As a subset of discrete Fourier transform (DFT), discrete cosine transform (DCT), especially two-dimensional discrete cosine transform (2D-DCT), is an important mathematical tool for digital signal processing. However, the computational complexity of 2D-DCT is quite high, which makes it impossible to meet the requirements in some signal processing fields with large signal sizes. In addition, to optimize the 2D-DCT algorithm itself, seeking help from a cloud platform is considered to be an excellent alternative to dramatically speeding up 2D-DCT operations. Still, there are three key challenges in cloud computing outsourcing that need to be addressed, including protecting the privacy of input and output data, ensuring the correctness of the returned results, and ensuring adequate local cost savings. In this paper, we explore the design of a practical outsourcing protocol for 2D-DCT and 2D-IDCT, which well solves the above three challenges. Both theoretical analysis and simulation experiment results not only confirm the feasibility of the proposed protocol but also show its outstanding performance in efficiency.

DFT is a common tool for frequency domain analysis of discrete signals and systems, but it is inconvenient to process image and voice data due to the need for complex domain operations. To solve this problem, a real domain transform, called DCT, is constructed based on DFT by preserving only the cosine term in the Fourier series. In addition to the general orthogonal transform properties of DCT, the basis vector of its transform matrix can well describe the relevant features of image signals and human voice signals. Therefore, DCT is considered to be a quasioptimal tool for transforming image and voice signals and is widely used in various fields such as media compression [

The computational complexity of 2D-DCT and 2D-IDCT is dominated by computing the product of three matrices. Such high-computational overhead makes it impossible to perform high-efficiency processing on signals when the local computing equipment is insufficient or the signals are large in size. Wireless camera sensor networks, for example, are widely used in habitat monitoring, target detection, and espionage [

In order to improve the efficiency of the transformation, the usual method is to divide the signal into blocks, then perform 2D-DCT or 2D-IDCT operations in each block, and finally merge the blocks. Nevertheless, the method of using blocks is not a once and for all solution, because smaller blocks are necessary for greater efficiency, but too small blocks will lead to serious block effects. In addition, various fast 2D-DCT and 2D-IDCT algorithms have been proposed [

We emphasize that in addition to efficiency optimization from an algorithmic perspective, requesting computing assistance from the cloud platform is also an excellent alternative. For example, the image processing tasks of nodes in a wireless sensor network can be delegated to a public cloud server. The cloud platform has a large amount of hardware and software resources, and the temporary use rights of partial computing resources it owns are transferred to clients by way of fee lease. The process by which clients rent cloud resources to help them complete their own computing is called cloud outsourcing. On the one hand, the client can achieve significant computing overhead savings and efficiency improvement through computing outsourcing, so as to quickly complete high-complexity computing tasks. On the other hand, the client can significantly reduce costs by eliminating the expense of purchasing and maintaining large amounts of computing equipment. At the same time, cloud platforms can also reap considerable economic benefits from resource rentals. Therefore, computing outsourcing is considered a win-win move for both the client and the cloud.

However, computing outsourcing between the client and the cloud faces three key challenges. First, we must protect the client’s privacy from being stolen. The client’s input and output data contains private information, which may be personally identifiable information, trade secrets, or core technical parameters. Since the cloud is untrusted, we must protect the plaintext of the input and output data from being obtained by the cloud. Meanwhile, the high concentration of information makes the cloud platform vulnerable, which is also a possible way to leak private information. Second, we must verify the results returned by the cloud. The cloud platform is run for profit, and a malicious cloud will deliberately return random error results to the client to extract cost savings. Even if the cloud is honest, calculation errors may occur due to software bugs or hardware errors. Therefore, it is necessary to design an efficient verification algorithm to strictly control the correctness of the returned results. Third, we must ensure that the client can realize significant savings from computing outsourcing. In other words, the total complexity of decryption, encryption, and result verification algorithms must be far less than that of solving the original problem directly; otherwise, there is no need for the client to outsource the computing task. In general, a qualified computing outsourcing protocol must be secure, verifiable, and efficient.

In this paper, a protocol capable of solving the above three challenges is designed for the outsourcing of 2D-DCT and 2D-IDCT. Before giving the protocol, we discuss two possible designs in an exploratory way. Multiround communication and block encryption severely damage the efficiency of both designs. In response to the problems in these two designs, we propose the formal outsourcing protocol, which greatly reduces the client’s communication overhead and key management overhead. In the proposed protocol, the original two-dimensional signal matrix is integrally encrypted without affecting the block flexibility of the cloud, i.e., the cloud can still perform 2D-DCT or 2D-IDCT of any block size according to the client’s will. This is an important point that affects the versatility of the protocol, because different application scenarios may require the operation of 2D-DCT or 2D-IDCT with different block sizes. Subsequently, we carried out theoretical analysis to confirm that the proposed protocol meets the requirements of security, verifiability, and efficiency. Finally, the simulation results show that the proposed protocol is not only better than block 2D-DCT and 2D-IDCT in efficiency but also faster than the corresponding fast 2D-DCT and 2D-IDCT algorithms.

To summarize, our main contributions include the following:

To the best of our knowledge, we are the first to propose such an outsourcing protocol for 2D-DCT and 2D-IDCT, and we are also the first to accelerate the operational efficiency of 2D-DCT and 2D-IDCT from the perspective of cloud computing outsourcing

Through carrying out theoretical analysis and simulation experiments, it is shown that the proposed protocol handles the three challenges faced in computing outsourcing well

In the proposed protocol, only a single round of communication is required and the key management work is simple, which is suitable for the outsourcing of 2D-DCT and 2D-IDCT with arbitrary block size

The rest of this paper is organized as follows. Section

There are two ways to implement outsourcing for complexity calculations. On the one hand, the theoretical cryptography community considers designing a universal design that covers all problems, i.e., any outsourcing of computing can be realized through this design. The basic approach to achieve this goal is to use some sophisticated basic cryptographic tools, such as Yao’s garbled circuits [

On the other hand, the security engineering community focuses on designing different outsourcing protocols to deal with different practical problems. Under this idea, the encryption of the original problem is generally achieved through some ingenious data conversion. Meanwhile, in order to face practical applications, the efficiency of the protocol is given special consideration to ensure that the client can acquire considerable cost savings from outsourcing. According to this trend, a large number of practical outsourcing protocols have been proposed. Among these protocols, there are outsourcing of basic mathematical calculations. Lei et al. proposed an outsourcing protocol for matrix inversion [

By using a homomorphic cryptography algorithm, some digital signal processing operations are transferred to the ciphertext domain to protect the privacy of the signal. Bianchi et al. implemented ciphertext domain operations on DFT and DCT in [

As illustrated in Figure

System model.

The threat mainly comes from the cloud’s noncredibility, and here, we assume that the cloud is malicious. On the one hand, the cloud tries to obtain plaintext about problem

Syntactically, an outsourcing protocol includes the following five algorithms.

Suppose that the original two-dimensional signal can be represented by a matrix

, where

First, the matrix

Subsequently, an orthogonal matrix

Finally, the operation result

2D-IDCT is the inverse process of 2D-DCT. Thus, similarly, the 2D-IDCT operation is represented as

Since the efficiency of 2D-DCT is mainly limited by the calculation of three matrix multiplication, we naturally think that the key of design is to realize the outsourcing of

Apart from other flaws of the protocol, the most obvious drawback of the protocol is the need for two rounds of communication between the cloud and the client. This will bring not only multiplied communication overhead to the client but also multiplied computing overhead for the client, because the client needs to perform independent encryption, decryption, and result verification operations for each round of outsourcing. As a result, the existence of two-round communication will make it difficult for the outsourcing protocol to meet the requirements of high efficiency.

We attempt to implement an efficient outsourcing protocol that required only one round of communication by using the privacy-preserving matrix multiplication as adopted in [

We emphasize that the inverse of

Afterwards, for any block

The encrypted matrices

Finally, to decrypt the returned

This design avoids the trouble of multiround communication existing in Attempt One and seems to be feasible. However, this is not the case, because the complex key management severely slows down the efficiency of the protocol. In Attempt Two, for an original data matrix with dimension

We now present the formal protocol, which solves the flaws of Attempt One and Attempt Two well, i.e., not only requires only one round of communication but also greatly simplifies the key management workload.

First, in terms of privacy protection, we adopted the privacy-preserving matrix addition as discussed in [

After the encryption of (

Afterwards, the encrypted matrix

We emphasize that matrices

Finally, the client quickly verifies the correctness of

If (

We summarize the outsourcing protocol for 2D-DCT as follows.

Compared with Attempt One and Attempt Two, on the one hand, the formal protocol requires only one round of communication. On the other hand, the difficulty of key management is greatly reduced because the key is just two vectors of length

The outsourcing protocol of 2D-IDCT is similar to that of 2D-DCT. First, the client also generates vectors

Afterwards, the encrypted matrix

The calculated result

Finally, the correctness of resulting

For the outsourcing of 2D-DCT, the input privacy matrix is

For the outsourcing of 2D-IDCT, the input privacy matrix is

In terms of result verification, two effects should be achieved. On the one hand, the correct results returned from the cloud should be accepted by the client with a probability close to 1. On the other hand, the erroneous results returned from the cloud should be rejected by the client with a probability close to 1.

In the proposed outsourcing protocol for 2D-DCT and 2D-IDCT, the returned results are all verified by the inference of Parseval’s theorem as shown in (

In this section, we conduct a theoretical evaluation for the efficiency performance of the protocol. The evaluation is carried out from three parts: client-side overhead, cloud-side overhead, and communication overhead. Since the efficiency of 2D-DCT outsourcing is consistent with that of 2D-IDCT outsourcing, we take the outsourcing of 2D-DCT as an example for evaluation.

First, the client takes time

The only operation required in the cloud is to perform block 2D-DCT operation of

During the outsourcing process, only the matrix

Note that the computation overhead in the cloud is the same as it would be for the client to perform the 2D-DCT locally. Based on the above analysis, we conclude that as long as

In this section, we carry out a simulation experiment to further confirm the efficiency of the proposed protocol. The experiment was performed using MATLAB 2016b on a laptop with an Intel Core i5 processor and 8 GB RAM simulating a client. We simulate the situations of users performing

Experimental results.

Size | ||||||
---|---|---|---|---|---|---|

256 | 0.5530 | 0.2070 | 0.1110 | 2.6715 | 4.9820 | 1.8649 |

512 | 1.9076 | 0.7979 | 0.4301 | 2.3908 | 4.4352 | 1.8551 |

1024 | 8.7805 | 2.8735 | 1.7091 | 3.0557 | 5.1375 | 1.6813 |

2048 | 33.0577 | 11.9314 | 6.9559 | 2.7706 | 4.7525 | 1.7153 |

4096 | 127.8909 | 47.5288 | 28.0907 | 2.6908 | 4.5528 | 1.6920 |

As can be seen from Table

In this paper, we speed up 2D-DCT and 2D-IDCT from the point of view of computing outsourcing rather than algorithm optimization. Based on the privacy-preserving matrix addition, we realize the privacy protection of input and output data. Meanwhile, the inference of Parseval’s theorem is used to verify the returned results. Furthermore, compared with the two possible solutions Attempt One and Attempt Two, the proposed formal protocol’s features of one-round communication and simple key management guarantee the protocol’s efficiency performance. The proposed outsourcing protocol is confirmed by theoretical analysis to solve three key challenges in computing outsourcing. Experimental results show that outsourcing is even more efficient than the fast 2D-DCT and 2D-IDCT algorithms. Thus, the adoption of the proposed outsourcing protocol could indeed be an excellent alternative for speeding up 2D-DCT and 2D-IDCT operations. In the future, we will strive to achieve efficient and secure outsourcing of other signal processing tools, such as DWT and NTT.

No data were used to support the findings of the study.

The authors declare that there is no conflict of interest regarding the publication of this paper.

This work is supported by the Team Project of Collaborative Innovation in Universities of Gansu Province (No. 2017C-16) and the Major Project of Gansu University of Political Science and Law (No. 2016XZD12).