Dual Chaotic Diffusion Framework for Multimodal Biometric Security Using Qi Hyperchaotic System

1. Introduction

Biometric systems, which emerged in the early 1960s with the first semi-automated face recognition system and fingerprint verification in the 1970s, represent a significant advancement in biometric authentication technology. These solutions exploit intrinsic physiological or behavioral attributes of individuals for identification and verification purposes. The field gained substantial momentum in the 1990s with the development of more sophisticated algorithms and improved sensor technologies, leading to widespread adoption across various sectors contemporary biometric systems offer several distinct advantages over traditional authentication methods such as passwords, PINs, or ID cards. Unlike knowledge-based authentication (passwords) or token-based systems (ID cards) that can be forgotten, stolen, or shared, biometric traits are inherently linked to an individual, providing stronger binding between the authenticator and the person’s true identity. Moreover, biometric characteristics cannot be easily transferred between individuals and generally require the physical presence of the person being authenticated, significantly enhancing security against impersonation attacks.

The applications of biometric systems have expanded significantly, now encompassing law enforcement, border control, healthcare, financial services, and consumer electronics. For instance, smartphones increasingly incorporate fingerprint and facial recognition for device unlock and payment authorization, while governments employ biometric passports and national ID systems for enhanced security. In healthcare, biometric systems ensure accurate patient identification and secure access to medical records, while financial institutions utilize them for secure transactions and fraud prevention. However, despite these advantages, biometric systems face unique challenges, including privacy concerns, template security, and the irrevocability of biometric traits [1,2]. Unlike passwords that can be changed if compromised, biometric characteristics are permanent and cannot be reset, necessitating robust security measures for template protection and storage. These challenges have driven continuous innovation in the field, leading to the development of more sophisticated multimodal systems and advanced security frameworks.

The remainder of this paper is structured as follows: Section 2 provides a comprehensive review of extant literature, examining the inherent vulnerabilities in both unimodal and multimodal biometric systems, while emphasizing the pivotal role of cryptographic security in enhancing system robustness. Section 3 delineates the methodological framework, focusing on the analytical characterization of Qi Hyperchaotic systems and their application in encryption-decryption protocols. Section 4 presents empirical findings, including comparative analyses against state-of-the-art algorithms and offers a fair discussion of the results, while in Section 6, we present conclusive insights and directions for future research endeavors.

2. Related Works

In this section, we briefly introduced a short literature survey on the related biometric security works. The landscape of biometric authentication systems presents complex security challenges that demand sophisticated solutions. This review examines the evolution, challenges, and emerging solutions in multimodal biometric security, with particular emphasis on the integration of cryptographic techniques and advanced security frameworks. Biometric authentication systems face vulnerabilities at four critical junctures that fundamentally impact their security architecture: sensor-level susceptibility to presentation attacks utilizing synthetic biometrics, data transmission vulnerability between system components, template database exposure to unauthorized access, and decision module vulnerability to result falsification [1,2]. Building upon the aforementioned elements, we can categorize the attacks on biometric authentication systems into two major classifications: unauthorized acquisition of raw biometric data and malicious attempts to manipulate the templates databases. To mitigate these vulnerabilities, robust cryptographic mechanisms must be integrated into the biometric system architecture, ensuring protection against both biometric data falsification and stored templates tampering. The complexity of these challenges necessitates comprehensive security measures to maintain system integrity while ensuring practical usability in real-world applications.

The vulnerability of biometric systems to presentation attacks represents a particularly significant challenge in authentication security. Contemporary research demonstrates that sensor-level susceptibility to synthetic biometric presentations can fundamentally compromise system integrity, especially when sophisticated counterfeit characteristics circumvent traditional detection mechanisms [1,3,4]. This vulnerability becomes more pronounced when attackers possess detailed knowledge of system architecture, enabling them to exploit inherent limitations in distinguishing between genuine and fraudulent or fake biometric presentations.

Contemporary unimodal biometric authentication systems, despite their recent development, demonstrate significant vulnerabilities to sophisticated spoofing attacks. Modern attackers have developed techniques to generate false positive authentications, fundamentally compromising these systems’ accuracy and reliability in user verification, thus undermining the core integrity of the authentication mechanism. A fundamental question that one might ask is how vulnerable are biometric systems to fake biometric information, and how is it accomplished? A targeted review of recent literature examines the scope and implications of biometric spoofing techniques.

For example, facial recognition systems and fingerprint authentication mechanisms exhibit significant vulnerabilities to presentation attacks (spoofing). While numerous scholars have advanced liveness detection protocols to mitigate face-based spoofing threats [3,4,5], the susceptibility of fingerprint biometric systems to artificial reproductions remains a pressing concern [6,7,8,9]. This vulnerability has catalyzed extensive research into countermeasure development, particularly focusing on the detection, identification, and prevention of synthetic fingerprint attacks [6,9,10]. The proliferation of these security challenges underscores the critical importance of robust anti-spoofing mechanisms in biometric authentication systems.

Although iris patterns offer unique identification markers independent of genetic factors, making them among the most reliable biometric identifiers, they remain susceptible to spoofing attacks. Recent research has explored various methodologies for both detecting and counterfeiting iris biometrics during authentication procedures. Notable contributions include Saranya et al. (2016) [9] who developed an Image Quality Assessment (IQA) framework to enhance biometric security systems, particularly for iris and fingerprint verification. Building on this foundation, He et al. (2008) [10] integrated Fast Fourier Transform (FFT) analysis with IQA techniques to detect fake iris data. Their research specifically addressed photographic and printed iris replicas, employing IQA to filter low-quality forgeries while utilizing Fourier frequency patterns to detect sophisticated fake iris samples.

In response to the inherent limitations of unimodal biometric systems, multimodal biometric authentication has emerged as a sophisticated countermeasure. These systems integrate multiple biometric modalities—either heterogeneous (combining different biometric traits) or homogeneous (utilizing multiple instances of the same trait, such as bilateral iris patterns or multiple fingerprints). The integration of multiple modalities substantially elevates the system’s security threshold, as it necessitates the successful spoofing of multiple independent biometric traits simultaneously. Recent scholarly work has demonstrated that this architectural approach significantly mitigates the vulnerabilities inherent in single-modal systems while enhancing authentication robustness [11,12,13,14,15].

A novel authentication mechanism leveraging multiple biometric traits—face, eye region, and iris patterns—was introduced in [16]. The researchers successfully adapted the OSIRIS v4.1 segmentation framework for smartphone implementation, with experimental validation confirming its viability on Android smart devices.

Smartphone-based recognition solutions incorporating face, iris, and periocular characteristics have achieved Equal Error Rates (EER) of 0.68% [14], demonstrating the potential for highly accurate multimodal authentication. Similarly, Research by Raj G et al. [17] introduced a comprehensive biometric authentication system that synthesizes three distinct modalities - facial features, iris patterns, and palm vein characteristics. Their implementation in banking environments demonstrated heightened security measures while yielding improved identification precision. These advancements highlight the practical viability of multimodal approaches in real-world applications. However, research has shown that even multimodal systems are not impervious to sophisticated attacks, particularly when attackers can simultaneously compromise multiple biometric modalities [18,19].

Research by Rodrigues et al. [18] explored vulnerabilities in dual-trait authentication systems combining facial recognition and fingerprint analysis. Their investigation across four distinct attack scenarios revealed that even combined biometric measures remain susceptible to sophisticated spoofing attempts. These findings highlight the necessity of integrating cryptographic protocols with multi-factor biometric systems to achieve comprehensive security.

The security and data protection paradigm represents a fundamental consideration in biometric solution architectures. While multimodal biometric systems inherently incorporate security enhancement through their multifaceted nature, the implementation of robust cryptographic frameworks becomes imperative to fortify these systems against presentation attacks and ensure data privacy preservation. The system’s capability to discriminate between genuine and fraudulent or fake biometric presentations is particularly crucial, given that contemporary spoofing methodologies can produce highly convincing synthetic biometric artifacts [11,12]. The rising frequency of cyberattacks has accelerated the adoption of biometric security measures, offering enhanced protection for enterprises and individuals in today’s digital ecosystem. The integration of cryptographic techniques with multimodal biometric systems has emerged as a crucial development in enhancing security frameworks.

Researchers have proposed various approaches to secure biometric data both at rest and in transit. Notable among these is the implementation of DNA QR coding combined with face and fingerprint authentication, achieving detection performance rates of 98.58% while significantly enhancing resistance to identity compromise attempts [44]. This approach demonstrates the potential for innovative security solutions that combine traditional biometric methods with advanced cryptographic techniques.

The fundamental challenges in biometric security extend beyond mere technical vulnerabilities. The intrinsic nature of biometric data presents unique privacy and security considerations that traditional authentication methods do not encounter [32,33]. Unlike passwords or security tokens, biometric characteristics cannot be revoked or replaced if compromised, creating a permanent security vulnerability. This irrevocability of biometric data necessitates exceptionally robust protection mechanisms from the outset of system design and implementation.

Contemporary research has identified multiple attack vectors that must be addressed in comprehensive security solutions. These include presentation attacks at the sensor level, replay attacks utilizing previously captured legitimate signals, feature extraction compromise, and template storage attacks [34]. Each of these vulnerability points requires specific security measures, leading to the development of layered security approaches that combine multiple protection mechanisms. However, they have overlooked the practicability of the multistage encryption in real-work applications.

In their research, [20] A. Rahik and C. Priya developed an integrated authentication framework combining DNA QR encoding with EXOR operations, utilizing DNA sequences as cryptographic keys. This system incorporates facial and fingerprint biometrics for enhanced cybersecurity. Their novel fusion methodology achieved 98.58% accuracy while strengthening defenses against identity theft.

In [21], Eid and Mohamed developed a multimodal biometric system integrating iris and facial recognition, secured through 2D Henon chaotic mapping. Their approach implemented encryption at three critical stages: pre-feature extraction, pre-matching, and database storage. The combination of Henon and 2D Logistic maps provided efficient encryption, while fuzzy logic fusion of face and iris matching scores achieved a FAR of 0.0345% and FRR of 0.001%.

Singh K et al. in [22] developed a multimodal biometric framework for cloud security, integrating steganographic and cryptographic techniques in a triple-authentication system. Their approach enables secure smartphone-based file operations while mitigating unauthorized access risks

Arulalan et al. in [23] proposed a multi-modal biometric encryption framework, integrating palmprint and fingerprint characteristics to generate 256-bit cryptographic keys for document security. The system’s strength lies in leveraging physiological traits, making key prediction computationally infeasible for adversaries. While their empirical validation demonstrated system effectiveness, the research notably omitted crucial randomness assessments of the biometric-derived bit sequences through standardized testing protocols such as FIPS or NIST suites.

Yagiz S. et al. in [24] propose a biometrics-based cryptography scheme for E-Health systems that has two main components: Biometrics-based Fuzzy Authentication and Key Negotiation (BFAKN) for secure authentication and key exchange between system components, and Fingerprint-based Authority Access Mechanism (FAAM) for managing access control and data permissions. The key particularity is that it leverages biological signals and fingerprint biometrics to establish secure communications and granular access control within E-Health systems, achieving high security (99.6% impostor rejection) while maintaining usability for legitimate users (93.5% acceptance rate).

The work in [25] introduced a cryptographic system combining facial and iris biometrics, utilizing dual chaos mechanics through 2G Logistic Sine-coupling and Tent Logic Cosine maps. Their adaptive approach implements six rotation diffusion techniques that vary based on input images, enhancing resistance to plaintext attacks. The system demonstrated robust security metrics with entropy exceeding 7.99, NPCR >99.6%, and UACI >33.4%.

3. Theoretical Framework

3.1. 4D Qi Hyperchaos Map

The Qi hyperchaotic system, initially formulated by authors in [26], exhibits remarkable dynamical complexity characterized by two substantial positive Lyapunov exponents ($l_1\approx 13.46$ and $l_2\approx 3.48$), demonstrating exceptional ergodicity and sensitive dependence on initial conditions. This intrinsic characteristic establishes the system’s superior randomness properties and makes it particularly suitable for cryptographic applications. The system’s high-dimensional nature, coupled with its multiple control parameters ($a,b,c,d,e,f$), provides an extensive key space of approximately ${10}^{140}$ significantly enhancing its cryptographic robustness against brute-force attacks [27]. The mathematical model of this four-dimensional dynamical system, which serves as our pseudo-random number generator, is expressed by the following coupled differential equations $Eq.(1)$:

$$\dot{x}=a\left(y-x\right)+yz,$$

$$\dot{y}=b\left(y+x\right)-xz,$$

$$\dot{z}=-cz-ew+xy,$$

$$\dot{w}=-dw+fz+xy.$$

(1)

where $(x,y,z,w)$ represent the state variables, and $(a,b,c,d,e,f)$ are the control parameters that determine the system’s dynamical behavior. The system demonstrates hyperchaotic characteristics when $a,b\in R:\left(a,b\right)|50\le a\le 555;20\le b\le 26,c=13$, $d=8$, $e=33andf=30$ producing complex, aperiodic trajectories with exponential divergence in multiple directions of the phase space as depicted in Figure 1.

3.2. Key Generation and Binary Sequence Transformation

The encryption framework utilizes Qi hyperchaotic dynamics to produce entropy-rich random sequences. These undergo binary conversion, generating cryptographic keys for securing facial and iris biometric templates. The key ${\mathrm{k}}_{\mathrm{i}}$, derived through quantization of chaotic outputs per Eq. (2), exhibits robust statistical characteristics, including uniformity and randomness.

$${\mathrm{k}}_{\mathrm{i}}=\mathrm{d}\mathrm{e}\mathrm{c}2\mathrm{b}\mathrm{i}\mathrm{n}\left(\mathrm{m}\mathrm{o}\mathrm{d}\left(\mathrm{A}\mathrm{b}\mathrm{s}\left({10}^8{\mathrm{x}}_1\left(\mathrm{i}\right)\right),256\right)\right)$$

(2)

where $x_1\left(i\right)$ represents the pseudorandom number generated from Qi Hyperchaos system and $i=\mathrm{1,2},\mathrm{3,4}\dots ..,n$. $n$ represents the key length. The transformed bit sequences exhibit robust statistical characteristics, validated through NIST randomness tests (see Figure 6). We validated the algorithm’s pseudo-random number generation capabilities through comprehensive testing using the NIST Statistical Test Suite. The results, detailed in Section 4.1, demonstrate that the generator passed all test categories with p-values consistently above the 0.01 significance threshold, confirming its statistical randomness

3.3. A Novel Secure Biometric Protection Framework

This research addresses biometric authentication vulnerabilities through an innovative cryptographic framework. Our approach transforms conventional template storage by implementing homomorphic encryption for biometric data protection. The system converts biometric features into secure ciphertext while maintaining essential discriminative properties for authentication, preventing template reconstruction and presentation attacks.

The security architecture leverages a multimodal approach, combining facial and dual iris recognition with a two-tier encryption mechanism based on 4D Qi hyperchaotic mapping. This integration of multiple biometrics enhances system reliability through redundancy and cross-validation protocols. The hyperchaotic encryption introduces high-dimensional complexity, creating unpredictable pixel distributions that significantly increase computational resistance to brute force attacks.

The enrollment process depicted in Figure 2 captures facial and dual iris data, processes the inputs, and extracts distinct feature templates. These templates undergo encryption using Qi Hyperchaos-generated bit streams before secure database storage, ensuring robust template protection through non-linear cryptographic transformations

Figure 3 depicts a secure biometric verification framework where incoming biometric data undergoes data pre-processing followed by feature extraction to generate comparison-ready templates. These newly generated templates are then matched against decrypted versions of previously stored encrypted templates from the database. This architecture maintains security by storing only encrypted templates in the database, decrypting them only during the verification process. The cryptographic protocols employed for template protection are elaborated in Section 3.4.

3.4. Encryption Algorithm

The proposed scheme introduces an enhanced cryptographic architecture for biometric template protection, leveraging a sophisticated dual-encryption protocol based on 4D Hyperchaotic dynamics. The security framework implements a two-phase encryption methodology, where initially extracted biometric features undergo primary encryption using keys generated from the Qi Hyperchaotic framework (Eq. 1). Prior to cryptographic operations, both the key sequences and biometric data are transformed into standardized binary formats of equivalent length to facilitate precise encryption procedures. The primary security phase employs an XOR transformation between the standardized Qi Hyperchaotic sequence and the digitized biometric data, generating an intermediate protected template. This intermediate result undergoes secondary encryption through another XOR operation, utilizing an independent key sequence derived from the Qi Hyperchaotic system. The resulting dual-encrypted template is subsequently preserved in a secured repository, establishing a robust defense mechanism against unauthorized database manipulation and security breaches. This multi-layered cryptographic approach substantially reinforces the integrity of stored biometric data. The peusecode for the proposed encryprion algorithm is shown in Algorithm 1.

Algorithm 1: Encryption algorithm pseudocode

As evidenced in Figure 4, the visual analysis presents unprocessed biometric images alongside their corresponding cryptographic transformations at First and Second encryption layers. The resultant encoded matrices manifest as stochastic distributions, effectively nullifying any characteristic patterns inherent to the source data. This transformation demonstrates the system’s efficacy in achieving comprehensive visual obfuscation.

3.5. Decryption Algorithm

The decryption process depicted in Figure 5 recovers the original biometric template through a two-layer decryption mechanism utilizing the 4D Hyperchaotic map. The process begins with retrieving the encrypted biometric template from the database. The first stage of decryption uses the second set of keys used during the encryption, generated by Qi Hyperchaos in Eq. (1), performing an XOR operation with the encrypted template. The output from this initial decryption becomes the input for the second decryption stage. In this stage, another XOR operation is executed using the first set of keys (also generated by Qi Hyperchaos), where both the keys and intermediate decrypt result are in binary format of matching sizes. This dual-layer decryption process effectively reverses the encryption sequence, ultimately revealing the original biometric template. The successful decryption relies on using identical initial conditions and parameters from the Qi Hyperchaotic system that were used during encryption. The peusecode for the proposed decryprion algorithm is shown in Algorithm 2.

Algortihm 2: Decryption algorithm pseudocode

As illustrated in Figure 5, the encrypted biometric images were successfully restored to their original form through the application of identical cryptographic keys used in the encryption process, demonstrating the algorithm’s symmetry.

4. Experimental and Performance Analysis

4.1. Qi Hyperchaos Randomness test

A chaotic map must generate highly random sequences to ensure unpredictability and sensitivity to initial conditions, which are crucial for robust cryptographic systems [27,28,29]. However, many chaotic maps suffer from periodic behavior, limited key space, or non-uniform distribution, creating vulnerabilities in cryptographic applications [30]. The National Institute of Standards and Technology (NIST) Statistical Test Suite addresses these concerns by providing 15 statistical tests that evaluate various aspects of randomness, including frequency patterns, runs, entropy, and complexity measures. The suite helps detect deviations from truly random behavior by analyzing binary sequences and producing P-values for each test, where values above 0.01 indicate sufficient randomness [31,32]. A chaotic map must pass all these tests to be considered cryptographically secure, ensuring no statistical patterns can be exploited by attackers. While traditional chaotic maps like logistic and tent maps often fail several NIST tests due to their inherent limitations, multi-dimensional hyperchaotic systems, hybrid chaotic maps or enhanced chaotic systems are designed to overcome these shortcomings by combining multiple maps or incorporating additional randomization techniques [27,33,34,35].

Figure 6 presents a comprehensive flow diagram depicting the NIST statistical test suite implementation for evaluating the randomness properties of the 4D Qi hyperchaotic map employed in our proposed algorithm. The statistical analysis results, summarized in Table 1, demonstrate that the bit sequences generated by the Qi hyperchaotic system satisfy the NIST criteria for randomness with P-values exceeding the standard threshold of 0.01. These findings substantiate that the generated sequences possess sufficient entropy and statistical randomness properties, rendering them suitable for deployment in robust cryptographic applications.

4.2. Key Space Analysis

Key Space Analysis in chaotic cryptography evaluates the possible combinations of system parameters and initial conditions that generate valid chaotic behavior. While theoretical key space encompasses all parameter values within defined ranges, effective key space considers only parameter combinations yielding genuine chaos, verified through positive Lyapunov exponents. Security standards require an effective key space exceeding 2¹⁰⁰ to prevent brute-force attacks, with high sensitivity to parameter perturbations. This analysis is fundamental for ensuring cryptographic security and system viability [27,35,36].

In our implementation, the final encryption represents the composite product of the two encryption keys ( $e_1(k)$ ,$e_2(k)$ ) employed in the successive encryption layers. Each key is characterized by four initial conditions ($x_{1e(k)}\left(0\right)$, $y_{1e(k)}\left(0\right)$, $z_{1e(k)}\left(0\right)$, $w_{1e(k)}\left(0\right))$ and six control parameters ($a,b,c,d,e,f$). Assuming a computational precision of ${10}^{16}$, the key space magnitude, $K_s$, for our proposed dual-layer encryption algorithm can be expressed as :

$${{\mathit{K}}_{\mathit{s}}=10}^{16\mathit{x}({\mathit{N}}_{\mathit{i}\mathit{c}}+{\mathit{N}}_{\mathit{p}})}$$

(3)

where $N_{ic}$ represents the total number of initial conditions and $N_p$ denotes the total number of parameters. Given that the algorithm employs eight initial conditions and twelve parameters in total, the resultant key space is calculated as 10¹⁶ײ⁰ = 10³²⁰. This value substantially exceeds the minimum-security threshold of 2¹⁰⁰, demonstrating the algorithm’s robust resistance to brute-force cryptanalytic attacks. The proposed scheme demonstrates an expanded key space, suggesting enhanced cryptographic robustness. Comparative analysis with existing algorithms reveals superior key space dimensions in our proposed system, as shown in Table 2.

4.3. Key Sensitivity Analysis

Key sensitivity analysis demonstrates that a minor alteration in the encryption key should result in a completely different ciphertext, even when encrypting the same plaintext. In our evaluation, we modified a single bit in the original key and performed encryption with both the original and modified keys, resulting in two distinct ciphertexts. Statistical comparison between these ciphertexts yielded a correlation coefficient near zero (approximately 0.0042) indicating that the proposed algorithm exhibits strong key sensitivity. This characteristic ensures that an adversary cannot derive meaningful relationships between ciphertexts even with minimal variations in encryption keys, thus confirming the algorithm’s robustness against key-based attacks. Figure 8. illustrates the encrypted images generated using the original encryption keys $e_1(k)$ and $e_2(k)$, with initial conditions defined as follows: $x_{1e1(k)}\left(0\right)=-2.510$, $y_{1e1(k)}\left(0\right)=11.3215$, of $z_{1e1(k)}\left(0\right)=-8$, of $w_{1e1(k)}\left(0\right)=-8.7$ and $x_{1e2(k)}\left(0\right)=-2.510$, $y_{1e2(k)}\left(0\right)=11.3215$, of $z_{1e2(k)}\left(0\right)=-8$, of $w_{1e2(k)}\left(0\right)=-8.7$. To assess the system’s sensitivity to initial conditions, the encryption keys were modified by introducing a perturbation of 10⁻¹⁵ while maintaining all other parameters constant. As depicted in Figure 7, a minimal perturbation in the initial conditions yielded significantly different encryption outcomes, with a statistical divergence of 99.227% between the images encrypted using the original and modified keys, thereby demonstrating the system’s high sensitivity to initial conditions.

4.4. Histogram Analysis

Histogram analysis serves as a fundamental statistical tool for evaluating the strength of encryption algorithms by examining the frequency distribution of pixel values or character occurrences in both plaintext and ciphertext. In secure encryption systems, the ciphertext histogram should demonstrate a uniform distribution, effectively masking the statistical patterns present in the original data [26,38].

Significant deviations from uniformity may indicate statistical vulnerabilities that could be exploited through cryptanalysis techniques. This analysis provides quantifiable metrics for assessing the algorithm’s resistance to statistical attacks and its effectiveness in achieving confusion and diffusion properties as defined by Shannon’s principles of cryptography [35,39].

Figure 8 illustrates the frequency distribution histograms, depicting pixel intensity values of the original plaintext images and their corresponding first- and second-layer encrypted variants for the left iris, right iris, and facial biometric samples, respectively. The resultant histogram patterns demonstrate that the proposed dual-layer encryption algorithm effectively transforms the initial pixel distribution into a uniform distribution in the encrypted templates. This uniformity in pixel distribution indicates the algorithm’s robust resistance to statistical attacks, as it eliminates discernible patterns between the plaintext and ciphertext, thereby enhancing the security of the encrypted biometric templates against cryptanalysis [26,34,40].

The decryption sequence illustrated in Figure 9 presents the progressive restoration stages, depicting the transformation from second-tier encryption through first-tier decryption, culminating in the retrieval of the original plaintext image. Comparative analysis of the histogram distributions between Figure 8 and Figure 9 reveals consistent pixel intensity patterns, validating the successful reconstruction of the initial biometric data through the decryption protocol. This correlation in pixel distribution characteristics confirms the algorithm’s ability to accurately reverse the encryption process, preserving the integrity of the biometric information.

4.4. Pixels Correlation Analysis

The correlation coefficient (ρ) serves as a crucial metric in evaluating the strength of encryption algorithms by measuring the statistical relationship between plaintext and its corresponding ciphertext. In a robust cryptographic system, the correlation coefficient should approach zero, indicating minimal statistical similarity between the original and encrypted data [42,43]. The correlation coefficient is expressed as:

$$\mathit{\rho }\left(\mathit{x},\mathit{y}\right)={\displaystyle \frac{\mathit{N}{\sum }_{\mathit{j}=1}^{\mathit{N}}({\mathit{x}}_{\mathit{j}}\ast {\mathit{y}}_{\mathit{j}})-{\sum }_{\mathit{j}}^{\mathit{N}}{\mathit{x}}_{\mathit{j}}{\sum }_{\mathit{j}}^{\mathit{N}}{\mathit{y}}_{\mathit{j}}}{\sqrt{\left(\mathit{N}{\sum }_{\mathit{j}=1}^{\mathit{N}}{{\mathit{x}}_{\mathit{j}}}^2-{\left({\sum }_{\mathit{j}=1}^{\mathit{N}}{\mathit{x}}_{\mathit{j}}\right)}^2\right)\ast \left(\mathit{N}{\sum }_{\mathit{j}=1}^{\mathit{N}}{{\mathit{y}}_{\mathit{j}}}^2-{\left({\sum }_{\mathit{j}=1}^{\mathit{N}}{\mathit{y}}_{\mathit{j}}\right)}^2\right)}}}$$

(4)

where $x$ and $y$ represent the gray-level intensity values of adjacent pixel pairs within the biometric image, where $N$ represents the total quantity of image pixels selected for computational analysis. For an ideal encryption algorithm, ρ ≈ 0 signifies that the relationship between plaintext and ciphertext is effectively random. Higher absolute values of ρ (approaching ±1) may indicate potential vulnerabilities in the encryption scheme, as they suggest a detectable pattern between input and output data streams. This mathematical property is fundamental in cryptanalysis and serves as a quantitative measure of an algorithm’s resistance to statistical attacks [27,35,37].

Figure 10, Figure 11, and Figure 12 present the pixel correlation analysis for left iris, right iris, and facial biometric images, respectively, examining adjacent pixel relationships across horizontal, vertical, and diagonal orientations. The analysis encompasses three sequential phases: (a) original plaintext images exhibiting strong intrinsic spatial correlations, (b) intermediate outputs following first-level encryption showing substantial decorrelation, and (c) final ciphertext aftersecond-level encryption demonstrating further randomization of pixel relationships. This progressive decorrelation validates the encryption algorithm’s efficacy in disrupting the inherent spatial redundancy of biometric data.

As illustrated in Table 3, the correlation coefficient analysis shows the comparative performance between our proposed algorithm and existing state-of-the-art methodologies using lena image as reference. The simulation results indicate that our novel cryptosystem exhibits robust statistical properties, achieving correlation coefficients close to 0 that suggest strong resistance against statistical attacks. These findings validate the cryptographic strength of the proposed encryption scheme.

4.5. Information Entropy Analysis

Information Entropy Analysis quantifies the randomness and unpredictability of encrypted data through Shannon’s entropy measure:

$$H(m)=-\sum _{i-=0}^{2^N-1}P(mᵢ)log₂P(mᵢ)$$

(5)

where m represents gray image, $P(m\mathrm{ᵢ})$ represents the probability distribution of pixel values. For 8-bit grayscale images, the theoretical optimum of 8 bits indicates perfect uniformity in pixel distribution. Modern encryption algorithms must demonstrate entropy values approaching this theoretical maximum, signifying minimal information leakage and robust resistance to statistical attacks. The convergence of measured entropy to this theoretical bound, combined with uniform pixel distribution analysis, serves as a critical benchmark for evaluating the cryptographic strength and statistical independence of the encryption scheme. Table 4. presents a comparison of information entropy performance between our proposed method and existing algorithms. A value close to the ideal value of eight indicates that the system randomness is satisfactory and the proposed schemed has the capabilities to resist entropy-based attacks.

Figure 13 presents the information entropy analysis across three stages our proposed system showing: original plaintext biometric images (blue), first-level encryption (orange), and second-level encryption (yellow) for Left iris, Right iris, and Face images. The entropy for first and second layer of encrypted biometric display satisfactory values close to the the idea value of 8, this indicate that our proposed cryptosystem is robust enough and can resit brute force attacks.

4.6. Histogram Analysis I Cryptographic Assessment

NPCR and UACI serve as fundamental metrics for evaluating an encryption algorithm’s resilience against differential attacks. NPCR quantifies the percentage change in pixel values between two encrypted images when their original images differ by a single pixel, with an ideal value approaching 99.6% [35,50,51]. Its mathematical formular is expressed as follows:

$$NPCR={\displaystyle \frac{{\sum }_{i,j}D(i,j)}{MXN}}\times 100\%$$

(6)

where $D(i,j)$ equals 0 if pixel values are identical and 1 if different, and $N\times M$ represents the image dimensions.

Complementing this, UACI measures the average intensity difference between two encrypted images, targeting an ideal value of around 33.4%.[46] It’s calculated as:

$$UACI={\displaystyle \frac{1}{MXN}}\left[{\sum }_{i,j}{\displaystyle \frac{\left|C1\left(i,j\right)-C2\left(i,j\right)\right|}{255}}\right]\times 100\%$$

(7)

where $C1$ and $C2$ represent the encrypted images. Together, these metrics assess an algorithm’s diffusion properties and its ability to resist chosen-plaintext attacks, with values closer to their theoretical ideals indicating stronger security characteristics in image encryption algorithms. Figure 14 illustrates the NPCR and UACI performance metrics for the first and second levels of encryption in the proposed algorithm, as applied to left iris, right iris, and facial biometric images.

Table 5 presents a comparative analysis of NPCR and UACI performance between our proposed scheme and existing algorithms using Lena as the reference benchmark input. The results demonstrate that our proposed algorithm exhibits high sensitivity to slight pixel value changes in the original biometric image, thereby providing robust encryption against differential attacks. When compared with existing algorithms, our proposed scheme present equally satisfactory results while outperforming some existing schemes.

4.8. Time Efficiency Analysis

The time efficiency of encryption algorithms is crucial in modern cryptographic systems, directly impacting their practical implementation and real-world performance. In resource-constrained environments and high-throughput scenarios, the computational complexity of encryption operations significantly affects system performance and resource utilization. Therefore, optimizing the balance between security strength and computational efficiency remains a fundamental consideration in cryptographic algorithm design [37,53]. For our proposed algorithm, we leveraged Matlab online to conduct our experimental simulations. Matlab online uses cloud-based environment with 1 Virtual CPU (vCPU) and 4GB RAM, 2.5GHz. The results demonstrate that the proposed scheme offers several advantages over existing algorithms. Table 6. illustrates the performance of encryption and decryption times across 512x512 and 256x256 image sizes.

5. Conclusions

This paper presented a novel dual-layer cryptographic framework for securing multimodal biometric templates using 4D Qi hyperchaotic dynamics. During identification and matching processes, the system employs a comprehensive traversal mechanism to navigate recognition codes and decrypt corresponding ciphertext data. This robust approach ensures the integrity and confidentiality of stored biometric information against unauthorized access, tampering, and destruction. The proposed double chaotic-based diffusion encryption method leverages dual chaos properties to enhance scrambling effectiveness, while plaintext-related control parameters govern the algorithm’s diffusion dynamics, demonstrating strong resistance to selected plaintext attacks. The proposed system demonstrates superior performance across multiple security metrics compared to existing schemes. The algorithm achieved exceptional randomness properties, validated by comprehensive NIST testing with p-values consistently above 0.01 across all 15 NIST test categories. Security analysis revealed robust cryptographic metrics including entropy values exceeding 7.99 bits, correlation coefficients approaching zero (<${10}^{-2}$), and strong differential attack resistance with NPCR of 99.6% and UACI of 33.45%. The expansive key space of 10³²⁰ significantly exceeds the minimum-security threshold of 2¹⁰⁰, providing robust resistance to brute-force attacks. Comparative analysis demonstrates that our approach outperforms some existing schemes in both security metrics and computational efficiency. This framework represents a significant advancement in biometric template protection, offering a balanced solution between security robustness and operational efficiency for practical deployment in high-security multimodal biometric applications. Future research directions will explore the implementation of multilayered encryption protocols across various authentication phases, extending beyond the current focus on template storage security. This comprehensive approach aims to enhance the biometric authentication system’s robustness by integrating cryptographic mechanisms throughout the authentication pipeline, thereby addressing potential vulnerabilities in data transmission and processing stages.