Reversible Data Hiding in Encrypted Image Based on Block Classification Permutation

Recently, reversible data hiding in encrypted image (RDHEI) has attracted extensive attention, which can be used in secure cloud computing and privacy protection effectively. In this paper, a novel RDHEI scheme based on block classification and permutation is proposed. Content owner first divides original image into non-overlapping blocks and then set a threshold to classify these blocks into smooth and non-smooth blocks respectively. After block classification, content owner utilizes a specific encryption method, including stream cipher encryption and block permutation to protect image content securely. For the encrypted image, data hider embeds additional secret information in the most significant bits (MSB) of the encrypted pixels in smooth blocks and the final marked image can be obtained. At the receiver side, secret data will be extracted correctly with data-hiding key. When receiver only has encryption key, after stream cipher decryption, block scrambling decryption and MSB error prediction with threshold, decrypted image will be achieved. When data hiding key and encryption key are both obtained, receiver can find the smooth and non-smooth blocks correctly and MSB in smooth blocks will be predicted correctly, hence, receiver can recover marked image losslessly. Experimental results demonstrate that our scheme can achieve better rate-distortion performance than some of state-of-the-art schemes.     

Verifiable Diversity Ranking Search Over Encrypted Outsourced Data

Data outsourcing has become an important application of cloud computing. Driven by the growing security demands of data outsourcing applications, sensitive data have to be encrypted before outsourcing. Therefore, how to properly encrypt data in a way that the encrypted and remotely stored data can still be queried has become a challenging issue. Searchable encryption scheme is proposed to allow users to search over encrypted data. However, most searchable encryption schemes do not consider search result diversification, resulting in information redundancy. In this paper, a verifiable diversity ranking search scheme over encrypted outsourced data is proposed while preserving privacy in cloud computing, which also supports search results verification. The goal is that the ranked documents concerning diversification instead of reading relevant documents that only deliver redundant information. Extensive experiments on real-world dataset validate our analysis and show that our proposed solution is effective for the diversification of documents and verification.     

Reversible Data Hiding in Classification-Scrambling Encrypted-Image Based on Iterative Recovery

To improve the security and quality of decrypted images, this work proposes a reversible data hiding in encrypted image based on iterative recovery. The encrypted image is firstly generated by the pixel classification scrambling and bit-wise exclusive-OR (XOR), which improves the security of encrypted images. And then, a pixel-type-mark generation method based on block-compression is designed to reduce the extra burden of key management and transfer. At last, an iterative recovery strategy is proposed to optimize the marked decrypted image, which allows the original image to be obtained only using the encryption key. The proposed reversible data hiding scheme in encrypted image is not vulnerable to the ciphertext-only attack due to the fact that the XOR-encrypted pixels are scrambled in the corresponding encrypted image. Experimental results demonstrate that the decrypted images obtained by the proposed method are the same as the original ones, and the maximum embedding rate of proposed method is higher than the previously reported reversible data hiding methods in encrypted image.     

Enabling Comparable Search Over Encrypted Data for IoT with Privacy-Preserving

With the rapid development of cloud computing and Internet of Things (IoT) technology, massive data raises and shuttles on the network every day. To ensure the confidentiality and utilization of these data, industries and companies users encrypt their data and store them in an outsourced party. However, simple adoption of encryption scheme makes the original lose its flexibility and utilization. To address these problems, the searchable encryption scheme is proposed. Different from traditional encrypted data search scheme, this paper focuses on providing a solution to search the data from one or more IoT device by comparing their underlying numerical values. We present a multi-client comparable search scheme over encrypted numerical data which supports range queries. This scheme is mainly designed for keeping the confidentiality and searchability of numeric data, it enables authorized clients to fetch the data from different data owners by a generated token. Furthermore, to rich the scheme’s functionality, we exploit the idea of secret sharing to realize cross-domain search which improves the data’s utilization. The proposed scheme has also been proven to be secure through a series of security games. Moreover, we conduct experiments to demonstrate that our scheme is more practical than the existed similar schemes and achieves a balance between functionality and efficiency.     

Reversible Data Hiding in Encrypted Images Based on Prediction and Adaptive Classification Scrambling

Reversible data hiding in encrypted images (RDH-EI) technology is widely used in cloud storage for image privacy protection. In order to improve the embedding capacity of the RDH-EI algorithm and the security of the encrypted images, we proposed a reversible data hiding algorithm for encrypted images based on prediction and adaptive classification scrambling. First, the prediction error image is obtained by a novel prediction method before encryption. Then, the image pixel values are divided into two categories by the threshold range, which is selected adaptively according to the image content. Multiple high-significant bits of pixels within the threshold range are used for embedding data and pixel values outside the threshold range remain unchanged. The optimal threshold selected adaptively ensures the maximum embedding capacity of the algorithm. Moreover, the security of encrypted images can be improved by the combination of XOR encryption and classification scrambling encryption since the embedded data is independent of the pixel position. Experiment results demonstrate that the proposed method has higher embedding capacity compared with the current state-ofthe-art methods for images with different texture complexity.     

A Secure Rotation Invariant LBP Feature Computation in Cloud Environment

In the era of big data, outsourcing massive data to a remote cloud server is a promising approach. Outsourcing storage and computation services can reduce storage costs and computational burdens. However, public cloud storage brings about new privacy and security concerns since the cloud servers can be shared by multiple users. Privacy-preserving feature extraction techniques are an effective solution to this issue. Because the Rotation Invariant Local Binary Pattern (RILBP) has been widely used in various image processing fields, we propose a new privacy-preserving outsourcing computation of RILBP over encrypted images in this paper (called PPRILBP). To protect image content, original images are encrypted using block scrambling, pixel circular shift, and pixel diffusion when uploaded to the cloud server. It is proved that RILBP features remain unchanged before and after encryption. Moreover, the server can directly extract RILBP features from encrypted images. Analyses and experiments confirm that the proposed scheme is secure and effective, and outperforms previous secure LBP feature computing methods.     

Cloud Data Encryption and Authentication Based on Enhanced Merkle Hash Tree Method

Many organizations apply cloud computing to store and effectively process data for various applications. The user uploads the data in the cloud has less security due to the unreliable verification process of data integrity. In this research, an enhanced Merkle hash tree method of effective authentication model is proposed in the multi-owner cloud to increase the security of the cloud data. Merkle Hash tree applies the leaf nodes with a hash tag and the non-leaf node contains the table of hash information of child to encrypt the large data. Merkle Hash tree provides the efficient mapping of data and easily identifies the changes made in the data due to proper structure. The developed model supports privacy-preserving public auditing to provide a secure cloud storage system. The data owners upload the data in the cloud and edit the data using the private key. An enhanced Merkle hash tree method stores the data in the cloud server and splits it into batches. The data files requested by the data owner are audit by a third-party auditor and the multi-owner authentication method is applied during the modification process to authenticate the user. The result shows that the proposed method reduces the encryption and decryption time for cloud data storage by 2–167 ms when compared to the existing Advanced Encryption Standard and Blowfish.     

A Secure Method for Data Storage and Transmission in Sustainable Cloud Computing

Cloud computing is a technology that provides secure storage space for the customer’s massive data and gives them the facility to retrieve and transmit their data efficiently through a secure network in which encryption and decryption algorithms are being deployed. In cloud computation, data processing, storage, and transmission can be done through laptops and mobile devices. Data Storing in cloud facilities is expanding each day and data is the most significant asset of clients. The important concern with the transmission of information to the cloud is security because there is no perceivability of the client’s data. They have to be dependent on cloud service providers for assurance of the platform’s security. Data security and privacy issues reduce the progression of cloud computing and add complexity. Nowadays; most of the data that is stored on cloud servers is in the form of images and photographs, which is a very confidential form of data that requires secured transmission. In this research work, a public key cryptosystem is being implemented to store, retrieve and transmit information in cloud computation through a modified Rivest-Shamir-Adleman (RSA) algorithm for the encryption and decryption of data. The implementation of a modified RSA algorithm results guaranteed the security of data in the cloud environment. To enhance the user data security level, a neural network is used for user authentication and recognition. Moreover; the proposed technique develops the performance of detection as a loss function of the bounding box. The Faster Region-Based Convolutional Neural Network (Faster R-CNN) gets trained on images to identify authorized users with an accuracy of 99.9% on training.     

High Capacity Data Hiding in Encrypted Image Based on Compressive Sensing for Nonequivalent Resources

To fulfill the requirements of data security in environments with nonequivalent resources, a high capacity data hiding scheme in encrypted image based on compressive sensing (CS) is proposed by fully utilizing the adaptability of CS to nonequivalent resources. The original image is divided into two parts: one part is encrypted with traditional stream cipher; the other part is turned to the prediction error and then encrypted based on CS to vacate room simultaneously. The collected non-image data is firstly encrypted with simple stream cipher. For data security management, the encrypted non-image data is then embedded into the encrypted image, and the scrambling operation is used to further improve security. Finally, the original image and non-image data can be separably recovered and extracted according to the request from the valid users with different access rights. Experimental results demonstrate that the proposed scheme outperforms other data hiding methods based on CS, and is more suitable for nonequivalent resources.     

Chosen-Ciphertext Attack Secure Public-Key Encryption with Keyword Search

As the use of cloud storage for various services increases, the amount of private personal information along with data stored in the cloud storage is also increasing. To remotely use the data stored on the cloud storage, the data to be stored needs to be encrypted for this reason. Since “searchable encryption” is enable to search on the encrypted data without any decryption, it is one of convenient solutions for secure data management. A public key encryption with keyword search (for short, PEKS) is one of searchable encryptions. Abdalla et al. firstly defined IND-CCA security for PEKS to enhance it’s security and proposed consistent IND-CCA secure PEKS based on the “robust” ANO-CCA secure identity-based encryption(IBE). In this paper, we propose two generic constructions of consistent IND-CCA secure PEKS combining (1) a hierarchical identity based encryption (for short, HIBE) and a signature scheme or (2) a HIBE, an encapsulation, and a message authentication code (for short, MAC) scheme. Our generic constructions identify that HIBE requires the security of a signature or a MAC as well as the weaker “ANO-CPA security (resp., IND-CPA security)” of HIBE than “ANO-CCA security (resp., IND-CCA security)” of IBE required in for achieving IND-CCA secure (resp., consistent) PEKS. Finally, we prove that our generic constructions satisfy IND-CCA security and consistency under the security models.     

Practical image encryption and decryption by phase-coding technique for optical security systems

A method of image encryption and decryption is proposed for optical security systems. A phase-coded image to be encrypted together with a random phase pattern is Fourier transformed and the result of the complex-valued data is used as an encrypted pattern. The decryption is simply performed by an inverse-Fourier transform for the addition of the encrypted pattern and the Fourier transform of the random phase. The intensity of the inverse-Fourier transformed image gives the exact result forthe decryption. Further, the binarization of the encrypted pattern is performed for the easiness of the optical and electronic readout of the images, and it also gives rise to the enhancement of the degree of security for the encryption. The binary pattern is optimized by a statistical iteration technique and an excellent decryption image is obtained by the optimization.     

High Security for De-Duplicated Big Data Using Optimal SIMON Cipher

Cloud computing offers internet location-based affordable, scalable, and independent services. Cloud computing is a promising and a cost-effective approach that supports big data analytics and advanced applications in the event of forced business continuity events, for instance, pandemic situations. To handle massive information, clusters of servers are required to assist the equipment which enables streamlining the widespread quantity of data, with elevated velocity and modified configurations. Data deduplication model enables cloud users to efficiently manage their cloud storage space by getting rid of redundant data stored in the server. Data deduplication also saves network bandwidth. In this paper, a new cloud-based big data security technique utilizing dual encryption is proposed. The clustering model is utilized to analyze the Deduplication process hash function. Multi kernel Fuzzy C means (MKFCM) was used which helps cluster the data stored in cloud, on the basis of confidence data encryption procedure. The confidence finest data is implemented in homomorphic encryption data wherein the Optimal SIMON Cipher (OSC) technique is used. This security process involving dual encryption with the optimization model develops the productivity mechanism. In this paper, the excellence of the technique was confirmed by comparing the proposed technique with other encryption and clustering techniques. The results proved that the proposed technique achieved maximum accuracy and minimum encryption time.     

Fuzzy Search for Multiple Chinese Keywords in Cloud Environment

With the continuous development of cloud computing and big data technology, the use of cloud storage is more and more extensive, and a large amount of data is outsourced for public cloud servers, and the security problems that follow are gradually emerging. It can not only protect the data privacy of users, but also realize efficient retrieval and use of data, which is an urgent problem for cloud storage. Based on the existing fuzzy search and encrypted data fuzzy search schemes, this paper uses the characteristics of fuzzy sounds and polysemy that are unique to Chinese, and realizes the synonym construction of keywords through Chinese Pinyin and Chinese-English translation, and establishes the fuzzy word and synonym set of keywords. This paper proposes a Chinese multi-keyword fuzzy search scheme in a cloud environment, which realizes the fuzzy search of multiple Chinese keywords and protects the private key by using a pseudo-random function. Finally, the safety analysis and system experiments verify that the scheme has high security, good practicability, and high search success rate.     

Efficient Secure Data Provenance Scheme in Multimedia Outsourcing and Sharing

To cope with privacy leakage caused by multimedia outsourcing and sharing, data provenance is used to analyze leaked multimedia and provide reactive accountability. Existing schemes of multimedia provenance are based on watermarking protocols. In an outsourcing scenario, existing schemes face two severe challenges: 1) when data leakage occurs, there exists a probability that data provenance results can be repudiated, in which case data provenance tracking fails; and 2) when outsourced data are shared, data encryption transfer causes key management burden outside the schemes, and privacy leakage threatens users. In this paper, we propose a novel data provenance scheme with an improved LUT-based fingerprinting protocol, which integrates an asymmetric watermarking protocol, robust watermark algorithm and homomorphic encryption and digital signatures to achieve full non-repudiation provenance. We build an in-scheme stream cipher to protect outsourced multimedia data from privacy leakage and complicated key management. Our scheme is also lightweight and easy to deploy. Extensive security and performance analysis compares our scheme with the state of the art. The results show that our scheme has not only better provenance security and data confidentiality but also higher efficiency for multimedia outsourcing, sharing and provenance.     

Color image hiding based on the phase retrieval technique and Arnold transform

A new (to our knowledge) method is proposed in this paper for color image hiding and extracting using the phase retrieval algorithm in the fractional Fourier transform (FRFT) domain and Arnold transform (ART). Based on a cascaded phase iterative FRFT algorithm, the three channels (R, G, and B) of the secret color image permuted by ART are encrypted. Then the encoded information is embedded in the blue channel (B channel) of the enlarged color host image. Using the security enhanced encryption method, not only the random phase mask and the wavelength but also the transform parameters of ART and FRFT are provided as additional keys for decryption. It is shown that the security of information hiding will be enhanced. Computer simulations are performed to show the hiding capacity of the proposed system. Numerical results are presented to verify the validity and efficiency of the proposed method.     

Towards Privacy-Preserving Cloud Storage: A Blockchain Approach

With the rapid development of cloud computing technology, cloud services have now become a new business model for information services. The cloud server provides the IT resources required by customers in a self-service manner through the network, realizing business expansion and rapid innovation. However, due to the insufficient protection of data privacy, the problem of data privacy leakage in cloud storage is threatening cloud computing. To address the problem, we propose BC-PECK, a data protection scheme based on blockchain and public key searchable encryption. Firstly, all the data is protected by the encryption algorithm. The privacy data is encrypted and stored in a cloud server, while the ciphertext index is established by a public key searchable encryption scheme and stored on the blockchain. Secondly, based on the characteristics of trusted execution of smart contract technology, a control mechanism for data accessing and sharing is given. Data transaction is automatically recorded on the blockchain, which is fairer under the premise of ensuring the privacy and security of the data sharing process. Finally, we analyzed the security and fairness of the current scheme. Through the comparison with similar schemes, we have shown the advantages of the proposed scheme.     

An Efficient Ciphertext-Policy Attribute-Based Encryption Scheme with Policy Update

Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic solution to the problem for enforcing fine-grained access control over encrypted data in the cloud. However, when applying CP-ABE to data outsourcing scenarios, we have to address the challenging issue of policy updates because access control elements, such as users, attributes, and access rules may change frequently. In this paper, we propose a notion of access policy updatable ciphertext-policy attribute-based encryption (APU-CP-ABE) by combining the idea of ciphertext-policy attribute-based key encapsulation and symmetric proxy re-encryption. When an access policy update occurs, data owner is no longer required to download any data for re-encryption from the cloud, all he needs to do is generate a re-encryption key and produce a new encapsulated symmetric key, and then upload them to the cloud. The cloud server executes re-encryption without decryption. Because the re-encrypted ciphertext is encrypted under a completely new key, users cannot decrypt data even if they keep the old symmetric keys or parts of the previous ciphertext. We present an APU-CP-ABE construction based on Syalim et al.’s [Syalim, Nishide and Sakurai (2017)] improved symmetric proxy re-encryption scheme and Agrawal et al.’s [Agrawal and Chase (2017)] attribute-based message encryption scheme. It requires only 6 bilinear pairing operations for decryption, regardless of the number of attributes involved. This makes our construction particularly attractive when decryption is time-critical.     

Lensless multiple-image optical encryption based on improved phase retrieval algorithm

A novel architecture of the optical multiple-image encryption based on the modified Gerchberg-Saxton algorithm (MGSA) by using cascading phase only functions (POFs) in the Fresnel transform (FrT) domain is presented. This proposed method can greatly increase the capacity of the system by avoiding the crosstalk, completely, between the encrypted target images. Each present stage encrypted target image is encoded as to a complex function by using the MGSA with constraining the encrypted target image of the previous stage. Not only the wavelength and position parameters in the FrT domain can be keys to increase system security, the created POFs are also served mutually as the encryption keys to decrypt target image from present stage into next stage in the cascaded scheme. Compared with a prior method [Appl. Opt.48, 2686-2692 (2009)], the main advantages of this proposed encryption system is that it does not need any transformative lenses and this makes it very efficient and easy to implement optically. Simulation results show that this proposed encryption system can successfully achieve the multiple-image encryption via fewer POFs, which is more advantageous in simpler implementation and efficiency than a prior method where each decryption stage requires two POFs to accomplish this task.     

Selective and adaptive signal hiding technique for security of JPEG2000

In this article, we proposed a selective partial image encryption scheme of Secure JPEG2000 (JPSEC) for digital cinema or any other JPEG2000‐based applications. It makes a scalable encryption scheme possible on the basis of a trade‐off relationship between the encryption effect and the encryption cost. The encryption scheme was designed to activate during the image compression process, which is between quantization and entropy coding. Three data selection schemes were involved to select the parts of data to be encrypted: subband selection, data bit selection, and random selection of coefficients. The experimental results with over 3000 test images revealed that the PSNRs were between about 9.5 to 7.5 dB when the portion of the encrypted data by this scheme was between 1/4096 and 1/256. As the encryption effect is reasonably high with very low cost, the proposed scheme has high potential to provide secure communications in a variety of wired/wireless scenarios. © 2010 Wiley Periodicals, Inc. Int J Imaging Syst Technol, 20, 277‐284, 2010     

An Encrypted Image Retrieval Method Based on SimHash in Cloud Computing

With the massive growth of images data and the rise of cloud computing that can provide cheap storage space and convenient access, more and more users store data in cloud server. However, how to quickly query the expected data with privacy-preserving is still a challenging in the encryption image data retrieval. Towards this goal, this paper proposes a ciphertext image retrieval method based on SimHash in cloud computing. Firstly, we extract local feature of images, and then cluster the features by K-means. Based on it, the visual word codebook is introduced to represent feature information of images, which hashes the codebook to the corresponding fingerprint. Finally, the image feature vector is generated by SimHash searchable encryption feature algorithm for similarity retrieval. Extensive experiments on two public datasets validate the effectiveness of our method. Besides, the proposed method outperforms one popular searchable encryption, and the results are competitive to the state-of-the-art.