Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Controllable secure watermarking technique for tradeoff between robustness and security.bak

579 views

Published on

  • Be the first to comment

  • Be the first to like this

Controllable secure watermarking technique for tradeoff between robustness and security.bak

  1. 1. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 7, NO. 2, APRIL 2012 821CorrespondenceControllable Secure Watermarking Technique for Tradeoff words, the attacker knows neither corresponding original versions nor Between Robustness and Security corresponding watermark messages. This correspondence only con- siders the WOA framework and the worst case scenario for the water- Jian Cao and Jiwu Huang mark embedder, i.e., the number of observations that the attacker can collect is unlimited. The spread spectrum (SS) watermarking is one of most widely used watermarking techniques. In terms of their security, the existing Abstract—The circular watermarking (CW) technique has attracted in- SS watermarking schemes can be classified into the following threecreasing attention because it can resist the estimation of secret carriersin the watermarked only attack (WOA) framework. However, the existing categories:CW schemes are not applicable whenever a malicious watermark removal 1) The classical SS watermarking schemes, such as additive SS wa-attack can take place. This is because they either have low security be- termarking [3], attenuated SS watermarking [4], and improvedcause the attacker can disclose the embedding subspace or have low ro- SS (ISS) watermarking [5]. For this category of SS watermarkingbustness. Based on an existing CW scheme called transportation natural schemes, the attacker can disclose the secret carriers up to a signedwatermarking (TNW), this correspondence presents a new CW techniquefor the tradeoff between robustness and security, which we refer to as con- permutation. Moreover, the accidental knowledge of watermarktrollable secure watermarking (CSW). The idea behind the CSW is that messages in few watermarked signals might remove this ambi-by altering the host signal in the orthogonal complement of the embed- guity [2]. As a result, the attacker has the capacity for full accessding subspace, we can make the watermarked signal have an orthogonally to the watermarking channel, and can carry out various maliciousinvariant distribution in a higher dimensional subspace including the em-bedding subspace. Orthogonally invariant distribution essentially requires attacks, including unauthorized embedding, unauthorized detec-that the distribution does not change if multiplied by any freely chosen or- tion, and unauthorized removal attack.thogonal matrix, and the higher dimensional subspace is referred to as in- 2) The key-secure circular watermarking (CW) schemes, such as thevariant subspace. We prove that the attacker can only reduce the uncer- key-secure version of natural watermarking (NW) [6], the key-se-tainty of secret carriers up to the invariant subspace. The dimension of the cure version of transportation natural watermarking (TNW) [7],invariant subspace can be used for the tradeoff between robustness and se-curity. Further, the experiment results show that the robustness–security and the circular extension of ISS (CW-ISS) [8]. For this categorytradeoff provided by the CSW is efficient. In particular, with the increase of SS watermarking schemes, the attacker can disclose the secretof the dimension of the invariant subspace, the security of the CSW will carriers up to the embedding subspace. This implies that the at-increase quickly while its robustness will only decrease slowly. tacker cannot carry out the unauthorized embedding attack, but http://ieeexploreprojects.blogspot.com can remove the watermark with low distortion. For example, in Index Terms—Robustness, spread spectrum watermarking, water-marked only attack (WOA), watermarking security. [2], the authors presented a method for removing the watermark with low distortion by nullifying the watermarked signal’s pro- jection on the estimated embedding subspace. Therefore, this cat- I. INTRODUCTION egory of SS watermarking schemes is not applicable whenever a malicious watermark removal attack can take place. Security and robustness are two important issues that watermarking 3) The stego-secure CW schemes, namely the stego-secure versionalgorithms need to address. According to the definitions proposed in of NW and the stego-secure version of TNW. For this category[1], the notions of security and robustness are very different in essence. of SS watermarking schemes, the attacker cannot reduce the un-Specifically, the goal of the security attack is to gain knowledge about certainty of secret carriers. However, this category of SS water-the secret key of encoding process and/or decoding process, while the marking schemes has relatively low robustness.goal of the robustness attack is to increase the bit error probability of the To sum up, when a malicious watermark removal attack can take place,watermarking channel. However, the notions of security and robustness the existing SS watermarking schemes are not applicable.are also close. This is because the attacker can design more powerful In this correspondence, we present a new watermarking techniquerobustness attacks if he can gain enough knowledge about the secret called controllable secure watermarking (CSW), which is based on thekey. TNW embedding. In the embedding subspace, the CSW alters the host According to the type of information that the attacker can access signal by using the embedding rule of TNW. In addition, the CSWto, there exists a classification of security attacks. Among them, water- also alters host signal in the orthogonal complement of embedding sub-marked only attack (WOA) [2] refers to the scenario where the attacker space such that the watermarked signal has an orthogonally invariantonly owns the watermarked signals (or called observations). In other distribution in a higher dimensional subspace including the embedding subspace, which we refer to as invariant subspace. The dimension of the invariant subspace can take any integer from the dimension of the Manuscript received June 13, 2011; revised October 05, 2011; accepted De- embedding subspace to the length of host signal. We prove that thecember 23, 2011. Date of publication January 12, 2012; date of current versionMarch 08, 2012. This work was supported by the 973 Program (2011CB302204) attacker can only reduce the uncertainty of secret carriers up to the in-and NSFC (U1135001, 61070167). The associate editor coordinating the review variant subspace. By choosing the dimension of invariant subspace, weof this manuscript and approving it for publication was Dr. Alessandro Piva. can control the performance of the CSW from the view of the tradeoff The authors are with the School of Information Science and Technology, Sun between robustness and security.Yat-Sen University, Guangzhou 510275, China(e-mail; phdcaojian@yahoo.cn, The remainder of the correspondence is organized as follows. Inisshjw@mail.sysu.edu.cn). Color versions of one or more of the figures in this paper are available online Section II, we set up the notations used later. In Section III, we firstat http://ieeexplore.ieee.org. review the embedding rule of the TNW, and then present our CSW Digital Object Identifier 10.1109/TIFS.2012.2184093 technique. In Section IV, we analyze the performances of the CSW, 1556-6013/$31.00 © 2012 IEEE
  2. 2. 822 IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 7, NO. 2, APRIL 2012including the distortion, the robustness, the security, and the robust-ness–security tradeoff. Finally, the concluding remarks are given inSection V.NOTATIONS Throughout this correspondence, we use an uppercase and bold Eng-lish letter for a deterministic matrix, a lowercase and bold italic Englishletter for a random vector, and a lowercase and italic English letter fora scalar-valued random variable. The distributions of the host signalsand the watermark messages are assumed as follows: 1) The host signal x 2 RN is Gaussian-distributed with mean vector 0 and covariance matrix x IN , i.e., x N (0; x IN ), 2 2 where IN denotes the identity matrix of size Nv 2 Nv . Further, the host signals are mutually independent. Fig. 1. Empirical histogram of s (i), the empirical conditional histogram of 2) The watermark message m is equiprobable in the set 0 s (i) given m(i) = 1, the empirical conditional histogram of s (i) given f01; +1gN . Further, the watermark messages are mutually m(i) = +1 after the TNW embedding, where = 1 and = 1, and a standard Gaussian distribution. independent.The watermarked signal s is achieved by adding the watermark signalw to the host signal x , i.e., gets the projection of watermarked signal onto the ith secret carrier, denoted by su (i), by the following expression: s = w + x: (1) p 01 1 m (i)x u (i) s u (i) = m (i) 2x erf 1 + erf p (7)We measure the embedding distortion by using the watermark-to-con- 2 x 2tent ratio (WCR): 2 where the embedding strength is larger than zero, xu (i) denotes the w WCR[dB] = 10 log10 (2) projection of host signal onto the ith secret carrier, i.e., xT ui , and erf(:) x and erf 01 (:) denote the error function and the inverse error function 2 2 2 respectively. Then, the TNW embedding constructs the watermarkedwhere w and x , respectively, denote the variances of the watermark signal as follows:signal and the host signal. The robustness attack is modeled as an ad- http://ieeexploreprojects.blogspot.comditive white Gaussian noise (AWGN) channel, resulting in an attacked Nsignal y , i.e., s=x+ (s u (i) 0 xu (i)) ui (8) i=1 y =s+n (3) where su (i) is given by (7).where the components of the noise vector n are independent identi- After the TNW embedding, the projections fsu (i)g are i.i.d.cally distributed (i.i.d.) Gaussian random variables with zero mean and Gaussian random variables with zero mean and variance 2 x , i.e., 2 2variance n . The noise vector n and the watermarked signal s are fur- su (i) N 0; x . Fig. 1 shows the empirical histogram of su (i), 2 2ther assumed to be mutually independent. Following [5], we assess the empirical conditional histogram of su (i) given m(i) = 01, andthe strength of robustness attacks by means of the signal-to-noise ratio the empirical conditional histogram of su (i) given m(i) = +1 after(SNR): the TNW embedding, where = 1, x = 1 and the sample size is 2 100 000. x 2 : SNR[dB] = 10 log10 (4) The TNW is either stego-secure with low robustness, or key-secure n [9], where the attacker can reduce the uncertainty of secret carriers up to the embedding subspace. This implies that as mentioned in the intro-The decoding rule is given as follows: duction, the TNW is not applicable whenever a malicious watermark m(i) = sign(y T ui ) ^ (5) removal attack can take place. Next, we present our CSW technique to achieve the tradeoff between robustness and security.where m (i) denotes the estimation of the ith bit of the watermark mes- ^sage, i.e., the estimation of m(i). The performance of decoding is mea- B. Embedding Rule of the CSWsured by means of the bit error probability Pe: Let V be a matrix of size Nv 2 N such that (VjU) is a rectan- 1 N gular orthogonal matrix of size Nv 2 (N + Nc ). Further, we refer to Pe = P rfm(i) 6= m(i)g: ^ (6) the subspace spanned by the column vectors of matrix (VjU) as in- Nc i=1 variant subspace. The CSW uses the embedding rule of TNW to alter the host signal on ui , i.e., the projection of watermarked signal onto ui after the CSW embedding is given by (7). Further, in order to make the II. CONTROLLABLE SECURE WATERMARKING watermarked signal after the CSW embedding have an orthogonally in- variant distribution in the invariant subspace, the CSW must alter theA. Transportation Natural Watermarking (TNW) [7] host signal on the j th column vector of V , denoted by vj , in such a The secret key of the TNW can be seen as a rectangular orthogonal way that the projection of watermarked signal onto vj has a Gaussianmatrix U of size Nv 2 Nc , whose ith column vector is denoted by ui distribution with zero mean and the variance 2 x . The goal of the 2and is referred to as the ith secret carrier. The TNW embedding firstly CSW is to find a way to minimize the distortion due to the alteration of
  3. 3. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 7, NO. 2, APRIL 2012 823host signal on the direction vj under the constraint that the projection By making a simply substitution u = 0t, we can showof watermarked signal onto vj is distributed according to a Gaussiandistribution with zero mean and the variance 2 x . The optimal way 2 E1 = E 2 : (16)of altering the host signal on vj is given as follows: Now, by substituting (13), (14), and (15) into (12), and considering sv (j ) = xv (j ) (9) (16), we can express the watermark signal power as follows:where sv (j ) denotes the projection of watermarked signal onto vj , and E w w T N c x 2 1+ 2 0 2E 1 + N ( 0 1)2 x : 2xv (j ) denotes the projection of host signal onto vj . The proof is given Nv = Nv (17)in Appendix A. The watermarked signal after the CSW embedding isgiven by Finally, the embedding distortion of the CSW by means of WCR is N N given as follows: s=x+ (( 0 1)xv (j )) vj + (su (i) 0 xu (i)) ui (10) j =1 i=1 WCR[dB] = 10 log 10 Nc 1+ 2 0 2E1 + N ( 0 1)2 : Nvwhere the projection su (i) is given by (7). The TNW is obtained by (18)setting N = 0. Of course, we can also design our method based on the To set a target average WCR, the embedding strength has the fol-natural watermarking [6], but certainly at the cost of a lower robustness. lowing expression: 2 CSW = Nv 10 0 1+ NN++ NE1 Nc N + Nc E1 III. PERFORMANCE ANALYSIS FOR THE CSW WCR=10 + (19) N + Nc c N + NcA. Distortion Because the matrix (VjU) is a rectangular orthogonal matrix, we and as implied by (19), i.e., the expression in the square root must be greater than or equal to zero, the parameter N must satisfy the fol-have lowing inequality: N N wT w = (s u (i) 0 xu (i))2 + ( 0 1)2 (xv (j )) 2 (11) Nv 10WCR=10 0 1 + NN++ NE1 Nc 2 0: (20) i=1 j =1 N + Nc cwhere the projection su (i) is given by (7). Let E [:] denote the expected Because http://ieeexploreprojects.blogspot.comc E1 )=(N + Nc ) of (N + N = 1 0value of a random variable. Since the expected value operator (or ex- (Nc (1 0 E1 ))=(N + Nc ), the left-hand side of in-pectation operator) E is a linear function, the expected value of w T w equality (20) can be rewritten as follows:is given by N N (N + Nc ) Nv 10WCR=10 0 2Nc (1 0 E1 ) +(Nc (1 0 E1 ))2E w w T = E (su (i) 0 xu (i))2 + ( 0 1) 2 E (xv (j )) 2 : (N + N c ) 2 i=1 j =1 (12) and so we have the following conclusions: • For the case that Nv 10WCR=10 0 2Nc (1 0 E1 ) 0, the param-It is clear to show eter N can take any integer in the interval [0; Nv 0 Nc ]. • For the case that Nv 10WCR=10 0 2Nc (1 0 E1 ) 0, the param- E (su (i))2 + (xu (i))2 = 1+ 2 2 x (13) eter N can take any integer in the interval E (xv (j ))2 2 = x : (14) 0; min 0 E1 ))2 (Nc (1 0 Nc ; N v 0 NcNow, we compute the expected value of the random variable 2Nc (1 0 E1 ) 0 Nv 10WCR=10(su (i)) (xu (i)), which is given as follows: where bz c means the nearest integer less than or equal to z , and E [(su (i)) (xu (i))] = 1 x (E1 + E2 ) 2 (15) the function min (z; h) denotes the minimum of z and h. 2where E1 and E2 , respectively, denote the conditional expected value B. Robustnessof ((su (i)) (xu (i)))=x given m(i) = +1 and the conditional ex- 2pected value of ((su (i)) (xu (i)))=x given m(i) = 01. In partic- 2 The projection of the attacked signal onto the ith secret carrier, de-ular, E1 and E2 are the following constants: noted by yu (i), is given by 1 tB(t) exp 0 t dt; + 2 E1 = p1 y u (i) = s u (i) + n u (i) (21) 2 01 2 +1 where nu (i) denotes the projection of the noise vector onto the ith 0tB(0t) exp 0 t2 dt 2 E2 = p1 secret carrier, i.e., nT ui . Given su (i) = s, the conditional probability 2 01 that the projection yu (i) is less than zero is given bywith p 01 t B(t) = 2 erf 1 1 + erf p : P rfyu (i) 0jsu (i) = sg = 1 erfc ps (22) 2 2 2 2n
  4. 4. 824 IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 7, NO. 2, APRIL 2012where erfc(:) is the complementary error function. Please note that D. Tradeoff Between Security and Robustnessthe projection su (i) given m(i) = 1 has a half-Normal distribution. The embedding distortion of the TNW( = 1) by means of theHence, we have WCR is given as follows: 2Nc (1 0 E1 ) WCRTNW(=1) = 10 log10 (26) f u (i) 0jm(i) = 1g v +1 Pr y N 1 2 s s = p exp 0 2 x erfc p2n ds which follows from the fact that the TNW( = 1) corre- 0 2x 2 2 +1 2 sponds to the CSW with N = 0 and = 1. For the case that = p 1 exp t 0 2 erfc p t dt (23) WCR = WCRTNW(=1) , i.e., 10WCR=10 = (2Nc (1 0 E1 ))=Nv , 0 2x 2x 2n the embedding strength CSW given by (19) is equal to one for any pa- rameter N . In other words, in this case, the CSW is the TNW( = 1)where (23) is achieved by making the substitution t = s= . Since the for any parameter N , and so the security and the robustness of thedistribution of su (i) is symmetric, we have CSW will keep invariant with the increase of the parameter N . f u ( i ) 0 jm ( i ) = 0 1 g = P r f y u ( i ) 0 jm ( i ) = 1 g : Next, we only consider the case that WCR = WCRTNW(=1) , i.e., 6 10WCR=10 = (2Nc (1 0 E1 ))=Nv . It is easy to show that the embed- Pr y 6Hence, the bit error probability after the robustness attack is given as ding strength CSW is not equal to one for any parameter N . Hence,follows: the security of the CSW will increase with the increase of the parameter N . Now, we analyze how the parameter CSW varies with the param- +1 1 2 t t eter N , which can be carried out by differentiating (18), resulting in PeR = p exp 0 2 erfc dt 0 2x 2x 2 10 [2 ( 0 1) (N + Nc ) + 2Nc (1 0 E1 )] d + ( 0 1) dN = 0: (27) 2 +1 1 u 2 u It is clear that in (27) refers to CSW . Hence, we can deduce that the = p exp 0 erfc du (24) 0 2 2 2 sign of d=dN has the following expression: 10 dwhere (24) is achieved by making the substitution u = t=x . Equation sign = 0sign ((CSW 0 1) (N + Nc ) + Nc (1 0 E1 )) : dN(24) implies that for the CSW, the bit error probability after the robust- (28)ness attack decreases with the increase of the embedding strength By substituting (19) into (28), we can deduce thatsince the function erfc(:) is a monotonic decreasing function. d sign http://ieeexploreprojects.blogspot.comC. Security dN 2 VU Let ( j )+ denote the orthogonal basis of the orthogonal comple- N v 10WCR=10 N + Nc E1ment of the subspace spanned by the column vectors of ( j ). Then, VU = 0sign (N + Nc ) N + Nc 0 1+ N + Ncthe watermarked signal after the CSW embedding can be expressed asfollows: which implies that the parameter CSW will decrease with the increase s + VU ( j ) + Tx VU VU of N . Hence, the dimension of the invariant subspace can be used for = ( j ) j( j ) ( j ) s T (25) VU the tradeoff between robustness and security. In order to assess the robustness-security tradeoff provided by thewhere the projection of watermarked signal on the invariant subspace, CSW, we measure the security of the CSW by means of focused VUi.e., ( j )T s , is given by (9) and (7). Considering the way that the AWGN attack, where the attacker has disclosed the invariant subspace.CSW alters the host signal in the invariant subspace, i.e., (9) and (7), The focused AWGN attack concentrates all noise energy on thiswe can deduce disclosed invariant subspace. To fairly compare the AWGN attack with VU 1) sT ( j ) is independent of xT ( j )+ . VU the focused AWGN attack, the distortion due to the focused AWGN VU 2) sT ( j ) has a Gaussian distribution with mean vector attack should be same as that due to the AWGN attack. This implies 0 and covariance matrix 2 x N +N , i.e., sT ( j ) 2 I VU that the variance of the noise (in the invariant subspace) is equal to 0 N ; I 2 x N +N . 2 2 Nv x =((N + Nc )10 SNR=10 ), i.e., Nv n =(N + Nc ), for the focused 2 VU 3) xT ( j )+ has a Gaussian distribution with mean vector 0 AWGN attack. This implies that the bit error probability of the CSW I 0 and covariance matrix x N (N +N ) , i.e., xT ( j )+ 2 VU after the focused AWGN attack is given as follows: 0 I 0 N ; x 2 N (N + N ) . +1 2 VUHence, given the matrix ( j ), we can deduce that the water- PeS = p 1 exp 0 u erfc u du:marked signal after the CSW embedding is a Gaussian vector, i.e., 0 2 2 2N (N +N )10s 0 I N ; x N + 2 0 1 ( j ) ( j )T . 2 VU VU When the embedding parameter is not equal to one, the condi- Fig. 2 plots PeS as a function of PeR for various SNR values. The bittional distribution of watermarked signals is the same for all orthogonal error probability expressions of NW and CW-ISS for the AWGN attack s VUbases of the invariant subspace, i.e., p ( j ( j )) = p( j ( j ) ) s VU Q were given in [10]. As we can see, with the increase of the parameter N , Qfor any orthogonal matrix , because of ( j ) V U QQ V U T ( j )T = PeS will decrease quickly while PeR will only increase slowly for the VU VU T( j ) ( j ) . As a result, the attacker can only reduce the uncer- CSW. The existing CW schemes cannot provide the tradeoff betweentainty of the secret carriers up to the invariant subspace. The higher security and robustness.the dimension of the invariant subspace is, the larger the uncertainty of As we see in Section IV-C, when the dimension of the invariant sub-the secret carriers is, and so the more secure the CSW embedding is. space is equal to the length of host signal, i.e., N = Nv 0 Nc , theWhen the embedding parameter is equal to one, the CSW achieves CSW achieves the perfect security in the sense that there exists nostego-security. information leakage between the watermarked signals and the secret
  5. 5. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 7, NO. 2, APRIL 2012 825 http://ieeexploreprojects.blogspot.comFig. 2. Pe as a function of Pe for various SNR values, WCR = 020 dB. Fig. 3. Robustness comparison of the Perfect-CSW and the TNW( = 1).carriers. So, we refer to the CSW with N N N = v 0 c as the Per-fect-CSW. Next, we will compare the robustness of the Perfect-CSW and the TNW( = 1) in order to compare the performance of the WCR 10 controllable secure watermarking (CSW). For the case that N 1 =N 10 = = (2 c (1 0 E )) v , the CSW corresponds toCSW and the existing CW schemes completely. However, we cannotalways compare the robustness of the Perfect-CSW and the TNW( = WCR 10 the TNW( = 1), and so is stego-secure. For the case that N 1 =N 10 = 6= (2 c (1 0 E )) v , the robustness of the CSW1) for the same distortion. This is because as implied by (26), the dis- will decrease but its security will increase with the increase of tortion of the TNW( = 1) is not controllable. Considering (19), we WCR 10 the dimension of invariant subspace. Further, in the case that can deduce that the embedding strength of the Perfect-CSW for a N 1 =N 10 = 6= (2 c (1 0 E )) v , the experiment results show thatgiven WCR has the following expression: the robustness of CSW slowly decreases and its security strongly in- creases with the dimension of the invariant subspace. This dimension 2 thus allows a tradeoff between robustness and security. = 10WCR=10 0 1 + 1 0 Nc (1 0 E1 ) Nv APPENDIX +1 0 Nc (1 0 E1 ) : (29) Nv OPTIMAL WAY OF ALTERING THE HOST SIGNAL ON vj Formally, the goal of the CSW is to firstly search a function f 3 suchHence, if WCR WCRTNW(=1) , the embedding strength given that f 3 = arg minE (f (xv (j )) 0 xv (j ))2by (29) is larger than one. In other words, the Perfect-CSW achieves a better robustness than the TNW( = 1) for the case that WCR fWCR . Fig. 3 compares the robustness of the Perfect-CSW TNW( =1) subject to f (xv (j )) N 0; 2 x 2 with that of the TNW( = 1). As we can see, the Perfect-CSW can exploit the distortion that the TNW( = 1) cannot take advantage of, and then set the projection of watermarked signal onto v( j ) as follows:and can achieve a better robustness. IV. CONCLUDING REMARKS sv (j ) = f 3 (xv (j )) : (30) In this correspondence, we have studied a new watermarking This optimization problem is a Monge–Kantorovich transportationscheme under the WOA framework, which we refer to as problem [11]–[13]. Let denote the Gaussian distribution with zero
  6. 6. 826 IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 7, NO. 2, APRIL 2012mean and the variance 2 x , and let denote the Gaussian distri- 2 Separable Reversible Data Hiding in Encrypted Imagebution with zero mean and the variance x . Then, the function f 3 is 2given as follows: Xinpeng Zhang 3 t f ( ) = 0 P 1 (P (t)) (31) Abstract—This work proposes a novel scheme for separable reversible 0where P 1 is the inverse cumulative distribution function of the data hiding in encrypted images. In the first phase, a content owner en-Gaussian distribution , and P is the cumulative distribution function crypts the original uncompressed image using an encryption key. Then, a data-hider may compress the least significant bits of the encrypted imageof the Gaussian distribution . It is easy to show that using a data-hiding key to create a sparse space to accommodate some ad- ditional data. With an encrypted image containing additional data, if a re- ceiver has the data-hiding key, he can extract the additional data though 0 p he does not know the image content. If the receiver has the encryption key, P 1 (z ) = 2 x erf 01 (2z 0 1) ; (32) he can decrypt the received data to obtain an image similar to the orig- inal one, but cannot extract the additional data. If the receiver has both the 1 t p : P (t) = 1 + erf (33) data-hiding key and the encryption key, he can extract the additional data 2 x 2 and recover the original content without any error by exploiting the spatial correlation in natural image when the amount of additional data is not tooBy substituting (32) and (33) into (31), we can deduce that large. Index Terms—Image encryption, image recovery, reversible data hiding. 3t f ( ) = t (34) I. INTRODUCTIONwhich implies that the optimal way of altering the host signal on vj isgiven by sv (j ) = xv (j ). In recent years, signal processing in the encrypted domain has attracted considerable research interest. As an effective and popular means for privacy protection, encryption converts the ordinary signal REFERENCES into unintelligible data, so that the traditional signal processing usu- ally takes place before encryption or after decryption. However, in [1] P. Comesana, L. Perez-Freire, and F. Perez-Gonzalez, “Fundamentals some scenarios that a content owner does not trust the processing of data hiding security and their application to spread-spectrum anal- service provider, the ability to manipulate the encrypted data when ysis,” in Proc. 7th Inf. Hiding Workshop (IH 2005), Lectures Notes in Computer Science, Springer-Verlag, Barcelona, Spain, Jun. 2005, vol. keeping the plain content unrevealed is desired. For instance, when [2] 3727, pp. 146–160. http://ieeexploreprojects.blogspot.comthe cryptographic key maychannelcompress F. Cayre, C. Fontaine, and T. Furon, “Watermarking security: Theory the secret data to be transmitted are encrypted, a without any knowledge of tend to provider and practice,” IEEE Trans. Signal Process., vol. 53, no. 10, pp. the encrypted data due to the limited channel resource. While an 3976–3987, Oct. 2005. [3] I. J. Cox, J. Kilian, F. T. Leighton, and T. Shamoon, “Secure spread encrypted binary image can be compressed with a lossless manner spectrum watermarking for multimedia,” IEEE Trans. Image Process., by finding the syndromes of low-density parity-check codes [1], a vol. 6, no. 12, pp. 1673–1687, Dec. 1997. lossless compression method for encrypted gray image using pro- [4] P. Moulin and A. Ivanovic, “The zero-rate spread-spectrum water- gressive decomposition and rate-compatible punctured turbo codes is marking game,” IEEE Trans. Signal Process., vol. 51, no. 4, pp. developed in [2]. With the lossy compression method presented in [3], 1098–1117, Apr. 2003. [5] H. S. Malvar and D. A. F. Florencio, “Improved spread spectrum: an encrypted gray image can be efficiently compressed by discarding A new modulation technique for robust watermarking,” IEEE Trans. the excessively rough and fine information of coefficients generated Signal Process., vol. 51, no. 4, pp. 898–905, Apr. 2003. from orthogonal transform. When having the compressed data, a [6] P. Bas and F. Cayre, “Natural watermarking: A secure spread spectrum receiver may reconstruct the principal content of original image by technique for woa,” in Proc. 8th Inf. Hiding Workshop (IH 2006), Lec- ture Notes in Computer Science, Springer-Verlag, Alexandria, VA, Jul. retrieving the values of coefficients. The computation of transform in 2006, vol. 4437, pp. 1–14. the encrypted domain has also been studied. Based on the homomor- [7] B. Mathon, P. Bas, F. Cayre, and B. Macq, “Optimization of natural phic properties of the underlying cryptosystem, the discrete Fourier watermarking using transportation theory,” in Proc. 11th ACM Work- transform in the encrypted domain can be implemented [4]. In [5], a shop on Multimedia and Security (MMSec’2009), Princeton, NJ, Sep. composite signal representation method packing together a number 2009, pp. 33–38. [8] P. Bas and F. Cayre, “Achieving subspace or key security for woa using of signal samples and processing them as a unique sample is used to natural or circular watermarking,” in Proc. 8th ACM Workshop Multi- reduce the complexity of computation and the size of encrypted data. media and Security (MMSec’06), Geneva, Switzerland, Sep. 2006, pp. 80–88. [9] F. Cayre and P. Bas, “Kerckhoffs-based embedding security classes for woa data hiding,” IEEE Trans. Inf. Forensics Security, vol. 3, no. 1, pp. Manuscript received June 20, 2011; revised November 07, 2011; accepted 1–15, Mar. 2008. November 08, 2011. Date of publication November 15, 2011; date of current [10] J. Cao, J. Huang, and J. Ni, “A new spread-spectrum watermarking version March 08, 2012. This work was supported by the National Natural Sci- scheme to achieve a trade-off between security and robustness,” in ence Foundation of China under Grant 61073190, Grant 61103181, and Grant Proc. 12th Inf. Hiding Workshop (IH 2010), Lectures Notes in Com- 60832010, by the Research Fund for the Doctoral Program of Higher Education puter Science, Springer-Verlag, Calgary, AB, Canada, Jun. 2010, vol. of China under Grant 20113108110010, and by the Alexander von Humboldt 6387, pp. 262–276. Foundation. The associate editor coordinating the review of this manuscript and [11] L. V. Kantorovich, “On a problem of Monge,” Uspekhi Math. Nauk., approving it for publication was Dr. Alessandro Piva. vol. 3, pp. 225–226, 1948. The author is with the School of Communication, Shanghai University, [12] M. Knott and C. S. Smith, “On the optimal mapping of distributions,” Shanghai 200072, China (e-mail: xzhang@shu.edu.cn). J. Optimiz. Theory Applicat., vol. 43, pp. 39–49, 1984. Color versions of one or more of the figures in this paper are available online [13] L. V. Kantorovich, “On the translocation of masses,” C. R. (Doklady) at http://ieeexplore.ieee.org. Acad. Sci. URSS (N.S.), vol. 37, pp. 199–201, 1942. Digital Object Identifier 10.1109/TIFS.2011.2176120 1556-6013/$26.00 © 2011 IEEE

×