Cloud storage has been recognized as the popular solution to solve the problems of the rising storage costs of IT enterprises for users. However, outsourcing data to the cloud service providers (CSPs) may leak some sensitive privacy information, as the data is out of user’s control. So how to ensure the integrity and privacy of outsourced data has become a big challenge. Encryption and data auditing provide a solution toward the challenge. In this paper, we propose a privacy-preserving and auditing-supporting outsourcing data storage scheme by using encryption and digital watermarking. Logistic map-based chaotic cryptography algorithm is used to preserve the privacy of outsourcing data, which has a fast operation speed and a good effect of encryption. Local histogram shifting digital watermark algorithm is used to protect the data integrity which has high payload and makes the original image restored losslessly if the data is verified to be integrated. Experiments show that our scheme is secure and feasible.
With the development of cloud computing, outsourcing data to cloud storage servers has become a popular way for firms and individuals. Cloud storage reduces data storage and maintenance costs. And cloud storage can provide a flexible and convenient way for users to access their data anywhere. However, the cloud service providers (CSPs) may not be honest and the data should not be disclosed to the CSPs. So the data must be encrypted before it is uploaded to the cloud. Encryption is a fundamental method to preserve data confidentiality. For privacy preserving concerned, data owner can encrypt the data before outsourcing it to CSPs. Many problems of querying over encrypted domain are discussed in research literatures [
In the existing outsourcing data storage schemes, the data auditing methods can be classified into three categories: message authentication code- (MAC-) based methods, RSA-based homomorphic methods, and Boneh-Lynn-Shacham signature- (BLS-) based homomorphic methods [
Many works on outsourcing data storage schemes with digital watermarking are proposed. N. Singh and S. Singh [
In this paper, logistic map-based chaotic cryptography algorithm is used to preserve the privacy of outsourcing data, which has a fast operation speed and a good effect of encryption. Traditional encryption techniques such as AES, DES, and RSA have low speed to encrypt media data. And they are not suitable for high real time in media data transmission. Chaotic cryptography has many good characteristics such as sensitivity to initial value, pseudorandom properties, and ergodicity. Logistic map-based chaotic cryptography is a simple nonlinear model, but it has complex dynamics, which is widely used in image encryption. In this paper, logistic map-based chaotic cryptography method is used to permute the positions of the image pixels in the spatial domain. It is suitable for embedding watermark information with local histogram shifting digital watermark algorithm later. Local histogram shifting digital watermark algorithm is utilized to protect the data integrity. It has high payload and makes the original image restored losslessly if the data is verified to be integrated.
We propose an outsourcing data storage scheme supporting auditing service by using fragile digital watermarking technology. Meanwhile, the scheme uses encryption methods to preserve privacy. In this scheme, digital watermarking technology and encryption methods are used to enhance the integrity and privacy of outsourcing data storage. Our contributions are as follows. We propose an outsourcing data storage scheme supporting privacy-preserving and auditing service. In this scheme, we use the scrambling encryption algorithm based on logistic chaotic map, which has a fast operation speed and a good effect of encryption. Besides, local histogram shifting digital watermark algorithm [ To reduce data owners’ overhead cost, a third-party auditor (TPA) is used to verify the integrity of data in cloud. And TPA verifies the data integrity in encryption domain, which ensures the data confidentiality in the auditing process.
The rest of this paper is organized as follows. Section
Many secure outsourcing data storage schemes are proposed these years. The privacy and integrity of data in cloud are the most concerns of data owners. Outsourcing data is often distributed geographically in different locations.
To verify the data integrity, data auditing is considered in outsourcing data storage schemes. Ateniese et al. [
Encryption is a fundamental method to preserve data confidentiality in outsourcing data storage schemes. Digital watermarking technology is an effective method for data auditing. The methods of embedding digital watermark in encryption domain are proposed [
In our scheme, we combine encryption technology with watermark technology. Data owner encrypts the image before transmission. CSP embeds some additional message into the encrypted image without knowing the original image content. TPA is required to extract the watermark from the encrypted image. A user can first decrypt the encrypted image containing watermark information with the decryption key and then extract the embedded watermark from the decrypted version with the extraction key. The transmission of encryption keys is assumed to be secure and is not discussed here. Here the logistic map-based chaotic cryptography method is used to permute the positions of the image pixels in the spatial domain. So the histogram of the encryption version is the same as the original image. The histogram statistical property makes the encryption method suitable for embedding watermark information with local histogram shifting digital watermark algorithm [
In this section, we first analyze the framework of the system and then give the main steps of our scheme.
We first give the sketch of the proposed scheme in Figure Data owner encrypts an original image with an encryption key CSP stores the watermark-embedded encrypted image. TPA extract the watermarking information Data user receives the reconstructed image from TPA and exactly decrypts the data to the original image with the decryption key
Sketch of the proposed scheme.
The proposed scheme contains four modules: image encryption, watermarking embedding, watermarking extraction, and image decryption. The main steps of the proposed scheme are shown as follows.
Data owner creates an original image
The process of image encryption is as follows. Connect the Generate a chaotic sequence of length where Sort the chaotic sequence and record the location set. Scramble the sequence of image with the same location set.
The encryption key
The embedded watermarking information should be unpredictable and random. Arnold transforming or chaotic-based encryption can be used in this paper to improve the security of image watermarking algorithm. The above-mentioned encryption algorithm preserves the same image histogram statistical properties. Therefore, local histogram shifting watermarking algorithm is suitable for embedding data into the encrypted image [
When data owner embeds watermarking information Divide the encrypted image Calculate the difference Determine the two peaks If Saturated pixels The embedding capacity of each block is the number of pixels whose values are equal to peak points in each block. Embedded information
The encrypted image
TPA extracts the watermarking information
This blind extracting algorithm is shown as follows. Divide the image The difference Determine the two peaks If Scan nonbasic pixels in each block The extracted
TPA verifies the data integrity after extracting the watermark information
The auditing process is as follows. Scan nonbasic pixels in each block Restore the saturated pixels The reconstructed encrypted image Compute the histogram information where
If the value
The legal users can decrypt the reconstructed encrypted image Generate a chaotic sequence of length Sort the chaotic sequence and record the location set. Scramble the sequence of image and restore a decrypted image with the location set.
Then the original image
To study the performance of the proposed scheme, MATLAB software 7 is used. The test image Lena of 8-bit gray level sized
(a) Original image; (b) encrypted image; (c) encrypted image containing watermark; (d) reconstructed image; (e) decrypted image.
The experimental results of proposed scheme are shown in Figure
Experimental results of the proposed scheme.
The quality of encrypted image can be evaluated by Peak Signal-to-Noise Ratio (
Table
Payload bits and MSE.
Image | Payload bits (dB) | Payload bpp | MSE |
---|---|---|---|
Lena | 2892 | 0.0110 | 0 |
Bridge | 8234 | 0.0314 | 0 |
Aerial | 4252 | 0.0162 | 0 |
Dollar | 2892 | 0.0110 | 0 |
From Table
In this paper, the watermark algorithm is fragile, which cannot resist any attacks. This can be used in military, remote sensing, and medicine images.
In this paper, we propose a privacy-preserving and auditing-supporting outsourcing data storage scheme by using encryption and digital watermarking. The proposed scheme combines digital watermark technology with encryption methods for outsourcing data storage. And the scheme supports auditing service and privacy preserving. We adopt the logistic map-based chaotic cryptography algorithm for image encryption and local histogram shifting watermarking algorithm [
In the future, we will add semifragile watermark to verify the integrity of images, which can resist some good image operations, such as JPEG compression. We can also apply some algorithms for the sake of supporting tamper localization and recovery.
The authors declare that they have no competing interests.
This work is supported by the NSFC (U1536206, 61232016, U1405254, 61373133, and 61502242), BK20150925, and PAPD fund.