CN112054900A - Ciphertext domain reversible information hiding method and software and hardware application system - Google Patents
Ciphertext domain reversible information hiding method and software and hardware application system Download PDFInfo
- Publication number
- CN112054900A CN112054900A CN202010900949.2A CN202010900949A CN112054900A CN 112054900 A CN112054900 A CN 112054900A CN 202010900949 A CN202010900949 A CN 202010900949A CN 112054900 A CN112054900 A CN 112054900A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- information
- domain
- plaintext
- carrying
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 53
- 230000002441 reversible effect Effects 0.000 title claims abstract description 43
- 238000000605 extraction Methods 0.000 claims abstract description 56
- 238000011084 recovery Methods 0.000 claims abstract description 44
- 238000012545 processing Methods 0.000 claims abstract description 10
- 238000007781 pre-processing Methods 0.000 claims abstract description 9
- 238000004590 computer program Methods 0.000 claims description 13
- 239000013598 vector Substances 0.000 claims description 12
- 238000011282 treatment Methods 0.000 claims description 3
- 238000002156 mixing Methods 0.000 claims description 2
- 239000000126 substance Substances 0.000 claims description 2
- 238000006467 substitution reaction Methods 0.000 claims description 2
- 238000004422 calculation algorithm Methods 0.000 description 23
- 238000005516 engineering process Methods 0.000 description 14
- 230000006870 function Effects 0.000 description 12
- 238000007726 management method Methods 0.000 description 9
- 239000011159 matrix material Substances 0.000 description 6
- 238000004458 analytical method Methods 0.000 description 4
- 239000000284 extract Substances 0.000 description 4
- 238000002474 experimental method Methods 0.000 description 3
- 238000012360 testing method Methods 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 235000002566 Capsicum Nutrition 0.000 description 1
- 241001504519 Papio ursinus Species 0.000 description 1
- 241000758706 Piperaceae Species 0.000 description 1
- 230000001174 ascending effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000739 chaotic effect Effects 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000012937 correction Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000013075 data extraction Methods 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000003745 diagnosis Methods 0.000 description 1
- 239000003814 drug Substances 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000002372 labelling Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a ciphertext domain reversible information hiding method, which comprises the following steps: (1) preprocessing and encrypting a plaintext to obtain a ciphertext; (2) embedding the encrypted additional information into the ciphertext to obtain a first ciphertext; (3) embedding cipher text LSB information based on key replacement into the first cipher text for the second time to finally obtain the cipher text; cipher text LSB information based on key replacement is data obtained by encrypting extra information; (4) carrying out LSB extraction on the secret-carrying text, and extracting secondary embedded additional information; and processing the secret-carrying text through ciphertext domain information extraction and carrier recovery or plaintext domain information extraction and carrier recovery to obtain an original plaintext and first-time embedded additional information. The invention also discloses a ciphertext domain reversible information hiding system, computer equipment and a readable storage medium, which ensure the high-efficiency and large-capacity embedding of data and the reversible recovery of carrier data on the premise of meeting the requirement of separable ciphertext domain reversible information hiding.
Description
Technical Field
The invention relates to information hiding, information encryption and ciphertext domain data processing technologies, in particular to a reversible information hiding method for a ciphertext domain and a software and hardware application system.
Background
Since the birth of the 90 s of the 20 th century, information hiding has increasingly played a role in the field of information security. However, most steganographic algorithms permanently damage the data in the original carrier signal while embedding the stego information, and introduce some distortion. However, these distortions are unacceptable in some applications where the requirements for data authentication are high and the original carrier needs to be recovered without distortion, such as remote medical diagnosis, encrypted data labeling in cloud environment, military and legal affairs, etc. In the fields of military affairs, medicine and the like, not only the secret information has extremely high value, but also the original carrier signal is indispensable. For example, any modification of a medical picture may become a key in medical accident litigation, and only if the original picture can be restored without loss after secret information is extracted, unnecessary troubles caused can be avoided; for military images, the meaning of reversible information hiding technology is more obvious, for example, remote sensing images have high value in the military field, and if in the process of embedding information, the original images are damaged to cause important information loss, the caused result is difficult to estimate. The method has good development prospect in the judicial field and the multi-level management field of user permission. In order to ensure that the carrier signal can be recovered without loss, the concept of reversible information hiding is proposed, which requires that the original carrier can be recovered error-free after the hidden information is extracted.
Reversible information Hiding is divided into a ciphertext Domain and a non-ciphertext Domain according to whether a carrier is Encrypted, wherein ciphertext Domain Reversible information Hiding (RDH-ED) refers to a technology for enabling a carrier image to be embedded to be Encrypted and still be decrypted without errors after information is embedded. Encryption is one of the important means for ensuring privacy and information safety at present, information is encrypted into a ciphertext which presents a chaotic, disordered and meaningless state, and an unauthorized person can only see random noise signals but cannot acquire real information of a plaintext. There is now an increasing need to be able to manage encrypted data directly. For example, digital images stored in a remote cloud are usually stored in an encrypted manner for privacy protection, and the information hiding technology can conveniently manage the ciphertext by embedding additional information, such as user information, copyright information and the like, in a host; in the medical image, the image is encrypted to protect the privacy of a patient, and meanwhile, the medical record or personal information of the patient can be embedded in the ciphertext image for managing archival data; while maintaining the integrity of the encrypted image, a hash value, Cyclic Redundancy Check (CRC) or other error correction information of the encrypted image is calculated and embedded directly into the encrypted image. Therefore, the reversible steganography of the ciphertext domain can play a role in double insurance for important information in the cloud environment, and the reversible information hiding of the ciphertext domain is taken as the combination of encryption signal processing and steganography technology, and is one of the research hotspots for protecting privacy data in the current cloud environment.
In the existing ciphertext domain reversible information hiding method, separable reversible information hiding emphasizes the separability of two processes of user hidden information extraction and reversible carrier data recovery, and the method has great practical significance for privacy protection of users and information safety and data management in cloud environment. However, on the premise of realizing separable steganography, the existing ciphertext domain reversible information hiding technology effectively ensures that the aspects of large-capacity data embedding, reversible carrier data recovery, non-detectability and the like have a plurality of difficulties and problems, because the modern encryption algorithm requires that the minimum change of a plaintext is also spread to the whole ciphertext space, and the design of the reversible algorithm is usually independent of the encryption algorithm, the more encrypted data is modified in the embedding process, and the greater the distortion of a decryption result is.
Disclosure of Invention
The invention aims to provide a reversible information hiding method of a cryptograph domain and a software and hardware application system, which can effectively ensure high-efficiency and large-capacity embedding of data and reversible recovery of carrier data on the premise of meeting the requirement of reversible information hiding of a separable cryptograph domain.
The invention is realized by the following technical scheme:
a ciphertext domain reversible information hiding method comprises the following steps:
(1) preprocessing and encrypting a plaintext to obtain a ciphertext;
(2) embedding the encrypted primary additional information into the ciphertext to obtain a first ciphertext;
(3) embedding cipher text LSB information based on key replacement into the first cipher text for the second time to finally obtain the cipher text; cipher text LSB information based on key replacement is data obtained by encrypting secondary extra information;
(4) the following three treatments are performed on the secret carrying text:
the first method is LSB extraction, and secondary embedded secondary extra information is extracted;
secondly, extracting the information of the ciphertext domain and recovering the carrier to obtain the original plaintext and primary additional information which is embedded once;
and the third method is plaintext domain information extraction and carrier recovery to obtain the original plaintext and primary embedded additional information.
Further, in the step (1), the plaintext is an image, and the preprocessing step is as follows:
1.1, in order to sort the images to obtain the sorted images as I ', dividing I' into non-overlapping pixel pairs (X, Y), wherein X is more than or equal to 0, and Y is less than or equal to 255;
1.2, calculating a difference value h and a mean value l of the pixels, wherein the difference value h is a difference value of X and Y;
l is the mean value of X and Y and is rounded;
1.3, performing anti-overflow constraint and fidelity constraint on the pixel pair to obtain the pixel pair meeting the constraint condition;
conditions of anti-overflow constraint: the difference h satisfies the constraints of equations (1) - (2);
|h|≤min(2(255-l),2l+1) (1)
|2·h+bs|≤min(2(255-l),2l+1)(bs=0,1) (2)
the fidelity constraint is specifically: setting a threshold h for the difference of a pixel pairfidAnd constraining the value range of the difference value to satisfy the formula (3):
h≤hfid (3)
further, in the step (1), the encrypting specifically includes: carrying out bitwise encryption on each bit of (h, l) to obtain an encrypted ciphertextAnd
wherein the content of the first and second substances,a new public key is used for each encryption.
Further, the step (2) comprises the following steps:
2.1, left-shifting the ciphertext sequence by one unit, using the spare position ctemp0Is filled in, wherein ctemp0Enc (0), and then derive the ciphertext of the extended difference h:
2.2, additional information bsEncrypting to obtain encrypted additional information CbsMixing C withbsSubstitution ctemp0To obtain the ciphertext of the difference h' after the DE is embeddedI.e., the first secret carrying cipher text.
Further, the step (3) specifically comprises the following steps:
3.1, additional information bsCarrying out XOR encryption with the hidden key k to obtain a sequence b to be embeddedr:
Wherein b isr∈brCarrying the ciphertext vector in the ciphertextIs marked as cLH1The LSB of the element is replaced by bit br;
3.2 if br=LSB(cLH1) Then maintainThe change is not changed; if b isr≠LSB(cLH1) Then pairPerforming a key replacement refresh until LSB (c)LH1)=brAnd obtaining the embedded secret carrying text:and
further, in the step (4), the ciphertext domain information extraction and the carrier recovery comprise ciphertext domain DE recovery and ciphertext domain DE extraction;
and the ciphertext domain DE is used for recovering a recovered ciphertext from the ciphertext carrying text, the recovered ciphertext is decrypted by using a private key to obtain an original difference value h and an average value l, and the original difference value h and the average value l are substituted into the formulas (5) to (6) to recover an original pixel pair (X, Y):
the difference h is the difference between X and Y, and l is the mean value of X and Y;
the extraction of the ciphertext domain DE specifically comprises the following steps: extracting extra information b using hidden key ks:
br=LSB(cLH1) (7)
Further, the information extraction and the carrier recovery of the plaintext domain are specifically as follows: decrypting the secret carrying text by using a private key s to obtain secret carrying plaintext h' and l;
extracting additional information from h';
substituting h and l into the following formula to calculate a pixel pair (X, Y);
the difference h is the difference between X and Y; l is the mean of X and Y.
The invention also discloses a ciphertext domain reversible information hiding system, which comprises an encryption module, a management module and a decryption module; the management module comprises an embedding module, an LSB extraction module and a ciphertext domain information extraction and carrier recovery module; the decryption module comprises a plaintext domain information extraction and carrier recovery module and a ciphertext domain decryption module; the encryption module and the decryption module are used by a user side, and the management module is used by a service side;
the encryption module is used for preprocessing and encrypting the plaintext to obtain a ciphertext;
the embedding module is used for embedding the extra information twice into the ciphertext provided by the encryption module to obtain a ciphertext;
the LSB extraction module is used for carrying out LSB extraction on the secret carrying text and extracting secondary embedded additional information;
the ciphertext domain information extraction and carrier recovery module is used for performing ciphertext domain DE recovery and ciphertext domain DE extraction on the ciphertext carrying text, recovering the ciphertext through the ciphertext domain DE to obtain a recovered ciphertext, and extracting the extra information ciphertext through the ciphertext domain DE;
the plaintext domain information extraction and carrier recovery module is used for decrypting the secret-carrying text processed by the embedding module to obtain a secret-carrying plaintext, then recovering the secret-carrying plaintext through DE to obtain an original plaintext, and simultaneously extracting through DE to obtain additional information embedded for the first time;
and the ciphertext domain decryption module is used for decrypting the recovered ciphertext and the extra information ciphertext obtained by the ciphertext domain information extraction and carrier recovery module processing to obtain the original plaintext and the extra information embedded for the first time.
The invention also discloses a computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the method when executing the computer program.
The invention also discloses a computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method.
Compared with the prior art, the invention has the following beneficial technical effects:
the invention discloses a reversible information hiding method of a cryptograph domain, which hides reversible information based on an LWE encryption algorithm which is a typical single-bit public key encryption algorithm, when the ciphertext data is embedded, firstly, based on the characteristics of a single-bit encryption technology, Differential Expansion (DE) is used for embedding in a ciphertext domain, after the DE is embedded in the ciphertext domain, a secret-carrying ciphertext can be obtained after one-time embedding, then cipher text LSB embedding based on key replacement technology is used, KS-LSB embedding is secondary embedding carried out in the cipher text obtained in the last embedding, the decryption result is not influenced, namely, the secret carrying text is directly decrypted to obtain the secret carrying plaintext, the information extraction and lossless recovery operation can be carried out on the secret carrying plaintext, meanwhile, the secret-carrying text embedded by the KS-LSB supports direct extraction of information from the ciphertext, so that the separability of the algorithm is ensured. Firstly, a ciphertext domain difference value expansion method constructed based on the characteristics of a single-bit encryption technology has the characteristics of safety and high efficiency, and embedded information can be carried in a plaintext corresponding to an embedded ciphertext; in order to ensure that the information can be extracted under the condition that the secret-carrying text is not decrypted, a KS-LSB embedding method is used, and KS-LSB secondary embedding is carried out after the secret-carrying text domain difference value is expanded and embedded. The LSB of the cipher text carrying the cipher text after the secondary embedding carries extra information, supports the direct extraction of the information under the condition of no decryption, and simultaneously does not influence the decryption result of the cipher text domain difference value expansion embedding, namely the decrypted cipher text carrying the difference value expansion embedding information.
Furthermore, by introducing a pixel value ordering technology, the number of ciphertexts supporting the difference value expansion of the cipher text domain is effectively increased, and high cipher text embedding amount is ensured; by performing anti-overflow constraint and fidelity constraint on the pixel pairs, the pixel pairs of constraint conditions are increased, and applicable pixel pairs for DE embedding are increased, so that the embedding amount of the ciphertext domain DE embedding is increased.
Drawings
FIG. 1 is an algorithm framework in an example of the invention.
Fig. 2 is an algorithm flow chart.
Fig. 3 shows 6 test images.
Detailed Description
The present invention will now be described in further detail with reference to specific examples, which are intended to be illustrative, but not limiting, of the invention.
Aiming at the problems in the prior art, the invention provides the reversible information hiding method of the ciphertext domain, which can effectively ensure the high-efficiency and large-capacity embedding of data and the reversible recovery of carrier data on the premise of meeting the requirement of the reversible information hiding of the separable ciphertext domain. The LWE encryption algorithm is a typical single-bit public key encryption algorithm, and firstly, based on the characteristics of a single-bit encryption technology, Differential Expansion (DE) is used for embedding in a ciphertext domain when ciphertext data is embedded, a secret carrying text can be obtained after the ciphertext domain DE is embedded, the secret carrying text is directly decrypted to obtain a secret carrying plaintext, and information extraction and lossless recovery operations can be carried out on the secret carrying plaintext. Cipher text LSB embedding (KS-LSB) based on a Key replacement technology is used, KS-LSB embedding is secondary embedding implemented in cipher text obtained in last embedding, a decryption result is not influenced, and the cipher text embedded by the KS-LSB supports information extraction from the cipher text directly.
As shown in fig. 1, the invention discloses a reversible information hiding method for a ciphertext domain, which comprises the following steps:
(1) preprocessing and encrypting a plaintext to obtain a ciphertext;
(2) embedding the encrypted primary additional information into the ciphertext to obtain a first ciphertext;
(3) and embedding the LSB information of the cipher text based on the key replacement into the first cipher text for the second time to finally obtain the cipher text. The secret carrying text is used for storing, transmitting and subsequent decrypting and information extracting operations, and then the secret carrying text which is embedded for the first time or the second time is not distinguished any more, and only the secret carrying text which is embedded for the second time is used.
And the cipher text LSB information based on the key replacement is data obtained by encrypting the secondary extra information.
(4) The following three treatments are performed on the secret carrying text:
the first method comprises the following steps: LSB extraction is carried out on the secret-carrying text, and secondary embedded additional information can be extracted;
the second is ciphertext domain information extraction and carrier recovery; and the third method comprises the steps of extracting plaintext domain information and recovering a carrier, and processing and decrypting the secret-carrying text in the two modes to obtain the original plaintext and the first-time embedded additional information.
The invention carries out the embedding of a ciphertext domain DE based on single-bit encryption, supports the information extraction after decryption, uses the single-bit encryption technology which is also suitable for KS-LSB embedding in order to directly extract information from the ciphertext, and selects secondary embedding to ensure that the information is directly extracted from the ciphertext because the extra information of the two times of embedding is the same or different.
The embedded information is usually some remark information, which is used for assisting in realizing management of the ciphertext and can directly extract information to realize management on the premise of ensuring that the plaintext content of the user is not decrypted.
The following are the symbols and meanings of the variables used in the present invention, as shown in table 1:
TABLE 1 variable symbols and meanings
The following are parameter settings and function uses used in the present invention:
encryption parameters: the bit length of the private key is n; the modulus is a prime number q, q is an element (n)2,2n2) (ii) a Dimension d, d ≧ 1+ (1+ n) log of public key matrix2q,1>>0,Noise obeying distribution x introduced in the invention, distribution of noiseWherein"qx" denotes the standard deviation of the noise distribution, rounded to qx
In addition, the following 6 functions are used in the algorithm:
1. private key generation function: s-SKGenn,q(.)
The output is a private keyThe private key is composed of s ═ 1, t, where the vector isObey the distribution χ.
2. Public key generation function: a ═ PKGen(d,n),q(s);
First, a uniformly distributed matrix is generated in the functionWith a vector obeying a χ distributionThen calculating the vector from W and eb=Wt+2e。
Finally, a public key A can be output, and the matrix A belongs to Zd×nColumn (1) is vector b and the next n-1 column is-W, i.e., a is (b, -W).
3. Encryption function: c ═ EncA(p);
Output as ciphertext vectorThe inputs are plaintext bits p ∈ {0,1} and public key A. First construct the vectorGenerating randomly evenly distributed vectorsAnd finally, outputting a ciphertext c: c is m + ATar。
5. A decryption function: p ═ Decs(c)=[[<c,s>]q]2。
The output is the plaintext bit p ∈ {0,1} obtained by decryption. The input is the ciphertext c and the private key s. The input quantity, process quantity, output quantity and operation type in the decryption function are decimal operation, if the process quantity and operation are twoIn the binary form, such a function is called a circuit having the function, and the function design of the decryption circuit is written as: decS(C) The input ciphertext and the private key are respectively expanded by corresponding bit, C-bitde (C), and S-bitde (S).
6. Alternative matrix generation function: b ═ SwitchKGen(s)1,s2) The key replacement is mainly used for embedding KS-LSB, and the replacement matrix is from BLSB:BLSBSwitchKGen (s, s), wherein
The key generation and distribution used in the present invention is as follows:
key assignments are shown in table 2, where the random sequence k is xor encrypted before being used for KS-KSB embedding.
Table 2 key distribution
Pretreatment:
(one) pixel value ordering
Plain text is a gray scale image I of 512 × 512. For all pixels in a row, the pixels are denoted as a sequence of pixels (p)1,p2,…,pl) And l is 512. The pixel sequence is rearranged in ascending order to obtain a new sequence pσ(1),pσ(2),…,pσ(l)When i is }>When j is, pσ(i)≤pσ(j)Wherein σ: {1,2, …, l } → {1,2, …, l } is a single map, the output is the position of the original pixel, and the sorted image is denoted as I'. The mapping sigma is embedded in the ciphertext as side information and transmitted to the recipient.
(II) anti-overflow constraint and fidelity constraint
And dividing I' into non-overlapping pixel pairs (X, Y), wherein X is more than or equal to 0, and Y is less than or equal to 255. A pair of available pixels can be loaded with 1 bit of extra information bsE {0,1 }. In order to prevent pixel value overflow after embedding, the pixel difference value h is required to satisfy about equations (1) to (2)Bundling:
|h|≤min(2(255-l),2l+1) (1)
|2·h+bs|≤min(2(255-l),2l+1)(bs=0,1) (2)
the fidelity constraint means that under the condition that the available pixel pairs are not fully embedded, the pixel pairs with smaller difference values are preferentially selected, and the difference values of the pixel pairs are set with a threshold value hfidAnd restricting the value range of the difference value:
h≤hfid (3)
pairs of pixels satisfying the above constraints can be used for DE embedding using an index matrix Mava∈{0,1}512×512To mark the position of the available pixel pairs: the position marked "1" indicates the position in the image of the pixel of the available pair of pixels with the larger value, and the remaining positions are marked "0". MavaAnd the information is subjected to lossless compression and then is used as auxiliary side information of a ciphertext and is transmitted along with carrier data.
Data encryption and ciphertext domain DE embedding
Data encryption
For the pixel pair (X, Y) satisfying the constraint condition, the difference value h and the mean value l of the pixel are first calculated, and each bit of (h, l) is encrypted bit by bit:each encryption requires the use of a new public key.
(II) ciphertext domain DE embedding
1) The ciphertext isAndcalculation of ctemp0Enc (0). As shown in fig. 2, the ciphertext sequence is left shifted by one unit, and the spare position uses ctemp0And filling to obtain the expanded ciphertext of the difference value h:
2) will add extra informationEncrypting to replace the cipher text with the c filled in the previous steptemp0And obtaining a ciphertext of the difference value h' after the DE is embedded:
cipher text LSB information embedding based on key replacement
1) Additional information bsCarrying out XOR encryption with the hidden key k to obtain a sequence b to be embeddedr:
Wherein b isr∈br. Carrying cipher text vector in cipher textIs marked as cLH1The LSB of the element is replaced by bit br;
2) If b isr=LSB(cLH1) Then maintainThe change is not changed; if b isr≠LSB(cLH1) Then pairAnd (3) carrying out key replacement refreshing:
3) repeating the previous step 2) until LSB is obtained (c)LH1)=br。
ciphertext domain information extraction and carrier recovery
For ciphertext, the service side can extract the extra information b by using the hidden key k without decrypting the plaintexts:
br=LSB(cLH1) (5)
The ciphertext domain carrier recovery is to obtain a new ciphertext, and the decryption result is the original plaintext.
Calculation of ctemp0Right-shift the ciphertext sequence by one unit, using c as a spare position (0)temp0And (6) filling. The resulting recovered ciphertext is:and
and returning the recovered ciphertext to the user, and decrypting by using a private key to obtain the original difference value h and the average value l. The original pixel pairs are restored by substituting equations (7) to (8):
plaintext field information extraction and carrier recovery
For the secret-carrying text, the user can decrypt the secret-carrying text by using a private key s to obtain secret-carrying plaintexts h' and l:
the extra information can be extracted from h':
bs=LSB(h') (9)
the LSB (.) is used to obtain the least significant bits of the input integer.
The original pixel pair can be restored by the restoration process of the DE algorithm, first restoring the difference h:
the pixel pair (X, Y) is calculated by substituting h and l into equations (8) to (9).
The following is the correctness analysis of the results of the present invention:
(one) plaintext recovery accuracy
In the algorithm of this chapter, the plaintext recovery is divided into two cases: a) the user directly decrypts the encryption carrying ciphertext to obtain the encryption carrying plaintext, and calculates a Peak Signal to Noise Ratio (PSNR) of the encryption carrying plaintext obtained at the moment, which is recorded as PSNR 1. Then, DE recovery is carried out on the encryption-carrying plaintext to obtain the plaintext, and PSNR of the recovered plaintext is calculated and recorded as PSNR 2; b) and the third party server performs ciphertext domain carrier recovery operation on the ciphertext carrying party to obtain a new ciphertext. And the user receives and decrypts the new ciphertext to obtain a plaintext, and the PSNR of the plaintext is calculated and recorded as PSNR 3.
Since the algorithm performs Pixel Value Ordering (PVO) processing on 6 images shown in FIG. 3 before encryption to make the images tend to be smooth, more Pixel pairs satisfying the constraint conditions in equations (1) - (3) are added, and applicable Pixel pairs available for DE embedding are added, so that the embedding amount of the DE embedding in the ciphertext domain is increased, and the maximum embedding amount of the algorithm is related to the number of available Pixel pairs. The PSNR1-3 results at maximum embedding are shown in Table 3. It can be seen from the results of PSNR1 that there is distortion in the ciphertext. PSNR2 and PSNR3 are both "∞" indicating that the recovered plaintext is not distorted. In Table 3, the maximum embedding rate in plaintext is close to 0.500bpp, indicating that almost all pixel pairs can satisfy the constraint for embedding.
By adjusting hfidThe value of (a) is selected,the analysis continues for PSNR1 for the carry-plaintext image for different amounts of embedding. The smaller the difference between two pixels in a pixel pair, the smaller the modification of the embedded pixel. Thus hfidThe smaller the value, the less distortion of the carry-over plaintext, but the fewer pixel pairs that are available. Experiment tests hfidPSNR1 carrying plaintext, ciphertext embedding amount and corresponding PSNR1 for different values are shown in table 4.
(II) information extraction accuracy
There are three cases of data extraction in the algorithm: a) the server side directly extracts information from the LSB carrying the secret cipher text; b) the user decrypts the secret-carrying text to obtain a secret-carrying plaintext, and then uses a DE extraction algorithm to obtain embedded data; c) the server side executes the ciphertext domain DE to extract the ciphertext carrying the ciphertext to obtain the ciphertext of the extra information, and the user can decrypt the ciphertext to obtain the embedded data. In experiment pair 105The bit extra information is embedded and extracted, and the accuracy of the extracted information is compared bit by bit, and the result shows that the accuracy of the information extraction under the three conditions is 100%.
TABLE 3 PSNR1-3 at maximum embedding amount and plaintext embedding rate
Test image | Maximum capacity/bit | Maximum embedding rate/bpp | PSNR1/dB | PSNR2/dB | PSNR3/dB |
Lena | 131072 | 0.500 | 50.9706 | ∞ | ∞ |
Baboon | 131048 | 0.499 | 51.1409 | ∞ | ∞ |
Crowd | 129529 | 0.494 | 50.1606 | ∞ | ∞ |
Tank | 131072 | 0.500 | 51.5168 | ∞ | ∞ |
Peppers | 131064 | 0.500 | 50.4753 | ∞ | ∞ |
Plane | 131069 | 0.500 | 45.3539 | ∞ | ∞ |
Average | 130809 | 0.499 | 41.3525 | ∞ | ∞ |
TABLE 4 different hfidEmbedding quantity/embedding rate and PSNR1 of values
Security analysis
The safety of RDH-ED mainly includes two aspects: firstly, the data embedding does not weaken the encryption security and does not leave any potential risk of password cracking; and secondly, under the condition of no hidden key, the embedded information cannot be directly obtained from the ciphertext.
The embedding process of the algorithm in the chapter does not decrypt or modify the ciphertext, so that the encryption strength of the original encryption algorithm is maintained. The embedding operation is mainly to perform adjustment on the sequence of the ciphertext encrypted by single bit and fill in the redundant ciphertext. The embedding process does not reveal private or clear information. And the KS-LSB embedding process is mainly based on a publicly issued public key for operation, and no private key information is revealed.
The extra information is encrypted by LWE in the embedding process, and the object of the embedding operation of the ciphertext domain DE is the ciphertext, so that the content of the extra information cannot be directly exposed. Before embedding KS-LSB, the third party server firstly uses sequence encryption to process extra information and then embeds the extra information, thereby ensuring that the data carried on the cipher text LSB can not reveal the content of the extra information. Because the encryption process introduces temporary random quantity, the same plaintext is encrypted for multiple times by using the same public key, and the obtained ciphertexts are irrelevant to each other. In conclusion, the algorithm can keep the security of the LWE encryption, and the private key and the plaintext information cannot be leaked in the embedding process. Under the condition of unknown private keys or hidden keys, the additional information can ensure the content to be kept secret in the process of transmitting and storing the secret-carrying ciphertext.
According to the analysis and experiment results, the embedding rate of the invention is mainly related to the number of pixel pairs meeting the constraint condition, and because the complexity of the content of the plaintext image is different, the maximum embedding rates of different images are different, when h isfidWhen the number is 10, the plaintext embedding rate of an experimental image is the maximum, and basically the plaintext embedding rate can reach 0.5 bpp; when h is generatedfidAt 0, the embedding rate of the image is minimum, but still can reach above 0.3443 bpp.
The invention provides a high-efficiency high-capacity ciphertext domain reversible information hiding method which can effectively ensure high-capacity data embedding and reversible carrier data recovery on the premise of meeting the requirement of separable RDH-ED. The invention carries out ciphertext domain DE embedding and KS-LSB embedding on ciphertext data based on an LWE single-bit encryption algorithm. After the information is embedded, the embedded information can be directly extracted from the ciphertext by using the hidden key, the encryption carrying text can be decrypted by using the decryption key so as to obtain the encryption carrying plaintext, the embedded information can be extracted from the encryption carrying plaintext and the original plaintext can be recovered, so that the separability of the algorithm is ensured.
The invention also discloses a ciphertext domain reversible information hiding system, which comprises an encryption module, a management module and a decryption module; the management module comprises an embedding module, an LSB extraction module and a ciphertext domain information extraction and carrier recovery module; the decryption module comprises a plaintext domain information extraction and carrier recovery module and a ciphertext domain decryption module; the encryption module and the decryption module are used by a user side, and the management module is used by a service side;
the encryption module is used for preprocessing and encrypting the plaintext to obtain a ciphertext;
the embedded module is used for carrying out encryption processing twice on the ciphertext provided by the encryption module to obtain a ciphertext carrying message;
the LSB extraction module is used for carrying out LSB extraction on the secret carrying text and extracting secondary embedded additional information;
the ciphertext domain information extraction and carrier recovery module is used for performing ciphertext domain DE recovery and ciphertext domain DE extraction on the ciphertext carrying text, recovering the ciphertext through the ciphertext domain DE to obtain a recovered ciphertext, and extracting the extra information ciphertext through the ciphertext domain DE;
the plaintext domain information extraction and carrier recovery module is used for decrypting the secret-carrying text processed by the embedding module to obtain a secret-carrying plaintext, then recovering the secret-carrying plaintext through DE to obtain an original plaintext, and simultaneously extracting through DE to obtain primary additional information embedded for the first time;
and the ciphertext domain decryption module is used for decrypting the recovered ciphertext and the extra information ciphertext obtained by the ciphertext domain information extraction and carrier recovery module processing to obtain the original plaintext and the first-time embedded extra information.
The reversible information hiding method of the cryptograph domain disclosed by the invention can be stored in a computer readable storage medium if the reversible information hiding method is realized in the form of a software functional unit and is sold or used as an independent product. Based on such understanding, all or part of the flow of the method according to the embodiments of the present invention may also be implemented by a computer program, which may be stored in a computer-readable storage medium, and when the computer program is executed by a processor, the steps of the method embodiments may be implemented. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. Computer-readable storage media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.
In an exemplary embodiment, a computer readable storage medium is also provided, which stores a computer program that, when executed by a processor, implements the steps of the ciphertext domain invertible information hiding method. The computer storage medium may be any available medium or data storage device that can be accessed by a computer, including but not limited to magnetic memory (e.g., floppy disk, hard disk, magnetic tape, magneto-optical disk (MO), etc.), optical memory (e.g., CD, DVD, BD, HVD, etc.), and semiconductor memory (e.g., ROM, EPROM, EEPROM, nonvolatile memory (NANDFLASH), Solid State Disk (SSD)), etc.
In an exemplary embodiment, there is also provided a computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the ciphertext domain invertible information hiding method when executing the computer program. The processor may be a Central Processing Unit (CPU), other general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, etc.
Claims (10)
1. A ciphertext domain reversible information hiding method is characterized by comprising the following steps:
(1) preprocessing and encrypting a plaintext to obtain a ciphertext;
(2) embedding the encrypted primary additional information into the ciphertext to obtain a first ciphertext;
(3) embedding cipher text LSB information based on key replacement into the first cipher text for the second time to finally obtain the cipher text; cipher text LSB information based on key replacement is data obtained by encrypting secondary extra information;
(4) the following three treatments are performed on the secret carrying text:
the first method is LSB extraction, and secondary embedded secondary extra information is extracted;
secondly, extracting the information of the ciphertext domain and recovering the carrier to obtain the original plaintext and primary additional information which is embedded once;
and the third method is plaintext domain information extraction and carrier recovery to obtain the original plaintext and primary embedded additional information.
2. The reversible information hiding method in ciphertext domain according to claim 1, wherein in the step (1), the plaintext is an image, and the preprocessing step is:
1.1, in order to sort the images to obtain the sorted images as I ', dividing I' into non-overlapping pixel pairs (X, Y), wherein X is more than or equal to 0, and Y is less than or equal to 255;
1.2, calculating a difference value h and a mean value l of the pixels, wherein the difference value h is a difference value of X and Y;
l is the mean value of X and Y and is rounded;
1.3, performing anti-overflow constraint and fidelity constraint on the pixel pair to obtain the pixel pair meeting the constraint condition;
conditions of anti-overflow constraint: the difference h satisfies the constraints of equations (1) - (2);
|h|≤min(2(255-l),2l+1) (1)
|2·h+bs|≤min(2(255-l),2l+1)(bs=0,1) (2)
the fidelity constraint is specifically: setting a threshold h for the difference of a pixel pairfidAnd constraining the value range of the difference value to satisfy the formula (3):
h≤hfid (3)。
3. the ciphertext domain reversible information hiding method according to claim 2, wherein in the step (1), the encrypting specifically comprises: respective ratio to (h, l)Bit-by-bit encryption is carried out to obtain encrypted ciphertextAnd
4. The ciphertext domain reversible information hiding method according to claim 1, wherein the step (2) comprises the steps of:
2.1, left-shifting the ciphertext sequence by one unit, using the spare position ctemp0Is filled in, wherein ctemp0Enc (0), and then derive the ciphertext of the extended difference h:
5. The ciphertext domain reversible information hiding method according to claim 1, wherein the step (3) specifically comprises the following steps:
3.1, additional information bsCarrying out XOR encryption with the hidden key k to obtain a sequence b to be embeddedrAs in equation (4):
wherein b isr∈brCarrying the ciphertext vector in the ciphertextIs marked as cLH1The LSB of the element is replaced by bit br;
6. the reversible information hiding method in ciphertext domain according to claim 1, wherein in the step (4), the ciphertext domain information extraction and the carrier recovery comprise ciphertext domain DE recovery and ciphertext domain DE extraction;
and the ciphertext domain DE is used for recovering a recovered ciphertext from the ciphertext carrying text, the recovered ciphertext is decrypted by using a private key to obtain an original difference value h and an average value l, and the original difference value h and the average value l are substituted into the formulas (5) to (6) to recover an original pixel pair (X, Y):
the difference h is the difference between X and Y, and l is the mean value of X and Y;
the extraction of the ciphertext domain DE specifically comprises the following steps: extracting extra information b using hidden key ksAs shown in formulas (7) to (8):
br=LSB(cLH1) (7)
7. the reversible information hiding method in ciphertext domain according to claim 1, wherein the plaintext domain information extraction and the carrier recovery specifically comprise: decrypting the secret carrying text by using a private key s to obtain secret carrying plaintext h' and l;
extracting additional information from h';
substituting h and l into the following formula to calculate a pixel pair (X, Y);
the difference h is the difference between X and Y; l is the mean of X and Y.
8. A ciphertext domain reversible information hiding system is characterized by comprising an encryption module, a management module and a decryption module; the management module comprises an embedding module, an LSB extraction module and a ciphertext domain information extraction and carrier recovery module; the decryption module comprises a plaintext domain information extraction and carrier recovery module and a ciphertext domain decryption module; the encryption module and the decryption module are used by a user side, and the management module is used by a service side;
the encryption module is used for preprocessing and encrypting the plaintext to obtain a ciphertext;
the embedding module is used for embedding the extra information twice into the ciphertext provided by the encryption module to obtain a ciphertext;
the LSB extraction module is used for carrying out LSB extraction on the secret carrying text and extracting secondary embedded additional information;
the ciphertext domain information extraction and carrier recovery module is used for performing ciphertext domain DE recovery and ciphertext domain DE extraction on the ciphertext carrying text, recovering the ciphertext through the ciphertext domain DE to obtain a recovered ciphertext, and extracting the extra information ciphertext through the ciphertext domain DE;
the plaintext domain information extraction and carrier recovery module is used for decrypting the secret-carrying text processed by the embedding module to obtain a secret-carrying plaintext, then recovering the secret-carrying plaintext through DE to obtain an original plaintext, and simultaneously extracting through DE to obtain additional information embedded for the first time;
and the ciphertext domain decryption module is used for decrypting the recovered ciphertext and the extra information ciphertext obtained by the ciphertext domain information extraction and carrier recovery module processing to obtain the original plaintext and the extra information embedded for the first time.
9. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010900949.2A CN112054900A (en) | 2020-08-31 | 2020-08-31 | Ciphertext domain reversible information hiding method and software and hardware application system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010900949.2A CN112054900A (en) | 2020-08-31 | 2020-08-31 | Ciphertext domain reversible information hiding method and software and hardware application system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112054900A true CN112054900A (en) | 2020-12-08 |
Family
ID=73608106
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010900949.2A Pending CN112054900A (en) | 2020-08-31 | 2020-08-31 | Ciphertext domain reversible information hiding method and software and hardware application system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112054900A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113190807A (en) * | 2021-05-31 | 2021-07-30 | 中国人民武装警察部队工程大学 | Ciphertext domain reversible information hiding method based on image secret sharing |
CN114756880A (en) * | 2022-04-14 | 2022-07-15 | 电子科技大学 | Information hiding method and system based on FPGA |
CN115225320A (en) * | 2022-06-10 | 2022-10-21 | 北卡科技有限公司 | Data transmission encryption and decryption method |
CN115242414A (en) * | 2021-04-15 | 2022-10-25 | 华晨宝马汽车有限公司 | Steganography method, system, medium, and program based on industrial real-time data |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105634732A (en) * | 2016-01-21 | 2016-06-01 | 中国人民武装警察部队工程大学 | Ciphertext domain multi-bit reversible information hiding method |
-
2020
- 2020-08-31 CN CN202010900949.2A patent/CN112054900A/en active Pending
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105634732A (en) * | 2016-01-21 | 2016-06-01 | 中国人民武装警察部队工程大学 | Ciphertext domain multi-bit reversible information hiding method |
Non-Patent Citations (3)
Title |
---|
YAN KE等: "Fully Homomorphic Encryption Encapsulated Difference Expansion for Reversible Data Hiding in Encrypted Domain", 《IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS FOR VIDEO TECHNOLOGY》 * |
孔咏骏等: "基于低有效位数值排序的密文域 可逆信息隐藏", 科学技术与工 程 * |
***等: ":基于排序码分多址的密文域可逆信息隐藏", 科学技术与工程 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115242414A (en) * | 2021-04-15 | 2022-10-25 | 华晨宝马汽车有限公司 | Steganography method, system, medium, and program based on industrial real-time data |
CN113190807A (en) * | 2021-05-31 | 2021-07-30 | 中国人民武装警察部队工程大学 | Ciphertext domain reversible information hiding method based on image secret sharing |
CN113190807B (en) * | 2021-05-31 | 2023-05-12 | 中国人民武装警察部队工程大学 | Ciphertext domain reversible information hiding method based on image secret sharing |
CN114756880A (en) * | 2022-04-14 | 2022-07-15 | 电子科技大学 | Information hiding method and system based on FPGA |
CN114756880B (en) * | 2022-04-14 | 2023-03-14 | 电子科技大学 | Information hiding method and system based on FPGA |
CN115225320A (en) * | 2022-06-10 | 2022-10-21 | 北卡科技有限公司 | Data transmission encryption and decryption method |
CN115225320B (en) * | 2022-06-10 | 2023-06-09 | 北卡科技有限公司 | Encryption and decryption method for data transmission |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Xiao et al. | Separable reversible data hiding in encrypted image based on pixel value ordering and additive homomorphism | |
CN112054900A (en) | Ciphertext domain reversible information hiding method and software and hardware application system | |
Al-Haj | Providing integrity, authenticity, and confidentiality for header and pixel data of DICOM images | |
CN109800585B (en) | Image interpolation space completely reversible separable ciphertext domain information hiding algorithm | |
CN107392970B (en) | Digital image encryption method based on bit plane and high-dimensional chaotic system | |
CN105634732A (en) | Ciphertext domain multi-bit reversible information hiding method | |
Pavithra et al. | A survey on the techniques of medical image encryption | |
CN104881838B (en) | One kind is based on GF (23) (K, N) significant point deposited without expansion image and reconstructing method | |
Yan et al. | Robust secret image sharing resistant to noise in shares | |
CN112040086A (en) | Image encryption and decryption method and device, equipment and readable storage medium | |
Ahmed et al. | A secure image steganography using LSB and double XOR operations | |
CN112635009A (en) | Medical data encryption method based on block chain | |
Al-Haj et al. | An efficient watermarking algorithm for medical images | |
Xiong et al. | Reversible data hiding in shared images based on syndrome decoding and homomorphism | |
Vinoth Kumar et al. | Encrypted separable reversible watermarking with authentication and error correction | |
Cao et al. | Low-complexity reversible data hiding in encrypted image via MSB hierarchical coding and LSB compression | |
Wu et al. | A novel image encryption scheme with adaptive Fourier decomposition | |
Navamani et al. | Secure transmission of DICOM images by comparing different cryptographic algorithms | |
CN112614557A (en) | Electronic medical record encryption archiving method | |
Fathimal et al. | K out of N secret sharing scheme with steganography and authentication | |
Liu et al. | Reversible data hiding in encrypted images based on bit-plane rearrangement and Huffman coding | |
Ramadhan et al. | Data security using low bit encoding algorithm and rsa algorithm | |
Yadav et al. | A hybrid approach to metamorphic cryptography using KIMLA and DNA concept | |
Xiong et al. | Reversible Data Hiding in Shared Images With Separate Cover Image Reconstruction and Secret Extraction | |
Rajput et al. | An improved cryptographic technique to encrypt images using extended hill cipher |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201208 |
|
RJ01 | Rejection of invention patent application after publication |