**Require:** Watermarked image

**Ensure:** Recovered host image **Io** and the secret message *S*

Step 1. Extract the location table, additional information, and recover the original image **Io**.

Step 2. Divide the recovered image using the same method.

Step 3. Calculate the corresponding eigenvalue and hash code.

Step 4. Convert the hash codes to ASCII code.

Step 5. Establish the look-up table.

Step 6. Acquire the encrypted secret sequence from the look-up table and the location table by the mapping relation.

Step 7. Generate one-dimensional sequence *Y*2 that the length is as same as the secret message using Equations (5) and (6) with the initial key *Initk*.

Step 8. Decrypt the secret message *S* by executing exclusive or operation between *Y*2 and the encrypted sequence.

#### **4. Experiment and Results**

The computer configuration used in this article is: Intel(R) Core(TM) i5-8500 CPU @ 3.00 GHz, 16.0 GB memory, and Windows 10 (64 bits), and the experimental codes are all running on the MATLAB R2018a.

To prove the effectiveness of the encryption method, we take an example for the encryption test and compare with other encryption methods. Both methods use the same initial value to iteratively generate the sequence. Information entropy is one of the crucial indicators to measure the performance of encryption models. It is the average of the information and is expressed as Equation (15).

$$\begin{cases} \quad I\_H(p) = -\sum\_{i=1}^{ps} q(p\_i) \times \log\_2 q(p\_i), \\ \sum\_{i=1}^n q(p\_i) = 1, \end{cases} \tag{15}$$

where *q*(*pi*) satisfies 0 ≤ *q*(*pi*) 1.

For the digital image, the information entropy can reflect the distribution of gray values. If the gray pixel value distribution is uniform, the maximum value of information entropy will be 8, which is a proportional relationship. When the information entropy is larger, the more average the gray value distribution is, the smaller the correlation degree is.

The experimental results are shown in Table 1. It can be concluded from the data that the information entropy of the original image is 7.2081, and the information entropy after encryption can exceed 7.99; more than 7.99, in theory, means that encryption is considered successful.


**Table 1.** Information entropy and correlation coefficient compared with other encryption model.

In Table 1, the information entropy of the encrypted image is 7.9954, which is closer to 8 than the other two algorithms, which proves that the method can have a more average gray value distribution after application. Our algorithm achieves the maximum information entropy, which means it performs excellently compared with other methods.

Each digital image is not independent, and the correlation between adjacent pixels is crucial. The calculation function is as Equation (16). One purpose of the image encryption is reducing the correlation between pixels, making correlation analysis invalid. The smaller the correlation value between pixels, the better the encryption effect and the safer the information. A strong correlation must be broken to avoid the statistical attack. So, we design correlation analysis experiments in three different directions and the directions include horizontal, vertical, and diagonal direction. The data are in Table 1.

$$\begin{cases} \mathcal{C}\_{R}(p, p\_{\mathcal{X}}) &= \frac{\text{cov}(p, p\_{\mathcal{X}})}{\sigma\_{p} \times \sigma\_{p\_{\mathcal{X}}}},\\ \text{cov}(p, p\_{\mathcal{X}}) = \underbrace{\frac{\sum\_{j=1}^{M} (p\_{j} - E(p)) \times (p\_{x\_{j}} - E(p\_{\mathcal{X}}))}{M}}\_{\begin{subarray}{c} \frac{\sum\_{j=1}^{M} (p\_{j} - E(p))^{2}}{M} \\ E(p) = \text{u} \end{subarray}} & \tag{16}$$

So, we design correlation analysis experiments in three different directions where 2000 pairs of adjacent pixels are randomly selected for testing. The correlation coefficients in the original image and the encrypted image are calculated in the horizontal, vertical, and diagonal directions according to the above definition of the correlation coefficient. The data are in Table 1. According to Equation (16), it can be known that the coefficient may be positive or negative. When |*CR*| ≤ 0.3, it means that the correlation between the two variables is extremely weak and can be regarded as irrelevant. From Table 1, we can see that the correlation coefficient of the original image is close to 1, which means that there is a high correlation between pixels. On the contrary, the correlation coefficient of the encrypted image is close to 0, which means that the statistical characteristics of the encrypted image are successfully disrupted. As shown, our method achieves better dispersion than other algorithms in the horizontal, vertical, and diagonal direction and holds higher security.

Information hiding should realize the complete hiding of the secret message under the premise of ensuring the quality of the original image. In [34], the experimental results prove that there will be cases where secret message cannot be found to match it in the look-up table. Hash codes are important features used in coverless information hiding. When the range of generated features is large and different enough, hash codes are more diverse. The paper designs new arrangements, and there are seven arrangements now. In addition, we employ the two-level mechanism. Comparative experiments are performed on three different images, as shown in Figure 5. In the same figure, the experiment compares the generated types of hash codes by seven arrangements.

**Figure 5.** The three test images. (**a**) Lena, (**b**) Pepper, (**c**) Plane.

The results are put in Table 2 which has only one arrangement. From the data in Table 2, we see that the types of hash codes generated under the two-level mechanism become larger, that is, the designed model can find more different hash codes. The diversity of the hash code is enhanced. However, the types of hash codes generated under a single arrangemen<sup>t</sup> still cannot reach 256. Therefore, the paper increases the formation range of hash codes and increases the diversity of hash code through the two-level mechanism and three new arrangements to achieve 256 different hash codes. The method can generate enough unique features in a non-overlapping way. To prove the effectiveness, a comparative experiment is carried out on Figure 5 when hiding the same secret message.

From the data, we can see that the hash code value generated under the two-level mechanism is larger, that is, the designed model can find more different hash codes. The diversity of the hash code is enhanced. However, the types of hash codes generated when a single arrangemen<sup>t</sup> is adopted still cannot reach 256. Therefore, the paper increases the formation range of hash codes and increases the diversity of hash code through the two-level mechanism and three new arrangements to achieve 256 different hash codes. The method can generate enough unique features in a non-overlapping way. To prove the effectiveness, a comparative experiment is carried out on Figure 5 when hiding the same secret message. The size of the secret message is set as 6272 bits. The test and comparison experiment results are shown in Table 3.


**Table 2.** Types of different hash codes generated under different arrangements.

In the experiment, the size of the secret message is set as 6272 bits. The test and comparison experiment results are shown in Table 3. Arr.4 is used in [34] and our method selected three arrangements including Arr.2, Arr.4, and Arr.5. In Table 3, "Hash code(types)" denotes the types of hash code generated, and "No-find(bits)" is that the secret message cannot find the corresponding hash code. Since every 8 bits of secret information are converted into ASCII code for embedding, the ASCII-code range is between 0 and 255. Therefore, the hash code generated should be converted into ASCII code in 256 cases. It can be seen from the test data that the previous method cannot produce enough types of hash code. There is some message that cannot find the mapping relationship in the look-up table. Our algorithm obtains more different hash codes, that is, the diversity of hash code is increased by adding arrangements and the two-level mechanism. Due to the diversity of hash code increasing, the number of no-find cases will decrease accordingly. We increase the concealment rate of secret message through adding the two-level mechanism and designing new arrangements. As the results in Table 3, when the same number of bits is hidden in the same image, we can hide all secret message compared with the previous method.


**Table 3.** Comparison of the types of hash code and the number of the secret message cannot find.

Our coverless information hiding method can store an infinite amount of secret information, but for ensuring the security and transmission space of the location table, we also use reversible information hiding technology to embed the location table into the original image. Therefore, the embedding capacity depends on the method of reversible information hiding technology used. This paper adopts a simple PPE algorithm. After hiding the secret data, the image carrying the secret message is put in Figure 6. The secret message cannot be detected from Figure 6c by our eyes.

Reference [34] realizes the high capacity. The high hiding capacity is one of our goals in the paper. The experiment of the capacity in the paper is compared with other methods in Figure 5a, "Lena". The test results are stored in Table 4, where the different image has the different capacity with different embedding algorithms. The capacity represents the largest length of secret message that can be hidden under the algorithm model. From the data in Table 4, our method has the highest capacity to hide the secret message. Regarding reversible information hiding technology, it can also be combined with technologies with higher hiding ability. In the future, different reversible information hiding technologies can be selected according to the size of secret data.

**Figure 6.** The image with the secret message applying our method. (**a**) The histogram of the predict error; (**b**) the histogram of predict error after embedding message; (**c**) the image carrying the secret message.

**Table 4.** Comparison of the hiding capacity with other papers.


In view of analyzing the image quality, this experiment is compared with several methods. This paper still uses the standard Peak Signal-to-Noise Ratio (PSNR) and Structural Similarity (SSIM) to measure the quality of several methods. PSNR is one of the criteria for measuring the invisibility of images embedded with watermarks in information hiding, calculated by Equation (17).

$$\begin{cases} \text{PSNR} = 10 \times \log\_{10}(\frac{\text{MAX}\_I^2}{\text{ME}}),\\ \text{MAX}\_I = 2^8 - 1, \\ \quad \text{ME} = \frac{\sum\_{\text{u=1}}^{\text{vol}} \sum\_{v=1}^{\text{col}} (p\_{\text{uv}} - p\_{\text{uv}}')^2}{\text{vol} \times \text{col}}, \end{cases} \tag{17}$$

where *puv* and *<sup>p</sup>uv*, respectively, are the pixel value in the original host and the stego image. *rol* and *col* denote the total number of image rows and columns.

SSIM is an index to judge the similarity between two images, and the calculation function can be seen in Equation (18). Here, SSIM is used to measure the extraction quality of secret information.

$$\text{SSIM}(\mathbf{I}, \mathbf{I}') = \frac{(2 \times \mu\_I \times \mu\_{I'} + c\_{a1})(2 \times \sigma\_{II'} + c\_{a2})}{(\mu\_I^2 + \mu\_{I'}^2 + c\_{a1})(\sigma\_I^2 + \sigma\_{I'}^2 + c\_{a2})},\tag{18}$$

where *μI* and *μI* represent the average of *I* and *I* . *<sup>σ</sup>I* and *σ*<sup>2</sup>*I* is the variance of **I** and **I** . *σII* is the covariance. *ca*1 and *ca*2 are two constants to avoid dividing by zero.

Table 5 shows PSNR and SSIM for different methods without suffering any attacks. From the calculation results, we can see that our method is the best performance of these methods. This algorithm achieves excellent image quality when it has the same capacity and can obtain the original secret message.


**Table 5.** PSNR and SSIM about our proposed method and other papers.

In the network transmission, images may be intercepted or tampered with, so the information hiding algorithm needs to have the ability to resist attacks, which we call robustness. The robustness refers to the nature of an image with the secret message that can still extract information after suffering the attack. To reflect the robustness of the model designed, we compare it with the previous model. The experimental results are shown in Table 6.

**Table 6.** The extraction rate using different methods under different attacks.


It can be seen from the extraction rate that under the same hidden capacity, our algorithm has higher value, which means that our model has better robustness.

Pixel Difference Histogram (PDH) is an important indicator to measure security [44,45]. The PDH graph reveals the relationship between the pixel difference and the number of occurrences of the difference. The X-axis represents the pixel difference between two consecutive pixels, and the Y-axis is the frequency of the difference. The zig-zag phenomenon that appears in the PDH curve is called the undesired step effect. If this effect appears in the curve, it is considered that the image hides the secret message. The greater the distortion of the image containing the secret message, the corresponding PDH curve shows undesired steps; conversely, when the distortion is very small, the PDH curve would look as smooth as the original image.

The same secret message is hidden in three test images located in Figure 5. Figure 7a,d,g are the curves using [34]. In this experiment, the first stage (coverless information hiding) and the final image that carries the location table of our algorithm are represented in the analysis, respectively. Figure 7b,e,f are the first stage and Figure 7c,f,i denote the results in the final image.

It can be seen that these PDH curves are still as smooth as the original image after hiding the secret message and they do not show the effects of any steps. Therefore, this algorithm is undetectable by PDH analysis and is considered to have a certain degree of security.

**Figure 7.** The PDH analysis with different images: (**<sup>a</sup>**–**<sup>c</sup>**) are the results in "Lena", (**d**–**f**) are the results in "Pepper", and (**g**–**i**) are the results in "Plane".
