Chapter 4 A Sharing-Based Authentication and Self-recovery Method against Image
4.7 Conclusions
The chapter proposes a watermarking method for image authentication, and it is with good self-recovery ability. The proposed method has the following functions: 1) detecting whether the watermarked image is tampered; 2) indicating the locations of the tampered area; 3) self-recovering the tampered portion using the non-tampered portion of the same watermarked image; and 4) enhancing the recovery ability by utilizing (r, n) threshold sharing [90], followed by scattering the shares all over the image.
Feature (4) above gives the proposed method a good recovery rate. The sharing polynomial of Thien and Lin’s method [90], which was devised to share a secret image among several participants, is used to reduce the amount of recovery data without significantly degrading the visual quality of the watermarked image.
Experimental results (Figs. 4.5−4.8) and the comparison tables 4.1 and 4.2 show that the proposed method is competitive.
In conclusion, the proposed method has the following novelty compared with previously published schemes (particularly, image authentication or recovery methods [66-73] and image sharing methods [3-4, 89-92, 94, 96]):
i) The recovery data are generated by using VQ compression technique (an index file). A VQ index file has at least three advantages. i-a) The matched codeword of an image block is more suitable for showing the texture of the block than the mean value or the halftone result, as used in some other publications. i-b) VQ compression technique is block-based, and a block-based approach is sufficiently easy to apply for tampering recovery. i-c) VQ decompression is simple and has a very short decoding time, thus reducing the reconstruction cost.
ii) To increase the survival rate of the recovery data (VQ-index file), a modified
version of the (r, n) threshold sharing [90] is used to generate n index shares.
Some remarks about this are given below.
ii-a) When applying secret sharing techniques to images, people often generated n shares for each pixel (or for each block of the pixels) of the secret image.
Hence, the share value has a wide range, and each share is represented by m bits, where m is the number of bits per pixel. For example, if each pixel is represented by 8 bits, then each share needs 8 bits. However, the proposed method assumes that the codebook has L codewords, and divides each VQ-index value into r sections before generating n index shares for each index value. Thus, the size of each index share is reduced to
⎡
(log2L)/r⎤
, which is usually smaller than 8 (for example,⎡
(log2L)/r⎤
=2 bits if (L=1024, r=5), or 3 bits if (L=4096, r=4)). The smaller size of each share helps maintain the quality of the watermarked image in the embedding process.ii-b) All arithmetic calculations in the proposed method are performed in the power-of-two Galois Field GF(2⎡(log2L)/r⎤ ), rather than the Mod251 used in Thien and Lin’s image sharing [90]. This modification not only reduces the number of bits of each index share from
⎡
log2251⎤
= 8 bits to⎡
(log2L)/r⎤
bits, but also makes the proposed method more suitable for the various codebook sizes L, thus increasing flexibility.iii) Many published image recovery techniques embed the recovery data of a unit (i.e. a block or a pixel) for backuping into another block or pixel according to a permutation function. (Notably, having many copies of the recovery data might increase survival rate, while decreasing the quality of the watermarked image.) The proposed method is sharing-based, and each share is small in size. Hence, unlike published recovery methods, the proposed method allows many backup
shares (n shares) without significantly increasing the total size of recovery data.
Since the proposed method has more backup pieces (n shares rather than 1 or 2 copies), it can use a hybrid two-layer strategy to scatter the backup (the n index shares created to backup a VQ index value). More specifically, the host image is divided into at least (n+1) non-overlapping regions, and the n index shares of each block are respectively embedded into the blocks of n other regions. After this layer of n-to-n random mapping, the position of the corresponding block in each region can be randomized again in the second layer and be distinct among regions by a MT pseudo-random number generator [9]. With this strategy, the recovery data can be uniformly scattered (in a distributed and missing-allowable manner) in the whole host image to resist a cropping attack of an extensive area.
(a) (b)
(c) (d)
Fig. 4.4. Four original images: (a) Lena, (b) Jet, (c) Baboon, (d) Barbara.
(a) (b)
(c) (d)
Fig. 4.5. The watermarked images of Fig. 4.4: (a) Lena(W) (PSNR = 44.14 dB), (b) Jet(W) (PSNR = 44.13 dB), (c) Baboon(W) (PSNR = 44.15 dB), and (d) Barbara(W) (PSNR = 44.15 dB).
(a) (b) (c)
(d) (e) (f)
(g) (h) (i)
Fig. 4.6. The cropping attack experiments: (a) 25% of the watermarked image Lena(W) is cropped; (b) a vertical-cropping of 50%; (c) a horizontal-cropping of 50%; (d−f) the detected tampered-blocks of (a−c), respectively; (g−i) the images recovered from (a−c), respectively. The PSNR values are 40.04 dB for (g); 34.77 dB for (h); and 36.54 dB for (i).
(a) (b) (c)
(d) (e) (f)
(g) (h) (i)
Fig. 4.7. The collage attack experiments: (a) a tampered version of Lena(W); (b) a tampered version of Jet(W); (c) a tampered version of Barbara(W), respectively; (g−i) the images recovered from (a−c), respectively. The PSNR values are 41.58 dB for (g);
42.45 dB for (h); and 43.01 dB for (i).
(a) (b) (c)
(d) (e) (f)
(g) (h) (i)
Fig. 4.8. A comparison of the recovered images of Refs. [72], [70], [73] and the proposed method, with tampering or cropping in the same region: (a) 25% of a 512×512 watermarked image Barbara (W) is replaced; (b) the recovered image of Ref.
[72]; (c) the recovered image of the proposed method. (d) 25% of a 512×512 watermarked image Lena(W) is cropped; (e) the recovered image of Ref. [70]; (f) the recovered image of the proposed method; (g) 25% of a 256×256 watermarked image Lena(W) is cropped; (h) the recovered image of Ref. [73]; (i) the recovered image of the proposed method.
(a)
(b)
Fig. 4.9. Analysis of a 25% horizontal-bar cropping for a 512×12 image. Dark area is tampered.
Table 4.1. A comparison between the reported recovery methods and the proposed method. (“*” means “quoted directly from the reported paper”, and “N/A” means not mentioned in the reported paper). The unit of PSNR is the dB.
Method Abilities to detect and locate
tampering
PSNR of the watermarked image
PSNR of the recovered image
[71] Yes 44.37* (Beach 256×256) 30.85* (cropping 7.1%)
[73] Yes 42.11* (Lena 256×256)
30.14* (cropping 12.5%) 25.39* (Fig. 4.8(h) where cropping is 25%)
44.15 (Beach 256×256) 42.44 (cropping 7.1%)
44.15 (Lena 256×256)
41.28 (cropping 12.5%)
38.81 (Fig. 4.8(i) where cropping is 25%)
44.14 (Lena 512×512)
43.20 (cropping 6%) 34.77 or 36.54 (Fig. 4.6(h) or 4.6(i), respectively; each cropping is 50%)
Ours Yes
44.13 (Jet 512×512)
43.27 (cropping 6%)
34.34 or 36.07 (if crop 50% like Fig. 4.6(b) or 4.6(c) does)
[72] Yes N/A N/A (but see Fig. 4.8(b))
[70] Yes 34.34* (Lena 512×512) N/A (but see Fig. 4.8(e))
[74] Yes 44 (Jet 512×512) 42 (cropping 6%)
32 (cropping 49%)
Table 4.2. Comparison of the size of recovery data.
Method Compression ratio (C.R.) of the recovery data
Total amount of the recovery data (counting the copies)
Manner of preserving the recovery data
[70]
Represent each 4×4 block by 1 bit.
Three backup copies of the recovery data are embedded in another 3 blocks
[71]
Represent each 2×2 block by 6 bits.
[72] Represent each pixel by
one bit. C.R.= 8 512×512 = 262,144 bits Backup in another pixel
[73]
Represent each 4×4 block by 31 bits.
Represent each 8×8 block by 56 bits.
Two backup copies of
smooth and
Represent each 4×4 block by 14 bits.
n shares are embedded in blocks of n distinct regions.
Table 4.3. The processing time of our method. (unit: second) Size of image Encoding Decoding
256×256 5.21 3.42
512×512 9.36 5.67
Chapter 5
Authentication and Cross-Recovery for Multiple Images
In this chapter, we propose a system with both image authentication and cross-recovery ability to protect a group of n given digital images. The system is an (r, n) threshold scheme (r is a pre-specified threshold satisfying2≤r<n). Any r of these images can reconstruct the whole group of n images, but less than r images cannot.
Therefore, the system has cross-recovery ability because if some [up to (n-r)]
images in the group are destroyed or lost in a distributed storage scheme or transmission mission, the destroyed or lost can be rebuilt vividly by the mutual support of r survived members. As for the authentication ability, it is used in the daily maintenance of the storage system. The authentication data hidden inside the images enable them to check themselves which images are attacked or replaced, and hence call for a cross-recovery automatically. The whole design consists of compression, two-layer sharing, cryptographic hash function, and information hiding.
The rest of the chapter is organized as follows. An introduction to the applications of cross-recovery for multiple images is given in Sec. 5.1. The encoding and decoding (the latter includes verification and recovery) of the proposed method are described in Secs. 5.2 and 5.3, respectively. Experimental results are shown in Sec.
5.4. The comparison is in Sec. 5.5; and the summary is in Sec. 5.6.
5.1 Introduction
In the transmission of multiple images via networks, it is not unusual for the
network connection to be unstable or under hacker attacks. A general remedy is to request the sender end to resend again, but then transmission time has been wasted.
Unless the sender immediately handles the request and the network is stable for awhile, the waiting time may seriously influence an important business decision when a cooperative company is eager to know what the new product images look like.
Another situation is that in a distributed storage system of multiple images, if some images are lost by the hardware failure or the manager’s carelessness, a trivial way to recover them is using back-up copies identical to the lost images but stored elsewhere.
Although the back-up copies can increase the reliability of a storage system, it also increases the cost of the system.
As a result, an interesting and important issue becomes how to protect the integrity of multiple images during a transmission or in a storage system. Several image authentication methods [61-78] have been proposed. Most of them emphasize the detection of whether malicious manipulations have occurred, and some have the position-locating ability for the tampered parts of the test image. Some approaches [70-78] additionally possess the capability of automatic recovery for the tampered parts to a certain extent, after detection and locating work. However, these recovery approaches usually only target a single image rather than a group of images. Moreover, the recovery ability of these approaches is limited, for example, if the tampered portions of the image exceed 50%, or even worse, if the whole image is lost, then the image is unable to be recovered. To solve this problem, we develop here an image authentication method with cross-recovery ability for multiple images. The word
“cross-recovery” means that if some of the images in the group are lost during transmission or tampered by malicious manipulations, then the lost/tampered images can be reconstructed by the mutual support of the surviving members at the receiver end. The details of the proposed method are presented in the following sections.
(a)
(b)
Fig. 5.1. Two flowcharts of the proposed method: (a) the encoding procedure; (b) the authentication and recovery procedure.