [6], the designer employs two processes: a substitution and XOR diffusion. e proposed substitution algorithm takes less time than this algorithm.
In the proposed algorithm, the permutation, substitution, and diffusion are not complex that can be done with reasonable resources and low computational cost. In addition, they are independent that can be performed in parallel execution. is reduces significantly the execution time. e proposed scheme provides high-level security with high performance and reasonable resources.  Figure 19: Key sensitivity test applied at the encryption phase.

Conclusion
In this work, we have proposed an improved chaos-based symmetric cryptosystem for medical image encryption and decryption. e SHA-256 is used to generate a 256-bit key of the cryptosystem. A complex chaos-based PRNG is designed to generate a high-quality encryption key. e generated key presents high randomness behaviour, high entropy, and high complexity. Improved architecture based on confusion and diffusion property is proposed for image encryption. e image undergoes a processing cycle of four operations in order to produce the encrypted image: random permutation of the position of pixels, position permutation of pixel's bits, S-box pixels substitution, and XOR diffusion. R rounds of encryption can be performed in a loop to enjoy a high-level performance. In-depth measurements are taken with several medical images to assess the strength of the proposed cryptosystem against the most known attacks. e results demonstrate that the algorithm offers high performance and enhanced security with low computational complexity. e obtained image entropy is equal to 8 which is an important measure of randomness. e NIST test indicates that the proposed PRNG is appropriate for secure image encryption. In addition, the architecture is easily parallelizable to speed up execution and meet real-time application requirements. e comparative study with recent work indicates that the proposed algorithm provides the best performance. However, it is extremely adapted to protect and authenticate images, which can be used in several domains.

Data Availability
e data used to support the findings of this study are included within the article.

Conflicts of Interest
e authors declare that they have no conflicts of interest.