A partial image encryption scheme based on DWT and texture segmentation

Abstract nowadays, image encryption is an interesting research area due to the rapid growth of communication technologies and the increasing demands for safeguarding the privacy of the transmitted images as unencrypted images are vulnerable to interception. Partial encryption is used to overcome the challenge of encryption the large size of digital images, due to the large computational overhead and long processing time needed. In this research, one level Discrete Wavelet Transform is applied to a colored image to divide the image to four sub-bands; then a texture segmentation using a Gabor filter and K-means clustering is applied to lowest frequency band. To achieve that, the texture segmentation is used as a new method for scrambling the image based on the features of another image. Finally, the scrambled segments of the image are encrypted using interchanged AES and RC4 Algorithms. Each one of the image pixels is then XORed using one of the two algorithms and the key of the other algorithm. The proposed work is evaluated using several security and performance analysis tests. The results show that the proposed work is resistant agents many kinds of attack and promising in real-time image transmission and encryption.


PUBLIC INTEREST STATEMENT
Digital images like military and medical images are considered sensitive information, thus the need to secure the images data during transmission to protect against intrusion. In order to reduce communication overhead and transmission time, only the significant portions of the images data is protected by encryption. In this article, the image is divided into four parts, and then only the part that contains the most distinguishable information of the original image is segmented in an irregular manner; these segments are then scrambled. Two different encryption algorithms are then used interchangeably to encrypt the resultant scrambled image data. Several security and performance analysis are used to test the resistance of the proposed method against malicious acts. The study results show that the proposed method has good security and is suitable for real-time transmission.

Introduction
The vast development of cyberspace and multimedia communication today; emerges a vital role to image data in many aspects of human life like military, commercial, industrial and telemedicine applications. This arise a critical need to protect confidential image data from malicious and unauthorized access through encryption. Large amount of research work on image encryption has been carried out in the past years (Pardhu, 2015;Sajasi & Moghadam, 2015;Sreelajaa & Vijayalakshmi Paib, 2012;Ying-Qian & Xing-Yuan, 2015). The huge volume of an image makes its transformation costly in terms of time, processing power. Recent research work overcomes this problem by encrypting only the significant part of the image information using partial encryption (Abdmouleh et al., 2017;Asaad et al., 2017;Ayoup et al., 2015;Elkady et al., 2016;Jawad & Sulong, 2015;Lian & Chen, 2013;Parameshachari & Soyjaudah, 2012;Rao et al., 2006;Somna & Senb, 2013;Yuen & Wong, 2011).
Discrete wavelet transform (DWT) is widely used in recent studies for partial image encryption. Akram et al. (Belazi et al., 2015) propose a method to encrypt images by decomposing the image into blocks then blocks are permutated by using cat chaotic map. DWT is applied to each block and AES S-box is applied on the approximate part of the DWT output. Finally, logistic chaotic map is used to permute the data in each block. The proposed method has several stages of permutation using chaotic maps to increase the security of the system. Xiangjun et al. (Wu et al., 2016) uses a six-dimensional (6D) hyper-chaotic system and a 2D DWT to implement a lossless encryption algorithm for color images. The key stream is generated based on the plain text and the hyperchaotic system. The proposed approach uses the 2D DWT to partition the input image into four sub-bands; then the key stream is used to permute these sub-bands. A constant factor is then used to decrease their size. The four encrypted image sub-bands is then reconstructed to an intermediate image by using the 2D inverse DWT. Finally, the intermediate image pixel values are further modified by using another key stream. A chaotic map algorithm with 6D is used to increase the key space; and as a result the security of the chaotic map is increased. Oussama et al. (Benrhouma et al., 2015) proposed a cumulated water marking and partial encryption scheme using DWT. In this scheme the approximation coefficient resulted from DWT, which holds most of the image information, is encrypted using chaotic map and then obscured on detailed coefficients of the transformed image.
In the last two decades, chaotic based systems are widely used for image encryption due to their high speed, randomness and unpredictability. On the other hand, recent cryptanalytic studies on chaotic systems reports substantial security flaws (M. C. Li et al., 2018;Liu et al., 2017;Okaynak, 2018;Zhu & Sun, 2018).
According to www.eetimes.com, the Advanced Encryption Standard (AES) algorithm is regarded the most secure encryption today, where brute force attack requires 10 18 years to break AES-128 (Sunil et al., 2020).
The aim of this work is to build a robust image encryption scheme that is suitable for real-time applications. To achieve this goal the robust AES algorithm is chosen, together with the fast RC4. To optimize for large images size a partial image encryption is implemented by encrypting the scrambled approximate image obtained from discrete wavelet transformation. The scrambling is done after using Gabor filter and k-means clustering for texture segmentation to partition the image into a number of segments. The shape and size of the segments are identified depending on the image features which are extracted by using a Gabor filter.
The rest of the paper is organized as follows: methodology is summarized in section 2; proposed method is explained in section 3; experimental results and analysis is shown in section 4 and finally section 5 presents the conclusion.

Discrete Wavelet Transform
Discrete Wavelet Transform is a sub-band coding of the image, where an image is partitioned into a set of band-limited components, called sub-bands. The partition is performed so that the sub-bands can be used to reconstitute the original image without error (Lian & Chen, 2013). The two dimensional DWT is a one dimensional analysis of a two-dimensional signal. The original M × N pixel image is first passed through low pass and high pass filters with down sampling the rows by two to obtain two images. Next, each of the images is passed to low pass and high pass filters with down sampling the columns by two, to get four images as shown in Figure 1, the size of these new images is M/2 × N/2, i.e. the new size of each image is ¼ of the original image size as shown in Figure 2.
The four sub-bands images are named LL, LH, HL and HH according to the type of the filter (lowpass or high-pass) and its direction (horizontal or vertical), where LH image take its name from applying the low-pass filter in horizontal direction and high-pass filter in vertical direction. The HH image is unintelligible as it contains only high frequency information. The HL image contains the vertical features of the edge; while the LH contains the horizontal features of the edge. The LL, which is also called approximate image, contains most of the recognizable information of the original image and therefore it is the only one that is used as the input image to another level of DWT (Mistry, 2013).

Gabor filter
Gabor filter is widely used in a number of applications in the fields of computer vision and image processing like face recognition, optical character recognition, and vehicle detection. Gabor filter is used to detect image patterns at different scales and orientations. The formula of a complex  2D Gabor function g (x, y) is represented by a Gaussian function modulated by an oriented complex sinusoidal wave.
Where σ x and σ y are the scaling parameters which depicts pixels neighborhood where the weighted summation occurs, w is the central frequency of the complex sinusoid and θ is the orientation of the normal to the parallel stripes of the Gabor function. A particular Gabor filters bank (GFB) consists of multiple individual filters modified with various values of scaling, orientation and central frequency parameters (Khan et al., 2016;Sag & Cunkas, 2015).

K-means clustering algorithm
The K-means clustering algorithm partitions data samples into different clusters depending on distance measures. It identifies a partition such that the squared error between the experimental mean of a cluster and the points in the cluster is reduced. Let D = {D 1 ,D 2 , . . ., D n } be a set of n data samples to be clustered into a set of k clusters, C = {C i , i = 1, . . ., k}. The aim of K-means clustering is to reduce the sum of the squared error over all k clusters, which is known as: Where C i is the i th cluster, Z i is the centroid for i th cluster, D l is the data samples belonging to the i th cluster and k represent the total number of clusters. Cluster centroids are initialized in K-means clustering randomly. Data samples are designated to the closest cluster, which is measured by the distances between the matching centroid and data samples. The centroid of each cluster is recalculated by finding the mean value of all data samples inside the particular cluster. Then, the process of allotment of data samples in to the respective clusters is reiterated according to the adjusted cluster centroids until the particular termination criteria is reached (Xie et al., 2019).

Texture segmentation
Texture analysis and segmentation plays an important role in digital imaging and pattern recognition. It is used to identify objects, classify surfaces, or recognize regions or shapes. Texture analysis also involves specifying attributes that are useful in discriminating, recognizing and segmenting different texture types. Texture segmentation implies meaningfully partitioning an image into sections depending on the textured regions or borders. This is done by recognizing and grouping different textures in the image (Huang et al., 2015;Kachouie & Alirezaie, 2003;Kumar et al., 2009;Subudhi & Mukhopadhyay, 2019).
Using Gabor filter and K-means clustering algorithm is one of the techniques for analyzing image texture that has been proposed in the recent years. As mentioned above Gabor filter is used to obtain a filtered image while K-means clustering algorithm is used to partition the image into clusters. The image features are extracted and sorted into categories, where patterns belonging to each category form a cluster in the feature space. Each cluster is compact and isolated from clusters belonging to other texture categories (Jain & Farrokhnia, 1991).

AES algorithm
AES is a symmetric block cipher which has a fixed block size of 128 bits and a key size of 128,192 or 256 bits. The number of rounds in the algorithm may be 10, 12 or 14 depending on the key length. The encryption process begins by arranging the plain text and the key column wise in 4 × 4 array called a state. The AES have four transformations or stages which are SubBytes, ShiftRows, MixColumns and AddRoundKey. The SubBytes transformation permutes the state array bytes according to 16 × 16 array of bytes known as S-box. The S-box is based on the Galois Field GF (2 8 ) multiplication. In the next stage the rows of the state array obtained from the previous transformation are cyclically left shifted according to the row number. Row 0 is not shifted while rows 1, 2, 3 are shifted to the left one, two and three bytes respectively. The output of the shift row stage is used as a state array for MixColumns stage, which is a substitution that uses arithmetic over GF (2^8), which operates on the state array column by column. Each column is considered a four terms GF (2^8) polynomial that is multiplied by a fixed polynomial to get a new state array. Each element in this state array is the sum of products of one row and one column elements.
AddRoundKey stage produce the state array obtained from the MixColumns transformation XORed with the appropriate round key. The decryption transformations are the inverses of the encryption transformations which are Inv-SubBytes, Inv-ShiftRows, Inv-MixColumns and the AddRoundKey which is the inverse of itself because the XOR operation is its own inverse, but the round keys are applied to this transform in reverse order (Forouzan, 2008;Wang, 2009).

RC4 algorithm
RC4 is symmetric key stream cipher with byte-oriented operations and a variable length key which ranges from 1 to 256 bytes. The algorithm consists of three steps, Initialization, Initial Permutation and Stream Generation. Under the initialization step, two vectors, namely S and T, are initialized. The state vector S is initialized with the numbers from 0 to 255, i.e. S [0], S[1] (Sreelajaa & Vijayalakshmi Paib, 2012),S [255]. The T vector is filled with the key values if the key length is 256 bytes; otherwise the key is repeated to fill the 256 bytes of T. In the Initial Permutation step, the T vector is used to permute the values of the vector S by using a swap operation only. At the end of this step the vector T is no longer used. The input to the Stream Generation step is the permuted state array which will be further permuted at this step with itself by swapping each S [i] with another byte of S to generate the final key stream. Finally the generated key stream is XORed with the plaintext to generate the cipher text (K. Ahmed & Mohammed, 2017;Stallings, 2011).

The proposed method
The sequence of steps used in the proposed method shown in Figure 3 is: • In the first step colored image of size 512 × 512 is passed on DWT with 8-tap Daubechies orthonormal filters to obtain four images of size 256 × 256.
• Gabor filter and K-means clustering is used for texture segmentation to divide the approximate image (LL) denoted by X into three segments. Where Gabor filter is used to extract the texture features of another image pixels in order to use it as a map for the original image X segmentation. The size of the map image namely I is 256 × 256, a convolution process is then done between a Gabor filter function namely g and the map image I to obtain a filtered image namely R.
K-means clustering is then applied on the resultant image R to partition it into clusters depending on its features. The resulting clustering is then applied to the image X to create its segments depending on the features of image I. The resulting three segments of the image X which is depicted in Figure 4 are then scrambled. The scrambling is obtained by serializing the pixels of the generated segments and then entering them in the resulting image at a skip beat of 3, and cycling through the array until it is filled. The image is depicted in Figure 5 and denoted by S.
• The pixels of the scrambled image are encrypted using mixed AES and RC4 algorithms in the following manner: The first and third pixels in the first row are encrypted using AES algorithm then XORed with the key stream generated by RC4 algorithm. The second pixel is encrypted using RC4 then XORed with the Expanded Key of the final round in AES algorithm. The fourth and sixth pixels are encrypted using AES algorithm then XORed with the key stream generated by RC4 algorithm. The fifth pixel is encrypted using RC4 then XORed with the Expanded Key of the final round in AES algorithm and so on. This schedule of alternate AES and RC4 algorithms is repeated for each row in the image. Finally the encrypted approximate image E is sent together with the three other images of size 256 × 256.
In order to get back the original image X the following steps are followed: • The receiver decrypts the image E to retrieve the image S.
• White image namely W is segmented to three segments using texture segmentation. The segmentation is created based on the features which are extracted by Gabor filter. Gabor filter extracts the map image I features to obtain the image R. K-means segments R to clusters in order to partition W according to these clusters.
• The sequence of the segments of image W pixels is then used to re-distribute the image S pixels. This retrieve the original image X.  • The original image X is then re combined with the other three images. Eventually the complete original 512 × 512 image is retrieved by applying inverse DWT.

Experimental results and analysis
The proposed work is tested on five colored images of size 512 × 512. In order to check the security of the test images, key sensitivity and key space analysis are tested. Additionally to check the resistance of the test images to several attacks like statistical and differential attacks, the following measures are used.

Key space analysis
The key space of secure image cryptosystem must be sufficiently large; this makes the cryptosystem resistant to brute-force attack. The key space of the proposed method combines the key space of the AES algorithm, which is 2 128 , with the key space of the RC4 algorithm, which is also 2 128 . This ensures that the proposed method is resistant to brute-force attack.
• Lena image is encrypted using key 1 and decrypted using key 2 , Figure 6 shows that Lena image cannot be retrieved using key 2 ; this proved that the proposed method is highly key sensitive.

Confusion test
The proposed scrambling method is tested using two slightly different map images; the texture segmentation is applied to Lena image in two cases. The first case shown in Figure 7 depends on the features of a map image, namely I 1 , the second case shown in Figure 8 depends on the features of another map image, namely I 2 . The scrambled images of the two cases are shown in Figure 9. The two scrambled images are encrypted using the same key. The correlation between the two encrypted images is 0.1179. The correlation value demonstrates that changing the map image will affect the texture segmentation and scrambling processes.

Entropy analysis
Information entropy is used to measure the degree of randomness in the image information. The entropy is usually measured in bits and its ideal value for a totally random image is 8. If the probability distribution P(S k ) of each symbol S k in an image is known, the entropy H for n symbols can be calculated as: (Somna & Senb, 2013;Ismail et al., 2018).
PðS k Þlog 2 PðS k Þ (5) Figure 10. Original image and its histogram for red, green and blue channels.
The entropy of original and encrypted image is tested using the five images shown in Table 1. Note that information entropy of all images is close to 8. This means that the proposed method is resistant against entropy attack.

Histogram analysis
The histogram is a graph used to measure the pixel intensity values where it shows the number of pixels in an image at different intensity values. There are 256 possible intensities in 8-bit gray scale image thus the histogram displays 256 numbers that depicts the distribution of pixels among those gray scale values. The distribution of gray scales in the encrypted image should be fairly uniform in order to get a good encryption (Somaraj & Hussain, 2015). Lena image with its histogram is shown in Figure 10. The encrypted image with its histogram is shown in Figure 11. The decrypted image with its histogram is shown in Figure 12. From the figures, it is clear that the histogram of the encrypted image is fairly uniform. This means that the statistical attack on the proposed method is very hard.

NPCR and UACI analysis
Number of Pixel Change Rate NPCR and Unified Average Change Intensity UACI are two metrics used to measure the effect of changing one pixel on the overall image. The NPCR measures the percentage of change in the number of pixels between the original and the ciphered image, while the UACI measures the average intensity of the difference between the original and the ciphered image.
Let x 1 (i, j) and x 2 (i, j) be the ciphered and original images respectively, where i is the row number and j is the column number, A is an array with the same size as x 1 and x 2 satisfy that: Let M and N represents the number of rows and columns respectively. The mathematical representation of NPCR and UACI can be seen in (7) and (8) respectively (Ismail et al., 2018;Dhall et al., 2022).
The NPCR and UACI values tested for five images are shown in Table 2. This evinces the high sensitivity of the proposed method to tiny changes in the original image. This in turn means that proposed method is highly diffused and resistant to differential attacks.

Correlation of two adjacent pixels
The correlation coefficient determines the relationship between two adjacent pixels. The image Pixels is perfectly correlated if the correlation between two pixels is very close to one; but if the image pixels are completely uncorrelated then their corresponding correlation coefficient must be very close to zero. The following procedure is used in a ciphered image to test the correlation between two vertically, horizontally and diagonally adjacent pixels respectively. Initially, pick 10,000 random pairs of two neighboring pixels, say A and B, from an image. Then use the following formulas to calculate the correlation coefficient, Corr (A, B), of each pair (Farsana et al., 2020;Amin & Abd El-Latif, 2010).
The diagonal, vertical and horizontal correlations for the distributions of adjacent pixels of five images are tested. See, Table 3. The correlation of Lena original image and encrypted image are depicted in Figures 13 and 14 respectively. The correlation distributions of each two adjacent pixels diagonally, vertically and horizontally, in the original and the encrypted image are far apart. Also note that the correlation coefficients of the original image are close to 1, while correlation coefficients of the encrypted image are close to 0. This means that the proposed method produce a de-correlated adjacent pixels image. This shows that the proposed method is resistant to statistical attacks.

Time analysis
Encryption time is considered a major criterion in the evaluation of image encryption scheme especially in real time applications. The speed of the proposed work is tested on different sizes Lena colored images, as shown in Table 4, using a laptop with Intel ® Core(TM) i7-8550 CPU @ 1.8 GHz and 8 GB RAM. The MATLAB 2016 programming language is utilized to build the application program.

Conclusion
In this paper a partial encryption is used to encrypt only the approximate image output of the DWT. A new scrambling method is then applied to the image after texture segmentation. The pixels of the segments are shuffled to obtain a scrambled image. The segments' shuffling is based on the features of a chosen map image. The map image acts as a secret key for the scrambling process. In order to obtain the robustness of AES algorithm and the speed of RC4 algorithm, and achieve an effective encryption scheme, the last scrambled image is encrypted using overlapped AES and RC4 algorithms. After that each pixel encrypted using AES algorithm is XORed with the RC4 algorithm key and vice versa. This makes the proposed scheme immune against cipher text only attack. The proposed scheme is tested using several performances and security metrics. The results revealed that the proposed scheme is powerful for real time applications and robust against brute force, differential and statistical attacks.