Lossless image hierarchical recovery based on POB number system

Signal Processing 167 (2020) 107293

Contents lists available at ScienceDirect

Signal Processing journal homepage: www.elsevier.com/locate/sigpro

Lossless image hierarchical recovery based on POB number system Yan Liu, Zhaoning You, Tiegang Gao∗ College of Software, Nankai University, Tianjin, PR China

a r t i c l e

i n f o

Article history: Received 26 May 2019 Revised 14 September 2019 Accepted 16 September 2019 Available online 18 September 2019 Keywords: Hierarchical recovery Image encryption Image security Lossless Permutation ordered binary (POB) number system

a b s t r a c t This paper proposes an effective method for image tampering localization and recovery. In the proposed scheme, the host image is firstly encrypted by a chaotic system, and then bit-plane separation is conducted on the encrypted image. Afterwards, the certificate watermark and the recovery watermark are calculated respectively on the MSB-plane and LSB-plane. Right after, watermarks are embedded into the two bit-planes with the help of chaotic mapping and permutation ordered binary number system (POB number system), thus, the two shares are generated. The recovery of images contains a two-level comparison, neighbor-based refinement and watermark-based refinement. For the tampered share, the comparison can localize all the tampers, two refinements can eliminate the error judgments generated by two-level comparison and recover the image losslessly. Experimental results demonstrate that the proposed method can recover the tampered image losslessly with one of two shares tampered; some analysis results and comparisons with some existing schemes are presented to show that the proposed scheme achieves the better performance in some criteria. © 2019 Elsevier B.V. All rights reserved.

1. Introduction Nowadays the cost of the storage has declined, and cloud storage is a rising technology using the data servers set in the data center. Data centers charge users fee and offer the storage space to them. However, there are some security issues: (1) while being transmitted, if the transmission signal is interfered, which leads to the tampers of some key areas, such as modifying the values of a few pixels, may destroy the images; (2) if the images are intercepted during transmission, there may be leakage of users’ privacy, or if the images are stored in the data center, the operators may check the uploaded data, and it can also leak the privacy; (3) if the images are tampered, the downloaders may not know or become aware of the tampers; (4) if the tampers are detected, the user cannot recover the image. As a result, the integrity and safety of the images need to be guaranteed during transmission. Integrity means that the restored image for the receiver is the same as the original one, safety means that the privacy of the data can be protected during transmission. Therefore, we need an encryption algorithm which can ensure the integrity and safety of the data, and if the images are tampered the algorithm could recover them. Information hiding technology has achieved great progress in recent years; it can protect the essential information from illegal uses. Digital watermarking is one of the most famous hiding meth-

∗

Corresponding author. E-mail address: [email protected] (T. Gao).

https://doi.org/10.1016/j.sigpro.2019.107293 0165-1684/© 2019 Elsevier B.V. All rights reserved.

ods, it can be used to embed the secret data into the images. Digital watermarking can be divided into two types, one type is irreversible watermarking, that means the original image for data embedding cannot be recovered without any loss when the watermarking is extracted [1–5]. This kind of watermarking is not suitable for important images such as medical or military images. The other one is a reversible algorithm which permits the original images to be recovered in a specified way [6–9]. Sender embeds the secret information into images, and receiver extracts the watermarks through the regulation prescribed by both parties, then recovers the carrier through the reversible algorithm. This type of hiding can hide the information invisibly and can guarantee the integrity of the image. And the watermarks generated from the image itself can be divided into two kinds: for verifying and for recovering. The watermark for verifying can be used to detect the tampered parts in the image, and some can even be used to localize the tampered parts. Tamper detection for medical images is a classic example [10–13], for the essential area must be the same as the original one. The watermark for recovering can be used to recover the tampered images. Some watermark-based schemes have the recovery watermarks for recovering the tampered images [14– 25], and some of them can be used to recover the images visually, but they cannot recover images losslessly. In this paper, a novel image tampering localization and recovery scheme based on POB number system is proposed. The proposed scheme utilizes the bit-planes separation on the encrypted image and chaotic mapping to generate two shares, then certificate and recovery watermarks are embedded into the corresponding posi-

2

Y. Liu, Z. You and T. Gao / Signal Processing 167 (2020) 107293

tions of two shares. A two-level comparison and two refinements, namely, neighbor-based refinement and watermark-based refinement can be used to recover the original image without any loss even if either share is tampered. So, the proposed method can protect the privacy of data owners and ensure the integrity of the transmitted data. The highlights of the proposed method are as follows: • •

•

Tampered images can be recovered losslessly. All tampered blocks can be detected using the two-level comparison. Two kinds of refinements are proposed to eliminate errordetected blocks.

The rest of the paper is organized as follows. Section 2 gives the review of the related work. Section 3 describes the details of the proposed method. Section 4 shows the experimental results and analysis results. Finally, the conclusion of the paper is given in Section 5. 2. Related work At present, people have presented various watermarking methods to protect the important information in the image. From the point of strategy of watermarking embedding, there are mainly two kinds of embedding: one is the self-embedding method, and the other one is embedding in a carrier image. Self-embedding watermarking method calculates features of image and embeds them into the image itself. In general, this method is implemented by modifying some unimportant parts of the image and it is quite difficult to recover the original image completely. The embedding in the carrier image can embed the watermark into another image which is unrelated to the original image. This can recover the image losslessly in theory, but safety of the carrier image may be a problem. With regard to the self-embedding method, an image authentication method has been proposed in [14], it can detect the tampers and self-recover, the method embeds the fragile watermark of a block which has authentication data and recovery data into another by a chaotic map. It can relieve the location relationship of the data and the corresponding watermark. The recovery watermark is the wavelet transform of the data and this can reduce the smoothing blocking effect of the recovered image. The method adopts the hierarchical detection to ensure the accuracy. In the recovery process, it adopts a two-level recovery scheme by considering the neighbors of the block, and this can avoid the tampering coincidence problem. A method with two-share recovery watermark has been presented in [15]. The two recovery shares are based on the lifting wavelet and the halftoning technique, respectively. The watermark is 8 bits, which contains recovery watermark and authentication bits. And a new LSBRounding technique is proposed to enhance the quality of the watermarked image. However, there are two digests of the image for recovering, and the method is quite like the two-copy method. In [16], the authors proposed a scheme, the authentication bits are generated from a 2 × 2 block using the chaotic maps, and the two sets of restoration bits are embedded into the blocks randomly. A DCT based scheme has been proposed in [17], 2 authentication bits and 10 recovery bits are generated from most significant bits (MSB) and embedded into least significant bits of a 2 × 2 block using the map. And the authentication process is based on two levels hierarchical tampered detection mechanism. The methods of [18,19] use the source-channel coding for self-recovery. One of the good uses is about the copyright, Fan et al. [20] proposed a watermarking algorithm based on significant difference of cellular automata transform for copyright protection. The authentic watermark is the difference between two low-frequency bandwidths using CAT. The al-

gorithm combines the generated ownership share image and master share image to verify the image. Hsu and Tu [21] used smoothness to distinguish types of the image blocks and designs new embedding, detection and recovery for different block types. In [23], a quantization and DCT based self-embedding fragile watermarking scheme has been proposed, the watermarks are generated from MSB and embedded into other blocks’ LSB using the map and the encoding is two-level. In 2014, Dadkhah et al. [24] proposed a novel SVD-based image tamper detection and self-recovery by active watermarking. The detection keys here are the SVD values of image blocks. In 2017, Qin et al. [25] proposed a block-wise mechanism for tampering localization and a pixel-wise mechanism for content recovery, then on the receiver side, three pixel-wise manners are exploited for recovery. However, the mechanism cannot recover the image losslessly. The MSB plane in [26] is scrambled and interleaved with different ratios according to the importance on vision based on hierarchical mechanism. In [27], Zhang et al. introduced a reference sharing mechanism, which does not suffer from the tampering coincidence problem, and two self-embedding watermarking schemes are proposed based upon this mechanism. The watermark is scattered and embedded into the entire image, so it can avoid the tampering coincidence problem. In the same year, Zhang et al. [28] proposed a watermarking scheme with flexible self-recovery quality, the watermarks are obtained from the original DCT coefficients of the host image, and a compressive sensing technique is utilized to retrieve the coefficients. However, if the watermarks embedded into LSB planes are destroyed, the recovery is disabled. For the schemes that embed watermarks into the carrier images, Singh et al. [29] proposed a method that information is distributed into different encrypted shares. And the scheme that generates these shares is permutation ordered binary number system (POB) [30], which is an n out of n secret sharing scheme. After receiving the image information at the receiving end, according to the location, neighbor and value of the encrypted shares, the multiple authentication scheme is used to authenticate the shares at the pixel level. It can perform authentication at the pixel level, can confirm whether the image has been tampered with and can accurately locate the falsified position in the case of being tampered with, and reflect the falsified position in the reconstruction image obtained at the user end. This solution enables lossless recovery, blind verification and pixel-level tampering. Recently, the POB number system [30] is quite popular [31–34] and it is utilized in [31] for obfuscation of the content into multiple shares to ensure the integrity of the image. The embedded image has no visual distortion. However, the method cannot recover the image completely, and there are still few differences between the recovered image and the original one. In [32], Deepika and Sreekumar introduced a scheme using POB and CRT, which performs well in security. In 2016, Singh et al. [33] produced random shares using the POB number system; the method can reveal no information to enhance the security. Recently in 2019, Xiang et al. [37] introduced a POB based scheme, the detection watermark is obtained by SVD feature computation, and the recovery watermark is the average value of 5-MSB part of the four pixels in one block. The scheme can recover the tampered image effectively, but it cannot recover the image losslessly if the share is tampered. For image encryption, Pareek et al. [38] proposed an effective approach for image encryption based on chaotic logistic maps and two chaotic maps are used to encrypt images. In [39], an encryption using combination of the 1D chaotic map was proposed, output sequences of two same existing 1D chaotic maps are combined, and a novel encryption system of linear-nonlinearlinear structure based on total shuffling was introduced. In recent years, Li et al. [42] reviewed the representative works on protecting and attacking image data proposed in 2018 and summarized

Y. Liu, Z. You and T. Gao / Signal Processing 167 (2020) 107293

3

Fig. 1. Generation of image shares.

some challenging problems. Hua et al. [43] developed an image encryption algorithm utilizing the principles of the Josephus problem and the filtering technology. Hua et al. [44] addressed the problem that chaotic maps used by some chaos-based cryptosystems don not have complex dynamical behaviors, and a cosine-transformbased chaotic system was proposed. 3. The proposed method In this section, the proposed scheme will be presented in detail. To protect the privacy of data owners, the image is firstly encrypted, and then two shares based on POB are generated. The tampered parts in the image can be located by certificate watermarks, and they can also be recovered by the recovery watermarks. Before the scheme is described, the POB used in the paper is firstly introduced.

(b) Put I2 into the Chebyshev–Chebyshev map (CCS) system in [39] by the formula

Xn+1 = cos ( (u + 1 ) × arccos (Xn ) ) × 2k − cos ( (u + 1 ) × arccos (Xn ) ),

(1)

where the parameter u ∈ [0, 10], and k is 14, the notation ’ ’ means round down. Then iterate the system (X0 + M × N ) times and take the new array I3 generated by last M × N times, here X0 is the secret key. (c) Sort I3 in ascending order, then the sorted and reshaped matrix is denoted as I4 . (d) Diffuse Index4 (the index of the matrix I4 ) according to

D (i ) = Index4 (i ) × 1014 mod 256,

(2)

and get the new diffusion matrix D . (e) The encrypted image matrix C is obtained through

3.1. POB number system The POB number system is proposed by Sreekumar and Sundar [30]. The system is denoted by POB (n, r), where n and r are non-negative integral parameters such that n ≥ r. In this number n system, all integers in the range of [0, ( ) − 1] can be represented r as a binary string B = bn−1 bn−2 . . . b1 b0 , there are r 1s in the string. And it can be proved that the POB representation is unique. 3.2. The generation of image shares In this section, detailed steps of generation of image shares including image encryption, bit-plane separation, image shuffling, generation and embedding of watermarks will be presented, and the tampers localization and recovery will also be discussed in this section. The flowchart of generation of the watermarked image shares is shown in Fig. 1. 3.2.1. Image encryption In order to protect image, the image is firstly be encrypted. Here, we use the same method as that proposed by Pak and Huang in [39], and it should be explained that we can adopt any kind of image encryption algorithm which is proved to be safe. The encrypted image Ien is obtained by the following steps. (a) Read the image I with the size of M × N and rearrange them into an array I2 whose size is 1 × MN, here M is the width of the image and N is the height of the image.

C (i ) =







I4 + D (i ) mod 256  C (i − 1 ),

(3)

here  is XOR operation. (f) Set an offset L for the obtained encryption through



C  (i − L ) = C (i ) i f i − L ≥ 1 C  ( ( i − L ) + M × N ) = C ( i ) i f i − L < 1,

(4)

which can avoid the redundant transformation between linear and nonlinear as well as enhance the encryption strength. (g) Transform the obtained matrix C into the image Ien of M × N, Ien is the encryption image. Fig. 2 shows the result of the image encryption, where, Fig. 2(a) is the original image, and the Fig. 2(b) is the encrypted image of Fig. 2(a). 3.2.2. Watermark generation In order to detect the tampered position and recover the host image, two kinds of watermarks are produced in this stage. The certificate watermark is used to verify the integrity of the image, and can be used to locate tampered position under the condition that the obtained image is tampered, and the recovery watermark is used to recover the tampered parts. For simplicity, we assume that the original image is grey scale. For each pixel, the higher five bits which have the greatest visual impact can be obtained as

MSB =

I × 32. 32

(5)

4

Y. Liu, Z. You and T. Gao / Signal Processing 167 (2020) 107293

Fig. 2. Result of the encryption.

In this phase, for the encrypted image Ien generated in the above process, we divide it into two images: one is generated by high five-bits plane Ien−hbp , and the other one is produced by low three-bits Ien−lbp . In order to generate watermark, for image Ien−hbp and Ien−lbp , they are divided into some non-overlapping blocks with the size of 3 × 3. Then, the location features of the four blocks (Upper, Down, Right and Left) around the current block are calculated. For each pixel Bf, k , in the four blocks, where f is the direction such as upper (u), down (d), left (l) and right (r), k ∈ {1, 2, . . . , 9}, the features are calculated by

x1,k = Bu,k  Bd,k

(6)

x2,k = Bl,k  Br,k

(7)

xk = x1,k  x2,k

(8)

where,  is XOR operation, k ∈ {1, 2, . . . , 9}. Obviously, as there are 9 pixels in each block, only the top 2 bits of generated pixel are used as watermarks, thus total 18 bits certificate watermarks are obtained for each block. The recovery watermark is the value of the current plane. Take Ien−hbp as an example, the recovery watermark is the 5 bits itself of each pixel. The whole watermark of each block is the combination of the two kinds of watermarks, whose length is 9 × (2 + 5 ) for Ien−hbp and 9 × (2 + 3 ) for Ien−lbp plane.

position of the vector Pj , j ∈ {1, 2, . . . , L}. Thus, all the pixels in the image are totally permutated. Lastly, the two permutated images denoted by Ien−hbp−per and Ien−lbp−per with different secret keys are generated by logistic chaos mapping. In order to embed the watermarks into the two bit-planes image, Ien−hbp−per and Ien−lbp−per are divided into 3 × 3 nonoverlapping blocks. For each block in Ien−hbp−per , the size of a pixel will be extend to (5 + 2 + 3) bits from 5 bits, the top 5 bits are the image part, the 6-7 bits are the certificate watermark of the block, the last 3 bits are the recovery watermark coming from the corresponding block in Ien−lbp−per . It can be shown in Fig. 3. For each block in Ien−lbp−per , the size of a pixel is extended to (3 + 2 + 5) bits from 3 bits, the top 3 bits are the original image part, the 4-5 bits are the certificate watermark of the block, the other 5 bits are the recovery watermark coming from the corresponding block in Ien−hbp−per . Fig. 4 shows the embedding process. After the watermarking embedding for image Ien−hbp−per and Ien−lbp−per , two images with the size of 10 bits of each pixel are generated. In order to use and transmit these shares, we transform the image into an 8-bit one which can be written using the POB (Permutation ordered binary) [30] system. Finally, two generated shares Ien−hbp−per−wat and Ien−lbp−per−wat are transmitted into the cloud or to the receiver. 3.3. Tamper detection and image recovery For two generated shares, if they are tampered, the tampered location in original image can be located and the tampered parts can be recovered in the following process. The flowchart of tampering detection and image recovery is shown in Fig. 5. The detailed description is in the following. Step 1: Firstly, as the shares are produced by POB system, the first step will be given by reverse process of the POB system which is given in Algorithm 1. Thus, the produced images with the pixel value of 10 bits are denoted by Ir pob−hbp and Ir pob−lbp .

3.2.3. Watermark embedding In order to enhance the security of the proposed scheme, for Ien−hbp and Ien−lbp , the following method is used for permutation of the two planes, respectively. Firstly, we transform the matrix of image pixels into a one row vector Pi , i ∈ {1, 2, . . . , L}. Where, L is the total number of pixels of the image. Secondly, for a given initial value of logistic map, iterate the logistic map xn+1 = 4xn (1 − xn ) for L times to produce L numbers such as x1 , x2 , . . . xL , and then rearrange these numbers in ascending order or descending order to form the sequences which may be expressed as xn1 < xn1 <  < xnL . Assume that the position of xi in xni , i ∈ {1, 2, . . . , L}, is r, where 1 ≤ r ≤ L, then, the pixel value Pi of image, which is in the position of i, will be moved to the rth

Fig. 3. Embedding in MSB.

Algorithm 1 [POBN: Generate POB number corresponding to the given POB value]. n Input: n, r and v, where r ≤ n and 0 ≤ v ≤ ( ) − 1. r Output: The POB number B = bn−1 bn−2 . . . b1 b0 . (A) Let j = n and temp = v. (B) fork = r down to 1 do: 1. repeat { 2. j = j – 1; j 3. p = ( ); k 4. if (temp ≥ p) 5. temp = temp – p; 6. bj = 1; 7. elsebj = 0; 8. } until (bj = 1); (C) if (j > 0) fork = j – 1 down to 0 do: bk = 0; Step 4: return B;

Y. Liu, Z. You and T. Gao / Signal Processing 167 (2020) 107293

5

Fig. 4. Embedding in LSB.

Fig. 5. Tamper detection and image recovery.

Step 2: Recover two bit-planes In this step, we will recover two bit-planes from Ir pob−hbp and Ir pob−lbp , as the size of each pixel is 10 bits, the following steps are used to get watermarks and bit-planes. (1) To reconstruct the high-level plane. From the overview of the scheme, it can be seen, the top 5 bits of image Ir pob−hbp can be used to reconstruct the original MSB plane, and the next 2 bits can be used to verify whether the block is tampered. The last 3 bits watermark is the top 3 bits in corresponding location of Ir pob−lbp . (2) The low-level plane image can be reconstructed in the same way as that used in (1). The top 3 bits can be used to reconstruct the original LSB plane. The next 2 bits are the certificate watermark of the current LSB block, and the last 5-bit watermark belongs to MSB plane in the corresponding location. Obviously, if one only owns the secret key used for MSB permutation or has the secret key used for LSB permutation, it’s impossible to recover the original image. Only two secret keys are used simultaneously, the reconstructed LSB 3-Bit planes and MSB 5-Bit planes in this process can be anti-shuffled to restore the original encrypted MSB plane Ir pob−en−hbp and LSB plane Ir pob−en−lbp . The extracted certificate watermarks from LSB and MSB can be used to judge whether the corresponding block is tampered or not, respectively. Step 3: Two-level comparison The two reconstructed planes and extracted watermarks are processed through a two-level comparison, and two location maps, named Map1 and Map2 , are obtained.

For a pixel of the block in MSB, it needs to be judged twice at most, and the comparison is shown in Algorithm 2. Fig. 6 shows the judgment of the MSB part. The Level 1 comparison contains the judgment of the original image part; the Level 2 comparison contains the judgment of the watermark part, only if two results are both false, the pixel can be judged as false. The location map shows value 1 where the tamper may occur and it shows value 0 where the block is correct. Unless there are no 1s in the block, the block is marked as tampered. Step 4: Hierarchical refinement After the comparison, there are many misjudgments and few miss detections. If the correct blocks are judged to be tampered, it is called misjudgment. If the tampered blocks are judged to be correct, this means miss detection. This is because, for one pixel which should be judged as correct, if the two pixels to be used for judgment in the other plane are both tampered, this pixel may be misjudged. However, on account of the scrambling map used above, the misjudging region in the other plane is scrambled and it turns into discrete blocks. And because of the low probability of the loss detection, the mistaken blocks are also discrete. Most of the tampers occur in specific shapes or big blocks, for tampered blocks, there must be tampered ones in its neighborhoods. Fig. 7 shows the process of refinement. If the upper, down, left and right blocks are all 1s while the current block is 0, the value should be modified to 1; and if the values of neighbors are all 0s while the current one is 1, it should be modified to 0. After the neighbor-based refinement, the single misjudged blocks can be eliminated according to the attributes of their neighbors. The above refinement can only eliminate miss detection in single blocks, while if some neighbor blocks are also tampered,

6

Y. Liu, Z. You and T. Gao / Signal Processing 167 (2020) 107293

Fig. 6. Two-level comparison.

Algorithm 3 [Watermark-based refinement]

Fig. 7. Neighbor-based refinement.

Algorithm 2 [Two-level comparison] Input: Original LSB 3-Bit plane L, original MSB 5-Bit plane M, recovery watermark in LSB R1 , recovery watermark in MSB R2 . Output: Location map Map1 , Map2 . (1) (k, l) represents the location of the current block; (2) (i, j) represents the location of the block where the generated watermark of (k, l) block image part embedded into; (3) (m, n) represents the location of the block where the embedded watermark in (k, l) is from; (4) u represents the uth pixel of the current block. (A) for all the blocks do: 1. foru = 1–9 do: 2. repeat { 3. if M (k, l, u) == R1 (i, j, u) 4. M1 (k, l, u) = 0; 5. else 6. if R2 (k, l, u) == L (m, n, u) 7. M1 (k, l, u) = 0; 8. else M1 (k, l, u) = 1; 9. } 10. if M1 (k, l) are all 0s 11. Map1 (k, l) = 0; 12. else Map1 (k, l) = 1; (B) for all the blocks do: 1. foru = 1–9 do: 2. repeat { 3. if L (k, l, u) == R2 (i, j, u) 4. M2 (k, l, u) = 0; 5. else 6. if R1 (k, l, u) == M (m, n, u) 7. M2 (k, l, u) = 0; 8. else M2 (k, l, u) = 1; 9. } 10. if M2 (k, l) are all 0s 11. Map2 (k, l) = 0; 12. else Map2 (k, l) = 1; (C) return Map1 , Map2

Input: Map1 , Map2 , certificate watermark in MSB C1 , certificate watermark in LSB C2. Output: NewMap1 , NewMap2 . (1) The certificate watermark is the middle-2-bit watermark extracted from MSB and LSB; (2) Certificate (block) means the function that calculate the certificate watermark of the current block. (A) for MSB 1. NewMap1 = Map1 ; 2. for all the MSB blocks whose value in location map is 1 do: 3. Cx = Certificate (block); 4. ifCx == C1 5. NewMap1 (block) = 0; (B) for MSB 1. NewMap2 = Map2; 2. for all the LSB blocks whose value in location map is 1 do: 3. Cy = Certificate (block); 4. ifCy == C2 5. NewMap2 (block) = 0; Step 3: return NewMap1 , NewMap2 .

the neighbor-based refinement cannot find or correct them. However, the watermark-based refinement can solve the problem to a great extent. The watermark-based refinement is described in Algorithm 3. Step 5: Recover the original image The refined location map represents the validity of the current block. ‘1’ means the tampered blocks and ‘0’ represents the correct block. If there is a 1 in the current block, the block is replaced by the corresponding recovery watermark. Algorithm 4 shows the generation of MSB, LSB, and the generation of the recovered image. 4. Experimental results and analysis The experiments are implemented on a computer with a CPU of Intel Core i5-830 0H 2.3GHz, RAM 8.0 0GB, Windows 10 operating system, MATLAB 2015b. 4.1. Experimental results To show the lossless recovery ability of the method, we take cropping attack, content exchanging attack and text addition attack on the MSB part for test. The detection and recovery results are shown in Fig. 8, the first column is the process of the cropping attack, here pixel values of the one-fourth of top left part are set to 0; the second column shows that of content exchanging attack,

Y. Liu, Z. You and T. Gao / Signal Processing 167 (2020) 107293

7

Algorithm 4 [Regeneration of the image] Input: MSB, LSB, recovery watermark of MSB WM , recovery watermark of LSB WL , NewMap1 , NewMap2 , random matrix M. Output: Ir . (A) generate NewMSB and NewLSB 1. if NewMap1 (i, j) == 1 && NewMap2 (i, j) ∼= 1 2. NewMSB (i, j) = WM; 3. NewLSB (i, j) = LSB (i, j); 4. if NewMap2 (i, j) == 1 && NewMap1 (i, j) ∼= 1 5. NewLSB (i, j) = WL; 6. NewMSB (i, j) = MSB (i, j); 7. if NewMap1 (i, j) == 1 && NewMap2 (i, j) == 1 8. NewMSB (i, j) = WM; 9. NewLSB (i, j) = WL; (B) regenerate the image 1. Image = NewMSB + NewLSB; 2. Ir = Image xor M; Step 3: return Ir.

here the one-fourth of top left part is replaced with another image with the same size; the third column shows that of text addition attack, here the word ‘text’ is embedded into the MSB part. And the first row shows the original images; the second row shows the tampers; the third row shows the reconstructed images after being tampered; the forth row shows the detected tampered locations, the red box means the tamper in MSB, while the blue one means that in LSB; the fifth row shows the detected tampered locations after the neighbor-based refinement; the sixth row shows the detected tampered locations after the watermark-based refinement; The last row shows the recovered images. Table 1 shows the comparison results of the recovered image and the original image, if all the pixels in the two images are same; the comparison result is labeled as ‘lossless recovery’. For one-share tampers in MSB or LSB, all kinds of tampers can be detected accurately and the image can be recovered losslessly. For the two-share attack, we tampered the MSB on the top left with one-fourth part and the LSB on the lower right with onefourth part. The detection results are depicted in Fig. 9.

4.2. Security analysis In this section, security analysis of the proposed scheme is reported, and some metrics of image security in [45,46] are used to evaluate the proposed scheme.

4.2.1. Key security analysis For the POB number system, a given POB 10-bit number can n be represented in the range of [0, ( ) − 1], r is the number of the r 1s and n is 10 here, take r = 4 for an example, there is a total of 210 shares corresponding to one secret pixel. That means that the probability to guess the share with the size of m pixels correctly is 1 m ( 210 ) . For the logistic map, the needed secret key is the initial value, and the probability to guess the locations of all pixels correctly is ( m1×n )m×n . For the two-level comparison, there is a probability that the two blocks to be compared are tampered but the values of them are just the same, so the block may be ‘forgotten’. However, the probability is quite small, if a block is labeled as correct, the 9 pixels of it should all be labeled as correct. For one pixel in LSB, the mistaken probability is 87 × ( 81 + 18 − 18 × 18 ) = 105 512 , so the mistaken 9 , while that of the block in MSB probability for one block is ( 105 ) 512 is smaller. Even if the coincidence happens, the neighbor-based refinement will solve it.

Fig. 8. Recovery results after attacks. (a)–(c) Images before attack (d)–(f) tampered area of cropping attack, content exchanging attack and text addition attack (g)–(i) reconstructed images after attacks (j)–(l) detection results after two-level comparison (m)–(o) detection results after neighbor-based refinement (p)–(r) detection results after watermark-based refinement (s)–(u) recovered images.

8

Y. Liu, Z. You and T. Gao / Signal Processing 167 (2020) 107293 Table 1 Result of recovered images. Tampered area in MSB

Comparison result

Tampered area in LSB

Comparison result

10% 30% 50% 70% 100%

Lossless Lossless Lossless Lossless Lossless

10% 30% 50% 70% 100%

Lossless Lossless Lossless Lossless Lossless

recovery recovery recovery recovery recovery

recovery recovery recovery recovery recovery

Fig. 9. Result of two-share attack. (a) original image (b) reconstructed image (c) tamper in MSB (d) tamper in LSB (e) detection result (f) detection after neighbor-based refinement (g) detection after watermark-based refinement (h) recovered image.

Fig. 10. Histograms of the images. (a) Histogram of the original image (b) histogram of the encrypted image.

4.2.2. Histogram analysis For the encrypted image with the specific initial values of chaotic system, Fig. 10 shows the histogram of the original image and the encrypted image, the left one has an obvious feature: number of values is quite different; while in the right image, number of values is similar, and statistical feature of the image is hided.

they modify the plaintexts, which is quite impossible to succeed. To testify the performance of the proposed scheme, the value of pixel change rate (NPCR) is defined as

4.2.3. Ability to resist differential attacks Differential attack aims at finding information about the secret key by studying how the differences between plaintexts can affect the resultant difference between the corresponding cipherimages. However, attackers have to study two encrypted shares if

where, D(i, j) is the number of different values between two encrypted images, M and N are the width and height of the image. It is used to measure whether an encryption algorithm can resist differential attacks. For 8-bit images, the ideal value is NPCRE = 99.6094070.

NPCR =

N M 1  D(i, j ) × 100%, M×N

(9)

i=0 j=0

Y. Liu, Z. You and T. Gao / Signal Processing 167 (2020) 107293

9

where, TP and FN are the numbers of true positive and false negative detections of the tampered area. PSNR (Peak Signal to Noise Ration) is used to evaluate the distortion of the image. The larger PSNR between the encrypted image and the original image is, the more similar they are. It is described as

P SNR = 10 × log10

MSE =

2552 MSE

(12)

N M 1  (I (i, j ) − R(i, j ))2 , M×N

(13)

i=0 j=0

Fig. 11. Graph of NPCR values.

Here, we take one share as an example and give NPCR values for 50 groups. The results are shown in Fig. 11. It can be seen that the experimental values are close to the ideal value. That means the proposed scheme exhibits high performance in terms of resisting differential attacks. 4.2.4. Analysis of correlation of image pixels Correlation between adjacent pixels is used to measure how comprehensible the image is. If the correlation is high, the image is smooth, while it is low, the image is scrambled. Generally, the correlation is measured from the horizontal, vertical and diagonal directions. The correlation r can be computed by

r=



N

(xi − x¯ )(yi − y¯ ) 2  N 2 , i=1 (xi − x¯ ) i=1 (yi − y¯ )

N

i=1

(10)

where, xi and yi here are the values of the adjacent pixels, x¯ and y¯ are the means of them, N is the number of the adjacent pixels. Table 2 shows the results of the correlation; to be comprehensive, we used five test images and recorded the correlation values of the plaintexts, cipher-images of MSB and LSB in three directions. From Table 2, the original images have large correlation in three directions, but the encrypted images (MSB and LSB) have lower correlation. This shows that the suggested scheme achieves high efficiency in breaking the strong correlations of adjacent pixels in natural images. 4.3. Recovery evaluation In this section, the precision and recall are used to measure the ability of the proposed recovery method. Precision denotes the accuracy of the detected tampered region. Recall denotes the number of truly relevant results that are returned and is defined as

Recall =

TP , TP + FN

(11)

where, M and N are the width and height of the image, I(i, j) denotes a pixel value of the original image, R(i, j) denotes a pixel value of the recovered image. Table 3 shows the precision and recall with four tamper rates, 10%, 25%, 50% and 100%, for each tamper rate, the results of twolevel comparison, results after neighbor-based refinement and results after three kinds of processes are shown. It can be seen from the table, all the recall values are 1, which means that there is no leak detection. As the tamper rate goes up, the precision values of two-level comparison and neighborhoodbased refinement after comparison declines, while the combined process reaches the precision value of 1, that means the proposed method can recover the image losslessly. 4.4. Comparison of performance with other approaches In order to illustrate the better performance of the proposed method, the following criteria are used to compare with some existing algorithms. Mode of recovery (MR): This describes the method that the paper used to recover the image. The quality (Q): This refers to the quality of the recovered image, if the recovered image is the same to the original one on all pixels, the method can be labeled ‘Lossless’, and if the PSNR value between them is near 40, it can be labeled as ‘Slightly Lossy’, and the others can be said as ‘Lossy’. Blind authentication (BA): If the information in the image is enough for detection, and there is no need of other information, it follows blind authentication. Level of tamper detection (LTD): This refers to the scope of the tamper detection and can be labeled as ‘Image’, ‘Block’ and ‘Pixel’. Level of recovery (LR): This refers to the scope of the recovery and can be labeled as ‘Image’, ‘Block’ and ‘Pixel’. It can be observed from the Table 4, the proposed method can recover the image losslessly. For the recovery, the proposed method has three processes in all, which ensures to eliminate the error judgments. In order to validate the performance of the proposed scheme, some multi-share based methods are also used to compare in some aspects such as localization in individual share and capacity of the self-recovery. The comparison results are summarized in Table 5. It can be seen from Table 5, the four methods to be compared are all based on multi-shares. The schemes proposed in

Table 2 Correlation of images. Image

Horizontal

Direction

Plaintext

Ciphertext-MSB

Ciphertext-LSB

Plaintext

Vertical Ciphertext-MSB

Ciphertext-LSB

Plaintext

Diagonal Ciphertext-MSB

Ciphertext-LSB

Baboon Lena Pepper Goldhill Boat

0.86153 0.97027 0.97884 0.97606 0.96579

0.000074 −0.000847 −0.011454 −0.001417 −0.016893

0.004845 0.018341 0.006411 -0.001340 0.019524

0.75826 0.98333 0.97931 0.97587 0.97609

−0.006641 −0.000475 −0.01427 −0.005901 0.004738

0.032802 0.000475 0.000541 0.010441 0.005876

0.72766 0.95914 0.96514 0.95898 0.94504

0.001577 0.026694 0.019365 0.0035922 −0.0066303

−0.004471 −0.011115 0.004182 0.011132 −0.005238

10

Y. Liu, Z. You and T. Gao / Signal Processing 167 (2020) 107293 Table 3 Recovery results of four tamper rates. Tamper rate

10%

Criteria

Two-level comparison

Neighbor-based refinement

Watermark-based refinement

25% Two-level comparison

Neighbor-based refinement

Watermark-based refinement

Precision Recall Tamper rate Criteria

0.9101 1

1 1

0.7997 1 Two-level comparison

Precision Recall

0.6716 1

0.7580 1

Watermarkbased refinement 1 1

0.9253 1 100% Neighbor-based refinement

1 1

Two-level comparison

0.9881 1 50% Neighbor-based refinement

0.5000 1

0.5000 1

Watermarkbased refinement 1 1

Table 4 Comparison of the proposed method with other ones Criteria

[36]

[38]

[14]

[17]

[35]

Proposed

MR

Compressed spatiotemporally distant Lossy No Block Block

None

Hierarchical detection and recovery

Pseudo code for detection + smoothing

POB numbers of compacted pixel values

Two-level comparison + two refinements

Lossy No Block Block

Lossy Yes Block Block

Lossy Yes Block Block

Slight lossy Yes Block Block

Lossless Yes Block Pixel/Block

Q BA LTD LR

Table 5 Comparison with other multi-secret sharing methods Criteria

[40]

[41]

[29]

[37]

Proposed

Cryptosystem based on

Shamirs (k,n) and its variant (l,k,n) ramp secret sharing

(3,k,n) multi-secret sharing scheme

POB-based secret sharing

POB-based secret sharing

Recovered image quality Detection is independent of number of shares Blind authentication Localization in individual share Self-recovery

Lossy

Lossy

Lossless

Lossless

POB-based secret sharing + mappingbetween-blocks embedding Lossless

No

No

Yes

Yes

Yes

No

No

Yes

Yes

Yes

No

No

Yes

Yes

Yes

No

No

No

Yes

Yes

Table 6 Results of average PSNR (dB) for 50 test images against various attacks.

AV R =

PSNR (dB) TR

Method

10%

20%

30%

50%

80%

Refined image

[37] Proposed

43.37 ∞

40.12 ∞

38.24 ∞

36.17 ∞

33.58 ∞

[40,41] cannot recover the tampered image losslessly, while that of [29] and ours can. In [29], all the available bits are used as certificate watermarks embedding. There are not enough recovery watermarks, so this cannot ensure the self-recovery, while ours can expand the size of carrier images and can recover the images. Table 6 shows the compared results with the method in [37]. It can be seen, all the PSNR values of the proposed method are infinity while the results of method in [37] are no more than 50. Another kind of measurement introduced is true positive rate (TPR), false positive detection rate (FPR) and accuracy rate (AVR), they are defined as

T PR =

TP TP + FN

(14)

F PR =

FP TN + FP

(15)

TP + FP , TP + FP + TN + FN

(16)

where TP is the number of pixels (which should be judged as correct) that are judged as correct, FN is the number of pixels (which should be judged as correct) that are judged as false, FP is the number of pixels (which should be judged as false) that are judged as correct, TN is the number of pixels (which should be judged as false) that are judged as false. And Table 7 shows the results of these. It can be seen in Table 7, the TPR values of the proposed method are all 1 and FPR values are all 0, while those of method in [37] cannot achieve, and the AVR values can be 1 for different tamper rates while that of method in [37] decreases as the tamper rate rises. To give more detailed comparisons on the performance of the proposed method, some standard images such as Baboon, Lena and Pepper (with the size of 512 × 512), Goldhill and Boat (with the size of 720 × 576), are used as test images, and the tests are implemented with five different tampering rates. Table 8 shows the comparison results of the proposed method and different methods by PSNR values.

Y. Liu, Z. You and T. Gao / Signal Processing 167 (2020) 107293 Table 7 Results for true positive rate (TPR), false positive rate (FPR), accuracy rate (AVR) for test images.

10% 20% 30% 50% 80%

Method

TPR

FPR

AVR

[37] Proposed [37] Proposed [37] Proposed [37] Proposed [37] Proposed

1 1 0.999 1 1 1 0.9998 1 0.9999 1

0 0 0.0080 0 0 0 0.0317 0 0.1013 0

1 1 0.9871 1 1 1 0.9682 1 0.9595 1

11

Declaration of Competing Interest The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper. Acknowledgment This work was supported by the National Science and Technology Major Project, China (Grant No. 2018YFB0204304) and the Program of Natural Science Fund of Tianjin, China (Grant No. 16JCYBJC15700). References

Table 8 Performance of the proposed method compared with other ones. Tampering rate % Image

Method

10

20

30

40

50

Baboon

Proposed [22] [23] [15] Proposed [24] [22] [23] [25] [15] Proposed [26] [15] Proposed [26] [15] Proposed [26] [15]

∞ 38.05 39.92 45.02 ∞ 43.02 39.57 45.09 34.53 45.26 ∞ 42.49 44.64 ∞ 40.75 44.95 ∞ – 44.36

∞ 35.23 37.00 42.88 ∞ 37.92 36.15 40.58 31.95 42.50 ∞ 26.53 42.56 ∞ – 41.65 ∞ 36.90 40.55

∞ 33.61 34.12 38.68 ∞ 33.01 34.35 38.25 30.75 40.47 ∞ – 40.67 ∞ – 39.07 ∞ – 37.75

∞ 32.51 34.12 38.68 ∞ 32.23 33.00 36.84 29.90 38.38 ∞ – 39.43 ∞ – 36.72 ∞ – 35.87

∞ 31.67 33.16 34.85 ∞ 31.14 31.94 35.79 – 36.70 ∞ – 38.33 ∞ – 35.12 ∞ – 34.58

Lena

Pepper

Goldhill

Boat

It can be seen from the Table 8, the PSNR values of the proposed method is ∞ in all cases, this is because there is no difference between the recovered image and the original one, while PSNR values of other methods are no more than 50. These tests show that the proposed scheme has superior performance on recovering the tampered image compared with some existing methods.

5. Conclusion and future work In this paper, a lossless recovery method for digital image based on POB is proposed. The proposed scheme separates the encrypted image into two bit-planes, and artfully designed certificate watermark and recovery watermark are used to embed into the bit-plane, respectively, the lastly generated shares are produced through the POB number system. The proposed method can localize the tampers even if one of the shares is tampered in the whole sections. In order to recover the tampered parts, the neighborbased refinement and watermark-based refinement are proposed to eliminate the error judgments of recovery process. Experimental results show that the proposed method can losslessly recover the images, and it also has better performance compared with some existing schemes on image self-recovery. Next, the performance improvement on the tampered situation of two shares will be further focused on.

[1] X. Guo, T.G. Zhuang, Lossless watermarking for verifying the integrity of medical images with tamper localization, J. Digit. Imaging 22 (620) (2009), doi:10. 1007/s10278- 008- 9120- 5. [2] S.C. Liew, S.W. Liew, J.M. Zain, Tamper localization and lossless recovery watermarking scheme with ROI segmentation and multilevel authentication, J. Digit. Imaging 26 (2) (2013) 316–325, doi:10.1007/s10278- 012- 9484- 4. [3] R. Eswaraiah, E. Sreenivasa Reddy, Robust medical image watermarking technique for accurate detection of tampers inside region of interest and recovering original region of interest, IET Image Process. 9 (8) (2015) 615–625, doi:10.1049/iet-ipr.2014.0986. [4] A. Westfeld, A. Pfitzmann, Attacks on steganographic systems, Lecture Notes in Computer Science, no. 1768 (20 0 0). doi:10.1007/10719724_5. [5] H.L. Khor, S.C. Liew, J.M. Zain, Region of interest-based tamper detection and lossless recovery watermarking scheme (ROI-DR) on ultrasound medical images, J. Digit. Imaging 30 (3) (2017) 328–349, doi:10.1007/s10278- 016- 9930- 9. [6] W. Zhang, X. Hu, X. Li, N. Yu, Recursive histogram modification: establishing equivalency between reversible data hiding and lossless data compression, IEEE Trans. Image Process. 22 (7) (2013) 2775–2785, doi:10.1109/TIP.2013. 2257814. [7] X. Hu, W. Zhang, X. Li, N. Yu, Minimum rate prediction and optimized histograms modification for reversible data hiding, IEEE Trans. Inf. Forensics Secur. 10 (3) (2015) 653–664, doi:10.1109/TIFS.2015.2392556. [8] Z. Ni, Y.Q. Shi, N. Ansari, W. Su, Reversible data hiding, IEEE Trans. Circuits Syst. Video Technol. 16 (3) (2006) 354–362, doi:10.1109/TCSVT.2006.869964. [9] J. Tian, Reversible data embedding using a difference expansion, IEEE Trans. Circuits Syst. Video Technol. 13 (8) (2003) 890–896, doi:10.1109/TCSVT.2003. 815962. [10] A. Ustubioglu, G. Ulutas, A new medical image watermarking technique with finer tamper localization, J. Digit. Imaging 30 (6) (2017) 665–680, doi:10.1007/ s10278- 017- 9960- y. [11] H.L. Khor, S.C. Liew, J.M. Zain, Region of interest-based tamper detection and lossless recovery watermarking scheme (ROI-DR) on ultrasound medical images, J. Digit. Imaging 30 (3) (2017) 328–349, doi:10.1007/s10278- 016- 9930- 9. [12] M. Arsalan, A.S. Qureshi, A. Khan, M. Rajarajan, Protection of medical images and patient related information in healthcare: using an intelligent and reversible watermarking technique, Appl. Soft Comput. J. 51 (2017) 168–179, doi:10.1016/j.asoc.2016.11.044. [13] G. Gao, X. Wan, S. Yao, Z. Cui, C. Zhou, X. Sun, Reversible data hiding with contrast enhancement and tamper localization for medical images, Inf. Sci. (Ny). 385-386 (2017) 250–265, doi:10.1016/j.ins.2017.01.009. [14] W.L. Tai, Z.J. Liao, Image self-recovery with watermark self-embedding, Signal Process. Image Commun. 65 (2018) 11–25, doi:10.1016/j.image.2018.03.011. [15] B. Bolourian Haghighi, A.H. Taherinia, A. Harati, TRLH: fragile and blind dual watermarking for image tamper detection and self-recovery based on lifting wavelet transform and halftoning technique, J. Vis. Commun. Image Represent. 50 (2018) 49–64, doi:10.1016/j.jvcir.2017.09.017. [16] K. Sreenivas, V. Kamakshiprasad, Improved image tamper localisation using chaotic maps and self-recovery, J. Vis. Commun. Image Represent. 49 (2017) 164–176, doi:10.1016/j.jvcir.2017.09.001. [17] D. Singh, S.K. Singh, Effective self-embedding watermarking scheme for image tampered detection and localization with recovery capability, J. Vis. Commun. Image Represent. 38 (2016) 775–789, doi:10.1016/j.jvcir.2016.04.023. [18] M.Q. Fan, H.X. Wang, An enhanced fragile watermarking scheme to digital image protection and self-recovery, Signal Process. Image Commun. 66 (2018) 19– 29, doi:10.1016/j.image.2018.04.003. [19] S. Sarreshtedari, A. Abbasfar, M.A. Akhaee, A joint source–channel coding approach to digital image self-recovery, Signal Image Video Process. 11 (7) (2017) 1371–1378, doi:10.1007/s11760-017-1095-6. [20] T.Y. Fan, H.C. Chao, B.C. Chieu, Lossless medical image watermarking method based on significant difference of cellular automata transform coefficient, Signal Process. Image Commun. 70 (2019) 174–183, doi:10.1016/j.image.2018.09. 015. [21] C.S. Hsu, S.F. Tu, Image tamper detection and recovery using adaptive embedding rules, Meas. J. Int. Meas. Confed. 88 (2016) 287–296, doi:10.1016/j. measurement.2016.03.053. [22] D. Singh, S.K. Singh, Effective self-embedding watermarking scheme for image tampered detection and localization with recovery capability, J. Vis. Commun. Image Represent. 38 (2016) 775–789, doi:10.1016/j.jvcir.2016.04.023.

12

Y. Liu, Z. You and T. Gao / Signal Processing 167 (2020) 107293

[23] D. Singh, S.K. Singh, DCT based efficient fragile watermarking scheme for image authentication and restoration, Multimed. Tools Appl. 76 (1) (2017) 953– 977, doi:10.1007/s11042-015-3010-x. [24] S. Dadkhah, A. Abd Manaf, Y. Hori, A. Ella Hassanien, S. Sadeghi, An effective SVD-based image tampering detection and self-recovery using active watermarking, Signal Process. Image Commun. 29 (10) (2014) 1197–1210, doi:10. 1016/j.image.2014.09.001. [25] C. Qin, P. Ji, X. Zhang, J. Dong, J. Wang, Fragile image watermarking with pixelwise recovery based on overlapping embedding strategy, Signal Process. 138 (2017) 280–293, doi:10.1016/j.sigpro.2017.03.033. [26] F. Cao, B. An, J. Wang, D. Ye, H. Wang, Hierarchical recovery for tampered images based on watermark self-embedding, Displays 46 (2017) 52–60, doi:10. 1016/j.displa.2017.01.001. [27] X. Zhang, S. Wang, Z. Qian, G. Feng, Reference sharing mechanism for watermark self-embedding, IEEE Trans. Image Process. 20 (2) (2011) 485–495, doi:10.1109/TIP.2010.2066981. [28] X. Zhang, Z. Qian, Y. Ren, G. Feng, Watermarking with flexible self-recovery quality based on compressive sensing and compositive reconstruction, IEEE Trans. Inf. Forensics Secur. 6 (4) (2011) 1223–1232, doi:10.1109/TIFS.2011. 2159208. [29] P. Singh, B. Raman, N. Agarwal, P.K. Atrey, Secure cloud-based image tampering detection and localization using POB number system, ACM Trans. Multimed. Comput. Commun. Appl. 13 (3) (2017), doi:10.1145/3077140. [30] A. Sreekumar, S.B. Sundar, An efficient secret sharing scheme for n out of n scheme using POB-number system, Hack 1 (2009) 33–37. [31] P. Singh, P.K. Atrey, Recovering tampered regions in encrypted video using POB number system, Signal Process. Image Commun. 74 (2019) 96–109, doi:10. 1016/j.image.2019.01.009. [32] M.P. Deepika, A. Sreekumar, A novel secret sharing scheme using POB number system and CRT, Int. J. Appl. Eng. Res. 11 (3) (2016) 2049–2054. [33] P. Singh, N. Agarwal, B. Raman, ACM, Don’t see me, just filter me: towards secure cloud based filtering using Shamir’s secret sharing and POB number system, 2016. doi:10.1145/3009977.3010036. [34] P. Singh, B. Raman, N. Agarwal, Toward encrypted video tampering detection and localization based on POB number system over Cloud, IEEE Trans. Circuits Syst. Video Technol. 28 (9) (2018) 2116–2130, doi:10.1109/TCSVT.2017.2716828.

[35] M.U. Celik, G. Sharma, A.M. Tekalp, E.S. Saber, Video authentication with selfrecovery, in: Proceedings of the Security and Watermarking of Multimedia Contents IV, International Society for Optics and Photonics, 2002, pp. 531–541, doi:10.1117/12.465311. [36] P.K. Atrey, W.Q. Yan, E.C. Chang, M.S. Kankanhalli, A hierarchical signature scheme for robust video authentication using secret sharing, in: Proceedings of the 10th International Multimedia Modelling Conference, MMM, 2004 2004, doi:10.1109/MULMM.20 04.12650 04. [37] Y. Xiang, D. Xiao, H. Wang, X. Li, A secure image tampering detection and selfrecovery scheme using POB number system over cloud, Signal Process. 162 (2019) 282–295, doi:10.1016/j.sigpro.2019.04.022. [38] N.K. Pareek, V. Patidar, K.K. Sud, Image encryption using chaotic logistic map, Image Vis. Comput. 24 (9) (2006) 926–934, doi:10.1016/j.imavis.2006.02.021. [39] C. Pak, L. Huang, A new color image encryption using combination of the 1D chaotic map, Signal Process. 138 (2017) 129–137, doi:10.1016/j.sigpro.2017.03. 011. [40] M. Mohanty, W.T. Ooi, P.K. Atrey, Secret sharing approach for securing cloudbased pre-classification volume ray-casting, Multimed. Tools Appl. 75 (11) (2016) 6207–6235, doi:10.1007/s11042-015-2567-8. [41] M. Mohanty, W.T. Ooi, P.K. Atrey, Scale me, crop me, knowme not: supporting scaling and cropping in secret image sharing, in: Proceedings of the IEEE International Conference on Multimedia and Expo, 2013, doi:10.1109/ICME.2013. 6607567. [42] C. Li, Y. Zhang, E.Y. Xie, When an attacker meets a cipher-image in 2018: a year in review, J. Inf. Secur. Appl. 48 (2019) 102361, doi:10.1016/j.jisa.2019.102361. [43] Z. Hua, B. Xu, F. Jin, H. Huang, Image encryption using Josephus problem and filtering diffusion, IEEE Access 7 (2019) 8660–8674, doi:10.1109/ACCESS.2018. 2890116. [44] Z. Hua, Y. Zhou, H. Huang, Cosine-transform-based chaotic system for image encryption, Inf. Sci. (Ny) 480 (2019) 403–419, doi:10.1016/j.ins.2018.12.048. [45] C. Li, D. Lin, J. Lu, F. Hao, Cryptanalyzing an image encryption algorithm based on autoblocking and electrocardiography, IEEE Multimed. 25 (4) (2018) 46–56, doi:10.1109/MMUL.2018.2873472. [46] C. Li, D. Lin, B. Feng, J. Lu, F. Hao, Cryptanalysis of a chaotic image encryption algorithm based on information entropy, IEEE Access 6 (2018) 75834–75842, doi:10.1109/ACCESS.2018.2883690.