A Resistant Secret Sharing Scheme - IEEE Xplore

Download PDF
5 downloads 0 Views 574KB Size Report
Comment
Abstract—In this paper, we proposed a novel (2, 2) secret sharing scheme applied for grayscale images. This scheme can produce two noise-like shared images ...
2009 Fifth International Conference on Information Assurance and Security

A Resistant Secret Sharing Scheme

1

Chin-Chen Chang1,2

Department of Information Engineering and Computer Science, Feng Chia University, Taichung 40724, Taiwan, R.O.C. E-mail:[email protected] 

Yen-Chang Chen2

Chia-Chen Lin3

2

3

Department of Information Engineering and Computer Science, Feng Chia University, Taichung 40724, Taiwan, R.O.C.

Department of Computer Science and Information Management, Providence University, Taichung 43301, Taiwan, R.O.C.

E-mail:tinoy.c.chen@ gmail.com

E-mail:[email protected]

Abstract²In this paper, we proposed a novel (2, 2) secret sharing scheme applied for grayscale images. This scheme can produce two noise-like shared images that help avoid a secret image being grabbed. The construction phase of shared image consists of producing two shared images of the secret image by a (7, 4) Hamming code operation. To prevent attackers from forging shared images, a logo is embedded into the shared images first by using Tian¶s reversible data embedding scheme. Later, the embedded secret image is shuffling by Torus automorphism to enhance its security. Experimental results show that the nois-like shared images can be successfully generated by our proposed scheme.

between the two shared images promises higher security of the reconstructed secret image because attackers can not forge a valid shared image even if he already got a one. The rest of this paper is organized as follows. The basic definition of (7,4) Hamming code, Tian¶s scheme and Torus automorphism are introduced in Section 2. Section 3 describes our proposed scheme in detail. Experimental results are shown in Section 4. Finally, we give some conclusions in Section 5.

Keywords-(7,4) hamming code; reversible data hiding; torus automorphism; secret sharing

In this section, three technologies, (7, 4) Hamming code and Tian¶s scheme. The first one is used for generating shared images and the other is used for embedding logo into each shared images.

I.

II.

INTRODUCTION

In [4], Wang et al. proposed two secret sharing schemes that use boolean operations to limit or prevent pixel expansion. One is probabilistic (2, n) secret sharing scheme and the other is deterministic(n, n) secret sharing scheme. Both schemes can reduce the computational complexity and space complexity of the shared image. The characteristics of the two schemes are very simple. Moreover, both schemes offer good performance in reconstruction accuracy and contrast. In [1], to reduce the size of the shared image, Thien and Lin proposed a scheme to generate r shared images with the size each shared image 1/r of the original image. In this paper, we propose a simple and highly secure method to generate two shared images for a given secret image. First, two shared images can be generated by the (7,4) Hamming code operation on the secret image. To avoid the shared images being grabbed, a logo is embedded into the shared images and then the embedded shared images are shuffled by Torus Automorphism [3]. Eventually, two highly secure shared images are generated. In our experiments, the reconstructed secret image has a peak signal-to-noise ratio (PSNR) value of 31~32 dB. In terms of security, the original secret image cannot be reconstructed by two shared images if one of them is generated by a different secret image. Moreover, the lower correlation 978-0-7695-3744-3/09 $25.00 © 2009 IEEE DOI 10.1109/IAS.2009.324

˥ELATED WORKS

2.1 (7,4) Hamming code The (7,4) Hamming code is a error-correcting code. The transmission code (p1, p2, b1, p3, b2, b3, b4) can be created by the operation of (7,4) Hamming code; that is, by combining the four bits of data (b1, b2, b3, b4) with three parity bits (p1, p2, p3). Once one bit of the transmission code is altered, the (7,4) Hamming code can detect the altered bit and correct it by using the following check equation, where PM is parity-check matrix.

PM

ªp º ªp º « 1» « 1» «p » «p » « 2» « 2» « b1 » ª0 0 0 1 1 1 1º « b1 » u « » = «0 1 1 0 0 1 1» u « » , » «p 3» « p 3» « « » «¬1 0 1 0 1 0 1»¼ « » «b2» «b 2 » « » « » « b 3» «b 3» ¬« b 4 ¼» ¬« b 4 ¼»

(1)

2.2 Tian¶s Reversible Data Embedding Scheme In 2003, Tian proposed a lossless data embedding scheme [2]. The main purpose of Tian¶s reversible data embedding scheme is to embed confidential data into the difference value of neighboring pixel values in an image. The neighboring pixel values are called a pixel pair. After

61

Step 3: Generate a 7-bit transmission code (p1, p2, b1, p3, b2, b3, b4) by combining ( b7,b6, b5, b4)with (p3, p2, p1). Step 4: The 7-bit transmission code is the pixel value of shared images S1 and S2 . The pixel value of shared image

all data are embedded into the cover image, the image quality of the embedded image when evaluated by PSNR is very high. An additional feature of Tian¶s scheme is that the embedding scheme is reversible, which means the embedded data can be extracted from the embedding image and the original image can be completely restored. To find the embeddable area, Tian¶s scheme uses the following criterion: «h»  b d min(2(255  l ),2l  1), (2) 2u

S1 is(p1, p2, b1, p3, b2, b3, b4) and the pixel value of shared image S2 is (p1, p2, b1, p3, b2, b3, b4). Step 5: Alter the 2-bit pixel value of shared image S1 and S2 randomly ( 0 o 1 or 1 o 0 ). Shared image S1

«¬ 2 »¼

and S 2 must be altered in an identical location. Note that Steps 2 to 5 are repeatedly performed until all pixels in shared images S1 and S 2 are processed.

where l is the integral average, h is the difference value of the pixel pair, and b =0 or 1. For all embeddable pixel pairs, the embedding criterion is used to determine whether the embeddable pixel pair belongs to an expandable pixel pair or a changeable pixel pair based on the criterion defined in (3) (3) 2 u h  b d min(2(255  l ),2l  1) . The embeddable pixel pair belongs to an expandable pixel pair if it satisfies (3); otherwise, the embeddable pixel pair belongs to a changeable pixel pair. To make the embedding procedure clearer, we give a simple example of an expandable pixel pairs below. III.

Part 2: Embedding logo and shuffling embedded shared images Step 1: Embed a logo into shared image S1 by Tian¶s reversible data embedding scheme described in subsection 2.2 to generate embedded shared image S1logo . Step 2: Shuffle embedded shares image S1logo by Torus automorphism which has been described in subsection 2.3. Finally, two shared images S1d -logo and S2 are generated.

ˣROPOSE SCHEME

There are two phases in our proposed scheme. The first is the shared image construction phase, in which the shared image is generated from a secret image. The second is the secret image reconstruction phase. The secret can be reconstructed by using the two shared images. The shared image construction phase and the secret image reconstruction phase are described in detail in subsections 3.1 and 3.2.

3.2 Secret image reconstruction phase Secret image reconstruction phase consists of two parts: part 1 is the extraction of embedded logo and part 2 is the restoration of secret image. The steps in the two parts of the image reconstruction phase are given below. Part 1: Extraction of embedded logo Step 1: Assume there are two shared images S1d -logo and S2 .

3.1 Shared image construction phase In this subsection, we describe how two shared images are generated. There are two parts that must be performed. The first involves generating two initial shared images, initial shared image1 S1 and initial shared image2 S 2 by the operation of the (7, 4) Hamming code and the logic operation. To protect the secret image, we perform an additional secure approach in which a logo is embedded into the initial shared image1 by using Tian¶s scheme and then scrambling the shared image by using Torus automorphism in the second part of shared image construction phase. Finally, a shuffled shared image1 S1d -logo is generated.

To identify which shared image is S1d -logo and which shared image is S1d -logo , S1d -logo and S 2 are performed the Torus automorphism operation by inputting the recover key Nr into Torus automorphism. Two scrambled shared images S1logo and S2 d are generated. Step 2: Extract the logo from S1logo and S2 d by using Tian¶s reversible data embedding scheme. The shared image is S1logo if the logo can be extracted correctly; otherwise, the shared image is S 2 . Extract the logo from embedded shared image S1logo to recover shared image S1 . Part 2: Restoring of secret image Recovering the secret image requires the following four steps. In step 3, two cases must be judged to find the optimal recovery solution.

S1 and S 2 are the two shared images we want. Note the logo is only embedded into one shared image S1 instead of two shared images. Part 1: Generating two initial shares images Step 1: Transform the decimal pixel values of the digital image into an 8-bit binary value. The 8-bit binary value is (b7,b6, b5, b4, b3, b2, b1, b0) from most significant bit (MSB) to least significant bit (LSB), where b7 is the MSB and b0 is the LSB. Step 2: Extract the 4 bits ( b7,b6, b5, b4) from the 8-bit binary value and generate 3 parity bits (p3, p2, p1).

Step 1: Transform the decimal pixel value of shared images S1 and S2 into an 8-bit binary value. Step 2: Identify the two different bit locations of the 8-bit value between S1d -logo and S2 . Assume that the two different bits¶ locations are location 4 and location 5, respectively.

62

Step3: Recover the original transmission code by examining the following two cases: Case 1: Assume the bit value of location 4 of shared image S1 is correct and the bit value of location 4 of shared image

X , each value is randomly assigned to be 0 or 1 and they are attached to the end of b1, b2, b3, b4 as shown below. Finally, the binary secret bit of the secret image can be reconstructed successfully.

S2 is an error. First, modify the bit value of location 4 of shared image S 2 ( 0 o 1 or 1 o 0 ) and identify the next

Secret bit

error bit location by applying (1). After using (1), an error bit location can be found (called location A). Modify the bit value of location A of shared image S2 ( 0 o 1 or 1 o 0 ) and modify the bit value of location A of shared image S1 ( 0 o 1 or 1 o 0 ) at the same time. Then, find the next

b1

IV.

b2

b3

b4

X

X

X

X

EXPERIMENTAL RESULTS

In this section, we describe two experiments. The first experiment was to evaluate the quality of the reconstructed secret image by using PSNR. A high PSNR value means that the reconstructed secret image is very similar to the original secret image. The PSNR formula is given in (8). , (8) PSNR =10ulog 255 MSE where the mean square error (MSE) means the difference between the secret image and the reconstructed secret image. MSE is defined in (9). M M 2 (9) 1 =

error bit location of shared image S1 by applying (1). After using (1), an error bit location can be found (called location B). Modify the bit value of location B of shared image S1

2

10

( 0 o 1 or 1 o 0 ). Check the bit value of the corresponding location between shared image1 S1 and

shared image2 S2 . The secret image is reconstructed successfully if the corresponding location between shared image1 S1 and shared image2 S2 is the same; otherwise, the secret image has been incorrectly reconstructed. When the scenario does not belong to Case 1 and the secret image can not be successfully restored, Case 2 needs to be considered.

MSE

M uM

¦¦ H i, j  S i, j i 1 i 1

The second experiment involved security considerations. In this experiment, we mainly tested two parts. The first part assessed whether two shared images that belong to different secret images can produce one of the secret images. The second measured the percentage of different pixel numbers between the two shared images by using the number of pixels change rate (NPCR). A lower NPCR value means the correlation between two shared images is very low. The NPCR formula is given in (10).

Case 2: Assume the bit value of location 5 of shared image S1 is correct and the bit value of location 5 of shared image S 2 is an error. First, modify the bit value of location 5

NPCR =

of shared image S2 ( 0 o 1 or 1 o 0 ) and identify the next error bit location by applying (1). After using (1), an error bit location can be found (called location C). Modify the bit value of location C of shared image S 2 ( 0 o 1 or 1 o 0 ) and modify the bit value of the location C of shared image S1 ( 0 o 1 or 1 o 0 ) at the same time. Then, find the next

¦ D i, j

wuh

i, j

u 100% ,

(10)

where w and h are the width and height of two shared images C1 ʿ C2 , C1 ˴́˷ C2 are two shared images produced by the secret image and the difference between them is only 1 pixel. Our experimental platforms were an Intel CoreTM2 Duo CPU with 2.0GHz and a 1.5-GB RAM. The operating system was Windows XP Professional, and our algorithms were programmed by Java. The test images are five grayscale images, all sized 257 u 257: ³Baboon´, ³Je´, ³Peppers´, ³Gold Hill´, and ³Lena´. These images are shown in Figure 1. One binary logo is also shown in Figure 1(f).

error bit location of S1 by applying (1). After using (1), an error bit location can be found (called location D). Modify the bit value of location D of shared image S1 ( 0 o 1 or 1 o 0 ). Check the bit value of the corresponding location between shared image1 S1 and shared image2 S 2 . The secret image is reconstructed successfully when the corresponding location between shared image1 S1 and shared image2 S 2 is the same; otherwise, the secret image has been incorrectly reconstructed. One of the above two cases will make the bit value of the corresponding location between two shared images the same. Then, the transmission code can be reconstructed (p1, p2, b1, p3, b2, b3, b4). Step 4: Extract the bit value (b1, b2, b3, b4) from the transmission code (p1, p2, b1, p3, b2, b3, b4). For the rest four

(a) Baboon

63

(b) Jet

(c) Peppers

We observed from the four cases that the two shared images in Case 2 and Case 4 are noise-like images created by different a secret image, and the outline of the secret image cannot be observed. For Case 3, because the shared images are non-shuffled, the reconstructed image still presents a noise-like image and some indistinct outline of the secret image can be observed. For that reason, Case 3 is the most dangerous combination of the four cases. The second part of the test was to measure the degree of disturbance between two share images. When the degree of correlation between two shared images is very low, it is less likely that bad actors will be able to get the information about the secret image by the two shared images. For the second test part, we used NPCR to measure the degree of disturbance between two share images. A lower NPCR value offers higher security. Our experimental result shows that the NPCR value of our test image was between 0.3~0.6. The experimental results are listed in Table 1. Table 1. NPCR for each shared of five test images.

(d) Gold Hill (e) Lena (f) Binary FCU logo Figure 1. Five test images: (a) Baboon, (b) Jet, (c) Peppers, (d) Gold Hill, and (e) Lena

The PSNR value of three reconstructed images is between 31~32dB. Three selected reconstructed secret images are shown in Figure 2.

(a) Baboon (31.889)

(b) Jet(31.864)

(c) Peppers (31.848)

Figure 2. Quality of five reconstructed secret images Secret image

Shared image1

Shared image2

Reconstructed image

Shared image Lena Baboon Pepper Jet Gold Hill

NPCR 0.545 0.346 0.407 0.542 0.434

V.

CONCLUSIONS

In this paper we propose a new scheme for secret sharing. Our scheme creates two shared images by the operation of the (7,4) Hamming code,, Tian¶s reversible data embedding scheme and Tours automorphism also are used to make the hidden logo can not be extracted by unauthorized users. The most significant feature of our scheme is that both the construction and reconstruction phases are very simple. Experimental results confirm the average execution time of our shares construction phase and the secret reconstruction is 4.9152 second and 4.168 second, respectively. Moreover, the correlation between two generated shared images is ranged from 0.3 to 0.5, which means no one can infer a shared image from his/her received shared image. In our future work, we plan to study how this scheme can be applied to the color space. In addition, we will try to expand our proposed scheme to (k, n) threshold secret sharing scheme and k>2.

Figure 3. Reconstructed secret images when cheating occurs. To test the security of our scheme, we performed a twopart experiment. The first was to test whether two shared images which belong to different secret images can successfully reconstruct one secret image. Four cases were tested and the experimental results are shown in Figure 3. The four test cases are listed below. (1) Shared image1 is S1d -logo created by Figure 1(e). Shared

REFERENCES [1]

image2 is S1d -logo created by Figure 1(a).

[2]

(2) Shared image1 is S1d -logo created by Figure 1(d). Shared image2 is S 2 created by Figure 1(b).

[3]

(3) Shared image1 is S2 created by Figure 1(e). Shared image2 is S 2 created by Figure 1(c).

[4]

(4) Shared image1 is S2 created by Figure 1(a). Shared mage2 is S1d -logo created by Figure 1(d).

64

& & 7KLHQ DQG - & /LQ ³$Q LPDJH-sharing method with userIULHQGO\VKDGRZLPDJHV´IEEE Transactions on Circuits and Systems for Video Technology, Vol. 13, Issue 12, pp. 1161±1169, Dec. 2003. - 7LDQ ³5HYHUVLEOH GDWD HPEHGGLQJ XVLQJ D GLIIHUHQFH H[SDQVLRQ´ IEEE Transactions on Circuits and Systems for Video Technology, Vol. 13, Issue 8, pp. 890-896, Aug. 2003/ * 9R\DW]LV DQG , 3LWDV ³&KDRWLF PL[LQJ RI GLJLWDO LPDJHV DQG DSSOLFDWLRQVWRZDWHUPDUNLQJ´Proceedings of European Conference on Multimedia Applications, Services and Techniques, Vol. 2, pp. 687-695, May 1996. ':DQJ/=KDQJ10DDQG;/L³7ZRVHFUHWVKDULQJVFKHPHV EDVHGRQ%RROHDQRSHUDWLRQV´Pattern Recognition, Vol. 40, Issue 10, pp. 2776-2785, Oct. 2007.