On the Value of Order Number and Power in Secret Image Sharing

Shadow images generated from Shamir’s polynomial-based secret image sharing (SSIS) may leak the original secret image information, which causes a signiﬁcant risk. The occurrence of this risk is closely related to the basis of secret image sharing, Shamir’s polynomial. Shamir’s polynomial plays an essential role in secret sharing, but there are relatively few studies on the power and order number of Shamir’s polynomial. In order to improve the security and eﬀectiveness of SSIS, this paper mainly studies the utility of two parameters in Shamir’s polynomial, order number and power. Through the research of this kind of utility, the choice of order number and power can be given under diﬀerent security requirements. In this process, an eﬀective shadow image evaluation algorithm is proposed, which can measure the security of shadow images generated by SSIS. The user can understand the inﬂuence rule of the order number and power in SSIS, so that the user can choose the appropriate order number and power according to diﬀerent security needs.


Introduction
With the development and application of computer network and multimedia technology, the production, transmission, and storage of digital images have increased exponentially. e increasing problem of information leakage and the improvement of people's awareness of network information security have led to more and more individuals and organizations beginning to pay attention to and study the security issues in image transmission and storage. To protect the secret images of the national government and military departments, it is particularly urgent to solve such security problems.
For information security, digital images need to be protected during transmission and storage [1]. Traditional image protection technologies include image encryption [2][3][4] and image hiding [5][6][7]. Encryption is the use of a specific algorithm to present the secret in another way. Using a secure encryption algorithm to encrypt the image can effectively protect the security of the image content. Image hiding is to hide the secret existence in other carriers or modules through hiding algorithms. Both of these secret image protection technologies have a common feature: transmission through a single channel. When the channel fails or is destroyed, the recipient cannot normally recover the secret image. e same problem also occurs in storage. If the encrypted secret image and the carrier hiding the secret image are tampered with or destroyed, the secret image cannot be completely restored. In addition to image encryption and image hiding, there are also image sharing [8][9][10][11][12]. Secret image sharing (SIS) not only has the function of protecting secret images, but also has the advantages of loss tolerance that other conventional methods do not have [13].
Secret sharing (SS) is to share the original secret into multiple subsecrets and distribute the generated shares to different participants. When the shares contributed by participants meet the required conditions, the secret can be recovered. SS solves the problem that secrets may be destroyed or tampered with in transmission and storage by using multiple channels for transmission and storage. Secret sharing based on Shamir's polynomial principle is an important branch of SS [14,15]. ien et al. introduced the principle of secret sharing into the field of images and proposed SSIS [16]. e proposal of SSIS is of great significance to the protection of secret images. However, some shadows generated by SSIS may leak the original secret image information, which has a significant impact and challenge on the security of SSIS. It is found that information leakage of shadows occurs at different order numbers, and the degree of leakage varies from order number to order number. Similarly, the change of power also has some influence on the leakage of shadow images. It has been proved that the occurrence of SSIS's information leakage is related to the order number, power, and image itself.
is paper mainly uses theoretical analysis and experimental validation to study the impact of order number and power on the security of SSIS.
is paper finds out the influence rule of order number and power and gives different selection schemes of order number and power so that users can select order number and power more effectively and conveniently according to different security needs. In order to evaluate the security of shadows more objectively, this paper also proposes a new shadow security evaluation algorithm. e degree to which the shadows leak the secret of the original image can be objectively measured by the parameters obtained by the evaluation algorithm, thus avoiding the subjective error of the human visual system (HVS).

Preliminary
In 1979, Shamir [17] and Blakley [18] proposed classical threshold SS schemes using algebra and geometry, respectively. Shamir's polynomial-based secret sharing (SSS) is to split secret S into n shares, which are assigned to n participants. Any k or more shares can be used to reconstruct S, while less than k shares cannot get any information on S. SSS is a threshold sharing scheme, which shares the secret S into n shadows by f(x) � (a 0 + a 1 x + · · · + a k−1 x k− 1 )mod p, in which a 0 � S, a 1 , a 2 , . . . , a k−1 are selected randomly in [0, p]. SIS can only embed one bit at a time, which is sufficient for sharing ordinary text data, but it is far from enough for sharing secret images. Every pixel in a secret image needs to be shared. If a secret pixel is shared every time, the space occupied by the sharing and the efficiency of sharing will be greatly reduced. In order to improve the efficiency of sharing and the space occupied by sharing, ien and Lin sequentially embed the pixels of the secret image into all the coefficients of the Shamir's polynomial [16], and the specific measures are as follows: (1) a i is the ith pixel value of each group in the secret image sharing process. (2) p is selected as 251, and the pixels above 250 are treated as 250.
e increase in sharing efficiency also brings about a problem: the shadow images generated by some images will leak the original secret image information [19,20]. When the pixel correlation of the original secret image is strong, leakage is more likely to occur. It is worth noting that although the images are different, the leakage always occurs on some specific order numbers. In the application of the ien-Lin's scheme, the choice of order number is of great significance to the security of the secret image, which has been extensively studied [21][22][23]. Tompa and Woll [21] proposed random generation of order numbers in theory but did not propose specific and effective generation schemes. In reference [22], when using the ien-Lin's method, change p to 257, and the order number is defined as an integer from 1 to n. Literature [23] uses ien-Lin's method on GF(2 8 ), taking order number as image ID number, so it cannot be randomly generated.
ese studies have noticed the importance of order numbers in SSIS, but they have not given a feasible order number selection scheme. Like the order number, the power is also a coefficient in the polynomial, and its role in sharing the polynomial cannot be ignored. Unfortunately, there is relatively little research on the power of Shamir's polynomial. e rest of the paper is organized as follows. Section 3 introduces the research motivation of this paper and our contribution. e proposed scheme is introduced in Section 4, including parameter analysis, shadow image security evaluation algorithm, and order number and power selection scheme. Section 5 gives the experimental process and data. Finally, Section 6 concludes this paper.

Motivation
SIS has gradually developed into a popular research direction, so many SIS schemes have been proposed. Although there are many SIS schemes, SSIS is a simple and efficient SIS scheme.
is simplicity is reflected in the easy-to-understand sharing principle and easy-to-use sharing steps, without other operations such as image preprocessing. e efficiency is reflected in the low time complexity of sharing, and the shadow image generated by sharing takes up less space, which is only 1/k of the original secret image. e advantages of time and space make the study of SSIS valuable.
Most of the shadow images generated by SSIS are noise images, which ensures the security of SIS. However, part of the shadow image of some images will leak part of the information of the original secret image. e leaked shadow image of this part destroys the confidentiality of SS and affects the security of sharing to a certain extent. In this paper, the purpose of our research on order number and power is to avoid such information leakage and improve the security of SIS. Order number and power are important parameters for SSIS. e occurrence of shadow image leakage must be related to the order number and power, but there is no research to prove this relationship. e influence of order number and power on SSIS can be found through research, and suggestions for selecting safer order number and power are given. When the user performs SSIS, by selecting a safe order number and power, the appearance of insecure shadow images is reduced, the generated shadow images are prevented from leaking the original secret image information, and the security of SSIS is provided to a great extent.

Our Contributions
(1) e function of each parameter in Shamir's polynomial is analyzed, and the selection suggestions of the order number and power under different security conditions are given. (2) A security evaluation algorithm for shadow images generated by SSIS is proposed, which can measure the degree to which the shadow image leaks the original secret image, that is, the security of the shadow image.

The Proposed Scheme
In this section, we describe the function of each parameter in Shamir's polynomial in detail and give some suggestions on the selection of order number and power, which solves the utility problem and selection problem of order number and power in Shamir's polynomial.

Parameters Analyses.
In this section, the function of each parameter in Shamir's polynomial is described in detail, the security evaluation algorithm of the shadow image is proposed, and some suggestions are given for the choice of order number and power, which solves the utility problem of the order number and power in Shamir's polynomial and choice issues. e position and number of secret pixels are inserted. When using SSS to share a secret image, that is, when only the first coefficient a 0 is inserted into the secret pixel s, and the remaining coefficients a i are randomly selected from the finite field p, the shadow image will not leak the original secret image information, because the existence of random numbers ensures the security of shadow images. If a single pixel is inserted into the other coefficients a i of Shamir's polynomial, and the coefficients other than a i are random numbers, then the shadow image will not leak the original secret image information.
is shows that the secret insertion position is not directly related to the leakage of the shadow image.
As the number of inserted secret pixels increases, the location of the secret pixels will have different options. Research has found that no matter how the position and number of the inserted secret pixels change, as long as the number of inserted secret pixels is less than k, the shadow image will not leak information visually. It is not difficult to find that the visual security of the shadow image can be protected as long as there are random coefficients in the polynomial, no matter the position or number of the inserted secret pixels is studied. e existence of random numbers causes shadow images to resemble noisy images. It can be seen that the existence of random numbers ensures the security of SIS, which has nothing to do with the selection of order number and power. However, there is no randomness of coefficient in ien-Lin's scheme, so the security of its sharing should be maintained by other parameters.

4.1.1.
e Type of Secret Image. In ien-Lin's scheme, different secret images have different degrees of leakage, so we broadly divide the secret images into three categories: monochrome images, strong correlation images, and weak correlation images.

For Monochrome Images.
A monochrome image is an image with all the same pixels. Sharing a secret image requires multiple participations of polynomials. But for monochromatic image, there is only one situation: the shared pixels are the same for each group, which leads to the fact that the shared values must be the same. is means that the shadow image is just a color change, which cannot guarantee the security of the secret image content.

For Strongly Correlated Images.
In a strong correlation image, the pixel correlation degree is relatively close, and the adjacent pixel values are similar or the same, but they are not exactly the same as monochrome images, so there will be a problem of partial shadow images leaking part of original secret image content. We can deduce the formula as follows: Adjacent pixels are the same or similar, so Δa is visually unchanged, that is, Δa � 0. e randomness of pixels in the shadow image mainly comes from the influence of a 1 X. Using λX to represent a 1 , we get a 1 X � λX 2 . is means that when k � 2, randomness is related to x 2 . Similarly, the following formula can be obtained.
In order to better observe the influence of order numbers on the randomness of shadow pixels, corresponding scatterplots are drawn, as shown in Figure 1.
e randomness of the shadow image is closely related to the order number. By analyzing formula (1) and observing Figure 1, we get the following conclusion: e larger the k, the greater the randomness of shadow pixels, and the greater the range of safe selection of order numbers .
is conclusion can be explained in many ways: (1) e more regular the distribution of shadow pixels, the smaller the randomness, and the greater the risk of shadow image leakage. For example, in Figure 2, the distribution of green, blue, and red dots is regular, which means that the randomness is small. (2) e larger the k, the smaller the probability of continuous k pixels being the same. (3) e larger the k, the larger the pixel grouping, and the smaller the shadow image.

For Weakly Correlated
Image. e correlation degree of pixels in weakly correlated images is small, and each group of pixels can be regarded as a group of random numbers.

Security and Communication Networks
is guarantees the security of SIS. But it is affirmative that applying the conclusion of strongly correlated images to weakly correlated images can greatly improve the security of sharing.
In this section, we have come to the conclusion that monochrome images are not suitable for sharing with SSIS and that the sharing of strong or weak correlation images requires a reasonable choice of order number and power.

Shadow Image Security Evaluation Algorithm.
If the human visual system (HVS) is used to determine whether a shadow is unsafe, it is not only subjective and arbitrary, but also may have more or less errors. In order to remove human visual errors and subjective factors, we propose an algorithm for evaluating the quality of shadow images. After trying many evaluation methods such as information entropy and mutual information entropy, a new method is proposed. e algorithm is as follows Algorithm 1:  e algorithm is based on randomness, which guarantees the security of shadow images. Parameter ε represents the weighted variance of the distribution of shadow pixels after the corresponding pixels are shared.
Combining the above knowledge and the distribution histogram of shadow image pixels, we will introduce the design ideas of the algorithm. Here, we mainly introduce the algorithm with the classic threshold k � 2 as an example. Figure 3(a) is a comparison image, and Figure 3(b) is its pixel distribution histogram. Figures 4 and 5 are the shadow images with order numbers 1 and 59 and their corresponding shadow pixel histograms, respectively. We can clearly see that when the order number is equal to 1, the content of the secret image is leaked, and when the order number is equal to 59, the shadow image is safe. Corresponding to the distribution histogram of the pixels, we can see that when the order number is 1, the general rule of most pixels has not changed, there is only an offset, and the random degree of the pixels has not changed substantially. However, when the order number is 59, the distribution of secret pixels has undergone major changes, and the degree of randomness of pixels has been increased. e more the pixel distribution in the shadow image changes relative to the pixel distribution of the original secret image, the greater the randomness is, and the greater the visual change it brings.
In order to achieve the purpose of evaluating the randomness in the shadow image, we will judge each pixel and calculate the sum according to the weight of each pixel. To evaluate the randomness in a shadow image, we will determine each pixel and weigh it according to its weight. Here, as an example of a pixel with a pixel value of 52, Figure 6(a) shows the corresponding pixel distribution when the order number is 1, and Figure 6(b) shows the corresponding pixel distribution when the order number is 59.
We can see that when the order number is 59, the randomness of the corresponding pixels is greater. e distribution of other pixels is similar to that. After calculating them by weight, the randomness of the shadow image relative to the original secret image can be better evaluated. e algorithm outputs a parameter ε, and the larger the parameter ε is, the safer it will be. According to the distribution rule of ε, we have established a security system in Table 1. Level A has an obvious leak and is not suitable for application. According to different safety needs, Levels B, C, and D can be chosen.
Based on the algorithm, it can be confirmed that the discrimination of shadow images requires images of equal size. So, we get the required contrast images by embedding the sharing algorithm, as shown in Figure 7.
e actual effect proves that leakage can be completely represented by parameter ε, as shown in Figure 8. When k � 2, Figures 8(a) and 8(b) have obvious leakage and cannot be applied in practice. e leakage of Figures 8(c) and 8(d) is not obvious; it can be used optionally. Figures 8(e) and 8(f ) are noisy images, which can be used more safely. e shadow image evaluation algorithm is feasible in practical applications, and the algorithm complexity will be analyzed. Steps 1 and 2 of the algorithm require statistics on the distribution of each pixel in secret and shadow images. In this process, all the pixels in the image need to be traversed, and the time complexity is O(n 2 ). Steps 3 and 4 perform simple operations with less time complexity. erefore, the overall time complexity of the algorithm is O(n 2 ). After analysis, the feasibility and computability of the algorithm have apparent advantages.

Research and Analysis on Order Number.
With the default power of 0 ∼ (k − 1), we find the following rules: Rule 1: Information disclosure will be roughly symmetrical. Rule 2: Information leakage is easy to happen at both ends. Rule 3: e leakage of different thresholds is different, and the leakage degree is k � 2 > k � 3 > k � 4. Rule 4: ere is no simple relationship between information leakage and whether the order number is prime or sum.
Some selection suggestions are given, and users can choose according to their own security requirements.
Refer to Table 2 when k � 2, 3, 4: When users use f(x) � (a 0 + a 1 x + · · · + a k− 1x k− 1 ) mod p for secret image sharing, we give the top five order numbers, as shown in Table 3:

Research and Analysis on Power.
It is impossible to exhaust all combinations of powers, because the space for power combinations is too large. Some representative power combinations have been selected; see Table 4 for details.
After extensive testing, the following rules are found: Rule 1: ere is no uniform distribution law, which is related to the combination of power. Rule 2: Shadow image information leaks much less when the first power is not zero than when the first power is zero. Rule 3: When the power combination is even, the order number is symmetrical. Rule 4: Shared security increases with the highest power. Rule 5, 6: Rules 3 and 4 in order number also apply here.
After comparative analysis, it is recommended that the first power is not zero, and all powers are not even at the same time.
For example, (1) when k � 2, the power combination that can be selected is (1, 2). (2) when k � 3, the power combination that can be selected is (1, 2, 3).  e security level of the shadow image obtained by sharing is mostly distributed in B, C, and D levels, which meets the requirements of safe sharing. User can choose safe order number between 10 and 240.

Experiments
In this section, we will introduce the process and design of the experiment. e experiment follows the following principles: (1) Choose a strongly correlated image, Indor image for experimentation, and validate it with a weakly correlated image, Lena image.
(2) In order to facilitate changing the insertion position, number, and power, the operation of polynomials is changed to the operation of matrix. An experiment on SSIS verifies that there is a partial order number leak problem. Here, k � 2 is used as an example to show a set of pictures with varying degrees of leaks, such as Figure 12. It can be clearly seen that almost all of them have the problem of leaking the original secret image information, but the degree of leakage is different.
In the experiment, we not only used Indor images, but also other images for auxiliary verification. We find that the shadow image shared by Lena image is leaked, and the     Table 2. e number below the image is the order number of the shadow image. (a) 2 (b) 3 (c) 6.   (0,1,2,3); (0,2,5,8); (0,5,7,11); (3,5,7,11) corresponding shadow image shared by Indor image must be leaked; the shadow image shared by Indor image is leaked, but the corresponding shadow image shared by Lena image does not have to be leaked. erefore, strongly correlated image's conclusions apply to the weakly correlated image. See, for example, Figure 13.
Other experimental results are given in other parts of this paper and are not discussed here. In this section, the result of the experiment fully proves that the security evaluation algorithm of the shadow image and the selection scheme of order number and power proposed by us are correct. is paper studies the utility of SSIS sharing order numbers and power. We analyzed the utility of each parameter in SSIS and gave suggestions for selecting the order number and power. Users can choose order power and number before sharing according to different security needs. e convenient selection of safe order number and power greatly improves the efficiency and security of SSIS. In this process, a security algorithm to evaluate the security of shadow image is proposed, which greatly facilitates the detection of shadow images. Further theoretical analyses and application of the evaluation algorithm will be our future work.s

Data Availability
is article contains data to support the results of this study. If other data are needed, the data used to support the results of this study can be obtained from the corresponding author.

Conflicts of Interest
e authors declare that they have no conflicts of interest.