In the proposed method presented above, the eight bits of each pixel’s gray value is separated into two parts, five MSBs and three LSBs, with the former used for keeping the pixel content and the latter used for embedding the authentication signal.
It seems that we may generalize this specific choice of pixel-bit division, (m, l) = (5, 3), where m denotes the number of MSBs and l the number of LSBs with m + l = 8.
For example, we may choose alternatively to use two LSBs in a pixel for embedding the authentication signal and the remaining six bits for keeping the pixel content, so that (m, l) = (6, 2). Or, by a reverse consideration, we may choose to adopt (m, l) = (4, 4) as well. Is there a criterion to decide which choice is better? The answer proposed in this study is to consider the resulting image distortion.
It will be proved in this section that the choice of m = 5 and l = 3 as done in this study is optimal in the sense of minimizing the resulting total image distortion incurred both by authentication signal embedding and by tampered pixel repairing.
The proof is conducted in a step-by-step reasoning manner as described in the following.
Proof of the optimal choice of the number of bits for use as the authentication signal.
Stage 1 optimization criterion consideration in terms of resulting image distortion.
(1) First, we consider simultaneously at the pixel-level the maximum distortion D1
resulting from the process of embedding authentication signals as well as the maximum distortion D2 resulting from the process of repairing tampered pixels, and take their sum D = D1 + D2 as the criterion function for optimization in choosing the values of (m, l), i.e., for dividing the eight bits of a pixel’s gray value into two parts for the purposes described previously. The goal is to obtain a choice of (m, l) which minimizes the value of D, or equivalently, the maximum distortion coming from authentication signal embedding and tampered pixel repairing for each pixel.
(2) Since m + l = 8, we just have to choose an optimal value for l under the above-mentioned minimax criterion, and take the value of m to be m = 8 l.
Stage 2 derivation of distortion incurred by authentication signal embedding.
(3) As mentioned, l LSBs of a pixel p are used to compose a bin code which is then taken to be the authentication signal s of p and embedded in another pixel p′ (see Step 2 of Algorithm 1). And this will incur a maximum gray-value changes of 2l 1 coming from either of the two cases of bit changes from l 0’s to l 1’s and from l 1’s to l 0’s.
(4) Therefore, the maximum gray-value distortion occurring at each pixel resulting from authentication signal embedding is D1 = 2l 1.
Stage 3 derivation of distortion resulting from tampered pixel repairing.
(5) The width of the total range of gray values specified by the m MSBs of a pixel is 2m which is divided into 2l bins (see Step 2 of Algorithm 1), so the width Wbin of each bin is
Wbin = 2m/2l = (28l)/2l = 282l because m + l = 8 as explained before.
(6) Accordingly, if the range of the xth bin Bx is denoted by [L, R], then it is easy to figure out that L = (x 1)×28l and R = x×28l 1 and, where x = 1, 2, …, 2l (see Table 6.1 for numerical examples of [L, R]).
(7) Then, the representative value M of Bx (computed in Step 2 of Algorithm 2), which is the middle value between L and R, is just
M = (L + R)/2 = [((x 1)×28l)+ (x×28l 1)]/2
= x×28l 27l 21.
(8) With M as the representative value for all the gray values in bin Bx used in repairing a tampered pixel p, the maximum gray-value difference D′ between the repaired m MSBs of pixel p and the original m ones is M L (or R M) which may be computed to be
D′ = M L = (x×28l 27l 21) (x 1)×28l
= 272l 21.
(9) Since we pad l trailing zeros to the m MSBs of the representative value M (see Step 2 in Algorithm 2) to compose an 8-bit number to repair the tampered pixel p, the maximum gray-value distortion after repairing p is
D2 = D′×2l + (2l 1)
where the term 2l 1 specifies the partial distortion coming from the extreme case that the original last l bits of p are all 1s.
(10) By using the result of D′ derived previously in (8), D2 may be derived in more detail to be
D2 = (272l 21)×2l + (2l 1).
= 27l + 2l1 1.
Stage 4 minimization of the overall distortion.
(11) The maximum gray-value distortion D considered for a pixel as mentioned previously in (1) now can be computed from the results of (4) and (10) above to be
D = D1 + D2 = (2l 1) + (27l + 2l1 1)
= 27l + 3×2l 2.
(12) Taking the derivative of D with respect to l, we get
dD/dl = 27l×ln2×[d(7l)/dl] + 3×2l×ln2×[d(l1)/dl]
= 27l×ln2×(1) + 3×2l×ln2×(+1)
= ln2×(3×2l 27l)
where ln2 is the natural logarithm value of 2.
(13) Setting dD/dl = 0, we can get the following equation ln2×(3×2l 27l) = 0 which may be solved to get
27l = 3×2l, or equivalently,
(27l)/(2l1) = 282l = 3.
(14) Taking the base-2 logarithm values of the two sides of the above equality and simplifying the result, we get finally the solution of l as:
l = 4 log2 3]/2
which may be evaluated explicitly to be approximatelyequal to 3.2075.
(15) Accordingly, since l is the number of LSBs which should be an integer, it is taken to be the integers 3 and 4 for which the corresponding values of the gray-value distortion D are D(3) = 273 + 3×23l 2 = 26 and D(4) = 274 + 3×24l 2 = 30, respectively. Therefore, the optimal l is finally decided to be 3 which is exactly the number of bits we use to compose an authentication signal as described previously. This completes the proof.
6.6 Experimental Results
Many experiments have been conducted to test the proposed method and one result is shown in Fig. 6.4, where Fig. 6.4(a) is an input surveillance image with the size of 480×360. The result of applying Algorithm 1 to generate and embed authentication signals into Fig. 6.4(a) is shown in Fig. 6.4(b) with a PSNR value of 37.51. Actually, a general lower bound may be computed for this PSNR value, as
done by the following reasoning.
(1) With l being the number of bits in a pixel used for embedding the authentication signal, the largest mean square error value MSE of a stego-image with respect to the cover image is (2l 1)2 because at each pixel, the largest gray-value difference is 2l 1 after an l-bit authentication signal is embedded there, as described previously.
(2) Accordingly, the peak-signal-to-noise-ratio value PSNR by definition is just PSNR = 10log10(2552/MSE)
= 10log10[2552/(2l 1)2]
= 20log10[255/(2l 1)]
= 20log10(255/7)
31.23
where 255 is the maximum gray value of an 8-bit pixel and l is 3 for our case here.
(3) That is, the lowest bound for the PSNR value is approximately 31.23, which means that the quality of the stego-image is good enough for general applications.
(a) (b)
Fig. 6.4 Generation of stego-image from an input surveillance image. (a) Input image taken by a monitor. (b) Stego-image with PSNR value 37.51.
Back to the presentation of the first case in our experimental results, Fig. 6.5(a) shows a tampering result with a tampering ratio of 0.74% in which two numbers “3”
and “7” on the car plate shown in Fig. 6.4(b) were replaced with fake numbers “7”
and “5”, respectively. Fig. 6.5(b) shows the obtained authentication image after applying Stages 1 through 3 of Algorithm 2 to Fig. 6.5(a). As can be seen, the tampered pixels covered by the fake numbers have been detected correctly. However, some noise points can be seen to appear in Fig. 6.5(b). These noise points indicate that the pixels in the original image corresponding to these noise points are also erroneously authenticated as having been tampered with. The reason for this noise phenomenon is explained in the following.
(a) (b)
(c) (d)
Fig. 6.5 Authentication result of a surveillance image taken by a monitor with tampered area. (a) Image with modification of two car plate numbers. (b) Authentication image with noise. (c) Final authentication image. (d) Final repairing result with PSNR 45.60 with respect to stego-image.
If a pixel A is authenticated as having been tampered with, it means that the authentication signal of a pixel B, which is embedded at pixel A, is also damaged.
This in turn means that B will also be authenticated as having been tampered with, even when B is in fact not so. This effect of mutual affection leads to erroneous
marking of single points in the authentication image as tampered pixels, creating a pepper-and-salt noise phenomenon like that seen in Fig. 6.5(b). To remove this effect, we applied the median filtering operation to eliminate such noise points before performing the pixel repairing operations described in Stage 4 of Algorithm 2. The final authentication image resulting from doing so to Fig. 6.5(b) is shown in Fig.
6.5(c), in which, as can be seen, most pepper-and-salt points have been eliminated, but 90 false acceptance pixels and 1 false rejection pixels are left. To deal further with this authentication image, image repairing was conducted and the result is shown in Fig. 6.5(d), in which we see that the original numbers “3” and “7” have been repaired successfully at their original positions. Also, with the tampered pixel repaired, the image has a PSNR value of 45.6 with respect to the stego-image shown in Fig. 6.4(b).
Another experimental result of replacing the entire car plate with a fake one is shown in Fig. 6.6. Compared with the previous experimental result with the tampering ratio being 0.74%, the tampering ratio in this case was raised to be 2.25%. It can be seen in Fig. 6.6(b) that the phenomenon of noise points caused by the effect of mutual affection becomes more conspicuous than that in the previous case because of the higher tampering ratio. After noise elimination was performed on Fig. 6.6(b), the final authentication image of Fig. 6.6(c) was obtained, which includes 551 false acceptance pixels (due to the reason that the five MSBs of each of them coincide with those of the original image) and 16 false rejection pixels (due to the reason that their authentication signals embedded in the tampered area were destroyed). Finally, the repaired image in which the original car plate reappeared clearly with a PSNR value of 36.38 is shown in Fig. 6.6(d). Some relevant statistics of the two cases mentioned above are given in Table 6.2.
Table 6.2 Statistics of experiments using a surveillance image of Fig. 6.4(a).
To show the relation of the performance of tampering localization and repairing to the degree of tampering as well as the use of median filtering, the statistics of the false judgments (including false acceptance pixels and false rejection pixels) and the PSNR values of a series of repaired images listed in the order of increasing tampering ratios are given in Table 6.2. In addition, an illustration of the statistics is shown in Fig. 6.7.
Note that the total numbers of false acceptance pixels plus false rejection pixels comprises the ordinate of the number of falsely judged pixels in Fig. 6.7.
(a) (b)
(c) (d)
Fig. 6.6 Authentication result of a surveillance image taken by a monitor with tampered area. (a) Image with modification of entire car plate. (b) Authentication image with noise. (c) Final authentication image. (d) Final repairing result with PSNR 36.38 with respect to stego-image.
Fig. 6.7 Relations of performances among tampering ratios, false tampering detection, and tampering repairing using surveillance image of Fig. 6.4(a).
In a subsequent experiment, we used another test image, Lena, of size 512×512 as shown in Fig. 6.8(a), and the stego-image yielded by the proposed method is shown in Fig. 6.8(b) whose PSNR value is 39.34.
(a) (b)
Fig. 6.8 Generation of stego-image from another image. (a) Input image Lena. (b) Stego-image with PSNR 39.34.
In this experiment, we selected the area of Lena’s hair and modified it by adding a rose flower shape of 2084 pixels on it. The modification result is shown in Fig. 6.9(a).
Fig. 6.9(b) shows the authentication result without noise elimination, and the final authentication image is shown in Fig. 6.9(c) in which 2041 tampered pixels of the flower were detected and most isolated points were removed after median filtering.
Finally, we repaired each of those detected pixels by referencing the bin code as the authentication signal embedded in a certain pixel whose position in Fig. 6.9(a) was located by a key. The repairing result in this case is shown in Fig. 6.9(d), and the PSNR value with respect to the stego-image is 47.00. Some other statistics about this case is given in Table 6.3.
As done in the previous experiments using a surveillance image, we also gradually extended the tampered area in the Lena image to test the effectiveness of the proposed method. Table 6.3 lists the statistics of our experiments conducted in this way.
Furthermore, an illustration corresponding to the statistics of Table 6.3 is shown in Fig.
6.10.
(a) (b)
(c) (d)
Fig. 6.9 Authentication result of a grayscale image with an added flower shape composed of 2084 pixels. (a) Image with modification of a hair portion. (b) Authentication image with noise. (c) Final authentication image. (d) Final repairing result with PSNR 47.00 with respect to stego-image of Fig. 6.9(b).
According to the results and statistics of all the conducted experiments, the proposed method is seen to be effective enough till the tampering ratio reaches about 10%. This overall result is better than that of the method described in [78] which works effectively when the tampering ratio is smaller than 1.1%.
Table 6.4 lists a comparison of the proposed method with other pixel-level image authentication methods [70][78] in terms of capabilities of self-recovery and tampered-pixel detection. We conducted an experiment that was also conducted in [78]
with 2084 tampered pixels. The experimental result is exactly that of Fig. 6.9 given above. From Table 6.4, it can be seen that the proposed method provides better performance in the aspects of tampered pixels detection and tampering ratio limitation, and has the additional self-recovery capability. In addition, due to the characteristic of
Table 6.3 Statistics of experiments using image Lena of Fig. 6.8(a).
Fig. 6.10 Relations of performances among tampering ratios, tampering detection, and tampering repairing using image Lena of Fig. 6.8(a).
pixel-level authentication, we can recover the tampered area by the unit of pixel and
so can recognize the detailed part existing in the original image after the recovery work.
Table 6.4 Comparison of performance of proposed method with those of [8] and [9].
Authentication
methods Pixel-level Recoverable # of correctly detected pixels out of 2084 tampered pixels recover tampered areas at the pixel level, instead of at the block level as done by [71].
And it is also noted that in [71] an auxiliary data item, a code book, is needed for image repairing. This leads to inconvenience and non-blindness in the image recovery process because extra storage space is required for the auxiliary data and the image repairing work cannot be done without referring to the auxiliary data. On the contrary, the proposed method is characterized as blindness.
Table 6.5 Comparison of performance of proposed method with those of [71].
Authentication
methods Protected area Pixel level
Free from the need of auxiliary information
for recovery
Schemes used for image recovery
Method of [71] Partial (region of
importance) No No Fractal code and
image painting Proposed
method Unrestricted Yes Yes Bin code
Some issues deserve further investigation in the future, for example, noise attacks.
Though this kind of attacks can be detected with the aid of human vision in the proposed method, a feasible criterion which can be used to distinguish noise points in
the authentication image caused by mutual affection from those resulting from noise attack is desired.
6.7 Summary
A grayscale image authentication method with a capability of localizing tampered image regions and repairing them at the pixel level has been proposed. Based on a bin-mapping scheme of dividing the 5-bit grayscale into eight bins, a 3-bit bin code is generated for use as an authentication signal for each input image pixel. The authentication signals are embedded into other pixels selected randomly by a secret key. The signals are utilized not only for detecting and localizing tampered pixels but also for generating representative values for repairing the tampered pixels. This double-function merit of the authentication signal leads to the possibility of pixel-level tampering detection and the blindness characteristic of the proposed method. Also shown is a proof of the optimality of the proposed method in choosing three bits out of the eight ones of a pixel as an authentication signal under a minimax criterion of minimizing the maximum total gray-value distortion incurred by authentication signal embedding and tampered pixel repairing. Experimental results have shown the effectiveness of the proposed method for authenticating and repairing tampered real images. Future works may be directed to extending the method to deal with color images.
Chapter 7
A Steganographic Method Based on Information Sharing for Hiding Secret Data in Spreadsheets with a Self-Authentication Capability
7.1 Introduction
Covert communication is a technique of concealing secret information into a cover medium in an imperceptible way or with a camouflage effect such that only a sender and an intended receiver know the existence of the hidden data in the resulting stego-medium. In the literature, emphases were put on the use of multimedia like images, videos, and audios [79-82] because these media in general provide larger embeddable spaces and cause less suspicion due to their wide distributions. And weaknesses existing in human beings’ visual capabilities are often exploited to design effective covert communication methods.
In this study, we propose a new data hiding method for covert communication which applies Shamir’s (k, n)-threshold secret sharing scheme with n = k + 1 to a given secret item to yield k+1 shares, and the generated k + 1 shares are embedded into the number items in a spreadsheet as if they are part of the spreadsheet content.
The purpose of transforming the secret data into secret shares by the (k, k+1)-threshold secret sharing scheme is not to enforce robustness, but to yield a blind self-authentication capability for the embedded secret. Conventionally, the concept of (k, n)-threshold secret sharing is applied to provide destruction-tolerant capabilities.
That is, any k shares collected from n ones may be processed to reveal the shared secret even though up to (n k) shares are destroyed. But in the proposed method, the
scheme of (k, k + 1)-threshold secret sharing is developed for the first time to provide instead a self-authentication capability by checking the value-consistency of k + 1 results coming from all k + 1 combinations to determine whether the extracted secret is intact or not. That is, only when the results computed from any k shares collected from k + 1 shares are all identical in value can the extracted secret be decided to be intact. Fig. 7.1 illustrates these core ideas of the proposed method.
(a)
1 k
Ck
(b)
Fig. 7.1 Illustration of proposed covert communication method via spreadsheets by secret sharing. (a) Generation of a stego-spreadsheet. (b) Self-authentication of the extracted message.
Moreover, to conceal the presence of hidden data, secret shares are spread throughout the cover spreadsheet in a sparsely fashion. And a spreadsheet containing numeral items with a high scatter level is more suitable to be used as a cover spreadsheet for better concealment.
7.2 Merits of Proposed Method
Merits of the proposed method include the following. (1) A receiver can confirm the correctness of the extracted secret message. (2) Compared with some methods
using hash codes or parity bits as redundant data to ensure the authenticity of retrieved data, only a minor redundancy, i.e., the (k + 1)-th share, is needed in the proposed method. (3) By adaptively choosing involved parameters, i.e. the value of p, used in the polynomial of Shamir’s method for the selected spreadsheet, the numerical items’
values generated by the method will fall into a reasonable range of values, arousing little suspicion during covert communication. (4) Using spreadsheets as cover media, the proposed method is free from unintentional destruction of hidden data like data compression during the secret transmission or data keeping process, in contrast with cover media like images or videos which are often compressed ignorantly in such a process. Two examples of such documents, Microsoft Excel and Google Docs, are shown in Fig. 7.2.
(a) (b)
Fig. 7.2 Examples of spreadsheets. (a) Microsoft Excel. (b) Google Docs.
7.3 Review of Shamir’s Method for Secret Sharing
In the (k, n)-threshold secret sharing scheme proposed by Shamir [56] with k n, a secret d in the form of an integer is transformed into shares which then are distributed to n participants to keep; and as long as up to k of the n shares can be collected, the original secret can be recovered. The detail of the scheme may be described as two algorithms in the following.
Algorithm 1: (k, n)-threshold secret sharing.
Input: a secret d in the form of an integer, the number n of participants, and a threshold k not larger than n.
Output: n shares in the form of integers for n participants to keep.
Steps.
Step 6. Choose randomly a prime number p which is larger than the secret d.
Step 7. Select k 1 integer values c1, c2, …, ck1 within the range of 0 through p
Step 7. Select k 1 integer values c1, c2, …, ck1 within the range of 0 through p