An efficient recurrent neural network based confusion component construction and its application in protection of saliency in digital information

1.1 Research objective

This research addresses the protection of saliency in images within an IoT framework. By developing an advanced, lightweight encryption scheme, we aim to overcome the limitations of traditional block ciphers in high-security IoT applications [14], [15], [16], [17], [18], [19], [20], [21], [22], [23], [24], [25], [26], [27], [28], [29], [30], [31], [32], [33], [34], [35], [36], [37], [38], [39], [40]. The primary contributions of this work are as follows (see Figure 1):

1. To protect saliency in RGB images, we introduce a lightweight encryption scheme that safeguards image saliency within an SPN structure, balancing security and computational complexity with high throughput.

2. For the SPN encryption scheme we proposed chaos and RNN based highly nonlinear S-box generation method achieving robust cryptographic properties.

3. To disperse the salient information in the encrypted image a block shuffling algorithm is implemented.

Figure 1:

Research objectives of proposed study.

1.2 Organization of the paper

The paper is organized as follows: Section 2 added the problem formulation by highlighting the strengths and gap analysis for the proposed investigation. Section 3 provides a detailed setup of the experimental environment and the specifications of the dataset utilized in the security analysis of the proposed saliency-preserving lightweight encryption scheme. The proposed encryption scheme follows SPN architecture; for the Substitution, S-boxes are pre-generated using RNN. Section 4 is devoted to the discussion on the generation of these S-boxes. To check the cryptographic strength and feasibility of the generated S-boxes in the proposed scheme, the analysis of the proposed S-boxes is carried out and listed in Section 5 of the paper. Section 6 is devoted to the discussion on the proposed encryption scheme, and Section 7 carries out the analysis of the proposed encryption scheme. Finally, the conclusion is drawn in Section 8 of the article.

5.1 Nonlinearity (NL)

S-box is designed to mask the relationship between the encryption key and the resulting cipher text, enhancing the security of the encryption process. One way to measure the effectiveness of an S-box in achieving this goal is through its nonlinearity. Nonlinearity quantifies how well the S-box resists linear approximations. This measure of nonlinearity for an S-box can be determined by using the mathematical formula in Eq. (12):

The nonlinearity of the projected S-boxes is computed and tabulated in Table 5. Table 6 shows the comparison of the nonlinearities of the projected S-boxes and state of the art S-boxes.

Figure 5 shows the nonlinearity values of all eight Boolean functions of each of the proposed S-boxes, with each of them attaining the best score of 112. The nonlinearity measures the minimum Hamming distance of a Boolean function from the set of affine functions, and larger values reflect greater resilience against linear cryptanalysis. The uniform attainment of the highest possible magnitude among all Boolean components across the substitution level ensures no output bit has lower security, eliminating potential weaknesses exploitable by linear approximations of outputs. In addition, the consistent outcomes among the three proposed S-boxes demonstrate the strength and reproducibility of the utilized RNN-aided nonlinear S-box generation technique. The uniform attainment ensures even confusion properties across the substitution layer, essentially improving the whole cipher’s resistance to analytical attack in both lightweight and cryptographic applications of high security.

Figure 5:

Comparison of nonlinearity values for Boolean functions f ₀ − f ₇ across three proposed S-boxes. Each proposed S-box achieves consistently optimal nonlinearity of 112, demonstrating strong resistance to linear cryptanalysis and uniform performance across all Boolean components.

5.2 Bit Independence Criteria (BIC)

A vector Boolean function f : 0,1 n → 0,1 n meets the Bit Independence Criteria (BIC) if a single bit change in the input causes a change in the output. This means that each bit in the output is independently influenced by any bit change in the input, helping ensure that minor changes in the input data lead to unpredictable, widespread changes in the output. The Bit Independence Criteria (BIC) value ranges from 0 to 1, with a value near 0.5 indicating optimal performance for a cryptographic S-box. Table 6 presents the BIC measurements for each of the proposed S-boxes.

5.3 Strict Avalanche Criteria (SAC)

The Strict Avalanche Criterion (SAC) for an S-box S : F 2 n → F 2 m states that for any input x ∈ x ∈ F 2 n and any bit i of x, flipping x _i should change each output bit S j x with probability 0.5. Mathematically, SAC is defined as:

where e _i is the unit vector with a 1 in the i-th position. For a cryptographic S-box to meet this criterion, it must achieve a SAC value of 0.5, reflecting its ability to disrupt predictable patterns in the output and enhance overall security.

5.4 Differential Approximation Probability (DAP)

Let S : F 2 n → F 2 m be an S-box. The Differential Approximation Probability (DAP) is given by [29]:

where the differential distribution table (DDT) entry is defined as:

Thus, DAP(S) quantifies the maximum probability over all nonzero input differences Δx and output differences Δy, satisfying:

where the differential uniformity is:

A lower DAP(S) value corresponds to higher resistance against differential cryptanalysis. The ideal DAP is close to zero, while the theoretical maximum is 1. Evaluating DAP is important for assessing the S-box’s resilience against differential analysis, with results for both the proposed and literature-based S-boxes shown in Table 7.

5.5 Linear Approximation Probability (LAP)

For an S-box S : F 2 n → F 2 m , the Linear Approximation Probability (LAP) quantifies the maximum bias of any linear approximation between input and output bits. It is defined as:

where the Walsh-Hadamard correlation is given by:

LAP values for the proposed and literature-based S-boxes are presented in Table 6 to show their resistance to linear cryptanalysis.

Figure 6 show a side-to-side comparison of the given S-boxes (S-box 1, S-box 2, and S-box 3) with the existing nonlinear confusion components of contemporary block ciphers, evaluated across six basic cryptographic strength indicators having a direct impact on cryptanalytic attack resistance.

Figure 6:

Visual comparison of cryptographic characteristics for the proposed S-boxes and existing nonlinear confusion components from modern block ciphers.

In nonlinearity metric, all the proposed S-boxes achieve an ideal uniform level of 112, which approaches the upper theoretical limit of 8-bit balanced S-boxes and offers fair resistivity against linear cryptanalysis by minimizing the correlation of the linear approximations and true input–output mapping to a minimum degree. The output of the Strict Avalanche Criterion (SAC) is kept decisively around the ideal 0.5 boundary level, such that single-bit input variation induces an even and extensive output variation and boosts unpredictability and slows down differential and statistical attack analyses. In the case of BIC with reference to BIC-NL, the designs put forward again achieve the ideal 112, with no exploitable linear relationships of output bits among them which is a property useful in defying correlation attack types. The BIC-SAC scores, again close to ideal 0.5, confirm this independence of avalanche spread, defying once more any statistical guess an attacker might make.

The proposed S-boxes have the LAP among the lowest seen (0.0620), thereby directly improving immunity to Matsui’s linear cryptanalysis by minimizing the highest success probability of linear approximations. Finally, the DAP results (0.0156) are tied to the minimum achievable limit for 8-bit S-boxes, thereby drastically restricting the practicability of Biham–Shamir differential cryptanalysis by minimizing the highest differential propagation probability. Figure 6 and Table 6, clearly reveal the fact that the proposed S-boxes are not only comparable but, in some cases, superior to existing confusion elements in cryptographic power, and they possess better resistivity to a vast spectrum of classical and modern block cipher assaults.

5.6 Bijectivity

Bijectivity is an important property of S-boxes in cryptography, ensuring each input maps to a unique output and every output have a distinct input. This one-to-one mapping prevents attackers from inferring input values from outputs and adds critical confusion and diffusion to the cryptographic process. In our case, the S-boxes meet the bijectivity criterion by containing unique values from 0 to 255.

5.7 Fixed point analysis

A strong fixed point satisfies:

The number of strong fixed points is:

A cryptographically strong S-box should minimize F S to resist fixed-point attacks. Ideally, a secure S-box has no fixed points (i.e., |F(S)| = 0). If FPR S deviates significantly from 1 2 n , it may indicate structural weaknesses exploitable in certain cryptographic attacks. The proposed S-boxes (1, 2, and 3) contain no fixed points and no repulsive fixed points, which mean good resistance to fixed-point attacks as shown in Table 8. Compared with [16], 17], the proposed S-boxes are superior, particularly to the potential cryptanalytic weaknesses concerning fixed points. The absence of fixed points ensures that no input remains invariant under substitution, which enhances nonlinearity and differential properties necessary for cryptographic strength.

Table 7 outlines the fixed point analysis of the provided S-boxes against prevalent nonlinear confusion elements. In cryptography design, a fixed point, where S(x) = x, or a repulsive fixed point, where inputs map close to themselves under repeated application, introduces structural vulnerabilities exploitable in chosen-plaintext and algebraic attacks. The proposed S-box 1, S-box 2, and S-box 3 exhibit zero fixed points and zero repulsive fixed points, ensuring the absence of identity mappings or short cycles that could weaken cipher strength. This structural robustness, combined with the high nonlinearity, optimal SAC, and low LAP/DAP values demonstrated in Table 7, confirms the proposed mechanism’s enhanced resistance to linear, differential, and structural cryptanalysis, making it a highly effective and secure choice for modern block cipher architectures.

7.1 Encryption key analysis

In this examination, two critical analyses, Key Space analysis and key sensitivity analysis, are employed and presented accordingly.

7.1.2 Key sensitivity analysis

We carried out an exhaustive key sensitivity analysis to test the strength of our encryption system. In experiment 1, the encryption and decryption operation with Key 1 effectively recovered the original image, validating the accuracy of the decryption process. In Experiment 2, the original image was encrypted using Key 1 but decrypted with Key 2, which had only a single-bit change from Key 1. The output was a totally distorted and unrecognizable image, as can be seen from Figure 9. The radical change indicates the high key sensitivity of our scheme, withstanding unauthorized decryption and strengthening the system’s capability in protecting sensitive information.

Figure 9:

Key sensitivity analysis of suggested encryption algorithm. The image decrypted with one bit changed key does not convey any useful information. (a) Plain image, (b) enciphered image, (c) correctly decrypted image, (d) decrypted image with changed key.

7.2 Histogram analysis

The three dimensional (3D) histogram is the graphical representation of the frequency distribution of the pixel intensities within an image, plotting the range of color combinations within the RGB color space. For a flat image, natural patterns and structures cause noticeable differences in the histogram representation. This can be seen in Figure 10, whereas some of the spheres in the 3D space are clearly larger, and others are smaller. The varying sizes of the spheres indicate that certain color combinations occur more frequently than others. The random placement of spheres at different positions in the 3D cube signifies the presence of different distributions of colors in the original image. When the image is encrypted using the proposed scheme, the cryptographic operation destabilizes the inherent patterns, achieving a high level of diffusion and confusion. The 3D histogram is now evenly distributed, tiling the cube with spheres of equal area. This homogeneity suggests that all color combinations are equally probable, eliminating any prevailing colors or structural dependencies. The absence of variation among the sizes of spheres shows that the distribution of pixel intensity is ideally balanced, in favor of the strength of the encryption mechanism. The transformation of the histogram from non-uniform to a uniform distribution confirms the success of the proposed encryption technique. A uniformly distributed 3D histogram is one of the main signs of high entropy, reducing statistical leakages that might be used in cryptanalysis. The elimination of structured patterns in the encrypted image demonstrates better resistance to statistical and color-based differential attacks. Effectively, the uniformity illustrated in Figure 10 that verifies the proposed scheme achieves a good security level by keeping an equal distribution of colors across the RGB space, making it highly resistant to cryptographic attacks. The detail of three dimensional histograms was introduced.

Figure 10:

Histogram analysis of the encrypted image. The pixel intensity distribution appears nearly uniform, indicating that encryption effectively conceals statistical features of the original image. This uniformity demonstrates strong resistance against histogram-based and statistical attacks.

Figure 11 presents the histogram analysis of the proposed encryption scheme for two test images. The subfigures (a–d) and (i–l) show the original images with their respective red, green, and blue channel histograms, where distinct peaks reflect the uneven distribution of pixel intensities typical of natural images. After encryption, shown in (e–h) and (m–p), the histograms for all three color channels become uniformly distributed, indicating that the encrypted images have no visible statistical patterns from the originals. This uniformity demonstrates the scheme’s effectiveness in concealing image characteristics, thereby enhancing resistance against statistical attacks.

Figure 11:

Histogram analysis of the encrypted image. The pixel intensity distribution appears nearly uniform, indicating that encryption effectively conceals statistical features of the original image. This uniformity demonstrates strong resistance against histogram-based and statistical attacks.

Figure 12 shows the three-dimensional histograms of the plain and encrypted images for two test cases. In the original images (a–d, i–l), the histograms exhibit sharp peaks and concentrated clusters, indicating strong correlations between neighboring pixel intensities, which is a common trait in natural images. After encryption (e–h, m–p), the histograms become uniformly dispersed across all intensity bins, with no visible peaks or patterns. This transformation confirms that the proposed encryption scheme effectively removes inherent pixel correlations, making the encrypted images statistically indistinguishable and more secure against histogram-based cryptanalysis.

Figure 12:

Three dimensional histograms analysis of the encrypted image. The pixel intensity distribution appears nearly uniform, indicating that encryption effectively conceals statistical features of the original image. This uniformity demonstrates strong resistance against histogram-based and statistical attacks.

7.3 Differential analysis

Exploiting the encryption algorithm’s sensitivity to small changes in the original image, attackers conduct differential attacks. By making minute alterations to the original image, they encrypt both versions using the same secret key, aiming to discern the relationship between the resulting cipher texts. To thwart such attacks, the encryption system should produce vastly different cipher texts even with slight modifications to the original image, indicating strong sensitivity. Two analyses are employed to assess the system’s resilience against such attacks one is the universal average change intensity (UACI) and the other is the number of pixels change rate (NPCR). UACI measures the disparity in average intensity between two encrypted images derived from an original and a slightly altered single-pixel version. The mathematical expression for NPCR is given as Eq. (34):

where N × M represents image dimensions, E(a, b) denotes the encrypted plain image, and E ′ ′ a , b signifies the encrypted modified image. UACI values are displayed in Figure 13, compared with a recently developed cryptosystem in Table 10. NPCR, calculated between encrypted images derived from the original and a single pixel modified version, quantifies the percentage change in pixels. A high NPCR value indicates robust immunity to differential attacks in a cryptosystem. Equations (35) and (36), outlines its computation:

where N × M represents image dimensions, E(a, b) stands for the encrypted plain image, and E ′ ′ a , b denotes the encrypted modified image are shown in Figure 13, NPCR values are compared with a recently developed cryptosystem in Table 11.

Figure 13:

Differential analysis of the proposed encryption scheme. The metrics NPCR and UACI show high values, indicating that small changes in the plain image produce significant differences in the encrypted image. This confirms strong resistance against differential attacks.

7.4 Correlation analysis

The correlation coefficient (CC) is a key statistical measure for dependency of the neighboring pixels and offers a direct estimate of the encryption efficiency in disturbing the spatial redundancies. In the case of any image, the values of the CC are calculated in the horizontal direction (HC), vertical direction (VC), and diagonal direction (DC) and are bounded in the range [−1, 1]. A CC of 1 reflects perfect linear dependency, a CC of 0 indicates no correlation, and a CC of −1 denotes complete negative correlation. In the flat image, Table 11 depicts CC values near unity (≈0.98) in all orientations for the Lena benchmark, highlighting its inherent vulnerability due to strong pixel associations. In contrast, our proposed RNN–chaos-based S-box encryption mechanism drastically suppresses these correlations, yielding CC values near zero across all directions, thereby eliminating exploitable patterns. This substantial decorrelation serves as a formidable defense against statistical and differential cryptanalysis, ensuring that the cipher image exhibits near-random structural properties. The visual evidence in Figure 14 further corroborates the numerical results. In the plain image correlation plots (Figure 14a, c, and e), pixel clusters are tightly concentrated along the principal diagonal, indicative of strong linear associations. Post-encryption (Figure 14b, d, and f), the pixel distributions become uniformly scattered, illustrating the algorithm’s capacity to dismantle deterministic dependencies. This decorrelation, driven by the synergy of chaotic sequence-driven pseudo-random number generation and RNN-optimized S-box transformations, exemplifies the strength of the proposed scheme in concealing salient visual structures and preserving confidentiality under high-stakes imaging scenarios.

Figure 14:

Visualization of horizontal (HC), vertical (VC), and diagonal (DC) pixel correlations for the original and encrypted Baboon images. The original image shows strong pixel correlations, while the encrypted image exhibits a random scatter distribution, confirming effective decorrelation and high security against statistical attacks. (a) Vertical CC analysis of Baboon, (b) vertical CC analysis of encrypted Baboon, (c) horizontal CC analysis of original Baboon, (d) horizontal CC analysis of encrypted Baboon, (e) diagonal CC analysis of original Baboon, (f) diagonal CC analysis of encrypted Baboon.

7.5 Cropping analysis

As discussed in the earlier sections of this write up that the available lightweight encryption schemes are subjected to cropping and noise attack. In this section of the article, we have to check the immunity of the encryption scheme against cropping and noise attacks. The noise and cropping alter pixels values; therefore, separate analysis is not necessary. Figure 15 shows the Impact of increasing pixel loss on the decryption quality of an encrypted cameraman image using the proposed scheme. Figure 15(a) shows the encrypted image and Figure 15(b) shows the decrypted cameraman. In (c, e, g, i, k), progressive pixel loss is introduced in the top-left region of the encrypted image 12.5 %, 16.7 %, 25 %, 33.3 %, and 50 %, respectively. The corresponding decrypted results in (d, f, h, j, l) show preserved structural and salient features, such as face details, despite significant data loss. This demonstrates the scheme of strong resistance to cropping attacks and its ability to retain critical visual information under pixel loss conditions. To quantitatively assess the encryption scheme’s ability to preserve structural integrity under conditions such as burst errors, cropping, or data loss, the Structural Similarity Index (SSIM) is employed. SSIM evaluates the perceived quality and structural similarity between two images, with values ranging from 0 to 1. A score near 1 indicates strong structural resemblance, while a score near 0 reflects significant differences. Given an original image I _orig and an encrypted image I _enc, SSIM is computed as:

where μ _orig and μ _enc are the mean luminance values of the original and encrypted images, σ orig 2 and σ enc 2 are their variances, σ _orig,enc is the covariance between them, C ₁ and C ₂ are small positive constants that stabilize the computation when the denominators are near zero. In cryptographic image evaluation, a low SSIM value between I _orig and I _enc indicates strong encryption, as it implies minimal structural similarity and hence negligible leakage of visual information. Conversely, in salient-information-preserving encryption schemes, SSIM may be deliberately higher within predefined Regions of Interest (ROIs) to maintain decision-critical details while remaining low in non-salient regions to ensure confidentiality. SSIM is calculated between the original images and the decrypted images affected by cropping. The SSIM results for various cropping ratios are presented in Table 12. SSIM values approaching 1 indicate that the structural content of the original image is well preserved, even after significant pixel loss. This confirms the encryption scheme’s robustness, as it prevents unauthorized extraction of meaningful visual information while maintaining high structural fidelity.

Figure 15:

Decryption results under pixel loss conditions. The proposed encryption scheme demonstrates strong robustness against cropping and data loss, successfully recovering the main visual content and preserving salient image features despite missing pixel regions.

Table 12 listed SSIM values for the image subjected to varying levels of cropping. Higher SSIM values indicate stronger structural resemblance between the cropped decrypted images and the originals. The results demonstrate the proposed encryption scheme’s robustness against cropping and burst errors, effectively preserving structural integrity even under substantial pixel loss.

7.6 Man-in-the-Middle (MITM) attack

Man-in-the-Middle (MITM) attack is a severe threat where data is intercepted, modified, or injected in between communicating parties. In encrypted image transmission, attackers may attempt chosen-ciphertext attacks to modify ciphertext and monitor system behavior when decrypting. The proposed chaos and RNN-based encryption algorithm offer strong resistance to MITM attacks through multiple security layers. In the first place, it employs a 128-bit secret key, offering 2¹²⁸ combinations, making brute-force attacks infeasible. Even a single change in the key produces a totally different ciphertext, as can be seen from Figure 11, foiling the attempts of attackers to predict or manipulate encrypted data. Second, disorderly block shuffling confuses image blocks with a logistic chaotic map so that attackers cannot restore the original image without accurate information about block locations. Third, a nonlinear S-box generated using RNN improves confusion, satisfying the Strict Avalanche Criterion (SAC) that even slight changes in ciphertext produce extremely different decrypted results, disabling any effort to inject or alter data. These collective mechanisms make MITM interception ineffective, providing unbroken security for IoT-based image encryption.

7.7 Data injection attack

The proposed encryption technique enhances image security against data injection attacks by causing even cropped or manipulated encrypted images to retain essential visual information upon decryption though with degradation, as shown in Figure 16. The application of chaotic block shuffling disrupts the location of injected or manipulated data, rendering unauthorized alteration meaningless. The RNN-based nonlinear S-box transformation also increases confusion so that even a slight alteration in encrypted data causes drastically different decrypted output, thereby effectively thwarting pattern injections and desired changes. By combining multi-round XOR operations, bit permutations, and S-box substitutions, the scheme diffuses information in a chaotic way, destroying any tampering attempt. Despite cropping attacks or burst errors, the encryption scheme preserves the integrity of key visual content such as facial contours in surveillance videos ensuring aggressive protection in IoT applications. Data injection attempts ultimately collapse, being unable to manipulate meaningful content, embedding uncompromising security and tenacity in real-world applications.

Figure 16:

Test findings of the proposed cryptosystem based on NIST SP 800-22 statistical experiments. The results show that all tested sequences pass the randomness criteria, confirming the proposed system’s strong statistical performance and suitability for secure cryptographic applications.

7.8 NIST analysis

To validate the randomness in the encrypted image, encrypted through the proposed lightweight encryption scheme is tested utilizing the NIST 800-22 test suite. For successful passage of each test in the suit a p value exceeding 0.01 is required. The outcomes are presented in Figure 16, and it is affirmed from this investigation that the encrypted image complies with all the tests listed in NIST 800-22.

7.9 Chosen plaintext attack

The 128-bits key and its circular shifted version XORed with each block and the blocks are permuted using chaotic generated permutation matrix. The resulting image is heavily dependent on key and permutation matrix. Hence it is not possible for the attacker to predict the output, even by choosing the plaintext. Moreover, the bit level parity making further harder the success of chosen plaintext attacks. This combination of block permutations, key XORing and bit level parity mapping hides the relation between the chosen plain image and its cipher image.

7.10 Chosen cipher text attack

The same complex process is used in the decryption phase. The proposed encryption scheme applies nonlinear substitution at two distinct stages (Steps 4 and 7). These layers introduce high confusion and nonlinearity, making differential patterns difficult to trace in chosen cipher text attack. Secondly the encryption scheme utilizes a chaotic permutation matrix derived from a logistic map to disrupt the spatial locality of image pixels. Even minor changes in cipher text blocks result in unpredictable shifts, making it infeasible for the attacker to isolate meaningful patterns.

7.11 Throughput analysis

Encryption speed analysis measures the time an algorithm takes to process data, expressed as throughput. High throughput is crucial for performance, especially in data communication and IoT applications. The proposed encryption scheme’s throughput was assessed on a personal computer featuring an Intel(R) Core(TM) i7-7700 CPU, operating at 3.60 GHz, with 8GB of RAM and running on the Windows 10 platform. The results, shown in Figure 17, and Table 14, show that the proposed scheme outperforms recent LWE schemes in throughput.

Figure 17:

Throughput analysis of the proposed encryption scheme. The results indicate a high throughput, demonstrating the scheme’s computational efficiency and suitability for real-time or large-scale image security applications.

Figure 17 presents a bar chart illustrating the throughput analysis of the proposed encryption scheme across various images. The average throughput benchmark (8.675 kB/s) serves as a reference point for evaluating performance consistency. Higher throughput values indicate faster encryption processing, making the proposed scheme suitable for high-speed encryption applications in real-world scenarios (see Table 13).

7.12 RAM storage and suitability for IoT deployment

The RAM footprint of an encryption algorithm is a decisive factor in determining its suitability for resource-constrained environments such as IoT and embedded systems. As shown in Table 14, the proposed chaos–RNN-based scheme requires 40,812 bytes of RAM, which is slightly lower than AES (43,119 bytes) yet higher than ultra-lightweight algorithms such as PRESENT (3,430 bytes), Lilliput (4,394 bytes), and ITUBee (6,207 bytes). While these smaller ciphers offer superior memory efficiency, they do so at the expense of reduced cryptographic strength and limited resistance to advanced attacks. In contrast, the proposed scheme strikes a deliberate balance between security and efficiency, integrating high-strength cryptographic features, such as an S-box nonlinearity of 112, effective linear and differential attack resistance, and information-preserving functions for key information, in a memory size variable for implementation in mid-level edge computing and IoT devices. Minimizing S-box storage, RNN calculations, and buffer space will form the future research agenda for ultra-constrained IoT nodes with small memory of a few kilobytes for decreasing the memory required without losing the efficacy of the encryption.

7.13 Discussion on lightweight encryption

Due to the low computational complexity, efficient memory usage, and high throughput, the proposed encryption scheme qualifies for lightweight cryptographic solutions for the IoT devices. The proposed encryption scheme utilizes a block-based design, dividing the image into 4 × 4 blocks, which allows for localized and parallelizable operations, minimizing both processing time and memory overhead. The use of a simple one-dimensional logistic map for permutation ensures efficient key-dependent scrambling with minimal arithmetic operations. Additionally, the bit-level parity mapping is implemented using lightweight logic operations that do not introduce any significant computational burden. Substitution is achieved using pre-generated S-boxes obtained from RNN models, which are stored as lookup tables to avoid runtime neural computations, thereby reducing complexity and memory access latency. The affine key mixing is performed via XOR operations, which are natively supported by hardware and the operation is computationally inexpensive. The use of modular arithmetic, simple logic, and avoidance of heavy mathematical primitives like matrix inversion or elliptic curve operations further reinforce its lightweight nature. Based on the throughput and RAM analysis provided in Table 14, the proposed encryption scheme demonstrates favorable lightweight characteristics when compared with state-of-the-art lightweight encryption (LWE) algorithms. Although the RAM usage of the proposed scheme is 40,812 bytes, which is higher than most lightweight schemes like PRESENT (3,430 bytes), Lilliput (4,394 bytes), and ITUBee (6,207 bytes), it remains lower than AES (43,119 bytes). Given that all schemes were implemented and tested under the same MATLAB 2017b environment on the same hardware, the trade-off between higher speed and moderate RAM usage is acceptable, especially for image-based applications where performance is critical. Therefore, the proposed scheme can still be classified as lightweight, offering a balance between computational efficiency and memory requirements.