Security of Medical Images Using a Key-Based Encryption Algorithm in the RDWT-RSVD Domain: SeMIE

Today, in the era of big data, an increasingly serious problem is the security of digital media in the healthcare domain. Encryption is a popular technique to resolve the security concern of medical data. In the paper, the authors propose a key-based encryption algorithm – namely, SeMIE, designed by RDWT and RSVD for healthcare applications – which can guarantee the security of the medical images. Initially, the image normalisation procedure along with RDWT-RSVD is followed to generate hash value. Here, image normalisation is used to ensure the high resistance against the geometric modifications. Then, a key expansion process is utilised with the hash value for generating the secure keys. Finally, the encryption process uses Feistel structure along with constant substitution-permutation functions to provide sufficient confusion and diffusion of cipher data. Experimental evaluation indicates that the SeMIE algorithm is secure against several attacks. From the simulation findings, it is inferred that the algorithm exhibits improved security compared to existing methods.


INTRoDUCTIoN
With the proliferation of the internet of things (IoT), the healthcare industry has experienced significant growth in recent years (Bhuiyan et al., 2021). There is no doubt that the use of the IoT in healthcare not only improves operational efðciency for medical professionals and hospitals but also provides service convenience for supporting patients and their relatives. Especially after the COVID-19 pandemic, medical images serve as the information carrier for various purposes, such as medical diagnosis, telesurgery, defense, medical education, teleconsulting, research and business analytics Khaldi et al., 2022;Sharma et al., 2021).
However, security of these images is a prerequisite for the application of the IoT in the healthcare industry . Also, cloud-based healthcare is an important solution for the efficient storage, 2 processing and continuous availability of medical data supplied by various sources. However, the protection of this externalised data and services in open environments is a big challenge (Haddad et al., 2020). Therefore, the protection of the medical information for smart healthcare is crucial (Wei et al., 2013). Encryption is a popular technique for protecting medical data from illegitimate access (Kaur & Kumar, 2020). The simplified procedure of an image encryption is depicted in Fig. 1.
Let us assume 'O i ' as original/plain image and 'C i ' as cipher image. The encryption and decryption process is carried out on plain and cipher image respectively as shown in equation (1) and equation (2). (1) Where ' Ef key1 ' & ' Df key 2 ' are encryption and decryption functions along with key. In case of symmetric encryption (Roy et al., 2022), Key 1 = Key 2 . However, Key 1 1 Key 2 in case of asymmetric encryption. Over the past few years, researchers have adopted encryption algorithms to provide security for medical images. For example, a chaos-based cipher approach was introduced for medical images (Belazi et al., 2021). This cryptosystem followed permutation-substitution structure. A Logistic Chebyshev map and a Sine-Chebyshev map were utilized to create substitution and diffusion in encrypted images. Their scheme is capable of resisting common attacks, but its encryption time needs to be improved. Another chaos-based cryptosystem for medical images has been proposed (Jain et al., 2021). The secret key used for the encryption/decryption process is twofold since the proposed method is utilizing two different chaotic maps. The original image is passed into a permutation box, where Arnold's Cat Map is used to create confusion in the image. This intermediate data is then processed via diffusion box using two-dimensional logistic-sine-coupling map (2D-LSCM), which assures that a minor change in an input image brings a major change in the output image. The authors have analyzed their scheme against various attacks that range from statistical analysis to contrast analysis, and they established that their scheme is secure, despite the performance of the scheme needing to be analyzed against other attacks like noise and occlusion attacks. Furthermore, the running time of the proposed scheme is longer than state-of-the-art schemes due to the use of multiple chaotic maps. (Masood et al., 2021) introduced an encryption scheme for securing medical images by adapting a Hénon chaotic map to obtain confusion in each block of an image. Diffusion is achieved by utilising Brownian motion (BM) and Chen chaotic system (CCS). The proposed framework provides good encryption results; however, the method could be enhanced to increase security results while reducing computing cost. Another lightweight encryption scheme for enhancing security of medical images was proposed (Hasan et al., 2021). It employed image encryption transformations based on blocks. In addition, the XOR gate operation and circular shift operation is applied between the image blocks and selected key to produce a cipher image. This scheme offered less computational cost but with limited encryption capabilities. In reference to (Xue et al., 2021), there is a method for encrypting images based on deoxyribonucleic acid (DNA) chains of varying length. To obtain keys, the proposed technique combines SHA-256 and hamming distances. Here, the plain image is dynamically encoded per the bit stream of a pixel, and then it employs the superior fractional-order hyper-chaotic system (FHCOC) system to achieve the finest DNA dynamic coding, build DNA dynamic chains of various lengths, and perform dynamic deletion and transposition operations on DNA chains. After integrating the DNA chain, the encrypted image is acquired. Their encryption results are good, but the algorithm is more complex. By making use of a similar DNA approach  proposed an encryption technique for digital images. In this scheme, a Two-Dimensional Logistic-adjusted-Sine map (2D-LASM) and a one-dimensional proposed chaotic system were used to generate chaotic sequences. The initial values and system parameters for these maps were determined by applying SHA-256 on plain image. Then, the DNA encoding/decoding rule matrix and the obtained chaotic sequences were utilized in confusion and diffusion stages. The proposed scheme has a larger key space and can withstand chosen plaintext attack. However, the scheme's computational cost is relatively higher than that of several recent methods. An encryption system based on 2D multiple chaotic maps for medical images were suggested by (Yasser et al., 2021). To overcome the limitations of low dimensional chaotic maps, authors have proposed two 2D-chaotic key maps. A two-pass confusion-and-diffusion process is applied on an image after splitting it into two halves. The proposed scheme has good anti-attack capabilities. An edge detection based lightweight encryption technique was presented by (Khashan & AlShaikh, 2020). for medical data. The significant edge-maps are extracted from an image using Prewitt edge detection method. A chaotic map is employed to generate random keys. Then, only identified significant blocks are encrypted using one-time pad method to reduce the time complexity of the proposed scheme. Its performance against statistical attacks needs to be analyzed further, as the histogram of cipher image is non-uniform. (Chai et al., 2019) introduced a technique of encrypting medical images that performs permutation and diffusion operations using the random sequence obtained from the 4D-memristive chaotic map. The SHA-256 value of the image is utilized as the initial parameters of a 4D map, making it immune to known plaintext and chosen plaintext attacks. To obtain a highly random cipher image, authors utilized Latin square for pixel-permutation and bi-directional diffusion. Their scheme performs comparably to state-of-the-art techniques. Based on Hessenberg's transform and chaotic theories, an encryption technique for smart health care systems has been suggested in (Jan et al., 2022). This scheme combines logistic map and sine map to generate the effect of confusion in the given data. After that, diffusion is produced using Hessenberg transform, the proposed scheme has justifiable performance against statistical and differential attacks, and it also has efficient execution time. However, the performance of the suggested scheme has not been assessed against noise attacks. Another lightweight cryptosystem for secure IoT has been introduced by (Usman et al., 2017). This scheme aims to address the issue of security and resource allocation in IoT systems. The architecture of the scheme is a hybrid of Feistel structure and substitution-permutation (SP) network. Initially, this scheme applied a key expansion procedure on the secret key taken from the user to produce five round keys. These round keys are then utilized in the encryption/decryption process. The suggested F-Function and some logical operations are used for encrypting an image. The simulation results indicated that both the computational cost and memory utilization of proposed scheme are efficient. The authors have analyzed the performance of the suggested scheme against statistical and cipher-text only attacks. Its performance needs to be analyzed further against other attacks too. Additionally, this system might be vulnerable to brute-force attack because of its key size. A system for calculating image hash based on image normalization, discrete wavelet transform (DWT) and singular value decomposition (SVD) are introduced by (Singh & Bhatnagar, 2017). Initially, the plain image is preprocessed using normalization process. Then, the image hash is obtained by using DWT and SVD transform on the pre-processed image. The proposed scheme is secure against scaling and filtering attacks. However, the scheme suffers from the shift variant problem of DWT.
In this study, we propose a key-based encryption algorithm -namely, SeMIE, designed by RDWT-RSVD for healthcare applications -which can guarantee the security of the medical images. Major novelties of this work are as follows: 1) Benefits of Image Normalization: The image normalization procedure (Singh & Bhatnagar, 2018) is utilized to transform the image into a standard image, which offers high resistance against the geometric attacks.

2) Generation of Hash Value through RDWT-RSVD: A combination of RDWT-RSVD transformed
is used to generate hash value for better security. RDWT is shift-invariant and holds all the desirable properties of DWT . Additionally, RSVD is better than SVD with reduced  3) Better Security Performance: Compared with the traditional, the SeMIE algorithm has better security performance at a lower cost, indicating its potential for secure healthcare.
This paper is organized as follows. In Section 2, proposed SeMIE algorithm is described in detail. In Section 3, the simulation is given. Finally, the conclusion is drawn in Section 4.

THE SEMIE ALGoRITHM
The suggested SeMIE algorithm consists of three main phases: a) key generation process, b) the key expansion procedure, and c) the encryption and decryption procedure. The stepwise procedure of each phase is illustrated in Algorithm 1 to Algorithm 4, respectively. Some commonly used notations in algorithms are listed in Table 1.

Key Generation Process
The key is the most critical component in any encryption algorithm. The whole security of the encryption scheme is dependent on this key. The simplified procedure of hash value computation of plain image for the purpose of better security is shown in figure 2. In this process, an image normalization procedure is utilised to transform the image into a standard image, which offers high resistance against the geometric attacks. Here, the image normalisation procedure, along with RDWT-RSVD, is followed to generate hash value. The normalisation procedure for a particular image can be outlined as follows: Translation Invariance: Initially an input image is transformed to new position using the equation given below: , = Translation value in x and y direction respectively.

Shearing Invariance (in x-direction):
Now shearing is applied on the transformed image in x-direction as shown below: Here, S x = shearing operator in x-direction Shearing Invariance (in y-direction): Again shearing transform in y-direction is applied on the image obtained from step 2.
Here, S y = shearing operator in y-direction 4) Scaling Invariance: Finally, a normalized image of specific size is obtained after applying scaling transform in both x and y direction using scaling operator ( S s ).
The detail of key generation process is discussed in Algorithm 1.

Key Expansion Module
The simplified procedure of key expansion module is shown in Fig. 3. The major steps for this module are explained in algorithm 2. Initially in this module, a 64-bit key generated by using algorithm 1 is divided into 4-bit segments. Then these 4-bit segments are substituted and grouped with each other to produce 16-bit blocks using equation 4. These 16-bit blocks are taken as input by F-function. The F-function is made up of P and Q tables. The P and Q tables are utilized to perform permutations in 64-bit cipher key as described in fig. 4. Table 2 and 3 shows the transformations performed by P and Q tables.

Encryption and Decryption Process
The simplified procedure of encryption process is shown in Fig. 5. Initially, the encryption scheme is developed by (Usman et al., 2017). However, our key generation procedure is totally different from the scheme proposed in (Usman et al., 2017). Further, the security analysis of the encryption scheme (Usman et al., 2017) is inadequate. Here, the encryption process can begin after the round

Algorithm 1. Hash Value Generation Process
Input: Plain image P i ( ) Step 1: In pre-processing stage, image normalization procedure is utilized to transform the original image, ' Org img ' into normalized image, ' Norm img ', which provides better resistance against the geometric attacks.
Step 2: RDWT is performed on Norm img are four sub-bands of image obtained after applying RDWT.
Step 3: Step 5: Again, RSVD is applied to transform the reference matrix, ' ' Step 6: Feature vector, ' F v ' is obtained using the combination of U V Step 7: Threshold, 'T ' is obtained with the help of feature vector.
Step 8: The hash value, ' H ' is obtained as mentioned below.
Step 9: We take first 64-bit of hash value from 160-bits, which is used as cipher key tput: 64-bit cipher key 7 keys have been generated. This procedure entails certain logical and swapping operations to produce confusion and diffusion effects. It is comprised of five rounds. A separate encryption key is generated for each round using the aforementioned key generation process. The details of image encryption and decryption process are stated in Algorithm 3 and Algorithm 4, respectively. The decryption procedure is the reverse of the encryption process.

Algorithm 2. Key Expansion Procedure
Input: 64-bit cipher key Step 1: The 64-bit encryption key ( K c ) is divided into 4-bit segments in the initial stage.
Step 2 Where i = 1 to 4 for the first four round keys as shown in fig. 3.
Step 3: The very next step is to obtain fKa i by invoking the F-function on fKb i as given below: Step 4: The F-function is comprised of P and Q transformation tables which causes confusion and diffusion as shown in fig. 4. Table II and III shows the transformations accomplished by P and Q tables.

EXPERIMENTS AND CoMPARISoN
In this section, experiments and analyses are conducted to evaluate the effectiveness of the proposed SeMIE algorithm, and we compare it in terms of standard metric with other, similar schemes. Particularly, the performance of the SeMIE algorithm is evaluated by applying several standard tests, including key analysis, statistical analysis, differential analysis and time cost evaluation, on the COVID-19 Radiography dataset of size 256×256 (Data set) . Few of the images used in evaluation are shown in fig. 6. All the experiments were performed using MATLAB 2019a.

Differential Analysis
Differential analysis is used to measure the strength of the encryption technique by minor changes to the original image and to examine differences (Kamal et al., 2021). NPCR and UACI randomness tests were used to evaluate the differential analysis. It is defined as follows:

. Encryption Process
Input: Five Round Keys ( K 1 , K 2 , K 3 , K 4 and K 5 ) and 64-bit Plaintext array ( P t ) Step 1: First of all in round 1, a 64-bit plaintext array is divided into four 16-bit segments i.e. P t 0 15 Step 2: The bitwise EX-NOR (XNOR) operation is applied between P t 0 15 and the corresponding rounds key K i which is generated previously from the key expansion process. The same operation is conducted on P t 48 63 and K i as well, eventuating in R 11 and R 14 respectively.
Step 3: After that, the outcome of P t 0 15 for the next round.
Step 5 Where C1 and C2 are ciphered image before and after alteration of pixel.

Algorithm 4. Decryption Process
Input: Five Round Keys ( K 1 , K 2 , K 3 , K 4 and K 5 ) and 64-bit ciphertext (C t ) Step 1: First of all, a 64-bit ciphertext is divided into four 16-bit segments i.e. C t 0 15 Step 2: The bitwise EX-NOR (XNOR) operation is applied between C t 0 15 and the corresponding rounds key K i which is generated previously from the key expansion process. The same operation is conducted on C t 48 63 and K i as well, eventuating in R 41 and R 44 respectively.
Step 3: After that, C t 0 15 to get R 42 and C t 48 63 Step 4: A reverse transformation is performed such that C t 16 31 becomes R 44 for the next round.
Step 5: The remaining rounds are completed in the same manner. The final round's results are concatenated to produce the plaintext array of 64-bit. Output: 64-bit Plaintext array Where E(i, j) and E'(i, j) are the ciphered images of plain image and modified image respectively. Table 4 lists the average value of NPCR and UACI of the proposed scheme for more than 20 images. The NPCR and UACI values of the proposed scheme are more than 99 and 33, respectively. Hence, our scheme has proven to be robust against differential attacks. Comparison with other schemes is shown in Table 5. Fig. 7 shows the performance of SeMIE in comparison with other state-of-art schemes against differential attacks.

Statistical Analysis
This analysis is performed to find the statistical resemblance between the ciphered and original image. The histogram and correlation coefficient (CC) are used to evaluate the robust performance against statistical attacks (Kamal et al., 2021). Thus, it provides no information on how to attack on the encrypted image using statistical analysis. Histograms for both plain and cipher images are shown in Fig.  8. As is evident from Fig. 8, the histogram of the encrypted image is uniform. Therefore, our scheme is capable of resisting statistical attacks.

b) Correlation Coefficient (CC)
The correlation coefficient is a significant feature to measure the effectiveness of the encryption technique (Ibrahim et al., 2020). The original image has a high level of redundancy, whereas the Where C x y x E x y E y Here, x, y = coordinates of an image pixel; C(x, y) = covariance between samples x and y; K = number of pixel pairs (x i, y i ); D(x) and D(y) = standard deviation of x and y, and E(x) = mean of xi pixel values. We compute horizontal, vertical and diagonal correlation coefficients of original and encrypted images, as shown in Table 6. It can be observed from the table that the CC of encrypted image is very low, which means that redundancy between the adjacent pixel values is greatly reduced. Thus, we can say that our cryptosystem can prevent statistical attack.

Information Entropy
The entropy is a measurement of the degree of randomness in the encrypted image (Noura et al., 2019). High entropy values indicate the high randomness in the encrypted image. The ideal entropy value of encrypted image is approaching to 8. Entropy is defined as Where, H (S) = entropy of message source (S) and P(S i ) = probability of occurrence of S i  Table 7 shows entropy value of proposed scheme for different images. The entropy value obtained for an encrypted image in our scheme is closer to eight, which means the encrypted image is extremely messy. It ensures that this scheme is robust against cipher-text only attacks. Additionally, the entropy of the proposed scheme is higher as compared to the state-of-the-art scheme, as depicted in Table 8 and in figure 9.

Perceptual Quality Evaluation
The perceptual quality of the encrypted image is measured by PSNR [32], which indicates the similarity between the encrypted image and the corresponding original image. PSNR is represented as Where (x, y) = pixel coordinates of image; WH = width and height of image; P and E = plain and encrypted images To evaluate the PSNR performance of the proposed system against noise attack and the corresponding results are depicted below in Table 9. We have calculated the PSNR value between the original and decrypted image. Figure 10 shows the performance of SeMIE against different possible noise attacks.

Key Sensitivity
Key sensitivity means a minor modification in key results in entirely different results. To perform this analysis, two cipher images are obtained with two secret keys that differ by only one bit. A cryptosystem is considered secure if a minor change in the key results in a completely new cipher image. From Fig. 11, it is clear that our scheme generates an entirely different cipher image. Thus, we can conclude that our scheme is highly key sensitive.

Key Space
To strengthen the encryption scheme against brute-force attacks, the key length must be large enough so that the opponent is unable to undertake 2 n-1 encryptions to find the original key if the key is of n-bit. In this work, we have first calculated 160-bit hash value using the aforementioned process, and the first 64 bits of hash value are used as the cipher key. The key expansion module takes this cipher key as input, executes considerable options on the input key and generates five distinct keys. These keys will be used for encryption and decryption, and they must be strong enough to stay undecipherable during an attack.

Time Cost Evaluation
This part is to record the encryption and decryption time of different images. The time taken by our scheme to encrypt/decrypt the images shown in Fig. 6 is given in Table 10. The time required by our scheme is slightly higher when compared to other, existing schemes. However, the simulation findings prove that our scheme is robust against geometric, statistical, differential, noise and other common attacks.

CoNCLUSIoN
In the paper, we proposed a key-based encryption algorithm -namely, SeMIE, designed by RDWT-RSVD for healthcare applications -which can guarantee the security of the medical images. Initially, the image normalization procedure along with RDWT-RSVD is followed to generate hash value. Here, image normalization is used to ensure the high resistance against the geometric modifications. Then, a key expansion process is utilized with the hash value for generating the secure keys. Finally, the encryption process uses Feistel structure along with constant substitutionpermutation functions to provide sufficient confusion and diffusion of cipher data. Experimental evaluation indicates that the SeMIE algorithm is secure against geometric attacks and several other common attacks. From the simulation findings, it is inferred that the algorithm exhibits improved security compared to existing methods. Future work will focus on making this scheme compliant to the more secure and efficient healthcare system.

Theoretical Contributions
First, we have provided the recent state-art-of the work in the area of medical image security using encryption. Second, the study extends the limited research on how to achieve a good balance between competing parameters, such as security and complexity.
Third contribution highlights the concept of several standard tests, including differential analysis, statistical analysis, information entropy, perceptual quality evaluation, key analysis, and time cost evaluation, which is necessary for any encryption scheme.

Practical Contributions
First, we have proposed a key-based encryption algorithm -namely, SeMIE, designed by RDWT-RSVD for healthcare applications -which can guarantee the security of the medical images. Second, concept of image normalization procedure is utilized to transform the image into a standard image, which offers high resistance against the geometric attacks.
Third, compared with the traditional, our proposed SeMIE algorithm has better security performance at a lower cost, indicating its potential for secure healthcare.