Top PDF Secret image sharing with steganography and authentication

Available online 5 December 2003 Abstract A novel approach to secret image sharing based on a ðk; nÞ-threshold scheme with the additional capabilities of steganography and authentication is proposed. A secret image is first processed into n shares which are then hidden in n user-selected camouflage images. It is suggested to select these camouflage images to contain well-known contents, like famous character images, well-known scene pictures, etc., to increase the steganographic effect for the security protection purpose. Furthermore, an image watermarking technique is employed to embed fragile watermark signals into the camouflage images by the use of parity-bit checking, thus providing the capability of authenticating the fidelity of each processed camouflage image, called a stego-image. During the secret image recovery process, each stego-image brought by a participant is first verified for its fidelity by checking the consistency of the parity conditions found in the image pixels. This helps to prevent the participant from incidental or intentional provision of a false or tampered stego-image. The recovery process is stopped if any abnormal stego-image is found. Otherwise, the secret image is recovered from k or more authenticated stego-images. Some effective techniques for handling large images as well as for enhancing security protection are employed, including pixelwise processing of the secret image in secret sharing, use of parts of camouflage images as share components, adoption of prime-number modular arithmetic, truncation of large image pixel values, randomization of parity check policies, etc. Consequently, the proposed scheme as a whole offers a high secure and effective mechanism for secret image sharing that is not found in existing secret image sharing methods. Good experimental results proving the feasibility of the proposed approach are also included.

題名: Secret image sharing with steganography and authentication 作者: C. C. Lin;W. H. Tsai 貢獻者: Department of Information Communication 關鍵詞: Secret image sharing;Steganography;Authentication;Camouflage image;Data hiding;Stego-image;Fragile watermarking;Least significant bit replacement 日期: 2004

題名: Secret image sharing with reversible steganography 作者: Chang, Chin-Chen;Lin, Pei-Yu;Chan, Chi-Shiang 貢獻者: Department of Information Science and Applications 關鍵詞: Artificial intelligence;Computer science;Cryptography;Distortion- free;Modulo operator;Reversible;Secret sharing;Steganography 日期: 2009

approaches is that the revealed content of the secret image must be lossless. Moreover, the distorted stego images can be reverted to the original cover image. In order to achieve these purposes, we first transform the secret pixels into the m-ary notational system.

摘要: Recently, Lin and Tsai and Yang et al. proposed secret image sharing schemes with steganography and authentication, which divide a secret image into the shadows and embed the produced shadows in the cover images to form the stego images so as to be transmitted to authorized recipients securely. In addition, these schemes also involve their authentication mechanisms to verify the integrity of the stego images such that the secret image can be restored correctly. Unfortunately, these schemes still have two shortcomings. One is that the weak authentication cannot well protect the integrity of the stego images, so the secret image cannot be recovered completely. The other

Therefore, in this paper we reserve only low-frequency DCT coefficients that keep most visual information in im- ages. This drastically decreases the size of the data that must be shared, and guarantees the quality of the recovered image in the mean time. Furthermore, we randomize the values of all the reserved coefficients except the first one 共called the DC value兲 by a designed transformation. The DC value is taken to be a key for this transformation. It is also used in the back transformation to recover the original coefficients. That is, the critical item for sharing is re- stricted to be just the DC value, and so the amount of information to be shared and that of the created share data both decrease noticeably. Therefore, the proposed scheme has the capabilities of sharing full-color images as well as reducing the share data size. The former capability extends the application scope of secret image sharing which is still quite limited so far, and the latter makes the proposed scheme more practical for certain applications, where the memory size and network bandwidth are restricted. For ex- ample, the scheme is suitable for applications to mobile or handheld devices, where only a small amount of network traffic for shared transmission as well as a small amount of space for data storage are allowed.

1 Introduction Blakley 1 and Shamir 2 first proposed the secret sharing scheme in 1979, independently. In their 共t,n兲 threshold scheme, a dealer distributed a secret number into n shad- ows and each of n participants held one shadow. The secret number could be reconstructed if at least t of the n shadows were received. On the other hand, the secret number could not be revealed if any of t − 1 or less of the n shadows were received. Later, Shamir 2 introduced the concept of weighted secret sharing in his seminal work. In Shamir’s weighted secret sharing with the 共t,n兲 threshold scheme, each of the n participants is assigned with a positive integer weight w i , where i = 1 , 2 , . . . , n and 1艋w i 艋t−1. Then, the dealer distributed a secret number into 兺 i=1 n w i shadows, and the number of shadows that each participant held was equal to their corresponding weight value. The secret could be reconstructed if the sum of the weights of the received par- ticipants is no less than the threshold t.

unique hierarchical threshold characteristic as compared with the existing secret image sharing schemes. Table 2 compares the functionality of the proposed scheme with that of related schemes. As presented in Table 2, the new method satisfied the camouflage purpose and provided the satisfactory quality of shadow images. Meanwhile, the secret image can be reconstructed lossless. And the proposed secret image sharing scheme can provide a hierarchical threshold access structure. The new mechanism allows the participants to be partitioned into sev- eral levels, and the access structure is then determined by a se- quence of threshold requirements. In comparison with the traditional secret image sharing schemes (Yang et al., 2007; Chang et al., 2008; Lin et al., 2009; Lin and Chan, 2010), the proposed hier- archical threshold secret image sharing scheme can not recover the cover image. And, quality of shadow images needs to be improved.

Most methods transform a gray-level image into a halftone one, which will limit the applicability of secret sharing technique [7]. In 2005, Lukac and Plataniotis [7] proposed a new secret sharing me- thod based on bit-level decomposition. The concept of the method is to decompose an image with B-bit into B bit planes, in which every plane can be viewed as a binary image. By superimposing B en- crypted bit planes, several B-bit sharing images are constructed. To recover the original image, the sim- ilar decomposition process is utilized to decompose B-bit sharing images first. After that, by performing the decrypting algorithm, the original image can be revealed without any loss of information. However, the problem of pixel expansion is still existed.

embedded as if they are part of the content in a cover spreadsheet, yielding a camouflage effect and generating a self-authentication capability. Each segment group of the secret message extracted from a stego-spreadsheet can be blindly authenticated by check- ing the results computed from all the k + 1 possible combinations of k shares out of k + 1 ones—if the resulting k + 1 copies of the recovered secret are all identical to one another, then the stego- spreadsheet is decided to be intact. In case the stego-spreadsheet is authenticated to have been modified, the altered part of the hidden secret message may be identified, and the undamaged part recov- ered correctly. Experimental results have been shown to prove the feasibility and effectiveness of the proposed method. Deriva- tions of the data embedding capacity and authentication precision have also been conducted, and discussions on the steganalysis issue included. Future studies may be directed to applications of the proposed method to multimedia protection in the field of fragile watermarking.

embedding rate should be smaller than 50.67% in order to keep the undetectability property of the stego-spreadsheet when a steganalyst has the information of the probability distribution related to the stego-spreadsheet. How to choose an embedding rate which is secure against such a statistical test depends on the scatter level of the chosen numeric data of the cover spreadsheet. Here, the scatter level is computed as the variance of numeric data values. In terms of this parameter, three spreadsheets Scores1, Scores2, and Scores3 with the scatter level from high to low were tested further in our experiments using the same setting of parameters. Scores1 is just the one used in the first experiment mentioned above and the corresponding statistics is shown in Table 1. The results of using Scores2 and Scores3 are shown in Tables 2 and 3, respectively. From Table 2, the limit of the embedding rate using Scores2 is seen to be 26% which is lower than that using Scores1. As for Scores3, the corresponding limit of the embedding rate is down to be 6.04% as seen in Table 3. These experimental statistics indicate that the numeric data of a cover spreadsheet with a higher scatter level can yield a higher embedding rate without causing statistical anomalies. This fact can also be seen from the message embedding bit rate per numeric item, also shown in the tables. Specifically, the upper bound of the embedding bit rate per numeric item in Scores 1 is 2.66 b, which is higher than those in Scores 2 (1.36 b) and Scores 3 (0.32 b).

E-mail address: jclin@cis.nctu.edu.tw (J.-C. Lin). Accordingly, the size of each stego image was 2=t or 4=t of that of the secret image. To solve the problem of size ex- pansion, we present in this work a new method in which the size of the stego image (which contains the hidden shadow) is still about 1=t of that of the secret image. This requirement is met by shrinking the range of shadow values (which are the output values of the sharing phase in Ref. [1]); hence, the input values (which are the gray values of the secret image) must also be quantized. Therefore, a pre-processing quantization procedure is developed for narrowing the range of gray values of the secret image. The pre-processing pro- cedure /rstly quantizes the secret image using two types of blocks, producing a record of block types, namely, an S–E table. The S–E table is then embedded in the quan- tized image to prevent size expansion. After it has been pre-processed, the image is shared among n participants. Fi- nally, a simple hiding procedure is proposed for hiding each shadow image in an ordinary image. The rest of this paper is organized as follows. Section 2 describes the proposed method. Section 3 presents the experimental results and compares them with those obtained by reported methods.

In our design, the recovery data is embedded in DCT co- efficients using lattice embedding to reduce distortion. The recovery data is dispersed into many blocks by two-layer sharing. Compared with previously reported methods, our specialty is that the tampered region can be recovered as long as the percentage of the tampered blocks does not ex- ceed a pre-defined threshold, say, 16.66%. Notably, as stated in Sec. 5.1, it is hard to predict in advance which part of a watermarked image will be cropped or replaced by attack- ers. The traditional mapping-sequence strategy for finding locations to hide recovery data is not a suitable strategy. This dilemma is avoided in this paper by using sharing. After all, worrying about “the percentage of blocks being tampered”

Another problem encountered in the self-repairing of the original image data is that the data to be embedded in the carrier are often large sized. For our case here with the alpha channel as the carrier, this is not a problem because the cover image that we deal with is essentially binary-like, and thus, we may just embed into the carrier a binary version of the cover image, which includes much less data. Furthermore, through a careful design of authentication signals, a proper choice of the basic authentication unit (i.e., the unit of 2 3 image block) and a good adjustment of the parameters in the Shamir scheme, we can reduce the data volume of the generated shares effectively so that more shares can be em- bedded into the alpha channel plane. It is noted that, by the proposed method, the larger the number of shares is, the higher the resulting data repair capability becomes, as shown in the subsequent sections. Finally, we distribute the multiple shares randomly into the alpha channel to allow the share data to have large chances to survive attacks and to thus promote the data repair capability. To the best of our knowledge, this is the first secret-sharing-based authentication method for binary-like grayscale document images. It is also the first authentication method for such document images through the use of the PNG image. Note that this method is not a secret-sharing technique but a document image authentication method.

[10] improved the method later by using an edge line similarity measure to select flippable pixels for the purpose of reducing the distortion. In this study, a method for authentication of document im- ages with an additional self-repair capability for fixing tam- pered image data is proposed. The input cover image is as- sumed to be a binary-like grayscale image with two major gray values like the one shown in Fig. 1. After the proposed method is applied, the cover image is transformed into a stego-image in the PNG format with an additional alpha channel for trans- mission on networks or archiving in databases. The stego-image, when received or retrieved, may be verified by the proposed method for its authenticity. Integrity modifications of the stego-image can be detected by the method at the block level and repaired at the pixel level. In case that the alpha channel is totally removed from the stego-image, the entire resulting image is regarded as inauthentic, meaning that the fidelity check of the image fails. The proposed method is based on the so-called (k, n)-threshold secret sharing scheme pro- posed by Shamir [11] in which a secret message is transformed into n shares for keeping by n participants; and when k of the n shares, not necessarily all of them, are collected, the secret message can be recovered losslessly. Such a secret sharing scheme is useful for reducing the risk of incidental partial data loss.

to simplify the proposed scheme, we used a simple 3-LSB substitu- tion to embed shadow data into the cover image. Since the corre- sponding shadow data are real numbers, we divided these shadow data into two parts: the integral part and the decimal part, to deal with. Meanwhile, correcting the shadow data to 1 decimal place is able to effectively ensure that the secret image can be reconstructed losslessly. Of course, many variations based on LSB substitution also can be utilized to embed shadow data. It may be possible for these steganographic methods to improve the vi- sual quality of shadow images and enlarge the embedding capac- ity. However, it is beyond the scope of this paper to provide all of the details associated with this issue.

Keywords — image authentication, binary document image, secret sharing, data hiding, PNG image. I. I NTRODUCTION or the purpose of preserving important documents, transforming them into digital form, such as digital images, is a way to satisfy the requirement. As a result of the nature of digitized data, it is not difficult to tamper with the content of a digital image imperceptibly. Therefore, designing effective methods for document image authentication [1]–[3] to ensure the integrity and authenticity of digital document images is desirable. It is also hoped that if a critical image part is authenticated to have been altered illicitly, its original content can be recovered. Such image content verification and self-recovery capabilities are useful for authentication of many kinds of digital documents, such as signed forms, secret documents, scanned checks, important certificates, circuit diagrams, art drawings, design drafts, last will and testament documents, and so on.

Suppose that the number of secret sharing participants is two. Figure 3 shows a secret HTML which contains two text component segments, “This is a secret sharing test for HTML.” at the top and at the bottom, a hyperlink with hyperlink text string “This is a secret sharing link.”, an image at the middle left, a video component at the middle center, and a Flash file at the middle right. The two pictures in Figure 4 are the resulting HTML-type shares. The component framework of each HTML-type share is the same as that of the secret HTML document, while the components in each HTML-type share are different from those in the secret HTML document. The HTML document in Figure 5 is the recovered secret HTML which is the same as the original secret HTML seen on browsers. Figure 6(a) shows an image source path, the secret image component of the secret HTML, and the two corresponding stego-image components are shown in Figures 6(b) and (c). In the image component, the string before the question mark is the address of the image agent and the under line string following the question mark is one of the translated share data of the secret image component.

Abstract - A copyright protection scheme for gray- level images based on image secret sharing and wavelet transformation is proposed in this paper. The scheme contains a secret image generation phase and a watermark retrieval phase. In the generation phase, the proposed scheme extracts the features from a host image using the discrete wavelet transformation (DWT), and then employs the features and the watermark, a visually recognizable pattern, to generate the secret image using the image secret sharing (ISS). In the retrieval phase, the watermark is retrieved by combining the secret image and the features obtained from the suspect image. The retrieved watermark is then compared with the original watermark for copyright verification. The experiment shows that the proposed scheme can withstand 5 kinds of common image processing operations, including JPEG compression, blurring, sharpening, scaling, and cropping.

Copyright © 2008 Yu-Jie Chang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. 1. INTRODUCTION Transmission of digital images across networks has become very popular due to the rapid development of Internet and computer technologies. However, tampering with digital images is easy to get, since modern pervasive and pow- erful image manipulation tools have made imperceptible modification of images very easy. Therefore, protecting the ownership and integrity of images is an important issue. Digital watermarking is a technique for inserting information (the watermark) into an image, which can be later extracted or detected for a variety of purposes, including identification and/or authentication. For copyright protection, robustness is a major concern; that is, even if the watermarked image is processed by some common image processing operations, the extracted watermark (e.g., a copyright logo) should be free from big distortion, so that it is still recognizable. A watermark embedded for this purpose is called a robust watermark [1]. Conversely, in contrast to copyright protection, a watermark embedded for content authentication should be fragile; that is, the extracted watermark might be severely deformed even if the watermarked image is tampered only slightly. This is because the basic requirement for authentication is just one simple thing; that is, if the already watermarked image (or image area) is modified later, then the mismatch of the extracted