Medical image encryption algorithm based on a new five-dimensional three-leaf chaotic system and genetic operation

Current image encryption methods have many shortcomings for the medical image encryption with high resolution, strong correlation and large storage space, and it is difficult to obtain reliable clinically applicable medical images. Therefore, this paper proposes a medical image encryption algorithm based on a new five-dimensional three-leaf chaotic system and genetic operation. And the dynamic analysis of the phase diagram and bifurcation diagram of the five-dimensional three-leaf chaotic system selected in this paper is carried out, and NIST is used to test the randomness of its chaotic sequence. This algorithm follows the diffusion-scrambling framework, especially using the principle of DNA recombination combined with the five-dimensional three-leaf chaotic system to generate a chaotic matrix that participates in the operation. The bit-level DNA mutation operation is introduced in the diffusion, and the scrambling and diffusion effects have been further improved. Algorithm security and randomness have been enhanced. This paper evaluates the efficiency of this algorithm for medical image encryption in terms of security analysis and time performance. Security analysis is carried out from key space, information entropy, histogram, similarity between decrypted image and original image, PSNR, correlation, sensitivity, noise attack, cropping attack and so on. Perform time efficiency analysis from the perspective of time performance. The comparison between this algorithm and the experimental results obtained by some of the latest medical image encryption algorithms shows that this algorithm is superior to the existing medical image encryption algorithms to a certain extent in terms of security and time efficiency.


Introduction
In recent years, with the rapid development of the Internet, the rapid expansion of information, a large amount of information is transmitted in public channels, and the issue of information security is followed by [1][2][3]. There are many kinds of information data, such as text, two different pyrimidines; Transversion is the exchange of one purine and one pyrimidine. The occurrence of DNA mutations is affected by a specific combination of genes, and this mutation can be said to be a random mutation. This kind of random base substitution mutation occurs during the complementary pairing of two kinds of DNA. Incorporating this DNA mutation operation [35,36] into the encryption algorithm can change the pixel value more fundamentally, and better meet the requirements of high randomness and large change rate of image information encryption. Therefore, the DNA mutation operation not only increases the biological significance of image encryption, but also effectively improves the robustness and security of the encryption algorithm. DNA recombination technology [37][38][39] refers to the use of artificial means to recombine DNA fragments with a certain special meaning from different sources to achieve the purpose of changing biological characteristics. In this paper, DNA recombination technology is introduced into DNA encryption, and arbitrary fragments are changed by artificial means. The DNA fragments are exchanged immediately, and new gene combinations can be generated. In this article, the DNA recombination operation is to further complete the diffusion and scrambling of the pixels, which greatly increases the difficulty of the algorithm to decipher. Therefore, the DNA recombination operation not only increases the complexity of the DNA sequence, but also improves the randomness and security of the encryption system.
In summary, this paper proposes a medical image encryption algorithm based on a new five-dimensional three-leaf chaotic system and genetic operation. The remaining sections of the paper are arranged as follows: Section 2 mainly introduces the basic principles used in the algorithm; Section 3 mainly introduces the specific methods and steps of the algorithm; Section 4 mainly uses simulation software for security testing; Finally, a brief summary of this algorithm.

Logistic chaotic map
Logistic chaotic map [14,15] is a typical one-dimensional chaotic system. Although the definition is simple, it has complex random dynamic behavior and can generate random chaotic sequences. The definition is as shown in Eq (1).
Where μ is the control parameter. When 0<μ � 4, 0<x<1, the system is in a state of chaos. The bifurcation diagram of the Logistic chaotic map is shown in Fig 1. three-leaf chaotic system is defined as shown in Eq (2).
Where a, b, c, d, e are the control parameters, when a = −1, b = −3, c = −3, d = 1.8, e = −5, the system is in a chaotic state. Under normal circumstances, the higher the dimension of the chaotic system, the better the security of the entire encryption algorithm can be guaranteed. Moreover, compared with lowdimensional chaotic systems, high-dimensional chaotic systems can provide chaotic sequences with stronger randomness, obtain a larger key space, and improve the security of the entire encryption algorithm. But there are also some shortcomings. For example, the higher the dimensionality of the chaotic system, the more complicated the operation will be. However, the five-dimensional three-leaf chaotic system is simpler and easier to implement than most high-dimensional chaotic systems. In order to prove the dynamic characteristics of the chaotic system, this paper shows the three-dimensional phase diagram of the chaotic system, as shown in

PLOS ONE
In addition, Wang et al. [17] carried out a series of dynamic analyses such as balance points and bifurcation diagrams while proposing the chaotic system. The experimental results proved that the chaotic system has strong stability. In the corresponding interval, the bifurcation diagrams of parameter a and parameter b show chaotic state. In addition, Wang et al. also applied the system design to image encryption and achieved good encryption results. Therefore, compared with most other chaotic systems, the structure of this five-dimensional three-leaf chaotic system is simpler, and the dynamic characteristics are more obvious, and the effect is significant in practical applications.

2.2.2
Chaotic sequence randomness test. The above section analyzes the dynamic characteristics of the five-dimensional three-leaf chaotic system. In practical applications, it is the chaotic sequence generated by the chaotic system that is directly applied to the encryption algorithm. Although the dynamic characteristics of the chaotic system is very important when selecting the chaotic system. However, it is more important to select a chaotic system that can generate a chaotic sequence with strong randomness. This section uses the randomness test tool (SP800-22) to test the randomness of the chaotic sequence from 15 aspects. The test results are shown in Table 1.
After the NIST test is completed, the probability value obtained when counting the results is also called the P value. When the P value of a test is greater than or equal to 0.01, it indicates that the randomness test meets the standard. It can be seen from the table that the chaotic sequence generated by the chaotic system has passed all random tests. And this system is better than the NIST test results of chaotic sequences generated by general high-dimensional chaotic systems. For example, the P value of each item is slightly higher than the P value of 15 tests in [41], which means it has better randomness. In addition, Wang et al. [17] also tested the time series diagrams in each direction of x, y, z, w, and v, and they all showed a chaotic state, which also shows that the chaotic sequence generated by this system is more random. The security of the image encryption algorithm is more guaranteed.

DNA coding and operations
DNA contains 4 kinds of bases [5], namely A (adenine), T (thymine), C (cytosine), and G (guanine). Traditional computer processing of data is usually expressed in binary form of 0 and 1. If a 2-bit binary is used to represent a base, there are 24 different representation methods in total [42]. Based on the principle of base complementary pairing [43][44][45], A and T are complementary, and C and G are complementary, so there are 8 kinds of expressions that conform to the principle, called 8 kinds of DNA coding rules, as shown in Table 2.
In addition to DNA coding rules, based on binary calculations, DNA addition [27,28], DNA subtraction [29], DNA XOR [30], DNA XNOR, DNA multiplication, DNA shift left and DNA shift right operation rules are given. As shown in Tables 3-9.

DNA mutation
DNA mutation [33,34] refers to changes in the position and sequence of the nitrogenous bases that make up the DNA molecule. There are 4 types of DNA mutations [35], which are base substitution mutations, frame shift mutations, in-frame mutations, and chromosomal https://doi.org/10.1371/journal.pone.0260014.t003 Table 9. DNA shift right.

PLOS ONE
Medical image encryption based on a new five-dimensional three-leaf chaotic system and genetic operation mutations. Among them, base substitution mutation can be specifically divided into transition and transversion [36]. Transition is defined as the replacement of one purine by another purine, or the replacement of one pyrimidine by another pyrimidine, and transversion is defined as the replacement of one purine by another pyrimidine or the replacement of one pyrimidine by another purine. Based on the principle of base complementary pairing, a single-base direct complementary pairing rule is defined [44,45], which is called complementary rule 1 hereinafter, and its operation is called complementary operation 1, as shown in Eq (3).
Where the complement(.) is a complementary function, for example, the complement of base A is T, and the complement of base C is G.
In addition, based on the double helix structure of DNA, the following principles of complementary pairing based on single-base and double-base are defined [43][44][45], hereinafter referred to as complementary rule 2, and its operation is referred to as complementary operation 2, as shown in Eq (4).
Among them, x i and D(x i ) are complementary. The principle of complementarity can realize the principle of base substitution mutation, which is used to realize the mutation of a single base. The specific rules are shown in Table 10.
When performing DNA mutations, first dynamically select the DNA mutation rules and the number of DNA mutations to increase the diversity and flexibility of DNA mutations, and then use complementation rule 1 and complementation rule 2 to achieve single-base mutations. To a certain extent, the random replacement of a single base is realized, which in turn changes the value of the corresponding pixel value, and also realizes the diffusion of the pixel level. Therefore, applying DNA mutation to this encryption algorithm has a certain meaning and effect.

Rules
DNA mutation operation

DNA recombination
DNA recombination [37][38][39] refers to the recombination of DNA fragments from different sources to disrupt the original DNA sequence. For example, the two DNA double strands intercept a 4-base DNA fragment at the end, and recombine the two DNA fragments with the original DNA strand to obtain two DNA strands that are different from the original. As shown in Fig 3.
During DNA recombination, the position of base exchange between two DNA sequences is artificially controlled, and DNA recombination operations are performed on the two DNA sequences. Part of the base sequence on the DNA sequence is replaced, which improves the scrambling degree and diffusion effect of the image, and the degree of scrambling is still bit level, so this article applies the principle of DNA recombination to the image encryption algorithm.

Encryption algorithm
This algorithm mainly includes the following steps: Firstly, the known key stream and the original image respectively use hash functions to generate digest information, and then undergo a series of processing to generate the final key stream. The final key stream passes through the five-dimensional three-leaf chaotic system and combines the principle of DNA recombination to generate a chaotic matrix; Secondly, the original image is subjected to bit-level dynamic DNA coding; Then, index scrambling is performed to change the pixel position; Then, the DNA coding matrix and chaos matrix are used to perform dynamic DNA operations, and the principle of DNA mutation is used to achieve pixel diffusion; Finally, DNA dynamic decoding is performed to get the decrypted image. The specific implementation process and steps are given in Section 3.2-3.7 and

Key generation
This article inputs a 128-bit key stream KeyHex for encryption, the original image to be encrypted image is I, M and N are the length and width of the image respectively.

Generation of key stream.
This algorithm mainly uses MD5 and SHA-256 two algorithms to generate the final key stream.

PLOS ONE
Step 1: This algorithm inputs the original image and the KeyHex key stream, and calculates the sum of row pixel values and the sum of column pixel values, as shown in Eq (5).
Among them, I is the original image, and sum() calculates the sum of pixel values.
Step 2: The MD5 algorithm in the hash algorithm is called three times to generate data stream D as an intermediate data stream. The generation process is as shown in Eq (6).
Among them, hash() is a hash function.
Step 3: Use the SHA-256 algorithm in the hash algorithm to generate a 128-bit key stream H. The generation process is as shown in Eq (7).

PLOS ONE
Step 4: Convert every 4 bits in the 128-bit binary key stream into 1 decimal, and the key stream is converted into a 32-bit decimal key stream HexDecimal. The 128-bit KeyHex is also converted into a 32-bit decimal key stream HashDecimal. Perform a bitwise XOR operation on HexDecimal and HashDecimal to generate the final 32-bit decimal key stream Key. The generation process is shown in Eq (8).
Among them, bitxor() is a bitwise XOR operation.

Generation of key feature values.
Each bit of the generated 32-bit decimal key stream Key is XOR to each other to generate a decimal key feature value KeyFeature. The generation process is as shown in Eq (9).

Generation of chaotic matrix
This algorithm uses a five-dimensional three-leaf chaotic system, a one-dimensional Logistic chaotic system and the principle of DNA recombination to generate a chaotic matrix.

Generation of five-dimensional three-leaf chaotic matrix.
Step 1: Use the first 30-bit key stream of Key and the key feature value KeyFeature to generate the initial values of the five-dimensional three-leaf chaotic system x(1), y(1), z(1), w (1), v (1). The production process is as shown in Eq (10).
Among them, K(.) is used to replace Key(.) Step 2: In order to improve the randomness, it is necessary to discard the chaotic sequence generated in the early stage of the chaotic system. Use the 31-bit, 32-bit and KeyFeature of Key to generate the number of iterations that need to be discarded discard. The generation process are shown in Eq (11).
Step 3: This algorithm uses a five-dimensional chaotic system. One iteration of the system will produce 5 values, so the total number of iterations SizeSignal is calculated as shown in Eq (12).
Among them, ceil() is a function for rounding up, and M and N are the length and width of the image.
Step 4: The chaotic system discards the result of the previous discard iteration, and continues to perform SizeSignal − discard iterations to generate a 4MN size matrix1 chaotic matrix.

Logistic chaotic matrix generation.
Step 1: Use the key stream Key and the key feature value KeyFeature to generate the control parameter μ of the Logistic chaotic system. The generation process is shown in Eqs (13) and (14).
Among them, K(.) is used to replace Key(.) Step 2: Use the key stream Key and the key feature value KeyFeature to generate the initial value a(1) of Logistic chaos. The generation process are shown in Eq (15).
Among them, K(.) is used to replace Key(.) Step 3: Using the control parameters and initial values generated above, the Logistic chaotic system iterates 4MN times to generate a matrix2 chaotic matrix with a size of 4MN.

The principle of DNA recombination generates the final chaotic sequence.
Use the principle of DNA recombination to generate the final chaotic matrix KeyMatrix with a size of 4MN. The generation process is shown in Eqs (16) and (17).

Bit-level dynamic DNA coding
3.4.1 Pretreatment before DNA coding. The size of the original image I is MN, which corresponds to a matrix of MN size. Each elements of matrix is a decimal pixel value. One decimal pixel value is converted into 8-bit binary, and every two digits are converted into a base according to a certain DNA coding rule. Basically, at this time, the size of the matrix becomes a 4MN-sized DNA matrix, so it is necessary to convert the MN-sized matrix to a 4MN size in advance to store the DNA-encoded matrix.

DNA coding.
Step 1: Generate DNA coding rules, and use one DNA coding rule for every 2-bit binary, so the length of DNA coding rule should be 4MN size. Using the Logistic chaotic sequence, the key stream Key and the key feature value KeyFeature generate a chaotic sequence Logis-ticSeq with a length of 4MN, and the DNA encoding rule R is generated as shown in Eq (18).
Among them, floor() is a round-down function.
Step 2: Circulate every 2-bit binary in each pixel value, and generate the corresponding bases according to the corresponding DNA coding rules in R as shown in the Fig 5. When all the pixel values are encoded, a DNA encoding matrix DecodedMatrix with a size of 4MN is generated.

Index scrambling
Index scrambling is an operation that uses a chaotic sequence to scramble the position of each base in the matrix.
Step 1: According to 3.3, the size of the DNA matrix is 4MN. Use Logistic chaotic sequence, key stream Key and key feature value KeyFeature to generate chaotic sequence Chaotic-Signal with a length of 4MN.
Step 2: Use ChaoticSignal to generate the index sequence Pos, and use the index sequence to scramble the DNA coding matrix DecodedMatrix to generate the scrambled DNA matrix PerMatrix. The production process is as shown in Eqs (19) and (20).
Among them, the sort() function is to sort the elements.

Dynamic DNA operations
DNA operation is to operate the DNA matrix PerMatrix that has been scrambled and the chaotic matrix KeyMatrix generated in Section 3.2, use the chaotic sequence to generate DNA operation rules, determine which DNA operation method the two perform, and then perform the DNA operation to generate a new matrix process.
Step 1: Using Logistic chaotic sequence again, the key stream Key and the key feature value KeyFeature generate the chaotic sequence ChaoticSignal1 with a length of 4MN. Because DNA has 7 operation methods, the following methods are used to generate the DNA operation rule Operation. The generation process shown in Eq (21).
Among them, floor() is a round-down function.
Step 2: Each elements of matrix of PerMatrix and KeyMatrix selects the DNA operation method according to the operation rules of Operation, and performs DNA operation.
When each elements of matrix is calculated, a DifMatrix matrix with a size of 4MN is generated.

Dynamic DNA mutation
Dynamic DNA mutation is a process of dynamically changing each base through the selection of DNA mutation rules and the number of DNA mutations.
Step 1: Using the Logistic chaotic sequence, the key stream Key and the key feature value Key-Feature, a chaotic sequence ChaoticSignal2 with a length of 4MN is generated. Since there are 6 DNA mutation rules, the number of DNA mutations can be controlled within 1-3, so the DNA mutation rule R1 and the number of DNA mutations N1 are generated as shown in Eqs (22) and (23).
Among them, floor() is a round-down function.

PLOS ONE
Step 2: This algorithm stipulates that when N1 is an odd number, first perform mutations according to the DNA mutation rule R1, and then perform DNA mutations according to the complementation rule 1 base direct complement rule; when N1 is an even number, directly perform mutations according to the DNA mutation rule R1. When each base is mutated according to the corresponding number of DNA mutations and DNA mutation rules, a MutMatrix matrix with a size of 4MN is generated.

Encryption algorithm
The specific encryption algorithm steps are described as follows: 1. Input the original image I(M, N) and the known key stream KeyHex, and use the hash algorithm to generate the 32-bit decimal final key stream Key. The specific process is as shown in 3.2.1.

Generate a chaotic sequence through Key and
KeyFeature and Logistic chaos. The chaotic sequence is in ascending order to generate an index sequence, and the position of each pixel value is scrambled to obtain the scrambled matrix PerMatrix, as shown in 3.5.
6. PerMatrix and the chaotic matrix KeyMatrix dynamically perform DNA operations according to the DNA operation rules Operation to obtain the DifMatrix matrix. The detailed process is shown in 3.6.
7. The DNA mutation rule R1 and the number of DNA mutations N1 are used to dynamically determine how a certain base undergoes DNA mutation operations. When N1 is an odd number, first perform DNA mutation according to R1, and then perform direct complement operation; When N2 is an even number, perform DNA mutation directly according to the R1 rule. Finally, when all bases have completed the mutation process, a 4MN size MutMatrix matrix is generated. The specific steps are shown in 3.7.
8. Use part of the key stream in Key and KeyFeature to generate new Logistic initial values and parameters, and iterate 4MN times to generate chaotic sequences and convert them into DNA decoding rules. The MutMatrix matrix uses DNA decoding rules to dynamically decode DNA to obtain the final encrypted image C, and the encryption is completed.

Decryption algorithm
The decryption algorithm is the inverse process of the encryption algorithm. Among them, it should be noted that the reverse operation of DNA encoding is DNA decoding; DNA operations also have many reversible operations, such as DNA left shift and DNA right shift are reversible; DNA mutation decryption algorithm, odd-numbered complementary operations need to perform complementary operation 2, and then complementary operation 1; Evennumbered complementary operations can directly perform complementary operation 1; In addition, the decryption process also needs to pay attention to the number of complements of complementary operation 1. Other operations are similar to encryption and will not be described here.

Simulation results
The key of this algorithm includes the initial key stream and the control parameters of the fivedimensional three-leaf chaotic system. The keys used in this algorithm are shown in Table 11. In the Win10 system, this algorithm uses MATLAB2020a software to perform encryption and decryption simulation experiments on 3 different medical images of MRI, CT and X-ray. The three forms of medical images used in this paper have a total of 12 images. Each medical image is selected from different parts of the human body, and the original image, encrypted image and decrypted image are shown in the table. All images are from https://openmd.com/. The experimental results are shown in Figs 6-8.
According to the experimental results, it can be seen that the encrypted image to be decrypted image has become indistinguishable snowflake noise, and the encrypted image has no relationship with the decrypted image; through the decryption algorithm, there is no visual difference between the decrypted image and the original image. On the whole, it meets the encryption and decryption requirements.
The safety analysis in the following sections takes the Axillary image of MRI as an example. The algorithm is analyzed and tested in several sections including analysis of decryption algorithm restoration ability, key space analysis, information entropy, histogram, correlation analysis, plaintext sensitivity analysis, key sensitivity analysis, noise attack, cropping attack, and time performance.

Analysis of decryption algorithm restoration ability
A complete medical image encryption algorithm is divided into an encryption part and a decryption part. Therefore, the decryption algorithm also occupies an important position in the entire algorithm. The decryption algorithm should ensure that the encrypted image can be restored to the greatest extent after being decrypted by the decryption algorithm. The degree of restoration of the decryption algorithm can be seen visually and intuitively, and can also be reflected in the data. In Section 4.1, the decryption and restoration ability of this algorithm can be confirmed visually. This section uses the similarity between the decrypted image and the original image and PSNR to measure the restoration ability of the decryption algorithm at the data level [46]. The definition of PSNR is given below as shown in Eqs (24) and (25). Table 11. Key table of this algorithm.

PLOS ONE
Among them, MSE represents the mean square error of the current image I and the reference image K. m and n respectively represent the height and width of the image, and I(i, j) and Select one image from the three types of medical images of MRI, CT and X-ray respectively, and calculate the similarity and PSNR value between the original image and the decrypted image, as shown in Table 12.

PLOS ONE
In general, the higher the similarity between the decrypted image and the original image, the greater the PSNR, indicating that the decryption algorithm has a stronger ability to restore. It can be seen from Table 12 that the similarities of the three selected medical images of different types are all 100%, and the PSNR values are all infinite. Therefore, the data shows that there is a very small difference between the decrypted image and the original image, which is PLOS ONE almost negligible. In summary, the decryption algorithm of this medical image encryption algorithm has a strong ability to restore.

Key space analysis
Since the algorithm key mainly includes the 128-bit initial key stream and the control parameters of the five-dimensional three-leaf chaotic system, the control parameters of the fivedimensional three- leaf chaotic system are a, b, c, d, and e. The precision of each is 10 14 , and the total key space is (10 14 ) 5 = 10 70 � 22 10 . Therefore, the key space of the algorithm must be greater than 2 128 . At present, the key space [46][47][48][49][50][51] is greater than or equal to 2 100 to effectively resist brute force attacks. Therefore, the key space of this algorithm is large enough to effectively resist brute force attacks.

Information entropy
The image information entropy [52] reflects the distribution of image gray value. Its expression is as shown in Eq (26).
Among them, m i represents the i-th gray value of the L-level gray level, and P(m i ) represents the probability of the appearance of m i .
Ideally, the information entropy should be close to 8 [53]. The higher the information entropy, the more uniform the gray value distribution. The information entropy obtained by this algorithm is shown in Table 13.
The level of information entropy is an important indicator to measure the effect of encryption. MI in the Table 13 is the abbreviation of medical image. It can be seen from Table 13 that the information entropy of the encrypted image obtained by this algorithm has been significantly improved. The information entropy of this algorithm is slightly higher than that of the reference, and overall it is close to 8. Therefore, this encryption algorithm is slightly better than the algorithms in other references in terms of information entropy.

Histogram
The histogram [55,56] reflects the uniformity of the gray value distribution of the image. It can be seen from Fig 9. that the histogram of the original image is uneven, with high and low, and it is easy to be cracked by statistical attacks. The histogram of the encrypted image is shown in Fig 10. It can be seen from the figure that its histogram is evenly distributed, which reduces the risk of being cracked by statistical attacks. It can be seen from the histogram illustrations of the original image and the encrypted image that the histogram obtained by the encryption algorithm of this algorithm is more uniform, indicating that the algorithm can effectively resist statistical attacks.

Correlation coefficient and point image
Correlation coefficient [57,58] is used to measure the correlation degree of adjacent pixels of an image. The definition of correlation coefficient is as shown in Eqs (27)- (30).

PLOS ONE
Among them, x and y represent the gray values of two adjacent pixels in the image, and N represents the logarithm of randomly selected pixels from the image.
The correlation coefficient between adjacent pixels in the original image is very high. After this encryption algorithm, the correlation coefficient is reduced. Ideally, the correlation coefficient should be close to 0 [59]. 1000 pairs of pixel values are randomly selected, and the correlation coefficient comparison are shown in Tables 14 and 15.
Compared with the correlation coefficient of the medical image in Table 14, the correlation coefficient of the encrypted image obtained by this algorithm is slightly lower than the [47,48], and slightly higher than the [49]. Compared with the correlation coefficient of ordinary images in Table 15, the correlation coefficient of the encrypted image obtained by this algorithm is slightly lower than that of [1], and slightly higher than that of [33,54]. It shows that the algorithm can effectively reduce the correlation between adjacent pixels. Whether compared with the reference literature of ordinary image encryption or the reference literature of medical image encryption, the ability to resist statistical attacks is slightly stronger.
The distribution of adjacent pixels is shown in Fig 11

PLOS ONE
It can be seen from Fig 11 that the correlation point map of the original image is distributed in a straight line, close to the straight line. After this encryption algorithm, the correlation point map of the encrypted image is evenly distributed, which effectively resists statistical attacks.

Plaintext sensitivity analysis
A good encryption algorithm should be sensitive to the plaintext [60]. If the plaintext is changed a little bit, the ciphertext will change greatly. Usually use NPCR, UACI [61] to analyze the difference between two images. It is defined as shown in Eqs (31)- (33).

PLOS ONE
UACI ¼ Among them, E(i, j) and E 0 (i, j) respectively represent the pixel gray value of two ciphertext images at coordinates (i, j); M and N represent the height and width of the image respectively. D(i, j) is defined as follows: if E(i, j) = E 0 (i, j), then D(i, j) = 1; otherwise, D(i, j) = 0. NPCR = 99.6094% and UACI = 33.4635% are the expected values [62]. The larger the value of NPCR and UACI, the greater the difference between ciphertexts.
The first group randomly selects one pixel point and adds 1 to the pixel value of the point, and conducts 3 experiments randomly. The comparison of NPCR and UACI of the encrypted image is shown in Table 16.
In the second group, two pixel points were randomly selected, the first point was added by 1 based on the original pixel value, and the second point was subtracted by 1 based on the original pixel value, and 3 experiments were performed randomly. The comparison of NPCR and UACI of the encrypted image is shown in Table 17.
From the comparison table of NPCR and UACI with randomly changing 1 pixel value and randomly changing 2 pixel values, it can be seen that the values of NPCI and UACI fluctuate slightly above and below the ideal value, and most experimental comparisons are higher than the ideal value. Therefore, it can be explained that there is a big difference between the encrypted image generated by changing the pixel value of the original image and the encrypted image generated without changing the original image. The algorithm has better plaintext sensitivity.

Key sensitivity analysis
Key sensitivity [55][56][57] means that when the key is slightly changed, it will cause a big change, and the correct decrypted image cannot be obtained through the decryption algorithm.
The  This test uses the changed key stream to decrypt the original encrypted image to obtain the decrypted image. The comparison between the original encrypted image and the decrypted image obtained by changing the key is shown in Fig 12. It can be seen from Fig 12 that when the last bit of the original 32-bit final key stream is changed randomly, the visually unrecognizable snowflake noise image can be obtained. It can be concluded that when the key changes slightly, the correct decrypted image cannot be obtained, indicating that the algorithm has strong key sensitivity.

Noise attack analysis
In the process of widespread transmission of images, it is inevitable that they will be affected and destroyed by noise. A good encryption algorithm must ensure that the image can still get a visually identifiable decrypted image after being attacked by noise [63,64].
The encrypted image is increased by 0.005, 0.05 and 0.1 salt and pepper noise attacks. After the decryption algorithm, the effect of the decrypted image is shown in Fig 13. It can be seen from Fig 13 that when different degrees of salt and pepper noise attacks are added to the encrypted image, although the clarity of the decrypted image will be reduced, it will not affect the normal image recognition. This proves that this algorithm can effectively resist noise attacks of varying degrees.

Cropping attack analysis
As the image is transmitted on the public channel, it will inevitably suffer data damage, leading to the loss of image information. A good encryption algorithm must ensure that the damaged image information can still be visually recognized through the decryption process [65,66].
The encrypted image is cropped by 1/16, 1/4, 1/2 from the upper left corner, and the cropped part is replaced with 0. The cropped encrypted image is shown in Fig 14. The encrypted image is decrypted through the decryption algorithm to obtain the decrypted image. The effect is as follows shown in Fig 15. After the encrypted image is cropped with different sizes, the cropped encrypted image is decrypted by this algorithm. It can be seen from Fig 15 that although the clarity of the obtained decrypted image is affected, the overall recognition of the decrypted image will not be achieved. This proves that the algorithm can resist cropping attacks to a certain extent.

Time performance analysis
A good algorithm must ensure that the encrypted information can be obtained in a short time, and the encrypted image information can be decrypted within a valid time [4,47,67]. The comparison of the encryption and decryption time of this algorithm with other algorithms is shown in Table 18.
In the Table 18, use MI instead of medical image. It can be seen from Table 18 that the encryption and decryption time of this algorithm is slightly longer than that of [48], which is slightly shorter than the other 3 references. The encryption and decryption time can be controlled at about 1 second. It shows that this algorithm has higher time efficiency and stronger real-time performance than most references.

Analysis of the effect of ordinary image encryption
This medical image encryption algorithm [49] can not only perform safe and efficient encryption and decryption of medical images with high resolution and large redundancy, but also applies to ordinary image encryption. An image from https://unsplash.com is selected for encryption and decryption, and the original image, encrypted image, decrypted image, and histograms corresponding to the three sets of images are shown in Fig 16. It can be seen from Fig 16 that there is no visual difference between the ordinary original image and the decrypted image, the encrypted image becomes a snowflake noise image, and it is no longer visible that the original image and the encrypted image have any relevant information. The histogram of the original image and the histogram of the decrypted image are regularly distributed according to the information characteristics, while the gray value of the histogram of the encrypted image is evenly distributed, showing a linear distribution. It shows that after the ordinary image is encrypted, the ability of the encrypted image to resist statistical attacks is enhanced. In summary, this medical image encryption algorithm is suitable for ordinary image encryption, and the encryption effect is good.

Conclusion
This paper proposes a medical image encryption algorithm based on a new five-dimensional three-leaf chaotic system and genetic operation. The introduction of the hash algorithm increases the key space and the correlation between the original image and the key; Based on the new five-dimensional three-leaf chaotic system and the principle of DNA recombination, it improves the randomness of the chaotic matrix while also increasing the randomness of the encryption algorithm; The addition of dynamic DNA mutation operation not only increases the biological significance, but also each base will be randomly changed; Using bit-level dynamic DNA coding, each 2 bits of binary code is coded with different coding rules, and the diffusion effect is better; 7 kinds of DNA operation is expanded on the basis of basic DNA addition and subtraction, making the operation of each pixel value more random and  changeable. After security analysis and time efficiency analysis, it is shown that this medical image encryption algorithm is more secure and reliable than the latest medical image encryption algorithm, and has stronger real-time performance. In addition, the encryption and decryption experiments of ordinary images using this algorithm also show good encryption results. Therefore, this medical image encryption algorithm is suitable for both medical image encryption and ordinary image encryption.