Separable reversible data hiding in encrypted image based on pixel value ordering and additive homomorphism

This work proposes a separable reversible data hiding scheme in encrypted images based on pixel value ordering (PVO). After the original image is encrypted using homomorphism encryption by the content owner, the data hider embeds the secret data in encrypted domain. The PVO strategy realizes hiding data in each block. Additive homomorphism guarantees the performance of PVO in encrypted domain is close to that in plain domain. Besides, the homomorphism encryption does not cause data expansion, and the payload can be further improved. With the watermarked encrypted image, if the receiver has only the data hiding key, he can extract the additional data. If the receiver has only the encryption key, he can obtain a decrypted image similar to the original one. If the receiver has both the data hiding key and the encryption key, he can extract the additional data without any error and recover the original image losslessly.     

PRA-TPE: Perfectly Recoverable Approximate Thumbnail-Preserving Image Encryption

With the popularity of cloud servers, an increasing number of people are willing to store their images in the cloud due to many conveniences such as online browsing and managing images. On the other hand, this inevitably causes users’ concerns about image privacy leakage. Many image encryption schemes are proposed to prevent privacy leakage, while most of them focus only on privacy protection and ignore the usability of encrypted images. For this purpose, Marohn et al. (2017) designed two approximate thumbnail-preserving encryption (TPE) schemes to balance image privacy and usability. However, the decrypted image in these two schemes are only perceptually close to the original one and the original image cannot be perfectly recovered. To this end, we design a perfectly recoverable approximate TPE scheme in this paper, which combines reversibledata hiding (RDH) with encryption schemes. The thumbnails of the original and processed images are similar to balance image privacy and usability well. Meanwhile, the reversibility of RDH and encryption schemes is utilized to ensure the perfect recoverability in the proposed scheme. Experiments show that the proposed approximate TPE scheme is no longer limited to balancing usability and privacy but attains perfect recovery.     

Reversible data hiding in encrypted color images using cross-channel correlations

In recent years, the increasing requirements in cloud storage and cloud computing have made it necessary to encrypt digital images for privacy protection. Meanwhile, many reversible data hiding (RDH) algorithms in the encrypted domain have been proposed. However, most of these algorithms are for gray-level images, and the intrinsic cross-channel correlations of color images cannot be utilized to improve the embedding capacity. In this paper, we propose a novel data hiding method for encrypted color images. In the encryption stage, the homomorphic property of encryption is achieved by basic modular addition. During the data hiding process, the cross-channel correlations between R, G and B channels are generated in encrypted domain, and data hiding is performed by the difference histogram shifting. Analysis and experiments demonstrate that the proposed method is secure and the RDH performance is superior.     

Privacy preserving ciphertext-policy attribute-based broadcast encryption in smart city

With the development and application of information technology, the problem of personal privacy leakage is becoming more and more serious. Most attribute-based broadcast encryption (ABBE) schemes focus on data security, while ignoring the protection of the personal privacy of users in access structure and identity. To address this problem, a privacy preserving ABBE scheme is proposed, which ensures the data confidentiality and protects personal privacy as well. In addition, the authenticity of encrypted data can be verified. It is proved that the proposed scheme achieves full security by dual system encryption.     

SensIR: Towards privacy-sensitive image retrieval in the cloud

With the advance in content-based image retrieval and the popularity of Data-as-a-Service, enterprises can outsource their image retrieval systems on cloud platforms to reduce heavy storage, computation, and communication burdens. However, this brings many privacy problems. Although several privacy-preserving image retrieval schemes have been proposed to protect users’ privacy, they have two major drawbacks: i) the outsourced images are fully encrypted and thus cannot be used for other applications, which makes them impractical; ii) they mainly focus on traditional image retrieval systems and do not use new techniques such as convolutional neural network (CNN) to improve the accuracy. To address the above problems, we propose a novel privacy-sensitive image retrieval scheme, named SensIR, to search for similar images from an outsourced image database. In particular, we propose a privacy region detection, PRDet, to prevent private regions of images from exposing. We also propose a partial CNN (PCNN) to reduce the impact of the encrypted pseudorandom pixels. Further, we use similarity-preserving hash encoding and propose a systematic methodology to improve the accuracy of PCNN-based image retrieval when the privacy regions are large. Extensive experiments are conducted to illustrate the efficiency of privacy protection and the superior of the proposed scheme.     

Chosen plaintext attack on JPEG image encryption with adaptive key and run consistency

A JPEG image encryption with the adaptive key and run consistency of MCUs is proposed. The chosen-plaintext attack (CPA) is given here on this encryption scheme. First, the adaptive key can be reproduced from the encrypted image, so that the plaintext images with the same adaptive key can be constructed. Second, the existence of run consistency of MCUs (RCM) between the original image and the encrypted image facilitates rapid estimation. In addition, the single swap for the runs of MCUs with RCM is designed for more accurate estimation. Detailed cryptanalytic results suggest that this encryption scheme can only be used to realize perceptual encryption but not to provide content protection for digital images. Furthermore, applications of the CPA to break other encryption schemes with RCM are presented.     

小波变换和菲涅耳变换的多彩色图像加密

为了解决多彩色图像加密后,解密图像质量不佳、数据量大以及传输时速率慢的问题,采用了一种基于小波变换和菲涅耳变换的多彩色图像加密方法,加密过程中,利用小波变换的多级分解特性提取每幅彩色图像的低频分量,将低频分量分别重组为三元组图像（R,G和B）,并且依次将三元组图像（R,G和B）通过菲涅耳域中的衍射加密系统,对这3个三元组图像进一步加密,从而实现了多彩色图像的加密。结果表明,该方法不仅可以高质量地恢复原始彩色图像,而且可以同时对4幅彩色图像进行加密,提高了加密彩色图像的容量;原始图像经过小波变换,其数据量压缩到原来的1/4,有利于数据的传输和存储。该算法能够有效地同时对多幅色彩图像进行压缩和加密,不仅提高了解密图像的质量,并且具有较高的密钥敏感度和较好的鲁棒性。     

An efficient high-capacity reversible data hiding scheme for encrypted images

Reversible data hiding in encrypted images is an effective technique to embed information in encrypted domain, without knowing the original content of the image or the encryption key. In this paper, a high-capacity reversible data hiding scheme for encrypted images based on MSB (most significant bit) prediction is proposed. Since the prediction is not always accurate, it is necessary to identify the prediction error and store this information in the location map. The stream cipher is then used to encrypt the original image directly. During the data hiding phase, up to three MSBs of each available pixel in the encrypted image are substituted by the bits of the secret message. At the receiving end, the embedded data can be extracted without any errors and the original image can be perfectly reconstructed by utilizing MSB prediction. Experimental results show that the scheme can achieve higher embedding capacity than most related methods.     

Secure multicasting of images via joint privacy-preserving fingerprinting,decryption, and authentication

Joint fingerprinting and decryption (JFD) is useful in securing media transmission and distribution in a multicasting environment. Common drawbacks of the existing JFD methods are the transmitted data may leak the content of data, and a subscriber cannot determine if a received image is modified such that tampering attack can be mounted successfully. Here we focus on security and privacy of image multicasting and introduce a new framework called JFDA (joint privacy-preserving fingerprinting, decryption, and authentication). It has several main characteristics, JFDA: (1) accomplishes fingerprinting in the encryption domain to preserve privacy and prevent encrypted data from being tampered without additional hash code/digest, (2) prevents tampering attack on the decrypted data to ensure the fidelity of the fingerprinted data, (3) makes user subscribing to a visual media be an examiner to authenticate the same visual media over the Internet. The effectiveness of the proposed method is confirmed by experimental results.     

Reversal of pixel rotation: A reversible data hiding system towards cybersecurity in encrypted images

Due to privacy and security concerns, the researches of reversible data hiding in encrypted images (RDHEI) have become increasingly important. Conventional schemes vacate the spare room after image encryption (VRAE) suffer from the low embedding rate, high error rate of data extraction, and imperfect image recovery. To address these issues, we propose a separable reversible data hiding scheme for encrypted images that utilizes a novel pixel rotation technique to embed data into fully encrypted images. The block complexities of four decrypted rotation states are considered when recovering image. To realize perfect image recovery, we further devise a lossless version (LPR-RDHEI). Experimental results demonstrate that the proposed PR-RDHEI scheme achieves an embedding rate of 0.4994 bpp on average and ensures lossless data extraction. Meanwhile, the proposed LPR-RDHEI scheme still has a 0.4494 bpp embedding rate on average. The embedding rates of our two schemes are significantly improved compared with state-of-the-arts.     

Authenticity and integrity of digital mammography images

Data security becomes more and more important in telemammography which uses a public high-speed wide area network connecting the examination site with the mammography expert center. Generally, security is characterized in terms of privacy, authenticity and integrity of digital data. Privacy is a network access issue and is not considered in this paper. We present a method, authenticity and integrity of digital mammography, here which can meet the requirements of authenticity and integrity for mammography image (IM) transmission. The authenticity and integrity for mammography (AIDM) consists of the following four modules. 1) Image preprocessing: To segment breast pixels from background and extract patient information from digital imaging and communication in medicine (DICOM) image header. 2) Image hashing: To compute an image hash value of the mammogram using the MD5 hash algorithm. 3) Data encryption: To produce a digital envelope containing the encrypted image hash value (digital signature) and corresponding patient information. 4) Data embedding: To embed the digital envelope into the image. This is done by replacing the least significant bit of a random pixel of the mammogram by one bit of the digital envelope bit stream and repeating for all bits in the bit stream. Experiments with digital IMs demonstrate the following. 1) In the expert center, only the user who knows the private key can open the digital envelope and read the patient information data and the digital signature of the mammogram transmitted from the examination site. 2) Data integrity can be verified by matching the image hash value decrypted from the digital signature with that computed from the transmitted image. 3) No visual quality degradation is detected in the embedded image compared with the original. Our preliminary results demonstrate that AIDM is an effective method for image authenticity and integrity in telemammography application.     

云存储中密文数据的客户端安全去重方案

云存储环境下,客户端数据去重能在本地进行文件重复性检测,有效地节约存储空间和网络带宽.然而,客户端去重仍面临着很多安全挑战.首先,由于将文件哈希值作为重复性检测的证据,攻击者很可能通过一个文件的哈希值获得整个文件;其次,为了保护数据隐私,收敛加密被广泛运用于数据去重方案,但是由于数据本身是可预测的,所以收敛加密仍不可避免地遭受暴力字典攻击.为了解决上述问题,本文首次利用盲签名构造了一个安全的密钥生成协议,通过引入一个密钥服务器,实现了对收敛密钥的二次加密,有效地预防了暴力字典攻击;并进一步提出了一个基于块密钥签名的拥有权证明方法,能够有效预防攻击者通过单一的哈希值来获取文件,并能同时实现对密文文件的文件级和块级去重.同时,安全分析表明本文方案在随机预言模型下是可证明安全的,并能够满足收敛密钥安全、标签一致性和抗暴力字典攻击等更多安全属性.此外,与现有方案相比,实验结果表明本文方案在文件上传和文件去重方面的计算开销相对较小.     

A novel selective encryption scheme for H.264/AVC video with improved visual security

As cloud storage becomes more popular, concerns about data leakage have been increasing. Encryption techniques can be used to protect privacy of videos stored in the cloud. However, the recently proposed sketch attack for encrypted H.264/AVC video, which is based on the macroblock bitstream size (MBS), can generate the outline images of both intra-frames and inter-frames from a video encrypted by most existing encryption schemes; thus, the protection of the original video may be considered a failure. In this paper, a novel selective encryption scheme for H.264/AVC video with improved visual security is presented. Two different scrambling strategies that do not destroy the format compatibility are proposed to change the relative positions between macroblocks in intra-frames and inter-frames respectively, which in turn substantially distort the sketched outline images so that they do not disclose meaningful information. Moreover, the sign bits of non-zero DCT coefficients are encrypted to contribute to the visual security of our scheme, and an adaptive encryption key related to the intra prediction mode and the DCT coefficient distribution of each frame is employed to provide further security. The experimental results show that our encryption scheme can achieve a better visual scrambling effect with a small adverse impact on the video file size. Furthermore, the security analysis demonstrates that our scheme can successfully resist the MBS sketch attack compared with other related schemes. The proposed method is also proven secure against some other known attacks.     

Dynamic searchable encryption with privacy protection for cloud computing

The dynamic searchable encryption schemes generate search tokens for the encrypted data on a cloud server periodically or on a demand. With such search tokens, a user can query the encrypted data whiles preserving the data's privacy; ie, the cloud server can retrieve the query results to the user but do not know the content of the encrypted data. A framework DSSE with Forward Privacy (dynamic symmetric searchable encryption [DSSE] with forward privacy), which consists of Internet of Things and Cloud storage, with the attributes of the searchable encryption and the privacy preserving are proposed. Compared with the known DSSE schemes, our approach supports the multiusers query. Furthermore, our approach successfully patched most of the security flaws related to the sensitive information's leakage in the DSSE schemes. Both security analysis and simulations show that our approach outperforms other DSSE schemes with respect to both effectiveness and efficiency.     

JPEG encryption for image rescaling in the encrypted domain

This work proposes a novel protocol of encrypting the JPEG image suitable for image rescaling in the encrypted domain. To protect the privacy of original content, the image owner perturbs the texture and randomizes the structure of the JPEG image by enciphering the quantized Discrete Cosine Transform (DCT) coefficients. After receiving the encrypted JPEG image, the service provider generates a rescaled JPEG image by down-sampling the encrypted DCT coefficients. On the recipient side, the encrypted JPEG image rescaled by the service provider can be decrypted to a plaintext image with a lower resolution with the aid of encryption keys. Experimental results show that the proposed method has a good capability of rescaling the privacy-protected JPEG file.     

A ROI-based reversible data hiding scheme in encrypted medical images

A novel ROI-based reversible data hiding scheme in encrypted medical images is proposed. Firstly, a content owner partitions an original medical image into the region of interest (ROI) and the region of noninterest (RONI), and then encrypts the image using an encryption key. A data-hider concatenates the least significant bits (LSB) of the encrypted ROI and Electronic Patient Record (EPR), and then embeds the concatenated data into the encrypted image by LSB substitution algorithm. With the encrypted medical image containing the embedded data, the receiver can extract the embedded data with the data-hiding key; if the receiver has the encryption key, a medical image similar to the original image can be obtained by directly decrypting the encrypted medical image; if the receiver has both the data-hiding key and the encryption key, the embedded data can be extracted without any error and ROI can be losslessly recovered after extracting the embedded data.     

A privacy-preserving content-based image retrieval method in cloud environment

In order to protect data privacy, image with sensitive or private information needs to be encrypted before being outsourced to a cloud service provider. However, this causes difficulties in image retrieval and data management. A privacy-preserving content-based image retrieval method based on orthogonal decomposition is proposed in the paper. The image is divided into two different components, for which encryption and feature extraction are executed separately. As a result, cloud server can extract features from an encrypted image directly and compare them with the features of the queried images, so that users can thus obtain the image. Different from other methods, the proposed method has no special requirements to encryption algorithms, which makes it more universal and can be applied in different scenarios. Experimental results prove that the proposed method can achieve better security and better retrieval performance.     

Design and statistical analysis of a hash-aided image watermarking system

This paper develops a joint hashing/watermarking scheme in which a short hash of the host signal is available to a detector. Potential applications include content tracking on public networks and forensic identification. The host data into which the watermark is embedded are selected from a secret subset of the full-frame discrete cosine transform of an image, and the watermark is inserted through multiplicative embedding. The hash is a binary version of selected original image coefficients. We propose a maximum likelihood watermark detector based on a statistical image model. The availability of a hash as side information to the detector modifies the posterior distribution of the marked coefficients. We derive Chernoff bounds on the receiver operating characteristic performance of the detector. We show that host-signal interference can be rejected if the hash function is suitably designed. The relative difficulty of an eavesdropper's detection problem is also determined; the eavesdropper does not know the secret key used. Monte Carlo simulations are performed using photographic test images. Finally, various attacks on the watermarked image are introduced to study the robustness of the derived detectors. The joint hashing/watermarking scheme outperforms the traditional "hashless" watermarking technique.     

Spline regression hashing for fast image search

Techniques for fast image retrieval over large databases have attracted considerable attention due to the rapid growth of web images. One promising way to accelerate image search is to use hashing technologies, which represent images by compact binary codewords. In this way, the similarity between images can be efficiently measured in terms of the Hamming distance between their corresponding binary codes. Although plenty of methods on generating hash codes have been proposed in recent years, there are still two key points that needed to be improved: 1) how to precisely preserve the similarity structure of the original data and 2) how to obtain the hash codes of the previously unseen data. In this paper, we propose our spline regression hashing method, in which both the local and global data similarity structures are exploited. To better capture the local manifold structure, we introduce splines developed in Sobolev space to find the local data mapping function. Furthermore, our framework simultaneously learns the hash codes of the training data and the hash function for the unseen data, which solves the out-of-sample problem. Extensive experiments conducted on real image datasets consisting of over one million images show that our proposed method outperforms the state-of-the-art techniques.     

Encrypted signal-based reversible data hiding with public key cryptosystem

Encrypted image-based reversible data hiding (EIRDH) is a well-known method allowing that (1) the image provider gives the data hider an encrypted image, (2) the data hider embeds the secret message into it to generate the encrypted image with the embedded secret message to the receiver, and (3) finally the receiver can extract the message and recover the original image without encryption. In the literature, the data hider and image provider must be specific parties who know the shared key with the receiver in traditional encrypted image-based reversible data hiding. In this paper, we propose an encrypted signal-based reversible data hiding (ESRDH) with public key cryptosystem, not only for images. The proposed scheme is secure based on Paillier homomorphic encryption. Finally, the experimental results show that the proposed scheme has much payload and high signal quality.