Compared to the encrypted-image-based reversible data hiding (EIRDH) method, the encrypted-signals-based reversible data hiding (ESRDH) technique is a novel way to achieve a greater embedding rate and better quality of the decrypted signals. Motivated by ESRDH using signal energy transfer, we propose an improved ESRDH method using code division multiplexing and value expansion. At the beginning, each pixel of the original image is divided into several parts containing a little signal and multiple equal signals. Next, all signals are encrypted by Paillier encryption. And then a large number of secret bits are embedded into the encrypted signals using code division multiplexing and value expansion. Since the sum of elements in any spreading sequence is equal to 0, lossless quality of directly decrypted signals can be achieved using code division multiplexing on the encrypted equal signals. Although the visual quality is reduced, high-capacity data hiding can be accomplished by conducting value expansion on the encrypted little signal. The experimental results show that our method is better than other methods in terms of the embedding rate and average PSNR.
National Natural Science Foundation of China61502242U1536206616722946170227661602253613731336123201671501101U1405254Jiangsu Basic Research Programs-Natural Science FoundationBK20150925Nanjing University of Information Science and Technology2014r026#Open Fund of Demonstration Base of Internet Application Innovative Open Platform of Department of EducationKJRP1402Priority Academic Program Development of Jiangsu Higher Education Institutions (PAPD) FundCollaborative Innovation Center of Atmospheric Environment and Equipment Technology (CICAEET) FundNational Ministry of Science and Technology Special Project ResearchGYHY2013010302013DFG12860BC20130121. Introduction
Encryption and data hiding are two common approaches for protecting against information leakage [1–3]; the former is used to protect the content itself [4], whereas the latter is used to protect the hidden data [5]. While it is a problem for sensitive applications, such as military images and medical images, reversible data hiding (RDH) is an effective method for these special scenarios, which aims to recover both embedded data and the original image. In the past two decades, many classic RDH algorithms have been proposed, such as lossless image compression-based methods [6], difference expansion- (DE-) based methods [7], histogram shifting- (HS-) based methods [8], integer-to-integer transform-based methods [9], and dual-image-based methods [10].
However, with the popularity of outsourced storage services [11, 12], the traditional RDH is not suitable in these scenarios, especially with regard to the requirement of high security. Therefore, the research of privacy protection in cloud computing has attracted considerable attention in recent years [13–15]. Among these studies, encrypted-image-based reversible data hiding (EIRDH) provides the possibility that the image owner can encrypt the image before uploading it to the service provider, and then the service provider can embed some additional message into the incomprehensible encrypted image for steganography or authentication. The authorized users or receivers can recover both the additional message and the original image. The existing EIRDH methods can be grouped into three categories: vacating room after encryption (VRAE) methods [16–22], reserving room before encryption (RRBE) methods [23–25], and reversible image transform (RIT) methods [26, 27].
The framework of “VRAE” was proposed by Zhang [18], in which secret bits can be embedded after encrypting the original image. Specifically, the data hider can divide the encrypted image block into two sets and embed secret bits by flipping three LSBs of a set. To decrease the extracted-bits error rate, Hong et al. [19] and Liao and Shu [20] evaluated the complexity of image blocks. Recently, Yi and Zhou [21] proposed a novel EIRDH method using binary-block embedding for joint decryption and extraction, in which a bit-level scrambling process can prevent secret bits from loss. The methods [18–21] can embed an additional message from the decrypted image. To extract secret bits in the encrypted image, Zhang [22] proposed a novel separable EIRDH method, in which three cases are considered according to the encryption key or data hiding key.
However, it is hard to use the traditional RDH method for the data hider in the VRAE since the correlation between neighbor pixels in the encrypted image is destroyed.
The framework of “RRBE” was designed by Ma et al. [23]. The data owner can reverse the room of LSBs using the traditional RDH method and then encrypt the self-embedded image. After that, the data hider embeds secret data into the reversed LSBs of the encrypted image. Cao et al. [24] compressed pixels in the local patch by sparse representation and achieved a higher reversed room than other previous methods.
To transform the original image into an encrypted image which looks like the target image, Zhang et al. [26] proposed the EIRDH framework based on RIT, in which an image block is paired by similar means and standard deviation between the original and target images. Since the correlation of transformed images is not destroyed, the data hider can embed secret bits by the traditional RDH method. However, this method has high image distortion since much auxiliary information must be self-embedded into the transformed image for recovering the original image. Recently, Hou et al. [27] improved the visual quality of camouflage images and reduced the auxiliary information for recording block indexes by adopting k-means clustering.
Different from the EIRDH, Chen et al. [28] designed an encrypted-signals-based reversible data hiding (ESRDH) method, in which the data owner divides each pixel of the cover image into two signals and then encrypts them by a public key. After that, the data hider embeds secret bits into the encrypted signals by the additive homomorphism. To reduce data expansion, Shiu et al. [29] adopted a difference expansion method to embed the message. Zhang et al. [30] proposed a lossless, a reversible, and a combined data hiding scheme for ciphertext images, respectively, which were encrypted by a public key cryptosystem with homomorphic properties. Recently, Wu et al. [31] presented an improved ESRDH method, in which the original image can be recovered completely by decrypting all signals. The method can achieve a higher embedding capacity and better quality of decrypted images than previous ESRDH methods. In addition, compared to the traditional EIRDH method, the cost spent, on a reliable key management system in a multiparty environment, is reduced since the receiver can share the public key with other identities.
In this paper, we propose an improved ESRDH method using code division multiplexing (CDM) and value expansion (VE), in which the traditional CDM technology is utilized to achieve lossless visual quality of decrypted signals, and VE technology is designed according to the RDH method based on DE for further increasing the embedding capacity. Compared to the current ESRDH method, the proposed method achieves a high embedding capacity and good visual quality.
The rest of this paper is arranged as follows. In Section 2, the related works are described. In particular, communication technology based on CDM, RDH method based on DE, and ESRDH method based on signal energy transfer are given. Section 3 presents a lossless visual quality ESRDH method using code division multiplexing and high embedding capacity ESRDH method using value expansion. Section 4 displays the performance of the proposed method by experimental results and Section 5 concludes this paper.
2. Related Works2.1. Communication Technology Based on CDM
In communication systems, CDM is a kind of spectrum spreading technology for ensuring secure information transmission and channel multiplexing, in which the sender encodes to-be-transmitted bits with a predetermined spreading sequence, and then the receiver can obtain the secret bits by the same spreading sequences. So, the sequences that are derived by Walsh Hadamard matrix play an important role in CDM-based communication technology. Walsh Hadamard matrix consists of 1 and −1. In addition to the first row (column) of the matrix, other row (column) vectors are selected as the spreading sequences, and they have two properties. First, the sum of elements is equal to 0 for any sequence. Second, they are orthogonal to each other of any two different sequences, so the cross-correlation is 0.
Suppose the spreading sequences generated by Walsh Hadamard matrix are Sz, z={1,…,q} and the compound sequence C is the linear combination of Sz; when the secret bit is 0, the coefficient of Sz is set as −1. Otherwise, the coefficient is set as 1. Thus, the receiver can decode the secret bits according to the results of dot product between Sz and C.
For example, three spreading sequences from a 4-level Hadamard matrix areS1=(1,-1,1,-1), S2=(1,1,-1,-1), and S3=(1,-1,-1,1). Obviously, S1, S2, and S3 are zero means and orthogonal to each other. Suppose the secret bits are “010”; then, the sequences are denoted as S1, -S2, and S3, respectively, and the three sequences are added to form the compound sequence C=S1-S2+S3=(1,-3,1,1).
On the receiver side, for the receiver with the spreading sequence S1, the decoding result is (C·S1)/S12=((S1-S2+S3)·S1)/S12=(S1·S1)/S12=1, which represents the notion that the secret bit is 1; for the receiver with S2, the result is (C·S2)/S22=(-S2·S2)/S22=-1, which represents bit 0; for the receiver with S3, the result is (C·S3)/S32=(S3·S3)/S32=1, which represents bit 1. Therefore, the secret bits can be extracted. Moreover, since a large number of secret bits are represented and transmitted by the compound sequences in different ways and it is impossible for an intruder to guess them, the CDM-based communication technology is secure and can provide high capacity.
2.2. RDH Method Based on DE
The RDH method based on DE was proposed by Tian. Assume the two neighbor pixels of the image are x and y. The sender can compute the average m and the difference h between x and y:(1)m=x+y2,h=x-y.Then, the secret bit b can be embedded as the least significant bit (lsb) of h. And the new difference value h′ can be obtained:(2)h′=2h+b.Finally, the corresponding values x′ and y′ can be computed and transmitted by the sender:(3)x′=m+h′+12,y′=m-h′2.From the pixels pair (x′,y′), the receiver can extract secret bits and recover the original image. The initial average value m and new difference value h′ can be computed:(4)m=x′+y′2,h′=x′-y′.The secret bit b and difference value h can be obtained by h′:(5)b=LSBh′,h=h′2.And the original pair (x,y) can be recovered by m and h:(6)x=m+h+12,y=m-h2.
DE is a simple and efficient RDH method that utilizes the redundancy between two neighbor pixels to embed secret bits and achieve reversibility. In addition, we can use the data-embedding algorithm for an image more than once for multiple-layer embedding. When the difference is small, a higher embedding capacity and better visual quality of the cover image can be achieved. However, the transformed values x′ and y′ should be restricted in the range of [0,255].
2.3. ESRDH Method Based on Signal Energy Transfer
ESRDH method based on signal energy transfer was proposed by Wu et al. It consists of three phases: image encryption phase, data-embedding phase, and data extraction and image recovery phase. There are three active identities in this method. They are image owner O, data hider H, and receiver R. The framework of this method is described in Figure 1.
The framework of ESRDH method based on signal energy transfer.
Suppose the size of the cover image is N1×N2 and the pixel is pi∈0,255, 1≤i≤N1×N2. Inspired by the signal energy transfer, one signal can be represented by the sum of other signals. Therefore, pi can be represented as a0i+a1i+ti, where a0i is selected randomly from {0,1,2,…,xi}, xi is obtained by xi=2pi/2, a1i is equal to a0i, and ti is set to be ti=pi-2a0i. And then, the image owner can encrypt the three signals according to the public key that was generated by the Paillier encryption algorithm.
Let the encrypted pixels be represented by (E(a0i),E(a1i),E(ti)). The data hider embeds the secret bit b into E(a0i) and E(a1i) and generates the marked signals E(a0i′) and E(a1i′). If the secret bit is 0, then Ea0i′=Ea0i-a1i-1, E(a1i′)=E(a0i+a1i+1). If the bit is 1, then Ea0i′=Ea0i+a1i+1, E(a1i′)=E(a0i-a1i-1). Since a0i=a1i and Paillier encryption maintains the additive homomorphic properties, then the embedded formulas can be reduced to(7)Ea0i′=E-1,if b=0,Ea0iEa1iE1,if b=1,Ea1i′=Ea0iEa1iE1,if b=0,E-1,if b=1.
To extract the secret bit and recover the cover image, the receiver can decrypt the marked signals (E(a0i′),E(a1i′),E(ti)) according to the private key generated by Paillier encryption and obtain the decrypted unit (a0i′,a1i′,ti). Then, the decrypted pixel is denoted by pi=a0i′+a1i′+ti. Because of a0i′+a1i′=a0i+a1i, the decrypted image is a cover image. After that, the bit b can be extracted by comparing a0i′ and a1i′: (8)b=0,if a0i′<a1i′,1,if a0i′>a1i′.
This method achieves a lossless visual quality since the decrypted image is the original one. It also can process encoded multimedia since each separated unit of the encoded multimedia can be recovered completely. Therefore, there is no underflow or overflow problem and there is no need to embed any auxiliary information.
3. The Proposed Method3.1. Lossless Quality ESRDH Method Based on CDM
To maintain the lossless quality of the decrypted image and improve the embedding capacity, inspired by communication technology based on CDM, we propose a lossless visual quality ESRDH method only using CDM.
Suppose that the generated spreading sequences are Sz,z={1,…,q} and the length is denoted as l=q+1, where l must be the power of 2 such as 2,4,8. Therefore, the preprocess and encryption can be summarized as follows. Firstly, divide each pixel unit pi as pi=a1i+⋯+ali+ti, where ti is obtained by ti=pimodl and a1i,…,ali are set to be (pi-ti)/l. Secondly, define the vector Vi=[a1i,…,ali] as an embedded vector, so each unit pi can be represented as (Vi,ti). Finally, the image owner encrypts each unit by a public key generated by Paillier encryption, and the encrypted unit (E(Vi),E(ti)) is generated, where E(Vi)=[E(a1i),…,E(ali)].
Now, the data hider can embed secret bits biz(z={1,…,q}) into E(Vi) using CDM. This means the number of bits which can be embedded into the ith(1≤i≤N1×N2) pixel is q. At the beginning, the secret bits biz can be transformed to wiz which consist of −1 and 1:(9)wiz=-1,if biz=01,if biz=1.
Then, we can obtain the compound sequence Ci by Ci=wi1S1+⋯+wiqSq; the elements of Ci are [Ci(1),…,Ci(l)]. They can be encrypted by the public key and can generate an encrypted compound sequence ECi=[E(Ci1),…,E(Ci(l))]. Since Paillier encryption has additive homomorphic properties, ECi can be embedded into E(Vi) by the following formula:(10)EVi′=Ea1i′,…,Eali′=Ea1i+Ci1,…,Eali+Cil=Ea1i×ECi1,…,Eali×ECil,where the new vector E(Vi′) can be denoted as EVi′=Ea1i′,…,Eali′.
Finally, the receiver can decrypt the marked signals (E(Vi′),E(ti)) by a private key and obtain (Vi′,ti). Vi′ can be represented by Vi′=a1i′,…,ali′ or Vi′=Vi+Ci. Because of a1i=⋯=ali and for any different spreading sequences, they are zero means and orthogonal to each other; the result of dot product between Vi′ and Sz(z={1,…,l}) can be summarized as(11)Vi′·Sz=Ci·Sz=l2×wiz.Therefore, wiz can be obtained by the following formula:(12)wiz=Vi′·Szl2=signVi′·Sz.And biz can inversely be transformed by formula (9). Since the sum of elements is equal to 0 for any spreading sequences, we have(13)a1i′+⋯+ali′=a1i+⋯+ali.
The directly decrypted pixel is pi′, and we have pi′=a1i′+⋯+ali′+ti=pi. As a result, the decrypted pixel is the original one. In other words, based on CDM, ESRDH achieves lossless visual quality of images. And the data-embedding process does not cause an underflow/overflow problem. In addition, the embedding rate can be improved to be q bits per pixel (bpp) such as q={1,3}. So, it can be determined by the number of spreading sequences q.
3.2. High Embedding Capacity ESRDH Method Based on VE
In Wu et al.’s method and ESRDH method based on CDM, the signal ti is not used to embed secret bits. To further increase the embedding capacity, the ESRDH method based on VE is proposed. In Wu et al.’s method, the range of ti is [pi-4pi/2,pi], which will decrease the visual quality of the decrypted image because the absolute value of ti is too large. However, in the ESRDH method based on CDM, the range of ti is [1,q], and it is enough small, so the ESRDH based on VE is an efficient method.
In Section 3.1, the pixel unit (Vi,ti) is encrypted and sent to the data hider. Instead of only embedding secret bits into Vi, ti also can embed bits in this section. Suppose ti is expanded 2k(k=1,2) times and the decimal number of (bi1⋯bik)2 is Di. So, k LSBs of ti can be emptied to embedded secret bits by ti′=2k×ti+Di. Then, pi′ can be constructed by the sum of a1i′,…,ali′,ti′, and it can be reduced to pi+ti′-ti. Since pi∈[0,255] and ti′-ti∈[0,Rmax], thus pi′∈[0,255+Rmax], where Rmax=(2k-1)×(q+1). Therefore, data embedding can possibly cause an overflow problem. To solve this problem, ti should be preprocessed, and the formula can be summarized as(14)tsi=ti,0≤pi≤255-Rmax,ti-Rmax,255-Rmax<pi≤255.
The range of ti is changed from 0,q to tsi∈[-Rmax,q-Rmax]∪[0,q]. So, if tsi<0, tsi is the changeable one. Otherwise, it is the original one.
Firstly, the encrypted unit (E(Vi),E(tsi)) can be obtained by a public key.
Secondly, Di should be encrypted to E(Di) by the same key. And then it is embedded into Etsi, so a new encrypted value Etsi′ can be generated, which can be summarized as(15)Etsi′=E2k×tsi+Di=Etsi2k×EDi.
Thirdly, the receiver decrypts Etsi′ by the corresponding private key and denotes it as tsi′. After that, the embedded bits (bi1⋯bik)2 can be obtained by extracting k LSBs of tsi′. So, tsi can be calculated by(16)tsi=tsi′-Di2k,where Di is the decimal number of (bi1⋯bik)2.
Finally, the original ti should be recovered by(17)ti=tsi,tsi≥0,tsi+Rmax,tsi<0.And the pixel pi can be recovered by the sum of other signals.
Based on ESRDH using CDM, the proposed method can further improve the embedding rate using VE. The embedded rate can be increased by k bpp such as k={1,2}. Furthermore, there is no need to embed any auxiliary information to recover the original ti. However, there is a possibility that an overflow problem arises, which may cause image distortion.
3.3. Algorithm of ESRDH Method Based on CDM and VE
According to Sections 3.1 and 3.2, the framework of ESRDH method based on CDM and VE is shown in Figure 2, and the algorithm can be divided into three phases: preprocess and signal encryption phase, data-embedding phase, and data extraction and image recovery phase. The details are described as in Algorithm 1.
<bold>Algorithm 1</bold>
Preprocess and signal encryption phase
Input:An original image with a size of N1×N2, the number of spreading sequences q(q={1,3}), the expanded
parameter k(k={1,2}), and public key pk.
Output:The encrypted unit EUi.
Step 1:Obtain the separated signals from the original pixel pi=a1i+⋯+ali+ti, 1≤i≤N1×N2, which can be
calculated in Section 3.1. Define the embedded vector Vi=[a1i,…,ali], and each pixel unit is represented
as (Vi,ti).
Step 2:Modify ti to be tsi by formula (14) for preventing overflow.
Step 3:Encrypt Ui=(Vi,tsi) by pk and generate an encrypted unit EUi=(E(Vi),E(tsi)).
Data embedding phase
Input:The encrypted unit EUi, the number of spreading sequences q, the expanded parameter k, public key pk, and
secret bits.
Output:Marked unit EUi′.
Step 1:Divide secret bits into two parts SP1 and SP2, where SP1 contains q×N1×N2 secret bits and SP2 contains the
remaining bits.
Step 2:Transform secret bits biz, z={1,…,q} in SP1 to wiz using formula (9), and then obtain
the compound sequence Ci for each unit EUi.
Step 3:Encrypt Ci by pk and denote it as E(Ci).
Step 4:Embed E(Ci) into E(Vi) using CDM. By formula (10), obtain a new vector EVi′.
Step 5:Encode secret bits (bi1⋯bik)2 in SP2 to Di. Di is the decimal of (bi1⋯bik)2 for each unit EUi.
Step 6:Encrypt Di by pk and denote it as E(Di).
Step 7:Embed E(Di) into E(tsi) using VE. By formula (15), obtain a new signal E(tsi′). Then,
generate a marked unit EUi′=(EVi′,Etsi′).
Data extraction and image recovery phase
Input:The marked unit EUi′, the number of spreading sequences q, the expanded parameter k, and private key sk.
Output:Secret bits and the original image.
Step 1:Decrypt EUi′ using sk to generate Ui′=Vi′,tsi′.
Step 2:Extract q×N1×N2 secret bits from Vi′ by formulas (9) and (12).
Step 3:Obtain (bi1⋯bik)2 by extracting k LSBs of tsi′.
Step 4:Calculate tsi by formula (16) and recover ti by formula (17).
Step 5:Recover the original image by calculating pi=a1i′+⋯+ali′+ti.
The framework of the ESRDH method based on CDM and VE.
4. Experimental Results
As is shown in Figures 3(a)–3(d), four different grayscale images with different features are selected as the test images, which are Lena, Pepper, Sailboat, and Baboon. The size of these pictures is 512×512. The development tool is Myeclipse8.6, which is used on an Intel Core i5 CPU (2.8 GHz) with 8 GB of memory.
Four test images. (a) Lena, (b) Pepper, (c) Sailboat, and (d) Baboon.
The embedding rate (ER) and visual quality of the decrypted image are two important indicators to measure the performance of the EIRDH method, and they can be calculated by(18)ER=Embedding CapacityThe size of cover image,PSNR=10lg2552×N1×N2∑i=1N1×N2pi′-pi2,where pi and pi′ are the original and modified pixel values, respectively.
In the proposed method, if the ESRDH method based on CDM is used to embed secret bits, the ER is q bpp, and PSNR is +∞. In Table 1, when q=1 and q=3, the embedding capacity (EC) is 512×512=262144 and 3×512×512=786432, and the corresponding ER is 1 bpp and 3 bpp, respectively. And lossless visual quality of the decrypted image can be achieved. The decrypted images with the hidden data were not further processed, as shown in Figure 4. The plain text images recovered from the four encrypted images were all identical to the original one. In addition, we can utilize the VE method to further improve ER, and up to q+k bpp can be achieved. In addition, PSNR will be changed by setting k. For example, 786432 bits can be embedded using CDM and VE methods when q=1, k=2. However, PSNR of Lena is decreased to 36.85 dB. The other results about EC, ER, and PSNR of different test images are shown in Table 1. Furthermore, although the ER of the four images is 3 bpp when q=1, k=2, or q=3, the PSNR of these decrypted images are different.
The performance of EC, ER, and PSNR for different images.
To assess the time overheads on encryption, embedding, and decryption, we assessed the statistic efficiency performance of the proposed method for different test images when q=3 and k=1 in Table 2. In this table, the embedding time is small because secret bits are embedded by multiplication, which also reflects the notion that signals encryption and decryption spend a long time. However, since the operations of CDM and VE were all performed in a homomorphic encryption domain, the encrypted signals with the hidden data were protected by the Paillier cryptosystem. Therefore, the Paillier cryptosystem in our method is an important technology for protecting image content security although it is not efficient enough.
Efficiency performance of the proposed method.
Test images
Encryption(m)
Embedding(m)
Decryption(m)
Lena
94.76
1.79
181.70
Pepper
93.48
1.46
183.64
Sailboat
95.66
1.42
180.78
Baboon
94.74
1.51
185.29
Table 3 denotes signal expansion between our method and the selected methods, including Wu et al. [31], Shiu et al. [29], and Chen et al. [28]. According to Paillier encryption, the size of the cipher space is square of the size of the message space. In the table, Paillier encryption with 512-level security is adopted, and the plain text and the ciphertext are represented by 512 bits and 1024 bits, respectively. The output signal of our method is related to q and can reach 2×(q+2)×512. To solve the problem of data expansion, three alternative methods can be considered. The first is to use a lower security level, such as a 128-bit security level and 64-bit security level. Thus, the length of output signal will be reduced to 2×(q+2)×128 bits and 2×(q+2)×64 bits, respectively. The second is to reduce the value of q. When q=1, it is 6×512×512 and the same as Wu et al.’s method. The third is to use a pixel block instead of a single pixel as the input signal. If a 512-bit security level is used, an 8×8 pixel block can be adopted since such a block consists of 8×8×8=512 bits. Now, the length of the output signal is 2×(q+2) times that of the input signal.
The signal expansion between our method and the selected methods.
Methods
Input signal(bits)
Output signal(bits)
Our method
8
2×(q+2)×512
Wu et al. [31]
8
6×512
Shiu et al. [29]
8
2×512
Chen et al. [28]
8
4×512
The average PSNR of different images when q=1and k=2 are shown in Figure 5. At the beginning, the secret bits can be embedded using CDM, and the embedding rate can reach 1 bpp. Since the decrypted image is the same as the original image, PSNR is +∞. To further improve the embedding rate, the PSNR will be reduced and more secret bits will be embedded using VE. Compared with other related methods including Wu et al. [31], Shiu et al. [29], and Chen et al. [28], the proposed method has a better performance in terms of the embedding rate and PSNR.
The average PSNR in different test images when q=1 and k=2.
Moreover, since the decrypted image is the original image, the proposed method, which only uses CDM, can be applied to deal with encoded media such as H.264 video and JPEG images. Besides, real reversibility can be achieved by the proposed method.
5. Conclusion
This paper proposes improved encrypted signals-based reversible data hiding based on code division multiplexing and value expansion. When only using code division multiplexing to embed bits, lossless visual quality of directly decrypted images can be achieved, and the embedding rate can reach q(q={1,3}) bpp. When using code division multiplexing and value expansion method, the decrypted image will have some distortion, but the embedding rate can be improved to q+k(k={1,2}) bpp. The secret bits and the original image can be recovered from the decrypted image completely. However, the size of the encrypted image will be expanded because of Paillier encryption. In further work, the expansion problem may be solved using other encryption ways, and the property of multiplicative homomorphism may be utilized to further improve the performance on the embedding rate and PSNR.
Conflicts of Interest
The authors declare that they have no conflicts of interest.
Acknowledgments
This work is supported by the National Natural Science Foundation of China (NSFC) (61502242, U1536206, 61672294, 61702276, 61602253, 61373133, 61232016, 71501101, and U1405254), Jiangsu Basic Research Programs-Natural Science Foundation (BK20150925), Startup Foundation for Introducing Talent of Nanjing University of Information Science and Technology (2014r026#), Open Fund of Demonstration Base of Internet Application Innovative Open Platform of Department of Education (KJRP1402), Priority Academic Program Development of Jiangsu Higher Education Institutions (PAPD) Fund, Collaborative Innovation Center of Atmospheric Environment and Equipment Technology (CICAEET) Fund, and National Ministry of Science and Technology Special Project Research (GYHY201301030, 2013DFG12860, and BC2013012).
ShenJ.LiuD.LiuQ.SunX.A secure cloud-assisted urban data sharing framework for ubiquitous-citiesFuZ.HuangF.SunX.VasilakosA. V.YangC.Enabling semantic search based on conceptual graphs over encrypted outsourced data99Proceedings of the IEEE Transactions on Services Computing193910.1109/TSC.2016.2622697YuanC.SunX.LvR.Fingerprint liveness detection based on multi-scale LPQ and PCAShenJ.ChangS.ShenJ.LiuQ.SunX.A lightweight multi-layer authentication protocol for wireless body area networksChenX.ChenS.WuY.Coverless information hiding method based on the Chinese character encodingFridrichJ.GoljanM.DuR.Lossless data embedding-new paradigm in digital watermarkingTianJ.Reversible data embedding using a difference expansionNiZ.ShiY. Q.AnsariN.SuW.Reversible data hidingLeeS.YooC. D.KalkerT.Reversible image watermarking based on integer-to-integer wavelet transformYaoH.QinC.TangZ.TianY.Improved dual-image reversible data hiding method using the selection strategy of shiftable pixels' coordinates with minimum distortionFuZ.RenK.ShuJ.SunX.HuangF.Enabling personalized search over encrypted outsourced data with efficiency improvementXiaZ.WangX.ZhangL.QinZ.SunX.RenK.A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computingKongY.ZhangM.YeD.A belief propagation-based method for task allocation in open and dynamic cloud environmentsShenJ.ShenJ.ChenX.HuangX.SusiloW.An efficient public auditing protocol with novel dynamic structure for cloud dataFuZ.HuangF.RenK.WengJ.WangC.Privacy-preserving Smart Semantic Search based on Conceptual Graphs over Encrypted Outsourced DataZhangX.QianZ.FengG.RenY.Efficient reversible data hiding in encrypted imagesXiongL.XuZ.ShiY.-Q.An integer wavelet transform based scheme for reversible data hiding in encrypted imagesZhangX. P.Reversible data hiding in encrypted imageHongW.ChenT.-S.WuH.-Y.An improved reversible data hiding in encrypted images using side matchLiaoX.ShuC.Reversible data hiding in encrypted images based on absolute mean difference of multiple neighboring pixelsYiS.ZhouY.Binary-block embedding for reversible data hiding in encrypted imagesZhangX. P.Separable reversible data hiding in encrypted imageMaK.ZhangW.ZhaoX.YuN.LiF.Reversible data hiding in encrypted images by reserving room before encryptionCaoX.DuL.WeiX.MengD.GuoX.High Capacity Reversible Data Hiding in Encrypted Images by Patch-Level Sparse RepresentationZhangW. M.MaK. D.YuN. H.Reversibility improved data hiding in encrypted imagesZhangW.WangH.HouD.YuN.Reversible data hiding in encrypted images by reversible image transformationHouD.ZhangW.YuN.Image camouflage by reversible image transformationChenY.-C.ShiuC.-W.HorngG.Encrypted signal-based reversible data hiding with public key cryptosystemShiuC.-W.ChenY.-C.HongW.Encrypted image-based reversible data hiding with public key cryptography from difference expansionZhangX.LongJ.WangZ.ChengH.Lossless and Reversible Data Hiding in Encrypted Images with Public-Key CryptographyWuX.ChenB.WengJ.Reversible data hiding for encrypted signals by homomorphic encryption and signal energy transfer