In this section, we present a series of experimental results. In
Section 4.1, we utilize five grayscale images of 256 × 256 commonly used in image processing as test images: Lena, Airplane, Goldhill, Pepper, and Baboon. To further illustrate the performance of the proposed method,
Section 4.2 employs the UCID dataset [
35], which consists of 1338 uncompressed color images with dimensions of 384 × 512 or 512 × 384. In
Section 4.3, we simulate scenarios where steganographic shared images are attacked and demonstrate the process of image restoration and data extraction. Finally, in
Section 4.4, we compare the proposed method with existing approaches and highlight the differences and improvements as well.
4.1. Results and Analysis of Standard Test Images
Figure 6 shows the results when using the Baboon image. First, we copied the image into four copies, and used the stream cipher to encrypt the copied images. On this basis, the important information processed by (3, 4)-threshold secret sharing was embedded into the encrypted image. It can be seen that the share is a noise-like image whether before or after embedding secret data. It is impossible to directly see the original image or important information with the naked eye.
When users need to extract embedded information or restore the original image, they not only need any three images from all steganographic shared images but also need to obtain additional encryption keys or secret keys to restore the original image or extract the information.
Figure 7 shows the recovered images for all three combinations.
The peak signal-to-noise ratio (PSNR) value between the ground truth and the recovered images can be calculated using the equation provided below. In our proposed method, all test images were compared with the recovered images after the restoration of any
k shared images. The resulting PSNR values are all positive infinity, which shows that we can perfectly restore it to the original image exactly the same, which also shows that the proposed method is reversible.
where
represents the difference between the cover pixel and the distorted pixel, and
M and
N denote the width and height of the image, respectively.
The experiments in
Table 1 explore the data embedding ability of the proposed method and the impacts of different thresholds on embedding capacity (EC) in bits and embedding rate (ER) in bits per pixel (bpp). The calculations for EC and ER are provided in Equations (6) and (7), respectively. EC is the total number of data bits embedded in the encrypted cover images and is calculated as follows:
where 8 indicates that each shared secret data unit consists of 8 bits,
k denotes the number of polynomial coefficients used to form the shared secret data in a (
k,
n) secret sharing scheme,
M and
N denote the width and height of the image, and
n represents the number of pixels in each processing image block. ER is the ratio of EC to the volume of the image shares required to recover the secret and is calculated as follows:
where
k indicates that
k shared images are applied to reconstruct the secret message and
M and
N denote the width and height of the image.
In the next experiment, the thresholds were set to (3, 4), (3, 5), and (4, 5). As shown in
Table 1, when the threshold is (
k,
n), an increase in the value of
n leads to a decrease in both EC and ER simultaneously. With a (3, 4) threshold, every 4 pixels can form a block and embed an 8-bit secret message. With (3, 5) and (4, 5), 5 pixels are needed to embed a secret message. However, the value of
n also indicates the tolerance of the applied scheme. Since only
k shares are required to recover the image and secret data, increasing
n enhances the scheme’s tolerance to image loss.
Additionally, it can be observed that increasing the value of k results in an increase in EC, while ER remains unchanged. This is because an increase in k implies that the polynomial secret sharing equation applies more coefficients, meaning that each shared message is generated from more secret data. Therefore, although the number of embedded shared messages remains the same, the actual number of embedded bits increases.
When calculating ER, an increase in the value of k means that more shares are required to extract the information, which counteracts the increase in EC. Consequently, when the value of k increases, the EC increases, but the ER remains unchanged.
Figure 8 shows a histogram comparison of the Baboon image and four steganographic shared images. It can be seen from here that the pixel distribution of the steganographic shared image is relatively even and is significantly different from the pixel distribution of the original image. It is impossible to compare the two histograms to find common or similar points, blocks, or features. This proves that the proposed method cannot restore the original image from a single seen from shared image. It can protect important information well and resist statistical attacks.
Information entropy was used to represent the degree of randomness or uncertainty of the seen from shared image generated by the proposed method. The formula for calculating information entropy
is
The information entropy represents the average measure of uncertainty or information content of a random variable . It is computed by multiplying each possible value of the random variable by the probability of its occurrence , then taking the negative logarithm of the product for all possible values, and finally summing up all the terms. In other words, the information entropy represents the expected value of the information content contained in all possible values of the random variable .
In a grayscale image represented by 8 bits, each pixel value has
possibilities. Under such conditions, the most ideal entropy should be exactly equal to 8. As can be seen from
Table 2, the information entropy of each steganographic shared image is close to the ideal value, and the overall average can reach 7.9971.
In addition to information entropy, we can use conditional entropy to represent the uncertainty of the original image with the steganographic shared image is known. The formula for calculating conditional entropy
is
Conditional entropy represents after knowing the value of the random variable , the average measure of uncertainty or unpredictability of the random variable . In other words, conditional entropy indicates the expected value of the information content of all possible values of given by random variable .
The range of conditional entropy
depends on the entropy
of variable
, which can be expressed as
where
indicates that
completely determines the value of
, leaving no uncertainty. Furthermore,
implies that the uncertainty of
is not affected by whether
is known or not. In information theory, the significance of this range lies in the demonstration of how additional information (i.e.,
) reduces uncertainty and can be used to assess the relevance and dependence of information.
As shown in
Table 3, the conditional entropy of each steganographic shared image is close to the entropy of the original image in
Table 2, with an overall average difference of less than 0.6. This indicates that even after knowing the steganographic shared images, the proposed method still preserves a considerable amount of uncertainty from the original image. Consequently, knowing one steganographic shared image does not allow for the retrieval of the original image, demonstrating the high security of the proposed method.
4.3. Simulated Attack Tests
To further explore the reliability and security of the proposed method, we applied a mask to one of the steganographic shared images, changing of its pixel values to 255 to simulate image damage or an attack. Subsequently, this altered steganographic shared image, along with other steganographic shared images, was used to perform image recovery and extract secret messages.
When the threshold
is less than or equal to three, the restored image appears as shown in
Figure 9a. For clarity, we highlighted the potentially problematic areas in white in
Figure 9b. In the proposed method, each pixel requires collaboration from at least two images to determine the correct value during the restoration process. However, the pixels in these white-marked areas cannot be restored correctly because they rely on information from the attacked steganographic shared image. Additionally, the other image that could potentially be used for restoration is also rendered unusable due to the embedding process.
As for
, in the scenario where only a single steganographic shared image is under attack, we can still accurately restore the original image, as illustrated in
Figure 10. This experiment demonstrates that if the number of attacked steganographic shared images is less than
, we can achieve
image restoration. Furthermore, as the value of
k increases, this restriction can be further reduced. This is because, in order to affect the restoration process, the attacked pixels must be able to prevent us from determining the correct pixel values. In most cases, the altered pixels in the attacked images cannot match each other to form the same incorrect values that deviate from the original image. Therefore, they do not affect the overall decision-making process.
In the restoration method mentioned above, we assume that the user is unaware of the ID of each participant. Since the ID and the embedding location are in a one-to-one relationship, we can leverage this connection to aid in the image restoration process. In fact, with this method, as long as we can confirm that two steganographic shared images have not been attacked, we can achieve perfect restoration.
To facilitate the analysis of extracting embedded messages from attacked steganographic shared images, we used the logo of Feng Chia University depicted in
Figure 11 as the secret message. To achieve the maximum embedding capacity, we repeated the logo secret message three times, scrambled it, and then embedded it into the images.
From
Figure 12, it can be observed that due to the modification of
of a certain steganographic shared image, it becomes impossible to retrieve the correct pixel values when recovering the secret message through polynomial calculations. The number of errors is approximately equal to the proportion of the steganographic shared image that has been altered.
Since the logo secret message was repeated three times before being embedded, we can use a simple method to reduce the extraction error rate. By utilizing the same approach as image recovery, we can combine multiple logo secret messages to accurately reconstruct the message. As a result, the error rate decreases from the original
to
, as shown in
Figure 13.