High-Capacity Framework for Reversible Data Hiding in Encrypted Image Using Pixel Predictions and Entropy Encoding
Yingqiang Qiu, Xin Chen, Qichao Ying, Huanqiang Zeng, Zhenxing Qian, Xinpeng Zhang
IIEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING 1
High-Capacity Reversible Data Hiding in Encrypted Image Using Pixel Predictions and Huffman Encoding
Yingqiang Qiu, Xin Chen, Qichao Ying, Huanqiang Zeng,
Senior Member, IEEE , Zhenxing Qian,
Member, IEEE , and Xinpeng Zhang, Member, IEEE
Abstract —This paper proposes a high-capacity reversible data hiding scheme for encrypted images using pixel predictions and Huffman encoding. At the owner’s side, we propose to generate the prediction-error histogram (PEH) of the original image using the median edge detector (MED). According to the prediction errors, we divide the pixels into independently encoding pixels and jointly encoding pixels. We then build an optimal Huffman tree to efficiently encode the prediction errors. Then the image is encrypted using the stream cipher and an image encryption key. We replace the lower bit-planes of the encrypted pixels with the Huffman codeword of their prediction error. The rest of the bit-planes are vacated as the embedding room. At the data hider’s side, we locate the vacated room with the reference of the side information. We then encrypt the additional data using the data hiding key and embed it into the encrypted image. The proposed scheme is separable, namely, the receivers with different authentication can respectively conduct error-free data extraction and/or error-free image recovery. The results show that the embedding capacity of the proposed scheme is larger than previous RDHEI arts. Besides, the proposed scheme can provide high information security. Little detail of the original image can be discovered from the encrypted image by the unauthorized users.
Index Terms —Reversible data hiding, encrypted image, Huffman encoding, image trust, copyright protection —————————— ◆ ——————————
1 I
NTRODUCTION
EVERSIBLE data hiding (RDH) has the capability of accurately recovering the cover medium after the hidden data is extracted. For this reason, RDH is widely applied in some important and sensitive applications, i.e., covert communication, data hiding for medical images and law-enforcement, etc. In the past two decades, many RDH researches have been done, most of which are de-veloped for uncompressed images. Traditionally, RDH focuses on enlarging the embedding capacity and mini-mizing the distortion with the criterion of the peak signal-to-noise ratio (PSNR). Typical RDH schemes can be classi-fied into three categories, i.e., difference expansion (DE) based RDH [1-3], histogram shifting (HS) based RDH [4-6], and entropy coding based RDH [7-8]. In additional, there are many RDH schemes for JPEG images [9-11]. RDH in encrypted images (RDHEI) has attracted con-siderable research interest in the past decade. Different from traditional RDH schemes, the cover images of RDHEI schemes are encrypted, so that the unauthorized users can obtain no information from the encrypted data. RDHEI plays an important role in many applications. For example, in cloud services, the remote server wishes to embed some additional data into the encrypted image. However, the encrypted images are usually very low in special redundancy, and therefore, RDH for plain-text images can no longer work efficiently in the encryption domain. Typically, there are three parties involved in the procedure of RDHEI, i.e., the image owner, the data hider, and the receiver. The image owner encrypts the original image and uploads it to the cloud. The data hider, or the cloud server, embeds additional data into the encrypted image. At the receiver ’ s side, the authorized receiver ex-tracts the embedded data without error and/or recover the original image exactly. RDHEI schemes can be divided into two kinds, i.e., va-cating room after encryption (VRAE) [12-16], and vacat-ing room before encryption (VRBE) [17-28]. Fig.1 depicts the general framework of VRAE and VRBE. In VRAE-based methods, the image owner is only responsible for encrypting the original image. The data hider generates embedding room in the encryption domain and embed the additional data. The achieved embedding capacity of most VRAE methods [12-15] is low due to the low spatial redundancy of the encrypted images. In [16], the image owner divides the original image into small image blocks, and then encrypts it by block permutation and pixel modulation. The scheme can achieve a much higher em-bedding capacity compared to [12-15] by reserving the spatial redundancy within small image blocks. Different from VRAE-based methods, VRBE-based methods allow the image owner to vacate the embedding room ahead of image encryption. Therefore, spatial re-dundancy in the original image can be exploited so that a higher embedding capacity can be achieved. Ma et al. [17] xxxx-xxxx/0x/$xx.00 © 200x IEEE Published by the IEEE Computer Society ———————————————— • Y. Qiu, X. Chen and H. Zeng are with the College of Information Science & Engineering, Huaqiao University, Xiamen 361021, China. E-mail: [email protected], [email protected], [email protected]. • Q. Ying, Z. Qian and X. Zhang are with Shanghai Institute of Intelligent Electronics & Systems, School of Computer Science, Fudan University, Shanghai 200433, China. E-mail: [email protected], [email protected], [email protected]. Corresponding author: Zhenxing Qian R IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING proposes the first VRBE-based RDHEI scheme based on histogram shifting. A considerable amount of vacated room can be reserved by the data owner and further uti-lized by the data hider. The work receives extensive atten-tions and many improved schemes are proposed. In [18], Zhang et al. proposes to embed additional data into the prediction errors of some selected pixels to generate em-bedding room before image encryption. In [19], the pre-diction errors generated by interpolation techniques are encrypted by a novel mode. In [20], Cao et al. [20] take full advantage of the correlation between neighboring pixels using patch-level sparse representation. In [21], Xiang et al. proposes a novel RDH in homomorphic en-crypted domain that vacates room by self-embedding. However, the embedding capacity is still relatively low. To further increase the payload of RDHEI, Qiu et al. [22] performs block-wise adaptive reversible integer transformation (ARIT) on the original image, and a large amount of embedding room can be vacated in the LSBs of transformed image blocks. Similarly, Qiu et al. [23] pro-poses a RDHEI method based on ARIT, where high em-bedding capacity can be provided with both the image owner and the data hider. Puteaux et al. proposes two RDHEI approaches [24] based on MSB prediction, i.e., high-capacity reversible data hiding approach with cor-rection of prediction errors (CPE-HCRDH) and high-capacity reversible data hiding approach with embedded prediction errors (EPE-HCRDH). Wu et al. [26] uses the redundancy of the entire plain-text image instead of the encrypted image blocks to vacating a larger embedding room before image encryption. Chen et al. [25] uses the correlations of high bit-planes of the plain-text image by compresses the MSB planes of plain-text images, which is improved by Yin et al. [28] by using both pixel prediction and high bit-planes compression of prediction errors to achieve a higher embedding capacity. Besides, Yin et al. [27] further proposed a high-capacity RDHEI scheme based on multi-MSB prediction and Huffman encoding. Compared with [17-21], [22-28] can achieve much higher embedding capacity. Though promising in the embedding performances, many state-of-the-art methods cannot embed a large pay-load into textured images. Besides, the payload of the recently proposed methods [24-28] is much larger than those of [12-16]. It leaves room for developing a new scheme with a larger payload. Besides, the scheme should provide a high payload for textured images as well. This paper proposes a high-capacity RDHEI method using pixel prediction and Huffman encoding. Given a cover image, we generate the prediction-error histogram (PEH) using the median edge detector (MED). According to the prediction errors, we divide the pixels into inde-pendently encoding pixels and jointly encoding pixels. We then build an optimal Huffman tree to efficiently en-code the prediction errors. Then the image is encrypted using the stream cipher and an image encryption key. We replace the lower bit-planes of the encrypted pixels with the codeword of their prediction error. The rest of the bit-planes are vacated as the embedding room. We embed some side information into the encrypted image for image recovery. Afterwards, the encrypted image with vacated room is generated and sent to the data hider. At the data hider’ s side, we locate the vacated room using the side information. We then encrypt the additional data using the data hiding key and embed it into the encrypted im-age. At the receiver ’ s side, the users with the data hiding key can conduct data extraction. The users with the image encryption key can conduct image recovery. The users with both keys can extract the hidden information and recover the original image without error. Experimental results show that the embedding capacity of the proposed scheme is larger than previous RDHEI arts. Besides, the proposed scheme can provide high information security. Little detail of the original image can be discovered from Original image
Image encryption Encryption key
Image owner Data hider
Embedding room generation Encrypted Image
Receiver
Original image Image recovery Marked encrypted image Data extraction Encryption key Data hiding key Additional data (a) RDHEI based on vacating room after image encryption Original image
Image Owner
Data Hider
Data embedding Data hiding key Additional data Encrypted image with vacated room (b) RDHEI based on vacating room before image encryption
Fig. 1. The general frameworks for RDHEI (a) VRAE (b) VRBE
Receiver
Original image Image recovery Marked encrypted image Data extraction Encryption key Data hiding key Additional data Data embedding Data hiding key Additional data Image encryption Encryption key Embedding room generation
IU ET AL.: REVERSIBLE DATA HIDING IN ENCRYPTED IMAGES USING ADAPTIVE REVERSIBLE INTEGER TRANSFORMATION 3 the encrypted image by the unauthorized users. The remainder of this paper is organized as follows:
Section 2 introduces the system framework of the pro-posed scheme. The procedures of image encryption and room vacation, data embedding, data extraction and im-age recovery are detailed in Section 3-Section 5, respec-tively. Experimental results and discussions are provided in Section 6 and Section 7 concludes this paper.
2 S
YSTEM F RAMEWORK
Fig.2 depicts the architecture of the proposed RDHEI scheme. The scheme contains three parts: 1) the owner’s side , where the original image X is encrypted as Y and the embedding room is further vacated to produce the en-crypted image with vacated room Y R . 2) the data hider’s side , where the additional data S is embedded into Y R , and 3) the receiver ’s side , where data extraction and image recovery is separately done by the authorized users. At the owner’s side, the image owner divides the pix-els into reference pixels and embedding pixels. He en-crypts the original plain-text image X with the encryption key K enc and generates the prediction-error histogram. Then, according to the PEH, the owner builds a Huffman tree and encodes the prediction errors using Huffman encoding. Afterwards, the lowest bit-planes of the em-bedding pixels are replaced with the Huffman codeword of their prediction error, and the other bit-planes are va-cated. To help the receiver recover the original image, two parts of side information are embedded into the vacated room. The first part is for recovering the Huffman tree, which is embedded into the bits-planes of the reference pixels. The second part is for accurate image recovery, which is embedded into the vacated room. The net pay-load is the amount of vacated room subtracted by the amount of the second part of the side information. At the data hider’s side, the data hider first encrypts his additional data with the data hiding key K hid . He then extracts the first part of the side information from the LSBs of the reference pixels. He then constructs a Huff-man tree which is the same as that of the owner. After-wards, he locates the vacated room of each pixels, and encrypts his data using the data hiding key. He embeds it into the encrypted image by replacing the vacated bit-planes which are not occupied by the second part of the side information. At the receiver side, data extraction and image recov-ery can be conducted separately. The receiver extracts the hidden side information from the LSBs of the reference pixels and construct the Huffman tree. He identifies the codeword of each pixel, so that the prediction errors are retrieved by Huffman decoding. He then concatenates the bits in the vacated room, which is decomposed into the encrypted additional data and the second part of the side information. If the receiver has the data hiding key K hid , he can extract the additional data without error by data de-cryption. If he has the image encryption key K enc , he can recover the original image losslessly using the prediction errors. If he has both the data hiding key K hid and the im-age encryption key K enc , he can both recover the original image and get the hidden data. If he has neither of the keys, he cannot have any information other than the re-ceived encrypted image.
3 I
MAGE E NCRYPTION WITH V ACATED R OOM
At the image own er’s side, we generate the encrypted image with vacated room. The procedure is composed of three steps: generation of the prediction-error histogram, image encryption, and room reservation using Huffman encoding. Without loss of generality, we assume that the original cover image X is an 8-bits gray-scaled image with a size of M × N . 𝐗 = {𝑥 𝑚,𝑛 |𝑥 𝑚,𝑛 ∈ [ ] , m ≤ M , n ≤ N } , where (𝑚, 𝑛) indicates the position of the pixel 𝑥 𝑚,𝑛 . Firstly, the image owner makes predictions on the pixels of the original image X using the MED predictor. A pixel can be predicted with its upper left, upper and left neigh-boring pixels by (1), where 𝑥 ′𝑖,𝑗 is the predicted value of pixel x i , j , x i - j - , x i - j and x i , j - is the upper left, upper and left neighboring pixel respectively. i ≤ M , j ≤ N . 𝑥′ 𝑖,𝑗 = { max ( x i - j ,x i , j - ) , x i - j - ≤ min ( x i - j ,x i , j - ) min ( x i - j ,x i , j - ) , x i - j - ≥ max ( x i - j ,x i , j - ) x i - j +x i , j - - x i - j - , otherwise (1) 𝑥 𝑖−1,𝑗−1 𝑥 𝑖−1,𝑗 𝑥 𝑖,𝑗−1 𝑥 𝑖,𝑗 Fig. 3. The MED predictor.
Cover image X Image encryption
Owner’s side Data hider ’s side Data embedding
Receiver ’s side Data hiding key Additional data S Encrypted image with vacated room Y R Encryption key K enc Marked encrypted image Z Additional data S Pixel prediction Room reservation & side information embedding Data extraction
Encryption key K enc Image recovery
Original image X Data hiding key K hid Prediction errors
Fig. 2. The frameworks of the proposed RDHEI scheme K hid Y Image encryption with vacated room Data hiding Data extraction and image recovery
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
Then, the prediction error 𝑒 𝑖,𝑗 of 𝑥 𝑖,𝑗 can be calculated by (2), where 𝑒 𝑖,𝑗 ∈ [ - ] 𝑒 𝑖,𝑗 = 𝑥 𝑖,𝑗 − 𝑥′ 𝑖,𝑗 (2) Then, the corresponding prediction-error histogram represented by h can be established in (3), where de-notes the amount of prediction errors. ℎ 𝑒 = { 𝑖,𝑗 = 𝑒, 𝑒 ∈ [−255,255], i≤M , j≤N } (3) We define the pixels located in the first row or the first column as the reference pixels ( P R ) , and the other pixels as the embedding pixels ( P E ) . The prediction-error histogram is denoted as h = { h -255 , h -254 , …, h -1 , h , …, h , h }. The ref-erence pixels are excluded from h . Fig.4 shows an example of PEH of the typical test im-age Lena sized 512×512. For plain-text images, PEH gen-erally obeys the Laplacian-like distribution centered at zero. For encrypted images, the shape of the PEH will be much flatter. The reason is that the correlation among the neighboring pixels is destroyed by image encryption.
Fig. 4. The prediction-error histogram of image Lena
We separate the histogram bins { h -255 , h -254 , …, h -1 , h , …, h , h } of the PEH into two categories: independent en-coding bins B I = { h - T , h - T +1 , …, h -1 , h , …, h T -2 , h T -1 } and joint encoding bins B J = { h -255 , h -254 , …, h - T -2 , h - T -1 , h T , h T +1 , …, h , h }. h = B I ∪ B J . T is an adaptive threshold that alters with the PEH, i.e., different cover images use different T for highest payload. Accordingly, we define the embedding pixels as independent encoding pixels ( P I ), or jointly en-coding pixels ( P J ). The occurrence of each ℎ 𝑒 ∈ 𝐵 𝐼 is p e = h e /(( M -1)×( N -1)), where 𝑒 ∈ [ - T , T - . The total occur-rence of the prediction errors in B J is p J = - ( ∑ ℎ 𝑒𝑇−1𝑒=−𝑇 / (( M - × ( N - ) (4) We then build a Huffman tree 𝔥 based on the possibility sequence { p -T , p -T +1 , …, p -1 , p , …, p T- , p T- , p J }. The proce-dure of Huffman tree generation is discussed in Section 3.4. For each embedding pixel, its prediction error 𝑒 𝑖,𝑗 can be represented by the corresponding Huffman codeword 𝑐 𝑖,𝑗 . We assign the independent encoding bins each with an independent codeword, and the joint encoding bins with a same codeword. The codewords of the independ- ent encoding pixels are { C - T , C - T +1 , …, C -1 , C , …, C T -2 , C T -1 }, and that of the jointly encoding pixels is C J . According to the Huffman encoding, a prediction error with a larger occurrence is assigned with a codeword of a shorter length. After obtaining the prediction-error histogram of the cov-er image, the owner encrypts the original plain-text image to obtain the encrypted version using the stream cipher. A gray value 𝑥 𝑚,𝑛 in X can be represented by eight bits us-ing modulo-2 as 𝑥 𝑚,𝑛,𝑙 , . 𝑥 𝑚,𝑛,𝑙 = ⌊𝑥 𝑚,𝑛 /2 𝑙 ⌋ mod 2 (5) Where ⌊∙⌋ stands for the floor function. The owner gener-ates pseudo-random sequence R with the same size of the cover image according to (6). The encryption key K enc is used as the seed of the pseudo-random generator. 𝑅 = {𝑟 𝑚,𝑛 |𝑟 𝑚,𝑛 ∈ [ ] ,1≤ m ≤ M ,1≤ n ≤ N } (6) Each 𝑟 𝑚,𝑛 can also be represented by eight bits using modulo-2 as, 𝑟 𝑚,𝑛,𝑙 , . 𝑟 𝑚,𝑛,𝑙 = ⌊𝑟 𝑚,𝑛 /2 𝑙 ⌋ mod 2 (7) Then, the image owner uses the bit-wise exclusive-or (XOR) function for image encryption as 𝑦 𝑚,𝑛,𝑙 = 𝑥 𝑚,𝑛,𝑙 ⨁ 𝑟 𝑚,𝑛,𝑙 (8) where “ ⨁ ” is the XOR function, and 𝑦 𝑚,𝑛,𝑙 is the encrypt-ed bit. Then, the encrypted pixels 𝑦 𝑖,𝑗 can be calculated as 𝑦 𝑚,𝑛 = ∑ 𝑦 𝑚,𝑛,𝑙 ∙ 2 𝑙7𝑙=0 (9) Therefore, the encrypted image Y is generated by the stream cipher where K enc is required as the image encryp-tion key. We process the encrypted bits of the embedding pixels to vacate the embedding room. The LSBs of the encrypted pixels are replaced with the flipped Huffman codewords of their prediction errors. The flipping operation is to enable the receiver and the data hider to recognize the Huffman codeword by read-ing from the lower bit-planes to the higher bit-planes. For an encrypted pixel 𝑦 𝑖,𝑗 with 𝑒 𝑖,𝑗 = k (2 ≤ 𝑖 ≤ 𝑀, 2 ≤ 𝑗 ≤ 𝑁) , the codeword 𝑐 𝑖,𝑗 is C k when 𝑘 ∈ [ - T , T - , otherwise the codeword 𝑐 𝑖,𝑗 is C J . Then we first replace the ℓ(𝑐 𝑖,𝑗 ) bit LSBs of 𝑦 𝑖,𝑗 with 𝑐 𝑖,𝑗 , where ℓ ( x ) is the binary length of x . Afterwards, the MSBs of the processed encrypted pixel, namely, {𝑦 𝑖,𝑗,7 , 𝑦 𝑖,𝑗,6 , … , 𝑦 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 ) } , are spared for data em-bedding. We orderly concatenate the vacated bit-planes as the vacated binary sequence W . 𝑊 = {𝑦 , 𝑦 , … , 𝑦 ) , … , 𝑦 𝑀,𝑁,7 , … , 𝑦
𝑀,𝑁,ℓ(𝑐
𝑀,𝑁 ) } (10) For the recovery of the encrypted image, we embed some side information A into the processed encrypted image. The side information comprises two parts: the in- IU ET AL.: REVERSIBLE DATA HIDING IN ENCRYPTED IMAGES USING ADAPTIVE REVERSIBLE INTEGER TRANSFORMATION 5 formation for constructing the Huffman tree, A , and the information for image recovery, A . Firstly, the threshold T , the ( T +1 ) codewords and the length of each codeword should be informed to the re-ceiver. In A , they are concatenated as a binary sequence. For 𝑇 ∈ [
1, 255 ] , it can be expressed within eight bits. Since the maximum length of each codeword is less than eight, the lengths can be represented within three bits. To allow data extraction and image recovery, A should be directly accessed by the receiver. We embed A into the reference pixels by directly replacing the bit-planes. The total length of A is ℓ(𝐴 ) = + ( T +1 ) + ∑ ℓ(𝐶 𝑘 ) + ℓ(𝐶 𝐽 ) 𝑇−1𝑘=−𝑇 (11) Secondly, in order to recover P J , the original bit-planes of P J should be embedded into the vacated room as the side information. In A , the original value of the encrypt-ed pixels as well as the reference pixels are permuted as a binary sequence. For recovering the reference pixels, the replaced ℓ(𝐴 ) bits encrypted bits of P R are concatenated as a binary sequence and denoted as A R . For recovering the jointly encoding pixels, the bit-planes of P J are concat-enated as a binary sequence and denoted as A J . Therefore, A = { A R , A J }. We embed A into the vacated room by re-placing the first ℓ(𝐴 ) bits of 𝑊 , namely, { 𝑤 , … , 𝑤 ℓ(𝐴 )−1 } is modified as A . If the higher bit-planes of a pixel are counted in { 𝑤 ℓ(𝐴 ) , … , 𝑤 ℓ(𝑊)−1 }, the pixel belongs to re-served pixels ( P S ). Otherwise, the pixel belongs to non-reserved pixels ( P NS ). Correspondingly, we modify the higher bit-planes of each non-reserved pixel as {𝑦 𝑖,𝑗,7 ′, … , 𝑦 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 ) ′} . The encrypted image with vacated room Y R is generated by pixel-wisely concatenate the modified higher bit-planes with the original lower bit-planes according to (12), where 𝑦 𝑖,𝑗 ′ is the corresponding marked encrypted pixel of 𝑦 𝑖,𝑗 in Y R . 𝑦 𝑖,𝑗 ′ = { {𝑦 𝑖,𝑗,7 , … , 𝑦 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 ) , 𝑐 𝑖,𝑗,0 , … , 𝑐 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 )1 } , if y i,j ∈ P S {𝑦 𝑖,𝑗,7′ , … , 𝑦 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 )′ , 𝑐 𝑖,𝑗,0 , … , 𝑐 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 )−1 } , otherwise (12) The length of A R is equal to that of 𝐴 , which the data hider and receiver are able to obtain by extracting 𝐴 from P R . After reconstructing the Huffman tree and Huffman decoding, the length of 𝐴 𝐽 also can be obtained. And then, ℓ(𝐴 ) = ℓ(𝐴 ) + ℓ(𝐴 𝐽 ) . For a specific image, different thresholds lead to different Huffman encoding results. The image owner determines T by trying 𝑇′ ∈ [
1, 255 ] , and select the optimized one with the largest amount of vacated room. The detailed procedure is described as follows: Given a 𝑇 ∈ [1 , ] , total length of codewords used for recording the prediction errors is defined in (13). ℓ 𝑇 (𝐶) = ∑ ℎ 𝑘 ℓ(𝐶 𝑖 ) + (∑ ℎ 𝑝 + −𝑇−1 p = - ∑ ℎ 𝑞 𝑞=𝑇 ) 𝑇−1𝑘=−𝑇 ℓ(𝐶 𝐽 ) (13) The length of the second part of the side information, A , is: ℓ(𝐴 ) = ∑ ℎ 𝑝−𝑇−1𝑝= - + ∑ ℎ 𝑞 𝑞=𝑇 + ℓ(𝐴 ) (14) Therefore, the net amount of the vacated embedding room 𝑁𝑃 𝑇 is the total amount of bits in the embedding pixels subtracted by the sum of ℓ 𝑇 (𝐶) and ℓ(𝐴 ) . 𝑁𝑃 𝑇 = ∑ ℎ 𝑒255𝑒=−255 − ℓ 𝑇 (𝐶) − ℓ(𝐴 ) (15) Besides, the length of each codeword should be less than eight so that every pixel can accommodate its code-word. Therefore, the threshold T is determined by trav-ersing all 𝑇′ ∈ [
1, 255 ] to satisfy 𝑇 = argmax 𝑇 ′ ∈[1 , ] 𝑁𝑃 𝑇 ′ w.r.t. ∀ℓ(𝐶 𝑘 ) ≤ 8 , ℓ(𝐶 𝐽 ) ≤ 8, 𝑘 ∈ [−𝑇 ′ , 𝑇 ′ − 1] (16) With the optimized threshold T , the Huffman tree for the cover image, together with the ( T +1 ) codewords can be defined, and the net payload can be calculated accord-ing to (15).
4 D
ATA E MBEDDING
Given the encrypted image with embedding room Y R , the data hider wishes to embed his additional data S into the encrypted pixels. He divides the encrypted pixels into P R and P E , and extracts the side information A from the bit-planes of P R . Then, he divides A and gets the threshold T , constructs the Huffman tree with ( T +1 ) codewords and obtains the length of the embedded side information A , ℓ(𝐴 ) . For each embedding pixel 𝑧 𝑖,𝑗 , the embedded codeword in each embedding pixel can be identified from the lower bit-planes to the higher bit-planes, namely, { 𝑐 𝑖,𝑗,0 , 𝑐 𝑖,𝑗,1 , … , 𝑐 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 )−1 }, and the vacated bit-planes are {𝑦 𝑖,𝑗,7′ , 𝑦 𝑖,𝑗,6′ , … , 𝑦 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 )′ } . The data hider orderly concate-nates the vacated bit-planes as the vacated binary se-quence W according to (14). The first ℓ(𝐴 ) bits, { 𝑤 , 𝑤 , … , 𝑤 ℓ(𝐴 )−1 } are already used for embedding the side information A . The other bits, namely, { 𝑤 ℓ(𝐴 ) , 𝑤 ℓ(𝐴 )+1 , …, 𝑤 ℓ(𝑊)−1 }, are available for data embed-ding. The data hider encrypts S as S E using the data hid-ing key K hid . Then, he embeds S E into the vacated room by replacing { 𝑤 ℓ(𝐴 ) , 𝑤 ℓ(𝐴 )+1 , …, 𝑤 ℓ(𝑊)−1 } with S E , so that 𝑊′ ={𝑤 , 𝑤 , … , 𝑤 ℓ(𝐴 )−1 , 𝑆 𝐸 } . If the higher bit-planes of a pixel are counted in { 𝑤 ℓ(𝐴 ) , 𝑤 ℓ(𝐴 )+1 , … , 𝑤 ℓ(𝑊)−1 }, the pixel is a reserved pixel. Correspondingly, we modify the higher bit-planes of each reserved pixel as {𝑧 𝑖,𝑗,7 , 𝑧 𝑖,𝑗,6 , … , 𝑧 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 ) } . The marked encrypted image Z is generated by pixel-wisely concatenate the modified higher bit-planes with the original lower bit-planes according to (17), where 𝑧 𝑖,𝑗 is the corresponding marked encrypted pixel of 𝑦 𝑖,𝑗 ′ in Z . 𝑧 𝑖,𝑗 = { {𝑧 𝑖,𝑗,7 , … , 𝑧 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 ) , 𝑐 𝑖,𝑗,0 , … , 𝑐 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 )−1 } , if y i,j ∈ P S {𝑦 𝑖,𝑗,7′ , … , 𝑦 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 )′ , 𝑐 𝑖,𝑗,0 , … , 𝑐 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 )−1 } , otherwise (17) IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
Fig. 5. Five typical images for embedding tests
Fig. 6. Image embedding test. (a) Original image (b) Encrypted image (c) Encrypted image with vacated room (d) Marked encrypted image (e) Recovered image without image encryption key (f) Recovered original image
5 D
ATA E XTRACTION AND I MAGE R ECOVERY
The procedure of data extraction and image recovery is separable. Different receivers with different authorization can conduct error-free data extraction and/or error-free image recovery, respectively. Given a marked encrypted image Z , the receiver gets the threshold T , the (2 T +1) Huffman encoding codewords, and the length of the embedded side information A , ℓ(𝐴 ) , by using the same operations as the data hider. He divides the encrypted pixels into P R and P E , where P E are further divided into P I and P J . The embedded codewords { 𝑐 𝑖,𝑗,0 , 𝑐 𝑖,𝑗,1 , … , 𝑐 𝑖,𝑗,ℓ(𝑐 𝑖,𝑗 )−1 } from the lower bit-planes of the embedding pixels and the rest of the bit-planes of the em-bedding pixels used for data hiding can be identified. The receiver orderly concatenates the vacated bit-planes as the vacated binary sequence W according to (14). From the first ℓ(𝐴 ) bits, { 𝑤 , 𝑤 , … , 𝑤 ℓ(𝐴 )−1 }, he retrieves the hid-den side information A . From the rest of the bits, { 𝑤 ℓ(𝐴 ) , 𝑤 ℓ(𝐴 )+1 , …, 𝑤 ℓ(𝑊)−1 }, he retrieves the hidden en-crypted additional data S E . If the receiver has K enc but does not have K hid , the receiv-er can recover the original image without error. He di-vides A into { A R , A J }. Then, he recovers the replaced en-crypted bit-planes of P R , and uses the encryption key K enc to decrypt it into the original values of the reference pix-els. With the encryption key K enc , he decrypts A J into the original values of the jointly encoding pixels P J . After de-coding the embedded codewords of the independent en-coding pixels P I into the prediction errors by Huffman decoding, he then recovers the original values of P I itera-tively. For each P I , he begins with the pixel on the second row and second column, and obtains the predicted value with its three recovered neighboring pixels by using (1). Afterwards, the original value of each P I is recovered by adding the predicted value to the prediction error. 𝑥 𝑖,𝑗 = 𝑥′ 𝑖,𝑗 + 𝑒 𝑖,𝑗 (18) When all pixels are recovered, the original cover image is losslessly generated. If the receiver has K hid but does not have K enc , he can ex-tract the additional data without error by data decryption. However, the receiver cannot recover the reference pixels and the jointly encoding pixels without K enc . Therefore, he cannot losslessly recover the original image. If the receiver has both K hid and K enc , according to the above procedures, he can not only extract the embedded additional data, but also recover the original image loss-lessly.
6 E
XPERIMENTAL R ESULTS
To verify the proposed RDHEI scheme, we have conduct-ed many experiments on thousands of gray-scaled images from typical image datasets, namely, UCID [29], BOSS-Base [30], and BOWS-2 [31]. We use binary random se-quences as additional messages, i.e., the possibilities for 0 and 1 are equal. Notice that in the figures and tables in this section, we are comparing the pure payload between different methods. All parts of the side information re-quired in the scheme, including A and A , are subtracted from the total amount of the additional data to calculate the net payload. For objective image quality evaluation, we employ the peak signal-to-noise ratio (PSNR) and structural similarity (SSIM) [32]. SSIM is proposed gener-ally based on the degradation of structural information, (a) (b) (c) (d) (e) (f) (a) Lena (b) Man (c) Jetplane (d) Baboon (e) Tiffany IU ET AL.: REVERSIBLE DATA HIDING IN ENCRYPTED IMAGES USING ADAPTIVE REVERSIBLE INTEGER TRANSFORMATION 7
TABLE HE P ERFORMANCE WITH M AXIMAL E MBEDDING C APACITY FOR F IVE T EST I MAGES
Image ER(bpp) T PSNR(dB)/SSIM Encrypted im-age Y Encrypted image with vacated room Y R Marked encrypted image Z Recovered image without K enc Recovered image Lena 3.303 16 9.2255/0.0341 9.2337/0.0352 9.2359/0.0399 9.5404/0.1338 +∞/1
Man 2.938 18 7.9937/0.0681 8.0170/0.0829 8.1561/0.0883 7.7054/0.0238 +∞/1
Jetplane 3.641 14 8.0077/0.0346 8.0317/0.0272 7.5956/0.0249 7.9032/0.1185 +∞/1
Baboon 1.533 35 9.5108/0.0299 9.5515/0.0444 9.4793/0.0501 9.3154/0.0655 +∞/1
Tiffany 3.411 15 6.8839/0.0389 6.9159/0.0337 6.4206/0.0292 6.9663/0.0767 +∞/1
Average 2.965 20 8.3243/0.0411 8.3500/0.0447 8.1775/0.0465 8.2861/0.0836 +∞/1 which is much better in providing consistent and subjec-tive image visual quality. The value of SSIM ranges from 0 to 1. A higher structure similarity between the cover im-age and the marked image is represented by a high SSIM closer to 1. We firstly show the embedding performances of the proposed scheme, which includes embedding capacity, reversibility, security and separability. Then, we compare the proposed RDHEI scheme with many state-of-the-art RDHEI methods proposed in [16] [24-28].
In Fig.5, we select five examples of cover images for test-ing. Fig. 6. shows the experiment results of the proposed scheme on Fig.5(c), where (a)-(f) are respectively the orig-inal image, the encrypted image, the encrypted image with vacated room, the marked encrypted image, the re-covered image without the image encryption key and the recovered original image. The data extraction is always successful, i.e., the bit-wise error rate (BER) between the extracted decrypted data and the original additional data is 0. The recovered image is identical to the original image, i.e., the SSIM between the recovered image and the origi-nal image is 1. Table 1 shows the summary of data em-bedding using these images, where we calculate the PSNR and SSIM between the original image and the en-crypted images generated in different phases by the own-er and the data hider.
Embedding Capacity . The embedding rate (ER) of Fig.5(a), (c) and (e) are above 3 bpp (bit per pixel). For cover images with complex texture such as Fig.5(d), the embedding rate is still high, i.e., 1.533 bpp. The optimal Huffman tree for different images varies. The textured images are usually assigned with a larger threshold, for example, T =35 for Baboon, which is more than twice of that for Lena. The average embedding capacity of the five test images is 2.965 bpp, which proves that the proposed scheme can hide a large amount of additional data within a cover image. Reversibility . After data extraction using the data hid-ing key, the original cover image can be recovered with-out error. For example, Fig.6(f) is identical to Fig.6(a). In Table I, the PSNRs and SSIMs between the recovered im-ages and the original images are +∞ and 1, respectively. Security . From Table I, the PSNR and SSIM value be- tween the original image and its encrypted versions are very low. The average PSNR between the original image and the encrypted image with vacated room is 8.3500dB, and the SSIM is 0.0447. The data embedding in the en-cryption domain does not influence the encryption effect. The average PSNR between the original image and the marked encrypted image is 8.1775dB, and the SSIM is 0.0465. Therefore, after image encryption and data em-bedding, little detail of the cover image can be discovered from the encrypted versions.
Separability . There is no leakage of image content in the decrypted image without the image encryption key, i.e., the receiver with only the permission to extract the hidden data cannot recover the cover image. Neither can he discover any information about the original content. The average PSNR and SSIM value between the recovered image without the image encryption key and the cover image are 8.2861dB and 0.0836, respectively. In Fig. 6 (b)-(e), the original content of cannot be observed. The reason is that the additional data is embedded into the encrypted image with labelling by MSBs replacement. The receiver cannot recover the reference pixels without the image encryption key. As a result, he cannot iteratively recover the embedding pixels as well. Similarly, the receiver with only the image encryption key cannot obtain the hidden data. Therefore, the proposed scheme provides favorable information security and separability.
We compare the proposed scheme with many state-of-the-art RDHEI schemes [16] [24-28]. We compare the em-bedding rate of these schemes when the average PSNR of the marked encrypted image produced by the schemes are close. Therefore, a larger average embedding rate means a better embedding performance.
In the experimental settings, the parameters α and β in [16] and [26] are set as 5 and 2 respectively. In [24], we accept the EPE-HCRDH scheme, which can achieve a higher embedding capacity. In [25], the length of fixed-length codewords is set as 3 and the block size is set to 4×4. In [27], the codewords are predefined as {00, 01, 100, 101, 1100, 1101, 1110, 11110, 11111} to represent nine kinds of the multi-MSB prediction. In [28], the 8 bit-plants of prediction errors are rearranged and compressed.
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
Fig.7 Comparison of embedding rate on cover images shown in Fig.5 between the proposed scheme and [16] [24-28]
Fig. 8. Comparison of average embedding rate on three image datasets between the proposed scheme and five state-of-the-art RDHEI methods
TABLE
ETAILED P ERFORMANCE C OMPARISONS ON T HREE TYPICAL I MAGE D ATASETS
Wu et al., 2020 [26] Yin et al., 2020 [27] Yin et al., 2020 [28] Proposed scheme Datasets Matrics Worst Best Average Worst Best Average Worst Best Average Worst Best Average UCID ER(bpp) 0 2.976 2.268 0.397 5.010 2.688
PSNR(dB) +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ SSIM 1 1 1 1 1 1 1 1 1 1 1 1 BOSSbase 1.01 ER(bpp) 0.071 2.988 2.561 0.664 5.896 3.361 0.742
PSNR(dB) +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ SSIM 1 1 1 1 1 1 1 1 1 1 1 1 BOWS-2 ER(bpp) 0.048 2.988 2.519 0.628 5.622 3.246 0.624
PSNR(dB) +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ +∞ SSIM 1 1 1 1 1 1 1 1 1 1 1 1
IU ET AL.: REVERSIBLE DATA HIDING IN ENCRYPTED IMAGES USING ADAPTIVE REVERSIBLE INTEGER TRANSFORMATION 9
TABLE
ETAILED E MBEDDING R ATE C OMPARISONS ON T EXTURED I MAGES
Size Method 1 2 3 4 5 6 7 8 9 10 11 12 13 Average 512 ×
512 [26] 0.1192 1.0936 0.3947 1.1527 1.0462 0.3749 1.4462 2.9370 2.7579 2.1549 1.8067 1.6080 1.5378 1.4177 [27] 0.6636 1.2303 0.8115 1.3155 1.2466 0.8878 1.5365 2.9563 2.6170 1.9505 1.8290 1.6683 1.4954 1.5545 [28] 0.8086 1.4750 1.1320 1.4498 1.5486 0.9280 1.6144 3.3563 3.0165 2.2203 2.0619 1.8297 1.7501 1.7839 Proposed [27] 1.4645 [28] 1.7902
Proposed
Average Performance . Fig. 7 provides the performance comparison of embedding rate between the proposed scheme and [16] [24-28]. The embeddings are conducted on the cover images shown in Fig.5. The achieved em-bedding rates of EPE-HCRDH [24] on these images are lower than 1 bpp. The reason is that the method merely uses the MSB of each pixel for data embedding. Chen et al [25] can provide a higher embedding capacity. However, the method performs poorly on textured images, e.g., 0.459 bpp on Baboon. Yi et al. [16] provides a similar em-bedding performance compared to [25], where the net payload on Baboon is 0.480 bpp. [26-28] can achieve high-er payloads on both flat and textured images. For exam-ple, the embedding capacity of [28] is 3.075 bpp, 2.635 bpp, 3.402 bpp, 1.383 bpp and 3.149 bpp on Lena, Man, Jetplane, Baboon and Tiffany respectively. By comparison, the proposed scheme outperforms above methods in net payload. The embedding rate of the proposed scheme is 3.303 bpp, 2.938 bpp, 3.641 bpp, 1.533 bpp and 3.411 bpp in Lena, Man, Jetplane, Baboon and Tiffany respectively. The reason is that the proposed scheme not only takes full advantage of spatial redundancy in the plain-text image, but also improves the performance of entropy coding with Huffman encoding. Apart from the five typical im-ages, we further analyze the average embedding perfor-mance on UCID [29], BOSSBase [30], and BOWS-2 [31]. Fig. 8 reports the performances of average embedding rate on the three datasets. While [28] can embed a larger payload into the cover image than [16, 24-27], the pro-posed scheme can further offer a larger net payload. The experiment results demonstrate that the proposed scheme outperforms other competitors. The average net payload of the proposed scheme on UCID, BOSSbase 1.01 and BOWS-2 are 3.203 bpp, 3.952 bpp and 3.814 bpp, which is 10.45%, 9.02% and 9.13% larger than that of [28], respec-tively. Table 2 shows the detail performance comparison on the three image datasets between the proposed scheme and methods in [26-28], where the columns “Worst” and “Best” respectively reports the lowest and highest pay- load in the datasets. Besides the fact that the proposed scheme is better than [26-28] on average performance, the proposed scheme can generally provide a much larger payload in the worst case compared to [26-28]. For exam-ple, the lowest payload on BOSSbase 1.01 is above 1 bpp. The experiment shows that the proposed can also per-form well on the textured images.
Performance on Textured Images.
In addition, based on the USC-SIPI image database [33], we conduct experiment on textured images with two resolutions 512×512 and 1024×1024 of 13 different images. The images are Grass, Bark, Straw, Herringbone weave, Woolen cloth, Pressed calf leather, Beach sand, Water, Wood grain, Raffia, Pig-skin, Brick wall and Plastic, respectively. As showed in Table 3, we also compare the embedding rate of the pro-posed scheme with methods in [26-28]. It is obvious that the proposed scheme achieves higher net payload than [26-28] in all the 26 textured images sized 512×512 or 1024×1024. The average payload of proposed scheme is 50.78%, 37.51%, 19.82% higher than that of [26-28] respec-tively for textured images sized 512×512, and 39.04%, 39.40%, 16.14% higher than that of [26-28] respectively for textured images sized 1024×1024. Besides, the achieved average embedding rate of 1024×1024 images is higher than that of 512×512 images. The experiment further demonstrates that the proposed scheme can achieved higher embedding capacity on the textured images.
7 C
ONCLUSION
This paper proposes a high-capacity reversible data hid-ing scheme for encrypted images using pixel predictions and Huffman encoding. The scheme outperforms many state-of-the-art RDHEI schemes in the embedding pay-load. Besides, reversibility, high information security and separability can be ensured. Before image encryption, we propose to generate the prediction-error histogram (PEH) using median edge detector (MED). Then the image is encrypted using stream cipher. A Huffman tree is built based on the PEH to minimize the total length of side information for image recovery. After data hiding of the side information, a large amount of net vacated room can be reserved. The data hider locates the vacated room us-ing the side information and embed his information into the encrypted image. At the receiver ’s side, the users can
0 IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPU-TING conduct data extraction and image recovery separately, according to their authentications. Experimental results prove the effectiveness of the proposed scheme on typical image datasets. While many previous works cannot pro-vide large embedding rate on textured images like Ba-boon, the proposed scheme can provide the data hider with up to 1.533 bpp payload. A CKNOWLEDGMENT
This work was supported by the Natural Science Founda-tion of China (Grant No. U20B2051, 61871434 and 61972168). R EFERENCES [1]
J. Tian, “Reversible data embedding using a difference expansion,”
IEEE Trans. Circuits Syst. Video Technol. , vol. 13, no. 8, pp. 890 – X. Wang, X. Li, B. Yang, and Z. Guo, “Efficient generalized integer trans-form for reversible watermarking,”
IEEE Signal Process. Lett. , vol. 17, no. 6, pp. 567 – Y. Qiu, Z. Qian, and L. Yu, “Adaptive reversible data hiding by extend- ing the generalized integer transformation,”
IEEE Signal Process. Lett. , vol. 23, no. 1, pp. 130 – Z. Ni, Y. Shi, N. Ansari, and W. Su, “Reversible data hiding,”
IEEE Trans. Circuits Syst. Video Technol. , vol. 16, no. 3, pp. 354 – X. Li, B. Li, B. Yang, and T. Zeng, “General framework to histogram -shifting- based reversible data hiding,”
IEEE Trans. Image Process. , vol. 22, no. 6, pp. 2181 – W. Qi, X. Li, T. Zhang, and Z. Guo, “Optimal Reversible Data Hiding Scheme Based on Multiple Histograms Modification,”
IEEE Trans. Cir-cuits Syst. Video Technol. , vol. 30, no. 8, pp. 2300-2312, Aug. 2020. [7]
W. Zhang, X. Hu, X. Li, and N. Yu, “Optimal transiti on probability of reversible data hiding for general distortion metrics and its applications,”
IEEE Trans. Image Process. , vol. 24, no. 1, pp. 294 – D. Hou, W. Zhang, Y. Yang, and N. Yu, “Reversible data hiding under inconsistent distortion m etrics,”
IEEE Trans. Image Process. , vol. 27, no. 10, pp. 5087 – F. Huang, X. Qu, H. J. Kim, and J. Huang, “Reversible data hiding in JPEG images,”
IEEE Trans. Circuits Syst. Video Technol. , vol. 26, no. 9, pp. 1610 – Y. Qiu,
Z. Qian, H. He, H. Tian, and X. Zhang, “Optimized lossless data hiding in JPEG bitstream and relay transfer based extension,”
IEEE Trans. Circuits Syst. Video Technol. , preprint, 2 Jul. 2020, doi: 10.1109/TCSVT.2020.3006494. [11]
Y. Du, Z. Yin, and X.
Zhang, “High capacity lossless data hiding in JPEG bitstream based on general VLC mapping,”
IEEE Trans. Depend. Secure Comput. , preprint, 31 Jul., 2020, doi: 10.1109/TDSC.2020.3013326. [12]
X. Zhang, “Separable reversible data hiding in encrypted image,”
IEEE Trans. Inf. Forensics Secur. , vol. 7, no. 2, pp. 826 – W. Hong, T. S. Chen, and H. Y. Wu, “An improved reversible data hid-ing in encrypted images using side match,”
IEEE Signal Process. Lett. , vol. 19, no. 4, pp. 199 – J. Zhou, W . Sun, L. Dong, X. Liu, O. C. Au, and Y. Y. Tang, “Secure re-versible image data hiding over encrypted domain via key modulation,”
IEEE Trans. Circuits Syst. Video Technol. , vol. 26, no. 3, pp. 441 – Z. Qian, H. Xu, X. Luo, and X. Zhang, “New framework of reversible data hiding in encrypted JPEG bitstreams,”
IEEE Trans. Circuits Syst. Video Technol. , vol. 29, no. 2, pp. 351-362, Feb. 2019. [16]
S. Yi and Y. Zhou, “Separable and reversible data hiding in encrypted images using parametric binary tree labeling,”
IEEE Trans. Multimedia , vol. 21, no. 1, pp. 51-64, Jan. 2019. [17]
K. Ma, W. Zhang, X. Zhao, N. Yu, and F. Li, “Reversible data hiding in encrypted images by reserving room before encryption,”
IEEE Trans. Inf. Forensics Secur. , vol. 8, no. 3, pp. 553 – W. Zhang, K. Ma, and N. Yu, “Reversibility improved data hiding in encrypted images,”
Signal Process. , vol. 94, no. 1, pp. 118 – D. Xu and R. Wang, “Separable and error -free reversible data hiding in encrypted images,”
Signal Process. , vol. 123, pp. 9 –
21, Jun. 2016. [20]
X. Cao, L. Du, X. Wei, D. Meng, and X. Guo, “High capacity reversible data hiding in encrypted images by patch- level sparse representation,”
IEEE Trans. Cybern. , vol. 46, no. 5, pp. 1132 – S. Xiang an d X. Luo, “Reversible data hiding in homomorphic encrypt-ed domain by mirroring ciphertext group,”
IEEE Trans. Circuits Syst. Video Technol. , vol. 28, no. 11, pp. 3099 – Y. Qiu, Z. Qian, H. Zeng, X. Lin, and X. Zhang, “Reversible data hiding in encrypted images using adaptive reversible integer transformation,”
Signal Process. , vol. 167, pp. 1-10, Jan. 2020. [23]
Y. Qiu, Q. Ying, X. Lin, Y. Zhang, and Z. Qian, “Reversible data hiding in encrypted images with dual data embedding,”
IEEE Access , vol. 8, pp. 23209-23220, Jan. 2020. [24]
P. Puteaux and W. Puech, “An efficient MSB prediction -based method for high- capacity reversible data hiding in encrypted images,”
IEEE Trans. Inf. Forensics Secur. , vol. 13, no. 7, pp. 1670-1681, Jul. 2018 [25]
K. Chen and C. C. Chang, “High -capacity reversible data hiding in encrypted images based on extended Run-Length coding and block based MSB plane rearrangement,”
J. Vis. Commun. Image Represent. , vol. 58, pp. 334 – Y. Wu, Y. Xiang, Y. Guo, J.
Tang, and Z. Yin, “An improved reversible data hiding in encrypted images using parametric binary tree labeling,”
IEEE Trans. Multimedia , vol. 22, no. 8, pp. 1929 – Z. Yin, Y. Xiang, and X. Zhang, “Reversible data hiding in encrypted images based on multi-
MSB prediction and Huffman encoding,”
IEEE Trans. Multimedia , vol. 22, no. 4, pp. 874 – Z. Yin, Y. Peng, and Y. Xiang, “Reversible data hiding in encrypted images based on pixel prediction and bit- plane compression,”
IEEE Trans. Depend. Secure Comput. , preprint, 26 Aug., 2020, doi: 10.1109/TDSC.2020.3019490. [29]
G. Schaefer and M. Stich, “UCID: An uncompressed color image data-base,” in
Proc. Storage Retrieval Methods Appl. Multimedia , vol. 5307. Bel-lingham, WA, USA: SPIE, 2003, pp. 472 – P. Bas, T. Filler, and T. Pevn`y, “Break our steganographic system: The ins and outs of organizing boss,” in
Proc. Int. Workshop Inf. Hiding , 2011, pp. 59 –
70. [31]
P. Bas and T. Furon, “Image database of bows - able at http://bows2.ec-lille.fr/. [32] Z. Wang, A. C. Bovik, H. R. Sheikh, and E. Simoncelli, “ Image quality assessment: from error visibility to structural similarity, ” IEEE Trans. Im-age Process. , vol. 13, no. 4, pp. 600 – University of Southern California Signal & Imaging Processing Institute. “USC -SIPI Image Database. ””