View/Open
advertisement
A Novel Visual Secret Sharing Scheme For Cheating
Prevention
Sona K P
Mtech Scholar
Department of Computer Science and Engineering
LBS Institute of Technology for Women
Trivandrum
e-mail: kpsona@gmail.com
Abstract— Visual secret sharing (VSS) is a variant form of
secret sharing, and is efficient since secret decoding only
depends on the human vision system. The cheating problem
is a significant issue in secret sharing. Horng et al. proposed
that cheating is possible in (k,n) VC when k is smaller than
n. The key point of cheating is how to predict and rearrange
the positions of black and white sub pixels in the victim’s
and cheater’s share. Meaningful cheating, non-meaningful
cheating, and meaningful deterministic cheating are the
cheating categories. One special property of VSS is that the
security of VSS is achieved by losing the contrast and the
resolution of the secret image. Generally, the reconstructed
secrets of these schemes are considered to be visible if and
only if the contrast is greater than 0.However, VSS is based
on the human vision system (HVS), thus the visibility is not
only dependent on the contrast. The quality of output is
affected due to increased security. So the accuracy is to be
improved while considering security
Keywords- Visual secret sharing, Secret sharing
Cheating, Cheating prevention, Security
I.
Seena Thomas
Assistant Professor
Department of Computer Science and Engineering
LBS Institute of Technology for Women
Trivandrum
e-mail:seena.thoms@gmail.com
Visual secret sharing (VSS) is inspired from
secret sharing [1]. A secret is something which is kept
from the knowledge of any but the initiated or privileged.
Secret sharing defines a method by which secret can be
distributed between a group of participants; where by
each participant is allocated a piece of the secret which is
known as share. The secret can only be reconstructed
when sufficient number of shares is combined together;
while these shares are separate no information about the
secret can be accessed. Visual secret sharing (VSS)
scheme is an efficient secure method for hiding a secret
image by dividing it into share images and any one can
decode it easily by the human visual system. The main
concept of the original visual secret sharing (VSS)
scheme is to encrypt a secret image into n meaningless
share images. It cannot leak any information of the shared
INTRODUCTION
secret by any combination of the n share images except
As technology progresses and as more and more personal
for all of images. Shares, given to participants by the
data is digitized, there is even more of an emphasis
dealer (a trusted party, D), are formed into transparencies
required on data security today than there has ever been.
in VSS. X is an authorized subset, and the participants in
Protecting this data in a safe and secure way which does
X can visually reconstruct the secret image by stacking
not impede the access of an authorized authority s an
their transparencies together without performing any
immensely difficult
research
complicated cryptographic computation. In the k-out-of-n
problem. One of the data security methods known as
visual secret sharing (for short, (k, n)-VSS), there are n
visual secret sharing or visual cryptography. It is different
participants, while any k participants in X are able to
from the concept of traditional cryptography and depends
reconstruct the secret by stacking their transparencies.
on perception by the human eyes.
Overall, a VSS scheme usually consists of three phases:
and
very interesting
(1) encoding, (2) distributing, (3) decoding. Encoding is
performed by the dealer to generate all transparencies,
A. Visual Secret Sharing Model
and then D distributes those transparencies to participants.
Visual cryptography was introduced by Naor and Shamir.
Finally, the participants in X can decode the secret image
It is perfectly secure method. This scheme is a special
by stacking their transparencies.
variant of a k-out-of-n secret sharing scheme, where the
shares
given
to
participants
are
xeroxed
onto
transparencies. Taking the secret image, SI, as input, and
generating the transparencies. Assume the message
consists of a collection of black and white pixels and each
pixel is handled separately. It appears as a collection of m
black and white sub pixels in each of the n transparencies.
The m sub pixels are denoted by a block. One pixel of the
secret image corresponds to nm sub pixels, and then the
nm sub pixels are denoted by an n×m boolean matrix,
called a base matrix S=[Sij]. Each share is a collection of
m black and white sub pixels. Boolean matrix S= [sij]
Fig 1. Idea of VSS
where sij =1 if the jth sub pixel in the ith transparency is
black and Sij =0 if and only if the jth sub pixel of the ith
VSS is used to solve the problem of secret
sharing. Following example was used to describe a typical
secret sharing problem: Eleven scientists are working on a
secret project. They wish to lock up the documents in a
cabinet so that the cabinet can be opened if and only if six
or more of the scientists are present. What is the smallest
number of locks needed? What is the smallest number of
key to the locks each scientist must carry? The minimal
solution uses 462 locks and 252 keys per scientist. From
this problem formulate the definition of (k, n) threshold
scheme. The definition can be explained as follows: Let D
be the secret to be shared among n parties. A (k, n)threshold scheme is away to divide D into n pieces D 1, ….
,Dn that satisfies the following conditions:
1. Knowledge of any k or more Di pieces makes d easily
computable,
2. Knowledge of any k-1 or fewer Di pieces leaves D
completely undetermined.
share is white. The grey level of the stack of k shared
blocks is determined by the Hamming weight H (V) of the
“or” ed m-vector V of the corresponding k rows in S. This
grey level is interpreted by the visual system of the users
as black if H(V) ≥ d and as white if H(V) ≤ d−α∗m for
some fixed threshold d and relative difference α.
Formally, a solution to the (k,n)-VSS consists of two
collections C0 and C1of n×m base matrices. To share a
white pixel, the dealer randomly chooses one of the matrices from C0, and to share a black pixel, the dealer
randomly chooses one of the matrices from C1. The
chosen matrix determines the m sub pixels in each one of
the n transparencies. The solution is considered valid if
the following conditions are hold:
Contrast conditions:
1. For any matrix S0 in C0, the “or” V of any k of the n
rows satisfies H (V) ≤d−α∗m.
2. For any matrix S1 in C1, the “or” V of any k of the n
rows satisfies H (V) ≥d.
Security condition:
3. For any subset{i1,i2,...,iq} of{1,2,...,n} with q<k, the
two collections D0 ,D1 of q×m matrices obtained by
restricting each n×m matrix in C0, C1 to rows i1,i2,...,iq
are indistinguishable in the sense that they contain the
same matrices with the same frequencies.
therefore, the victims accept a fake secret image (as
known as a cheating image) different from the actual
secret image as authentic.
There are two kinds of cheating prevention
methods, share authentication and blind authentication:
• Share authentication (SA): Using the verifiable
messages, decided by the participant or the dealer,
authenticates
a
share
transparency
from
another
participant. A fake transparency, generated by the
cheaters, must pass the authentication. However, if the
fake transparency can pass the authentication, the victim
will accept the stacking result.
• Blind authentication (BA): Without relying on
any verifiable message, the cheaters predict the structure
of the transparencies of the other participants is hard, such
that the cheaters are difficult to generate a fake
transparency.
Fig 2. Different shares overlaying
Fig 3. Different shares of (3, 3) VSS
II.
Fig 4. The cheating process
LITERATURE SURVEY
They also attached two cheating prevention
In 2006, Horng et al. showed that cheating is possible in
(k, n)-VSS, where k<n [3] is a significant issue like a
limelight. The key point of cheating is how to predict and
rearrange the positions of black and white sub pixels in
the victim’s and cheater’s share. Meaningful cheating,
non-meaningful cheating, and meaningful deterministic
cheating are the different type of cheating. The dishonest
participants referred to as cheaters. Cheaters collude and
want to fool victims, which is called “cheating activity”
(CA). CA can cause unpredictable damage to the victims;
schemes,
authentication
based
cheating
prevention
scheme and (k, n+l)-CPVSS scheme. In addition, Hu and
Tzeng presented three kinds of cheating activities: CA-1,
CA-2, and CA-3. They also gave a generic transformation
that can make all VSS schemes to achieve cheating
prevention. HTCP scheme denotes Hu and Tzeng’s
transformation scheme, which is share authentication. In
2010, De Prisco and De Santis also discuss the problem of
cheating in VSS [4]. They proved that cheating actually
determined by the collusive cheaters. Therefore, the
exists in (2, n)-VSS and (n,n)-VSS, and gave the
structure of each block in T3 is exact the remaining row.
definition for deterministic cheating. They showed two
For presenting a white pixel of cheating image, the block
kinds of cheating activities for (2, n)-VSS and (n,n)-VSS,
in T2 is set to be the same structure of T 3. For presenting a
respectively. The cheating activities in (2, n)-VSS is
black pixel of cheating image, the block inTκ2 is set to be
almost the same as Horng et al.’s. The other in (n, n)-VSS
the different structure of T3.
is denoted by DD-CA. Moreover, they proposed two
Hu And Tzeng’s Cheating Activities
CPVSS schemes, one is the simple (k, n)-VSS scheme
B.
where k is 2 or n, and the other is the better (2,n)-VSS
There are two types of cheaters in this scenario. One is a
scheme. These two schemes are blind authentication. To
malicious participant (MP) who is also a legitimate
the best of our knowledge, the papers that deeply discuss
participant, and the other is a malicious outsider, (MO)
cheating in visual secret sharing are the papers by Horng
where. In this paper, show that not only an MP can cheat,
et al. [3] and De Prisco and De Santis [4]in theory.
but also an MO can cheat under some circumstances. A
Recently, Chen et al. and Liu et al. also proposed cheating
cheating process against a VCS consists of the following
prevention schemes [5, 6].
two phases:
1) Fake share construction phase: the cheater generates
A.
Horng Et Al.’S Cheating Activity
the fake shares;
The cheating activity of Horng et al. is that the n−1
2) Image reconstruction phase: the fake image appears on
cheaters collusively use their transparencies to know the
the stacking of genuine shares and fake shares.
secret and infer the victim’s transparencies Tv, thus they
can generate a fake transparencies FTs to make the victim
In order to cheat successfully, honest participants
to accept the cheating image by stacking FTs + T v.
who present their shares for recovering the secret image
Consider a(2,3)-VSS scheme as an example. A secret
should not be able to distinguish fake shares from genuine
image is encoded into three distinct transparencies,
shares. A reconstructed image is perfect black if the sub
denoted T1, T2 and T3.Then; the three transparencies are
pixels associated to a black pixel of the secret image are
respectively delivered to Alice, Bob, and Carol. Without
all black. Most proposed VC schemes have the property
loss of generality, Alice and Bob are assumed to be the
of perfect blackness. CA-1 and CA-2 are performed by a
collusive cheaters and Carol is the victim. In cheating, T1
malicious participant (MP) and a malicious outsider
and T2 to create forged transparency Tκ2 such that
(MO), respectively. MP or MO sets a cheating image and
superimposing T1, T2 and T3 will visually recover the
generates FTs such that the stacking result of the victim’s
cheating image. Precisely, by observing the following
transparency and FTs reveals the cheating image. In CA-
collections of 3×3matrices which are used to generate
1, with the MP’s transparency T1, assume that each block
transparencies [1], the cheaters can predict the actual
in T1 has x black and y white sub pixels. The MP then
structure of the victim’s transparency so as to create Tκ 2.
chooses
0
0
0
0
0
0
1
and C1= 0
0
0
1
0
cheating
image
and
prepares
r
fake
π
0
0 By observing the
1
transparencies, FT1,..., FTr, where r = ⌈ ⌉−1. In CA-2,
above matrices, two rows of above C0 or C1 matrix are
construction, and it does not hold any transparency. In
C0=
1
1
1
a
π₯
with the same scenario, the MO only knows the share
a(3,3)-VSS scheme, the MO can generate two fake
make the victim to accept the reconstructed
transparencies,FT1and FT2, and then makes the stacking
cheating image. However, the cheaters have to
result of FT1, FT2, and Tv be black.
modify a region composed of blocks, which can be
observed by human’s vision. Horng et al.’s CA,
C.
De Prisco And De Santis’s Cheating Activity: DD-
CA-1 and CA-
CA
• Non-meaningful cheating: The cheaters do not
2 are meaningful cheating.
De Prisco and De Santis showed cheating is possible in
set a cheating image, and their goal is to generate
(2,n)-VSS and (n, n)-VSS [4]. Their cheating activity for
FTs then make some pixels in the stacking result to
(2, n)-VSS is the same as Horng et al.’s [3]. They also
be different color. DD-CA is non-meaningful
showed the (n, n)-VSS scheme suffers from the
cheating.
deterministic cheating. For a block, it is easy to
demonstrate that swapping all the 0s and the 1s in any
D.
Cheating Prevention Schemes
n−2 transparencies from then−1 transparencies hold by
Lots CPVSS schemes have been proposed, but in the case
the n−1 cheaters. As a result, the cheaters can modify the
of (2, n)-VSS, most CPVSS schemes have to rely on the
color of the block, while this cheating activity is denoted
added transparencies. Nevertheless, De Prisco and De
by DD-CA.
Santis proposed a better (2,n)-VSS scheme [4], and they
De Prisco and De Santis’s simple (n, n)-VSS
declare the scheme does not use the added transparencies
scheme is secure against CA-1, CA-2, and DD-CA [4]. If
to prevent cheating. At present, this scheme is a unique
the block in the stacking result is perfect black in CA-1
CPVSS scheme without relying on added transparencies.
and CA-2, then CA-1 and CA-2 are successful. These
The base matrices of the scheme have dimension n ×
cheating activities are only used in n, n)-VSS. However,
(2n+n+1). The white base matrix C0 consists of the
also have found that CA-1 and CA-2 are not used in (2,2)-
following columns: all the possible 2n binary column
VSS:
vectors of length n, one additional column with all 1s and
• CA-1 in (2, 2)-VSS: A victim impossibly
n additional columns with all 0s. Whereas, the black base
receives two transparencies (T1 and FT) at the
matrix C1 consists of the following columns: all the
same time.
possible 2n binary column-vectors of length n, one
• CA-2 in (2, 2)-VSS: A victim impossibly
additional column with all 0s in the n columns of the
receives two transparencies at the
identity matrix of dimension n×n. Horng et al.’s first
same time.
In DD-CA, the cheaters do not set a cheating
scheme is denoted by HCT1, and 2-out-of-(n+l) scheme is
image, so they are blind for the stacking result of all
denoted by HCT2 [3]. Hu and Tzeng’s scheme is denoted
transparencies. There are two type of cheating activity.
by HT [7]. De Prisco and De Santis’s simple scheme is
Meaningful cheating and non-meaningful cheating.
denoted by DD1, and the better scheme is denoted by
Meaningful cheating is more serious than non-meaningful
DD2 [4].
cheating to make the victim to accept a cheating image.
• Meaningful cheating: The cheaters set a cheating
image, and their goal is to
generate
FTs
then
III.
PROPOSED METHOD
Visual Secret Sharing Scheme (VSSS) is an encryption
method that uses combinatorial techniques to encode
secret written materials. The idea is to convert the written
material into an image and encode this image into n
shadow images. The decoding only requires only
selecting some subset of these n images, making
transparencies of them, and stacking them on top of each
other. Contrast and security is the two main properties of
Sharing Matrices. For contrast the sum of the sum of rows
for shares in a decrypting group should be bigger for
darker pixels. For secrecy: sums of rows in any nondecrypting
group
should
have
same
probability
distribution for the number of 1’s in C0 and in C1. In
particular, a special and important property to differ VSS
Fig 5. Two corresponding secret pixels
from secret sharing [2] is that the security of VSS is
achieved by losing the contrast and the resolution of the
3. Matrices R1 and R2 with respect to the coordinate
SI. Indeed, the quality of the reconstructed secret image is
values(i,j) and 6 values are calculated using the value in
inferior to the original secret image, but the secret is still
the matrix(XOR operation)
seen by human’s vision.
4.The image is divided into 3 shares and the calculated
New cheating prevention (2,n)-VSS [8] scheme
values are encoded into the corresponding shares.
relies on share authentication without the added
transparencies. This scheme is constructed with the
properties of share authentication for white pixels and
blind authentication for black pixels. It does not rely on
the verification transparencies. The main idea of this
scheme is that a verifiable message decided by a
participant Pi is inserted into the stacking result of T i +Tj
(i≠j); however, the verifiable message does not influence
the secret, and Pi can check whether T j is fake or not from
the stacking result of Ti +Tj. This scheme is composed of
two phases: share construction phase and secret recovery
phase.
Share construction phase:
1. First, each participant Pi has to decide the verifiable
message Vi and sends it to the dealer D. D takes a secret
image SI as input.
2. Secret image is first divided into two vertical areas.
Two pixels from each area is selected as S(i,j) and S(i,w-j+1)
and Generate two random matrices
Fig 6: Six related pixels in three shadows
5. Each black and white pixel handled separately
2.The scheme is a (2,3) scheme , it is sure that the output
D sets n−2 levels and V= {V1, V2 … , Vn}
accuracy will be minimized, so the equations (7) to (10)
6. For the 1st level, D will randomly chooses 1 set of
are performed using the pixel values of two shares at a
connected white pixels to encode every kind of a
time than 3 variables in the equation separately as,
verifiable message (Vi) in V
s1+s2, s1+s3 and s2+s3.
7. D also randomly chooses 1 set of connected white
3. The values of (7)and (9) calculated must be equal to (8)
pixels to encode all verifiable messages again into
and (10) for the shares to be authentic.
different pixels
4. A participant Pi can verify whether the transparency T j
8. Finally, D encodes the remaining white pixels by base
from Pj is fake or not (i≠j). Pi just checks whether the
π−2
matrix
number of V is ∑
π=1
To insert the verifiable messages into the
stacking results, the verifiable messages can be set as
different sizes such as Fig. 7
π
((ππ) β ) + 1 in the stacking result
π
π−2
of Ti +Tj, while Pi also can see ∑
π=1
π
((ππ) β ) + 1 Vjs.
π
Here, define the middle color is the color of Vi in the
stacking result. Observing this scheme, there are two
contrasts, α and ακ, in our scheme. α is the contrast
between a white block and a black block in the stacking
result, and ακis the contrast between a white block and a
middle color block. Then conclude α =
2
2n+1
and ακ =
1
2n+1
.
4. Recover the secret image by checking the verifiable
message in the stacking result.
.
IV.
EXPRIMENTAL RESULT
A novel visual secret sharing scheme for heating
Fig 7. An example of different sizes of the verifiable
messages
prevention achieves the objective that is accuracy and
security. To guarantee that this scheme satisfies the
security criterion; that is, it prevents a share from leaking
Secret recovery phase:
1. At the output side when the participants are ready with
their shares before the secret recovery phase, the pixels
from the shares are decrypted as follows
any information about the original secret image. Here
embed an authentication image which the size is as large
as secret image, Figure 8 shows that the size of shares is
still preserved. That is, pixel expansion problem is
removed. Furthermore, the reconstructed images are
identical to the original secret images after decryption;
[5]
Y.C. Chen, D.S. Tsai, G. Horng, “A new authentication
based cheating
prevention scheme in Naor–Shamir’s
visual cryptography, ” J. Vis. Commun.
Image
Represent. 23 (8) (2012) 1225–1233.
[6]
F. Liu, C. Wu, X. Lin, “Cheating immune visual
cryptography scheme, ” IET Inf. Sec. 5 (1) (2011) 51–59.
[7]
[8]
[9]
[9]
Fig 8. Original image, constructed image and two shares
V.
CONCLUSION
Visual secret sharing has drawn the research attention in
the last few years. VSS is truly effective in protecting
multimedia data which usually has large size, because it
only depends on low computational cost and deals with
multimedia
data
efficiently.
No
knowledge
of
cryptography is required to get the secret message from
shared images. The new cheating prevention visual secret
sharing scheme, and prove that it is secure against the
meaningful deterministic cheating. This scheme is better
than the previous schemes in the expansion of a pixel. It
does not rely on the added transparencies. The quality of
output is affected due to increased security. So the
accuracy is to be improved while considering security
REFERENCES
cryptography,”
[1]
M.Naor,
A.Shamir,“Visual
EUROCRYPT’94, LNCS, vol.
950,Springer-Verlag, 1995,pp. 1–12
[2]
A. Shamir, “How to share a secret,” Commun. ACM 22 (11)
(1979) 612–613.
[3]
G.Horng, T.H. Chen, D.S. Tsai, “Cheating in visual
cryptography,” Des. Codes Cryp-togr. 38 (2) (2006) 219–236
[4]
R.De Prisco, A. De Santis, “Cheating immune threshold
visual secret sharing,”
Comput. J. 53 (2010) 1485–1496
C.M.Hu, W.G. Tzeng, “Cheating prevention in visual
cryptography, ” IEEE Trans.Image Process. 16 (1) (2007)
36–45
Yu-Chi Chen, Du-shiau Tsai, Gwoboa Horng: “Visual secret
sharing with cheating prevention revisited.” Digital
Signal
Processing 23(5): 1496-1504
(2013)
C.C.Chang, C.C. Lin, T.H.N. Le, H.B. Le, “Self-verifying
visual secret sharing using error diffusion and interpolation
techniques,” IEEE Trans. Inf. Forensics
Security 4 (4)
(2009) 790–801.
Yi-Hui Chen, Panyaporn Prangjarote, Chih-Yang Lin,“Selfverifiable Secret Sharing Scheme with Locatability for
Halftone Images” International Journal of Network
Security, Vol.16,
No.6, PP.536-540, Nov. 2014
