An element-wise generalized singular value decomposition (GSVD) based image encryption algorithm

. The image encryption algorithm aids a secure data transmission. In our proposed method, we use the generalized singular value decomposition (GSVD) as the encryption tool. Here, the secret image will be decomposed with respect to the key and generates the ciphered text. Further, to improve its security, the Arnold transforms and the XOR operation is used respectively. The region-wise applied GSVD reduce the time consumption of the conventional image encryption methods. Here, the GSVD decomposition is element-wise, so, the algorithm is more robust. The generated cipher text is transmitted and the key is generated with the combination of the key used to decompose the secret image pixel in GSVD module, the Arnold transform key and the XOR operator key. In receiver end, the ciphered image is synthesized with the key received in a separate channel. This proposed model is lossless encryption method.


Introduction
For past few decades, we have witnessed the significance of the digital data security. The amount of usage of digital data is increased rapidly in last few years. Even the usage among common people is increased gradually. The social media, the government policies and the advantages in use of digital data played a vital role in the increase of the use of digital data. The usage of digital image and video holds the significant share on the general digital data usage. The important security tool in digital data transmission is encryption. There are many traditional encryption algorithms. They maintained the best efficiency all over the time. But still, we have the demand for new, different, secure, fast and cheap image encryption methods. This demand still drives the researcher's attention towards encryption schemes. The most famous real-time existing encryption scheme is data encryption standard (DES) and advanced encryption standard (AES) [1], [2]. These schemes are based on many rounds of confusion and diffusion algorithms [3]. But, recently, the encryption schemes have many types of classification based on its application, data, technique used for the encryption and so on. Among those methods a familiar method is chaos based encryption schemes [4]. There are many algorithm based on chaotic techniques. There are many reputed authors and papers mentioned the encryption work based on chaotic algorithm.
Efficient image encryption algorithm usually have the uniformly distributed values for cipher image, the correlation among each pixel with other pixel is very less, the key is strong enough to withstand brutal force attack, the cipher image is robust against filtering or manipulation attack, the sensitivity of the key is high and the time consume to encrypt and decrypt are less. In this proposed work, the algorithm convinces all the above mentioned qualities of an efficient image encryption algorithm. In this paper, we compared the proposed method with the following recent papers.
Roayat Ismail Abdelfatah [5] proposed a fast double-chaotic (FDC) image encryption method. In this method initially provides the hash value of the plain image using SHA-512. Followed by that, the hash value is shifted bitwise and performed first round of permutation. In this paper, two rounds of permutations are performed. This paper also registered as good secure and efficient method then pervious methods. The speed of this algorithm is improved by choosing very less number of permutation rounds. Here, the double chaotic pseudo random generator (DCPG) and simple XOR operations are used, to increase the security in spite of reduced number of permutation operation. The DCPG requires three values of control parameters which are shared secret key. The DCPG is just the combination of both tent and Chebyshev chaotic algorithm. Also it is faster than the other previous confusion-diffusion based image encryption method.
Changzhi Yu et al. [6] introduced singular value decomposition (SVD) as an image data encryption tool. That is, here any secret image is decomposed into three different matrixes using the SVD. These decomposed segments are chaotic mapped using logistic-tent-sine system (LTSS). This method has less a very design complexity and consumes less time. It produces pixel wise less correlation ciphered image with high security. This secret image sharing scheme provides identity authentication and compression facility also.
Yanjie Songet el. [7] proposed the key-substitution architecture (KSA) scheme which is used as image encryption algorithm. This paper is mainly overcoming the time consumption and complex design problem in confusion-diffusion based image encryption algorithm. The only one round in any conventional confusion-diffusion based image encryption algorithm, the security is comparatively inadequate and the efficiency is much lesser. This KSA image encryption algorithm (KSA-IEA) has two stages in it encryption operation. The first stage is key scheming and the second stage is substitution in KSA-IEA. This key scheming method generates a ciphered image from a plain image using a chaotic algorithm based on initial key. In substitution the items of the histogram of the outcome of key scheming is scrambled to provide resistance against statistical analysis attacks [12]. The quantitative parameter chose to compare all above mentioned image encryption algorithm performance are referred and adapted from the paper proposed by Mario Preishuber et al. [8].

Generalized Singular Value Decomposition (GSVD)
Let us assume the any matrices be A and B of size m×n and l×n respectively. All elements of A and B

Arnold Transform
The Arnold transform is a direct confusion or scrambling method. The paper [10] explained the characteristics of this method and also, the scope for this transform to be a tool for scrambling or confusion technique. The Arnold transform is usually referred as cat mapping. The generalized Arnold transform method is, 10) Where, a and b are arbitrary constant and N is size of the image or matrix which has to be scrambled. Usually, the key of Arnold transformation method is usually derived from the values a, b and number of iteration. But, in our paper we use a fixed value for a and b, only the number iterations set for scrambling plays as a key for the scrambling. The Arnold and anti-Arnold transform used in our paper is defined as, respectively. Choosing the number of iterations in Arnold transformation have limitations, that is, Arnold transform is periodic. The periodicity differs for all values of N as shown in the below table 1.

XOR Operation
The XOR is a very familiar Boolean operation which performs on binary inputs [11]. This XOR operation [38] is otherwise called as "complementary of equivalence". The XOR function returns 'ture' if values of both the input arguments of the function are different and it returns 'false' if values both the input argument are same. Let us assume a and b as to binary valued variables, then, (a XOR b) XOR b = a (13) This property of the XOR function is used in the bitwise encryption of any data. Here, in this paper, XOR operator is used to encrypt the key which is described clearly in the following section. Following equation explains the operation of XOR function in encryption. Let us assume, the secret message of the same length 'm' to be encrypted, as 'S(i)' and the encryption key bit stream of length 'm' as 'K(i)', then, For from equation (13), Here, C(i) is referred to ciphered data bit stream. Equation (14) is for encryption using key 'K' and equation (15) is for decryption using the same key 'K'.

Encryption process
Let us assume 'A' size (m*n) be the key image and 'B' of size (m*n) be the secret image. Also, let us assume that 'm' is equal to 'n' for all the upcoming experiments for our convenience. The proposed image encryption method includes the three significant tools for the efficient encryption of the secret image. They are 1. GSVD, 2. Arnold mapping, and 3. XOR operation. First, both the key image 'A' and the secret image 'B' are decomposed with respect to each other into two matrix of the size of image and a diagonal matrix for each image A and B separately. But, its pixel resolution of the obtained matrices may be higher than the pixels of secret image. This GSVD decomposition is actually  (1), that is key image, V T AU  and V T BW  . So, the encryption keys and cipher image generation procedure is illustrated in figure 2.
The encryption and key generation of the proposed method is described through the figure 2. Here, the key image is shared commonly to both the encryption and decryption module. Using this key image, A, and secret image, B, are decomposed into five matrix components as discussed in equation (1). In those matrix components each element of 'Wψ' is multiplied with 10^14 and rounded to nearest integer. Then, the sign bit of each element of matrix V and its corresponding matrix 'Wψ' are concatenated to form a bit stream of size approximately equal to 2^24 bits. This key is mentioned as 'key_1'.The matrices A P and B P are obtained as shown in equation (2). By adding these two matrices, we will get a symmetric matrix 'P'. The singular value decomposition (SVD) [40] of matrix 'P' gives, two matrices 'O' and 'Ω'. Both the matrices 'O' and 'Ω' are multiplied with 10^14 and rounded off to nearest integer. The cipher image or encrypted image, CI is obtained by extracting sign bit and seven most significant bits of each element of that modified 'O'. The remaining least significant bits of each element of matrix forms another key 'key_2'. The diagonal matrix 'Ω' is already modified into integers and now converted as a vector matrix. However, the 'key_2' only applied with the Arnold transform with 'AT_Key' rounds (AT_Key chose value less than N with reference to Table 1). This 'AT_Key' is XORed with another self-generated key, i.e., 'E_Key' which gives 'AT_Key1'. Then, this both 'E_Key' and 'AT_Key1' are two keys also send to decryption module.

Decryption Process
Let us assume 'A' size (m*n) be the key image and 'B' of size (m*n) Here, we discuss the reverse process of encryption procedure in section 3.1 to decrypt and synthesis secret image. The decryption module is initially provided with ciphered image, CI, and keys (Key_1, Key_2, Key_3, E_Key and AT_Key_1). Apart from this key image, A is shared to transmitter too. By using the keys, key image, ciphered image is decrypted as illustrated in figure 3. Initially, the keys 'E_Key' and 'AT_Key_1' is utilized to derive the 'AT_Key' which in turn indicates the number of iterations in Arnold transform. To rearrange the 'Key_2' to its actual form, i.e., the LSB of 'O', the inverse Arnold transform for 'AT_Key' times is applied. Then, through a bit level process as described in figure 3, matrix 'O' is formed. Using the secret key, A, a symmetric matrix A P is derived. The 'Key_3' is a vector matrix. Converting it into a diagonal matrix and that is Ω. By using 'O', A P and 'Ω', a symmetric matrix A Q is derived. This A Q matrix is decomposed using SVD to get 'T' matrix. As, explained in figure 3, the 'V' is generated by multiplying 'O', 'Ω' and 'T'. The received 'Key_1' is processed bitwise to separate the sign bits of 'V' and 'Wψ'. The matrices 'Wψ' and transverse of 'V' is multiplied to synthesis secret image, B. this secret image, B, is synthesised without any loss as whole. This happens pixelwise in this whole procedure.

Simulation and Security Analysis
In this section, we present a simulation results and security comparison between other recent image encryption algorithms. Those algorithms compared with proposed method are SVD-IEA [6], FDC-IEA [5] and KSA-IEA [7]. The concern of this simulation and analyses is to evaluate the proposed algorithm with the quantitative methods. The simulation outputs, speed analysis, security against differential & noise attacks, correlation analysis, information entropy, key space and key sensitivity are the factors analysed with some quantitative techniques. Here, the image encryption scheme is performed on the grey-scale images. It scores the satisfactory numbers in the quantitative parameters (which are discussed as follows) [8].
The implementation tool configuration on which the simulation performed is a personal computer with an Intel CORE i7-6500u CPU (runs at 2.50 GHz and 8 GB RAM). The images chose here were greyscale with resolution 512*512.The initial conditions applied for the proposed GSVD based image

Simulation Results
Here, a set of 10 images are used in the simulation process for different set of experiments and result analysis as mentioned in the table 2. For the proposed image encryption scheme general simulation we use four familiar images (grayscale). They are images of lena, cameraman, baboon and airplane. All these images have resolution of about 512*512. The chosen key image is in tagged image file format (tiff or tif). The simulation results show a satisfactory performance on resisting statistical attack. However, the decrypted image obtained from the ciphered image using proposed scheme is lossless. The simulation result images are displayed in the fig. 4, fig. 5, fig. 6, fig. 7 and fig. 8. In the fig. 4, four original images are displayed, Lena, Cameraman, Baboon and Airplane in (a), (b), (c) and (d) respectively. In fig. 5, the ciphered images using proposed encryption scheme on the corresponding original images in fig. 4. The images decrypted from the ciphered images in fig. 5 are displayed in fig.  6 respectively. In fig. 7 (a,b,c,d), the histograms of the original images in fig. 4(a,b,c,d) are displayed respectively. In fig. 8, the histograms of the corresponding ciphered image shown in fig. 5 are displayed. So, the performance of the encryption method is satisfactory for various images. The simulation results find that the histogram of the ciphered image is uniformly distributed which shows the randomness of the values of the encrypted image.

Speed Analysis
The speed analysis refers the execution time of the image encryption scheme. This execution time consumption is an important factor for any image encryption algorithm. Here, we compared our proposed method with few recent works. They are SVD-IEA [6], FDC-IEA [5] and KSA-IEA [7]. Here, to analyse the speed of the image encryption algorithm, we calculated the time consumed by the algorithm to encrypt the colour and grayscale image of size 512*512. For the simulation of the scheme, we used Matlab 2019a software in a computer with the same specification as mentioned in beginning this section. The results are displayed in the table 2. This comparison provides enough evident that the proposed scheme have a satisfactory speed on most cases.

Differential Attack
The image encryption scheme is robust against the differential attack, only if even the small change of value in the secret image produces totally different ciphered image. This property can be analyzed quantitatively using two parameters, they are, the Number of Pixels Change Rate (NPCR) and Unified Average Changing Intensity (UACI). These parameters evaluate the ability of any encryption scheme to resist the differential attack. The NPCR and UACI is defined as follows in equation (16).
Where the  In table 3 and  table 4, the observed values of the NPCR and UACI of the proposed scheme are compared with the four recent methods. Usually, to resist chosen /known plaintext attack, any satisfactory image encryption algorithm should be sensitive to small changes in the plain-image. From the observation, the above mentioned data clearly depicts that the proposed image encryption scheme is very sensitive to the change in plain text.

Correlation Analysis
The correlation analysis is generally observed with very high value in original secret image. Here, the correlation analysis actually means the pixel wise similarity of any image in horizontal, vertical and diagonal direction. It is clearly defined in equation (17).

Key Space and Key Sensitivity
For a good image encryption scheme, the key space size should be atleast 100 2. This is a sufficient value to resist burte-force attack. In our proposed scheme, the key space size is certainly greater than 100 2.
To check the sensitivity of the key of the proposed scheme, a slight change in the value of key is applied to decrypt the image. The result of this simulation is shown in fig. 10

Noise Attack
Any good image encryption algorithm should be very robust against the noise attack. To check the robustness of the proposed scheme against the noise attack, we add the Gaussian noise (with mean as '0' and variance as 0.1) to the cipher-image. Then, the simulation decrypts that "noise added" cipherimage. This simulation results are present in the fig. 10 (c), which proves the ability of the proposed scheme against noise attack. In fig. 10 (d), the simulation results of the effect of 'salt and pepper' noise on the ciphered image before decryption are displayed. The ciphered image is corrupted with the noise density of 0.2. Then, synthesized output image is display in fig. 10 (d). The performance of the scheme is good on both Gaussian and 'salt & pepper' noises.

Conclusion
This work proposes a novel image encryption scheme based on the regional generalized singular value decomposition (GSVD). This method is compared with FDC-IEA, SVD-IEA and KSA-IEA. From the simulation results and discussion on that topic, the performance of the proposed scheme is satisfactory. The proposed scheme avoids the complexities in the conventional confusion-diffusion based methods. So, from the result analyses and comparison tables, the speed of the encryption method, the robustness of the scheme against differential attack (by NPCR and UACI), robustness against noise attack, key space and key sensitivity are performing better than the other methods. The correlation results shows the reliable randomness among the bits of encrypted image. This pixelwise GSVD based image encryption method may provide space for further enhancements in future. The hardware implementation of this algorithm is feasible and is planned is future.