Secret Image-Sharing Scheme Based on Multinode Authentication in the Internet of Things

Internet of things (IoT) has been developed and applied rapidly because of its huge commercial value in recent years. However, security problem has become a key factor restricting the development of IoT. ,e nodes of IoT are easy to be impersonated or replaced when attacked, which leads to the mistake of the uploaded data, the abnormal use of the application, and so on. Identifying the authenticity of the data submitted by the nodes is the top priority. We propose a scheme to verify the authenticity of multinode data. In this scheme, the authenticity of node data is checked through visual secret recovery and XOR operation together. ,e least significant bit (lsb) operation converts data from nodes into a bit, which improves the efficiency of data verification and reduces the risk of data leakage. ,is scheme achieves the purpose of verifying the data provided by the node, which avoids malicious attacks from illegal nodes. By analyzing the experiment result and comparing with other works, our scheme has the advantages of high verification efficiency, lightweight storage of nodes, and security verification.


Introduction
IOT (Internet of things) is a network based on information carriers such as the Internet and traditional telecommunications networks, allowing all ordinary physical objects that can be independently addressed to achieve interconnection [1]. It is an important part of a new generation of information technology, which has developed rapidly in recent years and has broad application prospects. With the upgrade of communication networks and the continuous development of IoT technology, its related services and related technologies [2][3] have been rapidly developed and popularized in all walks of life [4][5][6][7][8]. In IoT-related business, the label technology for identifying objects with unique identifiers has also received attention and a lot of research. Although IoT adopts the form of connecting things, it must rely on Internet technologies such as computer communication and information transmission. erefore, in the IoT environment, there are security risks such as technical security issues, signal interference, malicious intrusion, and communication. In recent years, as an information carrier, images are widely used in various fields. Especially, in the related applications of IoT, image security is particularly important. e sensor node is an important part of IoT [9][10][11], mainly responsible for information collection, data transmission, and data fusion. Its important function has attracted the attention of criminals; physical packet capture and brute force cracking have become important ways of attacking the IoT. Once a node in the IoT is cracked, the attacker has a legal identity and can attack inside the IoT, pouring massive amounts of redundant data and causing network congestion. From this perspective, malicious nodes take a great threat for the IoT.
In scheme [12], an integrated approach for authentication and access control is presented for communication with wireless sensor nodes in IoT networks, which provides strong protection against known attacks such as energy exhausting and Man-In-e-Middle. Li et al. [13] utilize blockchain technology, which serves as a secure tamper-proof distributed ledger to IoT devices. e processing method is to assign a unique ID for each individual device, recording them into the blockchain so that they can authenticate each other without a central authority. Lau et al. [14] use blockchain technology to authenticate IoT devices before it joins an IoTnetwork. Based on the characteristics of blockchain, this method can be used to create the digital identification of IoT devices and authenticate them. However, the abovementioned schemes only verify the node and do not verify data stored by the nodes, so the attack of data tampering cannot be completely avoided.
At present, the idea of protecting image security is to use secret sharing; secret shares can be stored in sensing nodes. In order to restore the original secret completely and effectively, we must check the legitimacy of shares from nodes. For this reason, we propose a nodes' authentication in the IoT, which can reduce the storage space of every node and complete mutual authentication between nodes.
Image security prevents the adversary from getting any information about the original image in transmission or storage. Encryption algorithm, information hiding, and secret sharing have been used in the field of image security [15][16][17]. Encryption [18] is using mature cryptographic algorithms to process digital images. However, the processed image is very different from the normal image, which may be attacked by adversary. Information hiding technology [19] is that it hides secret information in an image carrier. If the carrier is processed during transmission, the origin secret information can still be recovered with a low failure rate. However, if the image carrier is damaged or lost, secret information cannot be recovered. Fortunately, secret sharing plays an important role in preventing carriers from being lost, damaged, maliciously destroyed, or operated by criminals. Secret sharing is processing the secret image into multiple shares, and multiple participants commonly save the shares. e secret image can be reconstructed when the number of participants comes to the threshold. Even if part of the share destroyed or lost, the secret image still can be reconstructed. Obviously, secret sharing can solve the shortcomings of encryption algorithms and information hiding technologies. With the deepening of research, many secret-sharing schemes [20][21][22][23] have been designed and improved.
Schemes [20][21][22][23] do not mention the share authentication. Many applications need identity authentication ability for program security, such as online banking [24], electronic voting [25], and e-commerce [26]. e verification-type secret-sharing scheme is that the processor processes the secret into several shares, and participants can verify the received shares. erefore, the risk of the original secret and shares being leaked can be avoided. Chor [27] first proposes the concept of verification-type secret sharing. e verification work is mainly done through real-time webcasting. With the secret image-sharing scheme (SISS) widely used, share authentication has become especially important. Stadler [28] proposed an open verification-type secretsharing scheme. Each participant in the scheme can verify the authenticity of the share; in addition, it will not cause any leakage of the original secret and share information.
Unfortunately, the algorithm designed by Stadler cannot satisfy the real program requirements.
In addition, there are many new verification-type schemes [22,[29][30][31][32][33]. Feldman [29] proposes a SISS. e method of this scheme is that the third party compares the submitted data with the original data and completes the purpose of authenticating the data. If the submitted data are found to be false, the secret recovery work will be stopped. Unfortunately, this scheme requires a large amount of information to be disclosed in advance, and there is a risk of information leakage.
e scheme [30] divides the secret image into nonoverlapping L blocks with containing 2k − 2 pixels. e processor constructs two k − 1 degree polynomials for each block, calculating shares by relying on these two polynomials. In the verification phase, the processor checks the reconstructed two polynomials. If the same common integer exists between the two polynomials, the group of shares is correct; otherwise, the group of shares is forged. In fact, the scheme has some drawbacks, such as it cannot accurately screen out the forged shares and the reconstructed image is lossy. e scheme [22] is based on the symmetry of bivariate polynomial and the linearity of interpolation polynomial. However, this scheme has the disadvantages of lots of data calculation and low verification efficiency, and the verification accuracy is low. is paper focuses on nodes' verification problem with/ without a third party. e key of scheme is the combination of SISS and visual secret-sharing (VSS), which cleverly realizes nodes' authentication under different occasions. e scheme involves two types of images: public binary image that is used as an authentication password image and secret image is shared as secret information. e scheme has the advantages of no pixel expansion, lossless recovery, and high certification accuracy. In addition, this scheme can reduce the amount of calculation to save storage space. It allows users to choose a model in the scheme according to their needs, which effectively increases the flexibility and practicability of the scheme. e rest of this article is organized as follows. Section 2 introduces some preliminaries. Section 3 describes the motivation and contribution of our proposed schemes. Section 4 proposes a share verifiable image secret-sharing scheme. Section 5 analyzes the correctness and security of proposed scheme and compares with related work. Section 6 is a conclusion of the article.

Preliminaries
In this section, we represent many related concepts and schemes. Shamir's secret-sharing scheme [34] based on Lagrange polynomials and the visual secret-sharing scheme based on random grids [35,36] are introduced in this section. We combine these two schemes to achieve the purpose of share verification. In addition, we introduced related symbols that can be used in the scheme.

Shamir's Secret-Sharing Scheme.
In scheme [34], there are n shareholders U � U 1 , U 2 , . . . , U n and a mutually trusted dealer D. e scheme consists of two algorithms: share generation and secret reconstruction.
Share generation: the dealer D selects a prime number p and random a degree polynomial f(x) � a 0 + a 1 x 1 + a 2 x 2 + · · · + a k− 1 x k− 1 modp, where all coefficients a i , i � 1, 2, . . . , k − 1, are in z p . e secret S is equal to the constant term of f(x), i.e., S � f(0) � a 0 ; D picks n different positive integers x 1 , x 2 , . . . , x n from z p and computes S i � f(x i ) for i � 1, 2, . . . , n. Finally, D distributes each share S i to the corresponding shareholder U i securely and x i is public information associated with U i . Secret reconstruction: suppose that m(m ≥ t) shareholders U 1 , U 2 , . . . , U m team up for secret reconstruction. Each shareholder U i sends his private share S i to the other shareholders. After that, a shareholder has m shares S 1 , S 2 , . . . , S m , and it can use Lagrange interpolation polynomial to evaluate the secret S as (1)

Random Grids (RG)-Based Visual Secret-Sharing (VSS)
Scheme. RG-VSS [35] is a probabilistic visual secret-sharing scheme. (2, 2) threshold RG-VSS is generally divided into two stages: the sharing stage and the recovery stage. At the same time, the black and white in the secret image are represented by 1 and 0, respectively.

Secret Generation.
Pseudorandom generation s 1 c 1 calculated s 1 c 2 by where s 1 (h, w) is the position of each pixel in the binary image s 1 , h represents the column coordinate of s 1 , w is that the row coordinate of s 1 , and s 1 c 1 (h, w) denotes the negation of s 1 c 1 (h, w).

Secret
Reconstruction. In equation has a 50% chance to be black or white. Because s 1 c 1 is pseudorandomly generated, where the symbol ⊗ represents the meaning of stacking; other symbols have the same meaning as in equation (2).
In fact, equation (2) can be seen as s 1 (h, w) � s 1 c 1 ⊕s 1 c 2 (h, w); thus, we can recover s 1 (h, w) in this way. ⊕ expresses the exclusive XOR operation.

(K, N) VSS-Based Random Grids (RG).
e scheme [36] proposes a (k, n) VSS scheme based on random grids. e sharing stage of the algorithm is as follows: Input: A M × N binary secret image S and a pair of threshold parameters (k, n). Output: n shadows SC i , i � 1, 2, . . . , n.
Step 1: Step 2: sequentially calculate b 1 , b 2 , . . . , b k repeatedly using equation (2), where b x is the provisional pixels, x � 1, 2, . . . , n Step 5: output n shadows SC 1 , SC 2 , . . . , SC n 2.4. Related Symbols. In this part, we give a table of summarizing the main used symbols in this paper for easy reading. ey are shown in Table 1.

Motivation and Contributions
In our life, digital images are used widely, such as copyrighted pictures and QR codes. At this stage, how to ensure the correctness and completeness of the digital image has become very important. In order to solve problems mentioned, we use secret image sharing to solve image security issues, which can more effectively guarantee the integrity and correctness of the image. We propose a scheme combining the traditional SISS with visual secret sharing. It can complete the verification of the share verification work in a visual way. At the same time, considering the interactive and noninteractive protocols, we design two types of algorithms that satisfy real-life scenarios and the needs of different users.
e strategy is that nodes in the Internet of things are regarded as participants in our scheme. e shares of participants are considered nodes' data. In the data fusion stage, verifying data submitted by the participants to ensure that the final result is correct.
We have four pictures to explain the purpose of our scheme. e scheme involves two roles: participants and a third party. In order to allow readers to better understand the application scenarios of the scheme, assume that there is only one dishonest participant in the scheme to carry out the attack, and all cases are based on (3,4) threshold. In addition, we also analyze the processing ideas when there are multiple dishonest participants.
For Case 1: (3, 4) secret sharing with a third party when there is no dishonest participant, in Figure 1, the third party can recover the original secret by obtaining the shadows of any three participants. For Case 4: (3, 4) threshold secret sharing without a third party when there is a fake participant, in Figure 4, for dishonest participant P 1 , participant P 2 , and participant P 3 , they send their private shares to each other, and then, each participant verifies the shares of the other two participants. P 2 and P 3 detected that the fake share is sent by P 1 , then stopped refactoring the secret, and broadcasted the fake behavior of P 1 to P 4 . e above cases only describe the existence of one forger, which should be done if there are multiple forgers. e third-party verification model is still feasible; however, the model of mutual authentication between participants must rely on the voting mechanism.

Security and Communication Networks
Suppose that k participants complete the secret reconstruction work. Each participant authenticates other k − 1 participant's shadow and votes for them. If any participant gains k − 1 votes (note: dishonest participants are afraid of revealing their identities and give up voting opportunities), we determine that the participants in the group are honest. If any participant gains less than k − 1 votes, we let the remaining n − k participants perform auxiliary verification. e remaining participants vote for the k participants. If any of the k participants gains less than T � ⌊((n − 1)/2)⌋ votes from n − 1 participants, we determine that this participant is dishonest. In contrast, if the number of votes more than T � ⌊((n − 1)/2)⌋, we judge that if more than half of the T votes are true; the participant is considered to be honest; otherwise, the participant is dishonest. erefore, the scheme stipulates more than T � ⌊(n/2)⌋ + 1 honest participants among all n participants to achieve the threshold.

Secret Image-Sharing Scheme with Shares' Verifiable
In this section, we describe the specific algorithms for the two types of models. e first model is designed for batch verification. In the secret-sharing phase, we first process the n shares generated by the secret image S 2 . en, let the n shadows generated by the authentication image S 1 match the processed n shares. If the matching is unsuccessful, let S 1 regenerate new shadows with the help of the (k, n) VSS scheme and perform the matching again until it succeeds. After the match is successful, one of the n shadows is selected   and sent to the third party (since the (k, n) VSS scheme can only generate k kinds of shadows, and n is an integer multiple of k ), denoted as thir. Assuming that we want to know quickly whether there is a dishonest participant among a group of participants, the third party uses the private shadow thir and the submitted share to calculate for judgment. If equation lsb(s 2 c 1 )⊕, . . . , ⊕ lsb (s 2 c i )⊕thir ≜ ⊘ for i ∈ [i, k] (s 2 c i represents the submitted shares) holds, there is no dishonest participant in this group; on the contrary, there is a dishonest participant. e second model is that participants verify each other, which can screen out dishonest participants. Each participant in a group sends private share to other k − 1 participants. Next, participants use their own computing power to judge the received shares and then vote on them. Finally, judging dishonesty by voting results, the specific voting mechanism has been specified in the third part, so we will not describe it in detail here. e specific steps of the two models have been described in Algorithm 1 and Algorithm 2 as follows.
Step 1: a prime number p � 257. Dividing S 2 into L nonoverlapping subimages of size is H × W/k, and subimages are expressed as block 1 , block 2 , . . . , block L .
Step 2: construct a polynomial of degree k − 1, which is shown as Step 3: utilize (k, n) RG-VSS to split S 1 (h, w) to n temporary bits and denote as b Step 4: define a sequence seq � 1, 2, . . . , n { }, scrambling seq to generate an new sequence seq 1 � u 1 , u 2 , . . . , u n . Going to execute Step 5, otherwise execute Step3. Where lsb (x) means that it gets the least significant bit of x.
Step 5: if a third party exists, go to execute step 6, otherwise execute Step 7.
Step 6: randomly pick a numbers from b 1 , b 2 , . . . , b k , denoted as thir. thir is assigned to the third party.
Step 7: assign specify shares s 2 c j , j � u 1 , u 2 , . . . , u n , to For Algorithm 1, Step 4 and Step 5 cooperate to achieve shares' authentication when a third party exists. (4) have restrictions on the relationship between k and n, in which suggestion is n/k ≤ 3/5.

Algorithm 2
Input: obtain k shares from s 2 c i , i ∈ [1, n], the public password binary image S 1 , and verification share thir held by the third party. Output: recovered secret image S 2 .
Step 1: if the third party verifies shares, firstly, calculate the result of the K shares, and they are expressed as lsc j � lsb (s 2 c i ), j ∈ [1, k], i ∈ [1, n]. en, through the stacking or XORing operation the number of lsc j and thir, the result is recorded as S * 1 . If S * 1 is recognized as S 1 by HVS or S * 1 � S 1 , the shares are valid, and go to Step 3. Otherwise, there is forgery among the k participants, and it broadcasts the dishonest person's message to other participants in the group.
Step 2: if participants authenticate each other, each participant sends his share s 2 c i to other k − 1 participants. All participants process received k − 1 shares; the processing result is expressed as Next, each participant relies on stacking or XOR to complete the processing of all lsc j , j ∈ [1, k − 1] and own share s 2 c i , i ∈ [1, n]. e processing result is recorded as S * 1 . If S * 1 is recognized as S 1 by HVS or S * 1 � S 1 , the k participants are all honest and go to Step 3; Otherwise, use voting mechanism to complete shares' authentication.
For Algorithm 2, (1) In Step 2, every participant authenticates other k − 1 participants here. If k number of S * 1 is recognized as S 1 by HVS or S * 1 � S 1 , the authentication result is true, and go to Step 3.
(2) e authentication ways of the two models are different. When participants authenticate each other, the voting mechanism will be carried out.

Experimental Results and Analysis
In this part, we will give some experiments to verify the feasibility and effectiveness of the proposed scheme. In addition, we also analyze and compare our scheme with other schemes in detail.

Experimental Results.
e operating environment required for this experiment is as follows: Windows10, CPU (2.60 GHz inter(R) i7-9750H CPU), 64G RAM, and Matlab application.
Due to the characteristics of no pixel expansion of the proposed SIS, the size of the secret image is 132 × 132 in our experiments. Here, we introduce the experimental results of (4, 8) threshold. Figure 5 shows the experimental results of different verification modes. As we can see all, the secret S 2 is (a) in Figure 5, the authentication image S 1 is (b) in Figure 5, and picture (c) − (j) denotes the output shares s 2 c 1 , s 2 c 2 , s 2 c 3 , s 2 c 4 , s 2 c 5 , s 2 c 6 , s 2 c 7 , s 2 c 8 .
Result of s 2 c 1 , s 2 c 2 , s 2 c 3 , s 2 c 4 , s 2 c 5 , s 2 c 6 , s 2 c 7 , s 2 c 8 processed by lsb is displayed in pictures (k) − (r). Figure 6 of (a) − (h) represent many shadows s 1 c 1 , s 1 c 2 , s 1 c 3 , s 1 c 4 , s 1 c 5 , s 1 c 6 , s 1 c 7 , s 1 c 8 , and s 1 c 4 is sent to the third party as a verification password. Picture (i) illustrates a fake share which is denoted by wro. Picture Supposing there is a dishonest participant, which is shown in Figure 6 of (i) is wro and shares s 2 c 1 , s 2 c 2 , s 2 c 3 want to join the secret S 2 reconstruction work, the third party verifies the provided shares s 2 c 1 , s 2 c 2 , s 2 c 3 , wro. e result is presented in Figure 6 of (n). So, there are faked shares in this group. e third party stops the recovery of the secret S 2 and looks for new effective shares.
Each participant acts as a restructioner; they will verify the received shares k − 1. Suppose the share s 2 c 1 saved by participant P 1 , the share s 2 c 2 saved by participant P 2 , the share s 2 c 3 saved by participant P 3 , and the share s 2 c 4 saved by participant P 4 . P 1 , P 2 , P 3 , P 4 verify the received k − 1 shares; results are shown in figure of (0) − (r). So, shares provided by the participants P 1 , P 2 , P 3 , P 4 are valid. If P 1 provided a forged, we use the voting mechanism to vote for P 1 , P 2 , P 3 , P 4 and finally screen out dishonest participants P 1 .

Safety and Correctness Analysis.
We analyze the security and correctness of the proposed scheme. Note that the gray secret image S 2 and binary password image S 1 are not related in the scheme. In addition, the obtained k restored pixel values are expressed as s 2 c i , i ∈ [1, k]; the third party is expressed as sk and holds data ths. e attacker is represented as ak. □ Theorem 1. When the data saved by the node is attacked, a single data cannot reveal any information of S 2 .
Proof. Since the scheme in this paper is based on Lagrange secret sharing. S 2 is shared into n data that are stored by nodes; these data do not carry any information of S 2 . At the same time, the security features are derived from the threshold, and only k valid data can recover the secret S 2 . □ Theorem 2.
e two types' modes in the scheme can realize the legitimacy detection of node data, ensuring that the recovered secret S 2 is correct. Proof.
e scheme stipulates that more than 51% of the node data will not be attacked, and the third party is credible. When the third party verifies the data, avoid sk colluding with ak to tamper with the verification result of data. When participants authenticate each other and when the voting mechanism is used to determine the accuracy of the data, since the proportion of the attacked data is set, malicious participants can be prevented from jointly affecting the accuracy of the data verification result. erefore, both verification modes are safe during data verification. Proof. In the recovery phase, a 0 and a i , i ∈ [1, k − 1] can be calculated by the Lagrange interpolation formula. Because Lemma 1 has proved that all shadows s 2 c i < p − 1; finally, the secret reconstructed by shadows is also lossless. Proof. In the first mode, the verification key is held by sk; in addition, sk is honest in the scheme. During the verification phase, we just need to judge whether lsb (s 2 c i )⊕ths ≠ ⊘, i ∈ [1, k] or lsb (s 2 c i )⊕ths � ⊘. If the final result is not ⊘, the data are judged to be forged. In the second mode, each participant submits data to other k − 1 people, and the participants vote for each other. e algorithm stipulates that dishonest persons cannot vote, and there are more than 51% honest persons among n participants. e principle of the voting mechanism is that the minority obeys the majority. We record the number of votes among the k participants, and the number of votes is equal k − 1; we judge the participant to be honest; otherwise, let the remaining n − k participants help with authentication. Finally, by determining the proportion of all votes that is true for each participant, participants who have true votes more than half of the total votes are considered honest.
In shares' generation phase, first of all, we construct the polynomial, which is f(x) � 153 + 154x 1 + 154x 2 + 152x 3 . Next, the processor goes to calculate the eight shares; they are (7), and s 2 c 8 � f (8) and are generated by the secret image S 2 . And, the processor uses (4,8) RG-VSS to generate shadows S 1 (h, w). Next, the dealer executes the most important step that determine whether requirement s 1 c i (h, w) � lsb s 2 c j , for i ∈ [1,8] and j ∈ [u 1 , u 8 ] is satisfied. If the result is not satisfied, the requirement re-executes (4,8) RG-VSS until the requirement is satisfied. If the result is a match, S 1 is assigned to the third party, assuming that the calculated result satisfies the requirement.
In the shares' authentication phase, when the third party is responsible for verifying and recovering secret image S 2 , the third party uses the verification algorithm to calculate that lsb ( as we know that these shares s 2 c 1 , s 2 c 2 , s 2 c 3 , s 2 c 4 , s 2 c 5 , s 2 c 6 , s 2 c 7 , s 2 c 8 are valid. If the result of the third-party calculation is not ⊘, it means that there are one or more invalid shares in the group. When participants authenticate each other, each participant will receive shares sent by 3 people. Participants verify the received shares and then vote for the owners of the shares. If each of the 4 participants gets 3 votes, the 4 participants are judged to be honest. If any of the 4 participants gets less than 3 votes, then the remaining 4 participants will be requested to give auxiliary verification. Finally, if any of the 4 participants gets less than 3 votes, the participant is considered dishonest. If 4 participants get more than 3 votes, we check whether the proportion of true in the total votes exceeds half. If it exceeds 50%, we judge that the participant is honest; otherwise, the participant is dishonest. If the four shares (s 2 c 1 � 99, s 2 c 2 � 237, s 2 c 2 � 194, s 2 c 2 � 111) pass verification, they can be used for secret S 2 reconstruction work. Using equation (6) to calculate S 2 pixel, f(1) � a 0 + a 1 + a 2 + a 3 mod 257, f(2) � a 0 + a 1 2 1 + a 2 2 2 + a 3 2 3 mod 257, f(3) � a 0 + a 1 3 1 + a 2 3 2 + a 3 3 3 mod 257, f(4) � a 0 + a 1 4 1 + a 2 4 2 + a 3 4 3 mod 257, the result is a 0 � 153, a 1 � 154, a 2 � 154, and a 3 � 152 by Lagrange interpolation. us, the secret S 2 is successfully restored.

Comparisons with Relative Schemes.
In this part, we compare the proposed scheme with related schemes [22,30] from many aspects, showing the advantages of our proposed scheme. First of all, we discuss the size of share. In the secretsharing scheme, the degree of the constructed polynomial depends on the threshold of the scheme. In addition, there are also different ways to select coefficients in polynomials. In our scheme, the coefficient values in the constructed polynomial all come from the secret image. us, the size of the generated share is 1/k times original secret, expressed as |1/k × (H × W)|. In the scheme [30], the scheme is dividing the original image into L nonoverlapping blocks, and each block contains 2k pixels. e processor constructs two polynomials of degree k − 1 for each block, and the coefficients of each polynomial all come from this block. In this way, the size of the share is 1/k times the original image, denoted as |1/k − 1 × (H × W)|. In the scheme [22], only one coefficient in the polynomial comes from the secret image, and the remaining k − 1 coefficients are obtained from the processor data so that the size of the share is the same as the original image, which is |H × W|.
Analyzing the efficiency of share generation in the encryption phase, in our scheme, first, we perform lsb processing on the calculated share s 2 c i , and the processed results are matched with shadows from the authentication image S 1 . Ideally, the matching can be done only once, and in the worst case, it takes times to complete. In the scheme [30], the first step is to divide the secret image into nonrepeated blocks , and then, the processor randomly selects an integer r i to satisfy r i a i,0 + b i,0 � 0 and r i a i,1 + b i,1 � 0. Fortunately, it only needs one time; in the worst case, it needs n times. In scheme [22], the processor chooses a symmetric bivariate polynomial F(x, y) of degree k − 1.
e secret S 2 is hidden in the constant term by F(x, y). In any case, encryption can be completed at one time.
We discuss the certification efficiency of the certification party. In scheme [22], the verifier holds the share size as |H × W|, who only needs to use the private share to compare with the provided share. Here, we mark the authentication efficiency of the scheme is ef1. In our scheme, the third party determines whether the provided share is true or false through an exclusive OR operation. e share size saved by the third party is |(H × W)/k|; therefore, the verification efficiency will be improved. Because our scheme has the same verification way as scheme [22], and the size of the share held by the verifier is reduced. Marking certification efficiency is ef2 � k × ef1 in our scheme. In scheme, the size of the private share stored by authenticator is H × W/k − 1; obviously, the verification efficiency in [30] also is improved, denoted as ef3 � (k − 1) × ef1. Table 2 shows the differences between our scheme and related schemes in three aspects: verification efficiency, encryption efficiency, and share size. Table 2 visually shows the performance comparison between our scheme and related schemes [22,30] (note: here, we mark both the encryption efficiency and verification efficiency of Scheme [22] as 100%). Table 3 covers four aspects. Readers can see differences between our scheme and related schemes more intuitively. Our scheme includes the advantages of simple share Security and Communication Networks authentication method, no pixel expansion, and lossless recovery of secret.
We assume that the size of the secret image is 132 × 132 PX and calculate the specific size of the shadow of the related scheme according to the conclusion in Table 2. e bar chart shows result in Figure 7, the comparison of the shares' size in three schemes. Readers can see the difference more intuitively. We select the thresholds k are 4, 5, 6, 7, 8, and 9 and then accurately obtain the results of the corresponding schemes.
In our scheme, the coefficient values in the constructed polynomial all come from the secret image. us, the size of Table 2: Performance comparison between our scheme and related schemes [22,30].

Scheme
Our scheme [30] [22] Verification efficiency   Liu et al. [30] Yang et al. [22] Our scheme  Liu et al. [30] Yang et al. [22] Our scheme the generated shadow is 1/k times original secret. In the scheme [30], the scheme is dividing the original image into L nonoverlapping blocks, and each block contains 2k − 2 pixels. e processor constructs two polynomials of degree k − 1 for each block, and the coefficients of each polynomial all come from this block. In this way, the size of the share is 1/k times the original image. In the scheme [22], only one coefficient in the polynomial comes from the secret image, and the remaining k − 1 coefficients are obtained from the processor data so that the size of the share is the same as the original image, which is |H × W|. In the final equivalent size secret analysis result, the encryption efficiency of our scheme is kf, scheme [30] is f (note: assume that the encryption efficiency of [30] is f), and [22] is (k + 1)f. Figure 8 reflects the result. Here, we take the scheme [30] as a benchmark to better present the encryption effect of our scheme and scheme [22]. We adopt the thresholds k are 4, 5, 6, 7, 8, and 9, respectively. It achieves the purpose of readers to understand the comparison results of related schemes more quickly and effectively.

Conclusion
With the rapid development of network science and technology, virtual demand-based products are designed to meet people's daily convenience. At this stage, there are many applications based on IoT in the living environment, and most of them have become our daily necessities, such as intelligent transportation medical security and agriculture. We are eager to use these IoT applications without data attacks.
Our scheme satisfies the identity authentication function and the requirements of different application scenarios. e scheme can accurately screen out dishonest participants, so as to ensure that the final reconstruction result is correct. In addition, the scenarios where the scheme can be applied are online banking business processing, facial attendance electronic voting, and e-commerce. However, our scheme also has many shortcomings. e maximum threshold depends on the number of nodes, leading to a high correlation between the threshold and the number of nodes. If the number of tampered nodes exceeds 50%, the second pattern in the proposed scheme will not be able to complete the authentication work. ese issues are what we will focus on in the next stage.

Data Availability
e data used to support the findings of this study are available from corresponding author upon request.

Conflicts of Interest
e authors declare that they have no conflicts of interest.