Random Grid and Reversible Watermarking-Based ...

International Journal of Digital Crime and Forensics Volume 10 • Issue 1 • January-March 2018

Random Grid and Reversible Watermarking-Based On Verifiable Secret Sharing for Outsourcing Images in Cloud Hang Gao, College of Computer and Control Engineering, Nankai University, Tianjin, China Mengting Hu, College of Computer and Control Engineering, Nankai University, Tianjin, China Tiegang Gao, College of Software, Nankai University, Tianjin, China Renhong Cheng, College of Computer and Control Engineering, Nankai University, Tianjin, China

ABSTRACT A novel random grid and reversible watermarking based verifiable secret sharing scheme for outsourcing image in cloud is proposed in the paper. In the proposed scheme, data owner firstly embeds the hash value of the secret image into the secret image itself using reversible watermarking algorithm; then, watermarked image is divided into $n$ sub image. Secondly, the hash of n sub image is calculated, and then the hash value is transformed into the initial value of hyper-chaos, thus n random grids are generated by different hyper-chaos. Lastly, after expanding the sub-image to the same size with the original secret image, it is performer XOR operation with the corresponding random grid, this will accordingly produce $n$ sharing secret. In order to securely outsource the image in the cloud, the generated shares are issued to the $n$ different cloud server. For authorized user, (s)he can get shares from different cloud server, and then can recover the original secret image through a series of decryption operations and extraction of reversible watermarking. The proposed scheme can losslessly restore the original secret image, and have the double verification ability, that is to say, it can verify whether the anyone of the sharing is modified, and it can also verify whether the original secret image is completely reconstructed. Some analysis and comparisons are given to show the security and effectiveness of proposed scheme. Keywords Data Outsourcing, Hyper-Chaos, Random Grid, Reversible Watermarking, Visual Secret Sharing

1. INTRODUCTION Cloud computing, one of the most important computing paradigms emerged in recent years, has become a good means for users to manage data efficiently. By outsourcing the data files into the cloud, the large enterprises as well as individual users can dynamically increase their storage space when required without buying any storage devices, and this also can reduce the costs for purchasing hardware equipment, managing enterprise data and maintaining the system. However, a major issue for cloud computing is the privacy of outsourced data, when data owner outsources the data to the cloud, (s)he may only allow the authorized user to visit the data, though cloud can provide some basic security mechanisms such as firewalls, it is thought untrusted, so privacy-preserving of data owner

DOI: 10.4018/IJDCF.2018010103 Copyright © 2018, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited.

24


in the cloud environment is a challenging task, especially on data privacy, security and reliability issues (Song, Wagner, & Perrig, 2000; Ziegeldorf, Morchon, & Wehrle, 2014; Henze et al., 2013). At present, encryption of sensitive data is the most extensively used methods to fulfill data security in the cloud. That is, data owners place the encrypted data in the cloud, and only the authorized users can decrypt the data and visit them. Up to now, people have proposed many schemes to guarantee the security of data in the cloud using asymmetric or symmetric algorithm (Zhu et al., 2016; Zou et al., 2016; Shaozhang, Shanshan, & Huang, 2015; Li & Ma, 2014; Hadavi & Jalili, 2010). Among them, Hui Zhu et al. (2016) proposed an efficient privacy-preserving location-based services query scheme in outsourced cloud by using symmetric encryption algorithm; in the scheme, the location provider’s data is encrypted and issued to the cloud, and the registered user can get accurate location query results from the cloud server. Qin Zou et al. gave a content-based image retrieval of cloud using comparable encryption algorithm (2016). In asymmetric encryption, Niu Shaozhang et al. presented a security access control for the data in the cloud efficiently by using asymmetric encryption system (2015); Keying Li and Hua Ma proposed an improved multi-authority attribute-based encryption for outsourced data by means of asymmetric and symmetric encryption (2014). However, complexity of asymmetric or symmetric encryption/decryption operations is extremely high, so they are not efficient facing with the explosive growth in the amount of outsourced data in the number of access. Thus, as an emerging approach for the encryption of outsourced data, secret sharing has attracted much attention for its low computational complexity in recent years (Hadavi & Jalili, 2010; Agrawal et al., 2011; Dautrich & Ravishankar, 2012; Liu & Chang, 2016; Liu, Wu, & Chang, 2014; Hadavi et al., 2015; Hong, Kim, & Chang, 2016). For example, in the schemes proposed by Agrawal (2011), a data file is divided into n sections shared among n cloud storage servers; who has the knowledge of any t or more pieces can recover the file. The developers of these schemes have claimed that they are secure, but Dautrich pointed out the scheme is vulnerable to the collusion attack in which any t colluding servers can recover all files outsourced in the cloud (2012), Recently, Liu et al. proposed a secure secret sharing mechanism based on Shamir’s secret sharing method, the scheme can allow an authorized data user to recover all data files in a specified subset (2014). Mohammad et al. studied the security and search-ability in secret sharing-based data outsourcing, and proposed multiple partitioning methods that enable clients to efficiently search among shared secrets (2015). In this paper, a novel and verifiable random grid-based image security scheme for outsourcing the image to the cloud is proposed. In the scheme, data owner firstly embeds the hash value of the image into the image itself using reversible algorithm; then, watermarked image is divided into n sections. Secondly, the hash of n sub image is calculated, and then the hash value is transformed into the initial value of hyper-chaos, thus n random grids are generated by using hyper-chaos. Lastly, after expanding the sub image to the same size with the original image, it is performer XOR operation with the corresponding random grid, this will accordingly produce n sharing secret. In order to outsource the image in the cloud, we only need to put the n sharing secret in the different cloud server, this will guarantee the security of the outsourced image. The proposed scheme can make user losslessly restore the original secret image, and have the double verification ability for sharing secret and the restored secret image. The above advantages make it especially suitable for secret sharing of important images such as medical and military images. Large numbers of experiments show the effectiveness of proposed scheme and the authorized users can access and restore the original image in a secure manner, and some comparisons and analysis are also given to explain the highlights of the proposed scheme. 2. PRELIMINARIES In this section, some knowledge and technology related to the scheme, including hash function, RGbased VSS, reversible watermarking and the hyper-chaotic system based encryption algorithm are firstly introduced. 25


2.1. Hash Function In computer science, the one-way function is a function which is easy to compute on every input, but it is very difficult to compute their inverse functions. That is to say, for a given data x, it is easy to calculate one-way function of x, on the other hand, knowing the value of one-way of x, it is quite difficult to calculate the value of x, and it is very difficult to find two different data, they have the same one-way value. At present, some typical hash function includes MD5, SHA-1 and SHA-2 (Federal Information Processing Standards Publication, 2002). 2.2. RG-based VSS Visual secret sharing (VSS) for image was proposed by Naor and Shamir (1995). VSS can encrypt a secret image into numerous meaningless sharing images, and any one of the shared images does not reveal any information about the secret. As a new kind of VSS, Kafri proposed random grid (RG) based VSS in 1987. In the scheme, for a given secret binary image, two random grids R1 and R2 were generated, and any one of them will leak no information about the binary image individually, yet they reveal the secret binary image when the two grids were superimposed. One of the three algorithms is given as follows. 1. For a binary secret image B with the size of N × M , generate a random grid R1 which includes only 0 and 1, the size of R1 is the same as that of secret image. 2. For every pixel value B(i, j ), i = 1, 2, , N , J = 1, 2, , M , if B(i, j ) is 0, then the value of R2 (i, j ) is equal to R1 (i, j ) , else R2 (i, j ) is equal to the complement of R1 (i, j ) . 3. R1 and R2 are the random grid. As a kind of visual secret sharing (VSS), random grid (RG)-based algorithm has the advantages of no pixel expansion in sharing secret, so it has attracted much attentions in recent years, and people have proposed many RG based VSS schemes, such as RG-based VCC with meaningful shares (Tsai, Chen, & Horng, 2008; AbdEl-Latif et al., 2013) and RG-based VSS with the ability of cheat-preventing (Chen, Tsai, & Horng, 2013; Lin et al. 2015). 2.3. Reversible Watermarking Digital watermarking can be used to protect the copyright of multimedia; it has been widely studied in recent years (Qi & Xin, 2015; Makbol & Khoo, 2014; Wenyin & Shih, 2011). Reversible watermarking, also known as lossless watermarking, is a technique to embed the watermark into a digital content in a reversible way, when a watermark is extracted, the original multimedia can be totally and losslessly restored, this characteristic makes it suitable for the protection of important multimedia data. One of the most used algorithms prosed by people is histogram shifting-based methods (Ni, Shi, Ansari, & Su, 2006), it is reviewed in the following. For a grayscale image, the histogram of this image is firstly given. Then the histogram bins between the peak and zero points are found, and the histogram shifting-based watermarking algorithm is described in detail. For convenient, assume the peak point and the zero point are in hp and hz . Scan all the pixels of the image, if the pixel satisfies the condition

hz + 1 ≤ p ≤ hp − 1

26

(1)


Then, let p = p − 1 , where, p is the value of the pixel. Thus, hp − 1 becomes the zero point. Watermark embedding. Scan the all pixels, if the value of the pixel is hp , the watermarking embedding is conducted according to formula

hp = hp − 1 if w = 1  hp = hp if w = 0 

(2)

where, w is the watermarking bit value. The watermarking extraction and restoration of the original image are given in the following. 1. Watermark extraction. Scan all the pixels of the watermarked image, if the value of the pixel is hp , then extract watermarking bit 0; if the value of the pixel is hp − 1 , then extract watermarking bit 1; 2. Restoration of the original image. Scan all the pixels of the watermarked image, then, the original image will be lossless restored by formula (3)

p = p + 1 if p = h − 1  p  p = p + 1 if hz ≤ p ≤ hp − 2 

(3)

Because the reversible watermarking algorithm has the limit of embedding capacity, many improved reversible algorithms, such as prediction errors-based and chaos optimization-based have been proposed (Gu & Gao, 2013; Coltuc, 2011), they greatly increased the capacity of watermarking embedding and guaranteed the security of the algorithm. 2.4. The Hyper-Chaotic System In the proposed scheme, a hyper-chaos system which is modeled by formula (4) is used for generation of random grid. x1  x2  x 3  x 4

= a(x 2 − x 1 ), = −x 1x 3 + dx 1 + cx 2 − x 4 , = x 1x 2 − bx 3 , = x1 + k

(4)

where a, b, c, d and k are parameters, when a = 36, b = 3, c = 28, d = −16 and −0.7 ≤ k ≤ 0.7 , the system is hyper-chaotic and its attractors are shown in Figure 1 with parameters a = 36 , b = 3 , c = 28 , d = −16 and k = 0.2 , its Lyapunov exponents are λ1 = 1.552 , λ2 = 0.023 , λ3 = 0 , λ4 = −12.573 . Because the hyper chaos has two positive Lyapunov exponents, so the prediction time of a hyperchaotic system is shorter than that of a chaotic system (Yanchuk & Kapitaniak, 2001), as a result, it is securer than chaos in security algorithm. For more detailed analysis of the complex dynamics of the system, please see relative reference (Gao et al., 2006). 27


Figure 1. Hyper-chaos attractors of system (1) with

k = 0.2

As the hyper-chaos has the ergodicity, sensitive features on initial conditions and control parameters of chaotic maps and random-like behaviors, these features make it suitable for generating pseudo-random sequences and key sequences in cryptography. Among various image encryption algorithm based on hyper-chaos, it has shown that some schemes can be effectively broken with known plaintext and chosen plaintext attacks, people have detailed both mathematical analysis and experimental results to testify the security weakness and potential risk of suffering statistical attacks (Zhang, Xiao, Wen, & Li, 2014; Jeng, Huang, & Chen, 2015). 3. THE PROPOSED SCHEME It is well known that, in order to protect privacy of the data, data owners often encrypt data before it is outsourced to the cloud, some roles based on real application for outsourced data management are data owner, data user and cloud server, as depicted in Figure 2. Data Owner: (S)He has a set of files C = (F1, F2 , , Fn ) , (s)he wants to outsource these files to the cloud server, moreover (s)he wants to keep the files encrypted, and these files can be searched by a series of keyword W = (w1, w2 , , wm ) . In order to protect the file from attacks, (s)he hopes to create secure ranked searchable index from keyword and store them on the cloud server. Authorized User: (S)He hopes to get a series of files relevant to certain or some keywords submitted to cloud server, and the cloud server can give ranker files in a criteria; thus, the authorized user can easily obtain the files he want. Cloud Server: It stores the files and keyword index, when it receives the request from the user, it can inquiry index and return the search results according to the ranked relevance criteria. Application Server: Application server is a component-based product that provides middleware services for security and state maintenance, along with data access and persistence. In our mode, it is a trusted program that handles all application operations between users and an organization’s backend business applications or databases, and it can also be neglected in this model.

28


In this paper, what we concern is that how to securely outsource the image to the cloud, the scheme should be verifiable, and it is also convenient to use for data owner and user. Specifically, a novel scheme based on secret sharing and reversible watermarking for outsourcing the image to the cloud is carefully discussed in the paper. 3.1. The Generation of Sharing Secret Step 1: For secret images I , firstly, the message authentication code (MAC) with the size of 256 bit is calculated, thus message authentication codes (MAC) H are obtained. Step 2: Calculate the histogram of the image I to find a pair peak/low point, and embed the H bit by bit by histogram shifting into the image, the resulted image is called watermarked image I ' , the peak/low point of histogram is given by hp , hl . Step 3: Shuffle the watermarked image using the following logistic map

x n +1 = 4x n (1 − x n )

(5)

Firstly, the initial value of logistic map is given by data owner; it is also the key of the scheme. Then, iterate the logistic map for N × M times to produce N × M numbers such as x 1, x 2 , , x N ×M , and then rearrange these numbers in ascending order or descending order to form the sequences which may be expressed as G1 < G2 , , < GN ×M .

Figure 2. System model for outsourcing data

29


Assume the position of G j , j = 1, 2, N × M in the original sequences of x 1, x 2 , , x N ×M is L , 1 ≤ L ≤ N × M , then, the image pixel value which is in the position of L will be moved to the jth position of the image pixel sequences. Thus, all the image pixels are totally permutated. The generated shuffled image is called I '' . Step 4: Divide the I '' into n sub image in average, where, n in the number of sharing secret, they are represented by I i'' , i = 1, 2, n . Then, expand the I '' to the size of N × M with some random value, the resulting image with the size of N × M is denoted by I i''' , i = 1, 2, n Step 5: Obtain the message authentication code (MAC) with the size of 256 bit for every image I i'' , i = 1, 2, n , then, n message authentication codes (MAC) H i , i = 1, 2, n are obtained. Step 6: For every H i , i = 1, 2, , n , assume its 256 bits are expressed by h1, h2 , , h256 , then it is truncated into 64 bit by formula (6). h ' = h ⊗ h , i = 1, 2 , 128  i i i +128  '' ' ' hi = hi ⊗ hi +64 , i = 1, 2 , 64 

(6)

Step 7: For the produced 64 bit data, it is divided into 4 sections, every section includes 16 bits, apply formula (7) to turn the 16 bits data into a integer which belongs to [0, 65535]. Thus, we can get 4 integer numbers. x  1  x 2  x  3 x  4

( = Bin 2dec (h = Bin 2dec (h = Bin 2dec (h

= Bin 2dec h1''h2'' h16'' '' '' 17 18

h h

) '' 32

'' '' 33 34

'' h h48

'' '' 49 50

h h64''

) ) )

(7)

Step 8: Multiply the above generated 4 number by10−5 , and four initial values x 1 (0), x 2 (0), x 3 (0), x 4 (0) . x (0) = x × 10−5  1 1 x (0) = x × 10−5 2  2  x 3 (0) = x 3 × 10−5  x 4 (0) = x 4 × 10−5 

(8)

Step 9: Iterate the hyper-chaotic system (4) for N 0 times by Runge-Kutta algorithm to avoid the harmful effect of transient procedure; Then iterate the hyperchaos for N × M times, and as a result, four decimal fractions x 1, x 2 , x 3 , x 4 will be generated. These decimal values are preprocessed firstly as follows

x i = mod((Abs(x i ) − Floor (abs(x i )) × 1014 , 256) , i = 1, 2,, 3, 4

30

(9)


where Abs(x ) returns the absolute value of x . Floor (x ) returns the value of x to the nearest integers less than or equal to x , mod(x , y ) returns the remainder after division. Step 10: Arrange the above N × M values into a matrix, this will form the random grid, for generated random grid by I i'' , i = 1, 2, n , we represent them by R1, R2 , , Rn . Step 11: Generation of sharing secret. For the random grid R1 and I 1''' , carry out the exclusive or operation between the corresponding value of R1 and I 1''' , thus get the shared images E1 .Then, 1 convert the MAC H 1 into 32 decimal values labeled by a11, a21, , a 32 .

( (

)

a 1 = Bin 2dec h 1h 1 h 1 1 2 8  1 a 1 = Bin 2dec h 1h 1 h 1 2 9 10 16    1 1 1 1 a 32 = Bin 2dec h249 h256 h250 

(

)

(10)

)

1 1 represents MAC 256 bits of H 1 . Obviously, a11, a21, , a 32 all are in the scope of where, h11h21 h256

[0, 255]. If they are put into the last position of the last column of E1 , thus get the shared images E1 . In the same way, for other confused images I i''' , i = 2, 3, , n , the sharing secret Ei , i = 2, , n can be derived. All E1 , E 2 , , En are with the size of N × M .The flowchart of the generation of sharing secret is shown in Figure 3. 3.2. Process of Secret Image Restoration For every shared image Ei , i = 1, 2, , n , the MAC can be collected from the last column, then the same way is used that in the generation stage of sharing image, we can obtain random grid Ri , i = 1, 2, , n , then, the following steps are executed in order to restore the secret images. Step 1: Implement the exclusive or operation between the generated Ri and Ei , i = 1, 2, , n , then, image I i''' , i = 1, 2, , n with the size of N × M are produced. Step 2: Extract the original information from I i''' , i = 1, 2, , n to generate one image I '' using reverse order with the Step 4 of generation stage of sharing. Step 3: Reshuffle the image I '' using the logistic map with the same initial value as that used in generation of sharing secret, the resulting image is denoted by I ' . Step 4: Extract the watermarking embedded in the image I ' and calculate the hash value of the image with no watermark. After extract the watermarking, the image becomes the same as the original image; this can be verified by comparing the extracted watermarking and the hash vale of the image.

31


4. EXPERIMENTAL RESULTS AND DISCUSSIONS The experiment was done by MATLAB version 12b. The grey image ‘Lenna’ with the size of 256 × 256 is used for secret image; it is shown in Figure 4. 4.1. Experimental Results Firstly, its histogram of the image is given by Figure 5(a), and a pair of peak/zero is given by hz = 234 hp = 133 . The watermarked images generated by reversible histogram shifted algorithm and shuffled image are presented by Figure 5(b) and Figure 5(c). Lastly, three sharing secrets are shown in Figure 5(d), Figure 5(e) and Figure 5(f). 4.2. Security of the Proposed Scheme For the proposed scheme, the security of algorithm lies in two aspects. One is that the hash values and the peak/zero point of original secret images can be used to generate the initial value of logistic map, which decides the security of shuffling algorithm. Thus, the initial values of logistic map (secret keys) are strongly related to secret images, and it is in the hand of the data owner. In the stage of generation of sharing secret, the MAC of shuffled image is used to generate another group initial value of hyper-chaos, which affects the generation of final sharing secret. This is a combination of two one-time pads from the point of encryption, and the two MAC codes all have 512 bits, this makes the secret space reaches 2512 , which ensures the security of the scheme. From the description of the proposed scheme, the sharing secret can be used to restore the original secret image, but the scheme need all the sharing secret images to take part in. From the point of security, once any one of the sharing secret images does not join the generation of the original secret image, the original image will not be lossless restored. Figure 6. shows the restored image by two sharing secrets, obviously, the image is not totally restored visually. On the other hand, the original secret images will not be completely restored if the sharing secret is tampered. For example, the value of the 225th position in the last column of the first sharing secret is 68. If it is modified into 69, other data in all sharing secrets are all kept intact, then when the original image is restored, it is found that the MAC of restored ‘Lena” is “C8093679D3127523FAC1DAAFC203D8D1690B6164DEE4324FB2CB17E2A16DB8BC”, but the MAC of original image is “44D88FE2E2EC2F4B09F5C7C0F31B1A61C72A59CA3E3FA2422770A6C6823547C5”. Although the image has no distinct changes from the visual effect, it is indeed altered from the computation, so it is not lossless restore for the algorithm in real sense. 4.3. Double Verification It can be seen from the generation of sharing secret, the proposed scheme has verification of two stages. One is the integrity verification of sharing; the other is the integrity verification of restored original secret image. For any of sharing images, it is with the size of 256 × 256 , in order to verify the integrity of sharing secret image; we can perform the following steps: 1. Convert the “MAC of sharing secret” into initial value of hyper-chaos, and generate the random grid R. 32


Figure 3. Flowchart of generation of sharing secret

33


Figure 4. The image for test

2. Carry out the exclusive or operation between R and the sharing secret image, and the resultant image is represented by I '' . 3. Extract the sub image using the algorithm as that of sharing secret generation, and then, calculate the MAC of sub image, lastly, compared new MAC with “MAC of sharing secret”, if they are identical, it can be thought, the sharing secret can be used to restore the original image, else it may not be used. For the second verification stage, assume that the restored image by thee sharing secret is I s , then, data owner can extract watermarking and restore the original image. We know from the generation of the sharing secret that the watermark is the MAC of the original image, then we can calculate the MAC of the restored original image, and compare it with the extracted watermark, thus we can also judge the integrity of the restored secret image. To clearly explain the verification process, two examples are given in the following. The example 1 illustrates the verification of sharing secret, the other one is for verification of restored secret image. Example 1: For sharing image 1, the 32 decimal values of the “MAC” are “68,216, 143,226,226,23 6,47,75,9,245,199,192,243,27,26,97,199,42,89,202,62,63,162,66,39,112,166,198,130,53,71,19 7”. If the first number is modified into “69” from “68”, then, the original initial value of hyperchaos and that of modified one will become the following, respectively:

x 1 (0) = 0.44407  x 2 (0) = 0.46894  x 3 (0) = 0.44541  x 4 (0) = 0.53421

34

x 1 (0) = 0.44151  x 2 (0) = 0.46894  x 3 (0) = 0.44541  x 4 (0) = 0.53421

(11)


Figure 5. Experimental results (a) Histogram of the image (b) Watermarked image (c) Shuffled image (d), (e) and (f) are the sharing secret

Figure 6. Restored original image by two sharing secrets. (a) Restored original image by sharing secret 1 and sharing secret 2 (b) Restored original image by sharing secret 1 and sharing secret 3 (c) Restored original image by sharing secret 2 and sharing secret 3

Thus, the random grid generated by hyper-chaos with the initial values of modified one is different from that generated by original initial values. In this case, the “MAC” of first sub image becomes “C8093679D3127523FAC1DAAFC203D8D1690B6164DEE4324FB2CB17E2A16DB8BC” from the original 35


“44D88FE2E2EC2F4B09F5C7C0F31B1A61C72A59CA3E3FA2422770A6C6823547C5”, and data owner can conclude that the first sharing secret is modified. Thus, the restored original image can be seen in Figure 7(a). Example 2: In order to testify the necessity of integrity verification of the restored secret image, it is assumed that the restored image by three sharing secret is I s , as it has no difference between I s and the original image visually, then the verification can only be achieved by extraction algorithm of reversible watermarking. Assume that the value of pixel of the tenth in the first sharing secret modified to be 18 from 17, then the restored image from three sharing secret can be depicted by Figure 7(b). The extracted watermarking is “3A7DE3D4EDB9FD3C66C9691C3B6A194E68438B751DCA481CEA5F5385C76309CA”. But, the “MAC” of the no watermarked image is “CD77462213222E005C31767595E33417FB1C78DB8570837C769E8A7AB4E754F8”. It can be seen that though there is no distinct difference between it and the original image visually, the original secret image is not lossless restored.

Figure 7. Restored original image when the first sharing secret is modified. (a) Restored original image when the ‘MAC’ of the sharing secret is tampered with (b) Restored original image when the pixel value of the sharing secret is tampered with

36


4.4. Collusion-resistance Obviously, it can be seen from the scheme that the sharing secrets in the cloud are in the different cloud servers, and they use different keys for encryption, the final verification and acknowledgement of the original secret image must be achieved by data owner. So even if different server can collude to use false sharing secret to act as real one, the data owner can also distinguish the truth from the faults of the restored original image, because only the owner possesses the private key used for shuffling and watermarking extraction. This makes it difficult for several servers to cheat data owner. 4.5. Comparison Analysis It can be seen from the description of the scheme, the final sharing secret has the same size as that of the original secret image, and the proposed scheme has the performance of verification. Moreover, from the point of security, the proposed scheme for outsourcing image in the cloud has the advantages of collusion-resistant. More specifically, the highlights of the proposed scheme are summarized as follows. 1. Compared with some existing random grid based VSS scheme, the prosed random grid and reversible watermarking based on secret sharing scheme can not only verify the integrity of the sharing secret, but also verify the integrity of the restored secret image. This outperforms many already proposed scheme, such as Chen and Lin’s schemes (Chen, Tsai, & Horng, 2013; Lin et al., 2015), they have not the ability of verification for the restored image. 2. For the proposed scheme, sharing secret can be stored in different cloud server; they can also be stored in the same cloud server. This is different from some scheme discussed (Hadavi & Jalili, 2010; Agrawal et al., 2011; Liu, Wu, & Chang, 2014). For the proposed scheme, the sharing secrets stored in the cloud server are encrypted unordered data, there is no available information for cloud server to use, and the sharing secret of different image is not relative with each other. Furthermore, even if the cloud servers use the false sharing to cheat data owner, the final verification can also detect the truth from the false one. 3. Every right sharing secret can help to restore one part of original secret image, the more sharing secret takes part in, the better that original secret image can be restored, if all the sharing secrets are used, the secret image can be restored completely. So, the proposed scheme can progressively recover the original secret image. 5. CONCLUSION In this paper, a novel and verifiable image security scheme based on random grid for outsourcing the image to the cloud is proposed. The proposed scheme has the good performance such as verification and collusion-resistance with the help of histogram shifting based reversible watermarking and random grid based VSS algorithm. The double verification ability for sharing secret and restored secret image can make data user distinguish the truth from the false one; the ability of lossless restoring the original secret image makes it especially suitable for secret sharing of important images such as medical and military images. A large numbers of experiments show the effectiveness of proposed scheme and the authorized users can access and restore the original image in a secure manner. In the end, the comparisons and analysis are presented to explain the highlights of the proposed scheme. ACKNOWLEDGMENT This work is supported by the Tianjin Natural Science Foundation, China (Grant number 16JCYBJC15700).

37


REFERENCES Makbol, N. M., & Khoo, B. E. (2014). A new robust and secure digital image watermarking scheme based on the integer wavelet transform and singular value decomposition. Digital Signal Processing, 33, 134–147. doi:10.1016/j.dsp.2014.06.012 Agrawal, D., El Abbadi, A., Emekci, F., Metwally, A., & Wang, S. (2011). Secure data management service on cloud computing infrastructures. In Proceedings of Service and Application Design Challenges in the Cloud (pp. 57-80). Ahmed, A. (2013). A new meaningful secret sharing scheme based on random grids, error diffusion and chaotic encryption. Optics & Laser Technology, 54, 389–400. doi:10.1016/j.optlastec.2013.04.018 Niu, S., Tu, S., & Huang, Y. (2015). An effective and secure access control system scheme in the cloud. Chinese Journal of Electronics, 24(5), 524–528. Chen, Y. C., Tsai, D. S., & Horng, G. B. (2013). Visual secret sharing with cheating prevention revisited. Digital Signal Processing, 23(5), 1496–1504. doi:10.1016/j.dsp.2013.05.014 Coltuc, D. (2011). Improved embedding for prediction-based reversible watermarking. IEEE Transactions on Information Forensics and Security, 6(3), 873–882. doi:10.1109/TIFS.2011.2145372 Dautrich, J. L., & Ravishankar, C. V. (2012). Security limitations of using secret sharing for data outsourcing. In Proceedings of the 26th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, Paris, France (pp. 145-160). Federal Information Processing Standards. (2002, August). Announcing the Secure Hash Standard. U.S. DoC/ NIST. Gao, T., Chen, Z., Yuan, Z., & Chen, G. (2006). A hyper-chaos generated from Chen’s system. International Journal of Modern Physics C, 17(04), 471–478. doi:10.1142/S0129183106008625 Gu, Q., & Gao, T. (2013). A novel reversible robust watermarking algorithm based on chaotic system. Digital Signal Processing, 23(1), 213–217. doi:10.1016/j.dsp.2012.07.013 Hadavi, M. A., & Jalili, R. (2010). Secure data outsourcing based on threshold secret sharing; towards a more practical solution. In Proceedings of the 36th International Conference on Very Large Data Bases, Singapore (pp. 54-59). Hadavi, M. A., Jalili, R., Damiani, E., & Cimato, S. (2015). Security and searchability in secret sharing-based data outsourcing. International Journal of Information Security, 14(6), 513–529. doi:10.1007/s10207-015-0277-x Henze, M., Hummen, R., Matzutt, R., Catrein, D., & Wehrle, K. (2013). Maintaining user control while storing and processing sensor data in the cloud. International Journal of Grid and High Performance Computing, 5(4), 97–112. doi:10.4018/ijghpc.2013100107 Hong, S., Kim, H. I., & Chang, J. W. (2016). An efficient key management scheme for user access control in outsourced databases. World Wide Web (Bussum), 20(3), 467–490. doi:10.1007/s11280-016-0408-y Jeng, F. J., Huang, W. L., & Chen, T. H. (2015). Cryptanalysis and improvement of two hyper-chaos-based image encryption schemes. Signal Processing Image Communication, 34, 45–51. doi:10.1016/j.image.2015.03.003 Kafri, O., & Keren, E. (1987). Encryption of pictures and shapes by random grids. Optics Letters, 12(6), 377–379. doi:10.1364/OL.12.000377 PMID:19741737 Li, K., & Ma, H. (2014). Outsourcing decryption of multi-authority ABE cipher texts. International Journal of Network Security, 16(4), 286–294. Lin, P. Y., Wang, R. Z., Chang, Y. J., & Fang, W.-P. (2015). Prevention of cheating in visual cryptography by using coherent patterns. Information Sciences, 301, 61–74. doi:10.1016/j.ins.2014.12.046 Liu, Y., & Chang, C.-C. (2016). An Integratable veriable secret sharing mechanism. International Journal of Network Security, 18(4), 617–624.

38


Liu, Y., Wu, H.-L., & Chang, C.-C. (2014). A fast and secure scheme for data outsourcing in the cloud. Transactions on Internet and Information Systems (Seoul), 8(8), 2708–2721. Naor, M., & Shamir, A. (1995). Visual cryptography. In Advances in cryptography Eurocrypt ’94. doi:10.1007/ BFb0053419 Ni, Z., Shi, Y. Q., Ansari, N., & Su, W. (2006). Reversible data hiding. IEEE Transactions on Circuits and Systems for Video Technology, 16(3), 354–362. doi:10.1109/TCSVT.2006.869964 Qi, X., & Xin, X. (2015). A singular-value-based semi-fragile watermarking scheme for image content authentication with tamper localization. Journal of Visual Communication and Image Representation, 30, 312–327. doi:10.1016/j.jvcir.2015.05.006 Song, D. X., Wagner, D., & Perrig, A. (2000). Practical techniques for searches on encrypted data In Proc. IEEE Symp. Secur. Privacy (pp. 44–55). Tsai, D. S., Chen, T. H., & Horng, G. (2008). On generating meaningful shares in visual secret sharing scheme. Imaging Science Journal, 56(1), 49–55. doi:10.1179/174313107X214330 Yanchuk, S., & Kapitaniak, T. (2001). Symmetry-increasing bifurcation as a predictor of a chaos-hyperchaos transition in coupled systems. Physical Review. E, 64(5), 056235. doi:10.1103/PhysRevE.64.056235 PMID:11736082 Zhang, W., & Frank, Y. (2011). Shih: Semi-fragile spatial watermarking based on local binary pattern operators. Optics Communications, 284(16-17), 3904–3912. doi:10.1016/j.optcom.2011.04.004 Zhang, Y. S., Xiao, D., Wen, W. Y., & Li, M. (2014). Breaking an image encryption algorithm based on hyperchaotic system with only one round diffusion process. Nonlinear Dynamics, 76(3), 1645–1650. doi:10.1007/ s11071-014-1235-2 Zhu, H., Lu, R., Huang, C., Chen, L., & Li, H. (2016). An efficient privacy-preserving location-based services query scheme in outsourced cloud. IEEE Transactions on Vehicular Technology, 65(9), 7729–7739. doi:10.1109/ TVT.2015.2499791 Ziegeldorf, J. H., Garcia Morchon, O., & Wehrle, K. (2014). Privacy in the internet of things: Threats and challenges. Security and Communication Networks, 7(12), 2728–2742. doi:10.1002/sec.795 Zou, Q., Wang, J., & Ye, J., Shen, J., & Chen, X. (2016). Efficient and secure encrypted image search in mobile cloud computing. Soft Computing, 4, 1–11.

39