A Verifiable Visual Cryptography Scheme Based on XOR Algorithm

Yanyan Han Department of Scientific Research,

Beijing electronic science & technology institute, Beijing 100070, China

E-mail: hyy@besti.edu.cn

Wencai He Communication Engineering Department

Beijing electronic science & technology institute, Beijing 100070, China

E-mail: hwc@besti.edu.cn

Haocong Dong Communication Engineering Department,

Xidian University, Xi’an 710071, China

E-mail: 1009120558@mail.besti.edu.cn

Juan Liu Communication Engineering Department,

Xidian University, Xi’an 710071, China

E-mail: ljkycg98@126.com

Abstract—Visual Cryptography is the same as other secret sharing schemes, which also has the problem of deception. The cheater can destroy the recovery of secret image or gain secret information by cheating through making a counterfeiter of share images. In this paper, in order to resolve the problem of deception, we proposed a verifiable visual cryptography scheme can ensure that the secret image can be visually revealed correctly. This scheme can check and verify the accuracy and truthfulness of every share image, which is simple to decrypt and without any pixel expansion.

Keywords- Visual Cryptography; cheater; verifiable; no pixel expansion.

I. INTRODUCTION Visual cryptography (VC) was firstly proposed by Naor

and Shamir in EuroCrypt’94 [1], is a cryptographic technique used for image encryption. Using k out of n visual secret sharing scheme, a secret image is encrypted into share images, which are meaningless images that can be transmitted or distributed over a communication channel. The secret image is decrypted without any computations and knowledge of cryptography. Each share image resembles a random binary pattern. By inspecting less than k share images, one cannot gain any information about the secret image.

At present, most of the visual cryptography schemes (VCS) are based on the assumption that participants are honest and reliable; as a result, a fraction of dishonest participants would provide false share images to cheat others for secret information or destroy the information. Two ways of deception are found in VCS: one way is external deception. The people who are outside the qualified subset pretend to be a participant to get the share images of other participants. Share images which achieved by the cheater that can composite a qualify subset of the VCS and the secret information could be recovered. The other way is internal deception. The participant from qualified subset do not provide their true share images,

instead of breaking the recovery of secret information or cheating other participants’ share images.

In order to guarantee the accuracy of recovery of the secret image, it is necessary to check the correctness of share images shown by participants. In order to prevent the occurrence of deception, verifiable visual cryptography schemes have been proposed. Schemes in Ref. [2, 3] allowed every participant could check the accuracy of received secret images. But when we recover the secret image, the validation image exists double images. Xu[4] proposed a (k, n) scheme which combined the scheme of (k, n) scheme with (k-1, n) scheme could avoid deception without double images. The other VCS based on permutation and combination, the probability method and cumulative matrix have been raised by Chen[5] and Yu[6,7], and these schemes could not only find the existence of multiple deceptions but also have better pixel expansion and contrast. Ref. [8] has made detail improvement for the former scheme, the new structure can guarantee to prevent deception and realize multi-secret sharing. Even so, these schemes are realized based on verifying some share images which have been proved to be corrected. These structures what we mentioned above also have a problem that the process of verification requires at least two or more share image to participate in. If it is not, we are unable to determine who is the cheater. In this paper, we offer a verifiable visual cryptography scheme based on XOR algorithm, we can check the correctness and authenticity of every share image, the recovery of verifiable image and secret image is not only simple without any pixel expansion but also can prevent deception effectively. This structure is more effective to solve the problem than what we mentioned above, we can just only use the validation image to verify the share image without any other share image. The rest of this paper is organized as follows, section defines the basic matrixes and algorithms of the visual cryptography scheme, and proposes an example of (2, 3, 2, 1, 3)-VCS to introduce the encryption process, decryption process and verification process of the VCS; section uses Visual.C++.6.0 simulate the (2, 3, 2, 1, 3)-VCS and analyzes ___________________________________

978-1-4673-2101-3/12/$31.00 ©2012 IEEE

the security and efficiency of the structure; section summarizes the overall content of the paper.

II. THE MODEL

A. Definition The scheme in this paper is based on XOR algorithm and

shift operations. The result produces a kind of verifiable and modified (k, n, h, l, m)-VCS[8]. k is the minimal number of share images, from which secret images can recover; n is the total number of secret share images; m is the number of pixels in a share images; h is the number of used white sub-pixels per pixel in the share images l=m-h, m>h>l�0.

Definition

1. A set p: p= {p1… pn}, consists of all participants in the VCS. Every participant pi has a share image Pi .

2. S0, S1: S0 denotes white pixels of the basic matrix in the image M. S1 denotes black pixels of the basic matrix in the image M.

3. M: M denotes the image which contains secret information.

4. Y: Y denotes the correct image after verification.

5. X: X denotes the recovery image.

6. K: K denotes the validation image.

7. K00 K01 K10 K11: K00 K01 K10 K11 denote the pixel set of the validation image K.

8. K00' K01' K10' K11': K00' K10' denote the judgment set of white pixels, K01' K11' denote the judgment set of black pixels.

9. The rules of encryption: The (k, n, h, l, m)-VCS constructs two matrix sets C0 and C1, C0 denotes white pixels of the share images; C1 denotes black pixels of the share images. Matrixes S0 (S1) denotes white (black) pixels of basic matrixes, S0 (S1) are randomly selected from the sets of C0 (C1) in the share image. In one share image, a white (black) pixel is denoted by m sub-pixels. And in the recovery secret image, a white (black) pixel is denoted by one sub-pixel.

10. Generating rules of the validation image K: In the same location, when the pixel in M and Y are both white, the pixels of image K are obtained from the set K00; when the pixel in M are white and the pixel in Y are black, the pixel of image K are obtained from the set K01; when the pixel in M is black and the pixel in Y is white, the pixel of image K are obtained from the set K10; when the pixel in M and Y are both black, the pixel of image K are obtained from the set K11.

11. The rules of judgment: The pixel of Y image are selected from sets of judgment K00' K01' K10' K11'. If the m pixels of image K belong to the set Ki0 while the generation of m pixels which through XOR algorithm between share image and image K belong to the collection Ki0', the pixel of Y is white; if not, the pixel of Y is black; If the m pixels of image K belong to the set Ki1 while the generation of m pixels which through XOR algorithm between share image and image K

belong to the collection Ki1', the pixel of Y is black; if not, the pixel of Y are white; i� [0,1]. In the recovered verifiable image, a white (black) pixel is denoted by a sub-pixel.

B. Process of distribution 1) Generate the secret share image. Do encryption

algorithms for (k, n, h, l, m)-VCS, m>h>l�0, and generate n share images as P1,…,Pn, These images are distributed to n participants; Each participant has a share image Pj, j�[1,n]

2) Generate the validation image K. According to the generation rules of image K, Analyze the pixel color of M and the same location in Y and generate the validation image K.

C. Process of decryption 1) Stack of any k images of participates, then we can

obtain image T1 =P1+…+Pk 2) Computing of every group of m pixels in image

Ti(i�[1,(m-h+1)]), Ti=�(Ti-1), i�[2,(m-h+1)],�( ) denotes the operator of rotating right one.

3) Do anti-algorithm in image Ti, Do anti-algorithm after stacking of share images, we can obtain image U= 121 ������ hmTTT . The image U is m times than the original secret image.

4) Achieve image X through OR algorithm of every group of m pixels in image U.

5) Achieve reconstructed image X.

D. Process of verification 1) Generate the image Y' through XOR algorithm of share

image Pj and image K. 2) Based on the rules of verification, generate the image

Y'' through judgment algorithm of every group of m pixels in image Y'.

3) Comparing with image Y'' and the correct verifiable image. If they are the same, the share Pj is true, if not, it is false.

Lemma 1[9]. The VCS achieve the same size with the reconstructed image and the original image, the image size is unchanged and with the ideal contrast.

E. Example In this section, we construct a verifiable (2, 3, 2, 1, 3)-VCS,

we can decrypt the secret information by stacking of any two share images, and we can verify the share image by stacking the share image with the validation image.

Firstly, constructing share images P1, P2, P3 of secret image, basic matrix S0 is randomly selected from C0 and basic matrix S1 is randomly selected from C1. The set of Matrix C0 and C1 as follows:

C0 = {all the matrices obtained by permuting the columns

of

���

�

�

�

001001001

}

C1 = {all the matrices obtained by permuting the columns

of

���

�

�

�

100010001

}

To denote a white pixel of the secret image, we assume that the share image of participant p1 is P1= (100), the share image of participant p2 is P2= (100) and the share image of participant p3 is P3= (100). To denote a black pixel of the secret image, we assume that the share image of participant p1 is P1'= (100), the share image of participant p2 is P2'= (010) and the share image of participant p3 is P3'= (001). Participants p1 and p2 involved in recovery the secret image, stacking of their shares we can obtain that, T1

0= (100) denotes a white pixel, T11= (110)

denotes a black pixel. Doing (m-h=1) times operator of rotating right one to the sub pixel in T1

i (i=0, 1), we can obtain

T20= (010) denotes a white pixel and T2

1= (011) denotes a black pixel. Then, doing AND algorithm with Tj

0 and Tj1 (j=1,

2), we can obtain U0= (000) denotes a white pixel U1= (010) denotes a black pixel. Lastly, Through OR algorithm of every group of m pixels in image Ui (i=0, 1), we can obtain X=0 denote the white pixel of original secret image and X=1 denote the black pixel of original secret image. Table. denotes the recovery process of secret image, Where 0 denotes a white pixel and 1 denotes a black pixel.

TABLE I. RECOVERY PROCESS OF SECRET IMAGE

the pixel in secret image

T1 T2 U X

0 100 010 000 0 010 001 000 0 001 100 000 0

1 110 011 010 1 101 110 100 1 011 101 001 1

Secondly, construct the collections of pixel matrices K00K01 K10 K11 of validation image K:

K00 = {all the matrices obtained by permuting the columns of [1 0 0]}

K10 = {[0 0 0]}

K01 = {all the matrices obtained by permuting the columns of [0 1 1]}

K11 = {[1 1 1]}

Table. denotes the selection rules of pixels of share image Pi and validation image K:

TABLE II. THE SELECTION RULES OF PIXELS

the matrices of pixel in image

Pi

the matrices of pixel in image

K

every m pixels in Pi

every m pixels in K

C0 K00 100 100 010 010 001 001

C1 K10 100

000 010 001

C0 K01 100 001 010 101 001 110

C1 K11 100

111 010 001

Lastly, construct the judgment collections of pixel K00'K01' K10' K11' of validation image K:

K00'= {(0 0 0)}

K01'= {(1 0 0), (0 1 0), (0 0 1)}

K10'= {(1 1 1)}

K11'= {(1 1 0), (0 1 1), (1 0 1)}

In order to denote a pixel in image Y'', we can assume that the image Y' is obtained by XOR of share image Pj and image K, then through judgment algorithm of every group of m pixels in image Y' we can draw the conclusion as follows: If image Y'' is the same as correct verifiable image, the share image Pj is true. If it is not, the share image Pj is false. Such as in the same location of a group of pixels, three pixels of share image Pj is (010), three of pixels of image K is (100), if the generation matrices of image K is from K00, after XOR algorithm with (010) and (100) is (110), select the judgment matrices K00'. Because (110) is not belong to K00', the pixel at this point of Y'' is black. The pixel is not the same as image Y, we can distinguish that the share image Pj is false. The process of judgment is followed in TABLE

TABLE III. THE PROCESS OF JUDGMENT The

matrices of pixel in image K

Every m pixels in image Y'' judgment Pixel in Y''

K00 �K00'

else �K00'

K10

�K10'

else �K10'

K01 �K01'

else �K01'

K11

�K11'

esle �K11'

III. SIMULATION AND ANALYSIS

A. The simulation results Figure1. Show three share images P1 P2 P3 and false

share image F. Figure2. Is the validation image K. Figure3 is the results of stacking of each share image. Figure4. Show the results of indicating these four share images by the validation image K. Through the simulation results, we can draw the conclusion. On one hand, the pixels no matter black or white are also distribution randomly and it will not disclose any information about the secret image. On the other hand, the recovered secret image and the verifiable image are the same size as original secret image and without any pixel expansion.

(a) P1 (c) P3

(b) P2 (d) F

Figure 1. Image P1, P2, P3 and F

Figure 2. Validation image K

a P1 and P2 (b) P1 and P3 c P2 and P3

(d) P1 and F (e) P2 and F (f) P3 and F

Figure 3. Stacking of each share image

(a) P1 and K (b) P2 and K

(c) P3 and K (d) F and K

Figure 4. Verifiable image

B. Analysis and comparison Security: The basic matrix S0 and S1 of this scheme is the

same generate rules as the matrix of traditional VCS. The scheme is satisfied with security conditions and contrast conditions of visual cryptography. And the VCS is proposed by Han[9] is improved in this paper, we not only improve the verifiable structure with XOR and judgment algorithm but also have no bad effect on the basic matrix, so the VCS is satisfied with the definition of verifiable visual cryptography scheme. Shown in Figure 3, when the cheater exists, we can obtain the validation image only by stacking of the share image and the validation image K. If the verifiable image is correct, we can evidence the share image is true, vice versa, the share image is false.

1) Contrast: An Anti-deception visual cryptography scheme proposed by Chen[5] has simple structure and small storage capacity, but the recovery image is less than ideal. Some anti-deception visual cryptography schemes proposed by Yu[7] have an ideal contrast, but the pixel expansion of share image is larger than original image. In order to verify the cheater, all of these programs need to have two or more share images as the verification of the necessary conditions. A Verifiable Visual Cryptography Scheme which is proposed by Fu[10] solves the problem of deception in visual cryptography and without any pixel expansion, but the contrast of verification image and secret image is not ideal. The VCS proposed in this paper does not need any true share image, we can indicate the shares only through XOR and judgment algorithm. However, in the process of generation has m pixels expansion, but the recovery image is the same size as the original secret image and has not lose any contrast. In summary, compared to the others, the structure in this paper is the best option.

2) Efficiency of verification: a) Wang[11] proposed a VCS that can verify more than

one cheater without knowing who is honest before verification process. The structure has a strong superiority, but with k increases, verification process will become more and more complicate. In this paper, XOR and judgment algorithm should be used in the process of verification. Firstly, we need to stack of the share image and the validation image K. Secondly, determine the sets of pixel sources by judgment of the image K. Finally, select the corresponding sets to indicate every group of m pixels which obtained by XOR algorithm. The computation of VCS is increased, but the computing method is simple and easy to implement by using C language and without much time. This structure is more effective to solve the problem than what we mentioned above, we can just only use the validation image to verify the share image without any other share images.

b) Anti-cheating visual cryptography schemes proposed by Xu[4] and Wang[12] need to have at least two true share images before they can recover the verification image, moreover, the whole verification process can not find the cheater until they get one true share

image. However, in this paper, the structure of the verification process uses the validation image to verify the share image so that we need not any other true share image.

IV. CONCLUSION In order to resolve the problem of deception, we proposed

a verifiable visual cryptography scheme which based on XOR algorithm. Through using XOR algorithm with the share images of participates and the validation image, we can judge the share images are true or false without any other information to ensure the correctness of the secret image recovery. The process of recovery and judgment are both simple and the recovery of secret image and verifiable image are clear and without any pixel expansion. This scheme is able to indicate the correctness and truth of one single share image and improve the function of anti-deception.

REFERENCES [1] M. Naor, A. Shamir, “Visual cryptography,” Advances in Cryptography:

EUROCRYPT, LNCS, vol. 950, 1995: pp.1-12. [2] Yuling Chen, Changgen Peng, “Verifiable visual secret sharing

scheme,” Computer Engineering and Design. Vol.29, No.21, Aug 2008: 5430-5434.

[3] Hao Yan, Zhi Gan, “Prevent Deception Visual Cryptography Sharing Scheme,” Journal of Shanghai Jiaotong University. Vol.38, No.1, 2004: 107-110.

[4] Xiaohui Xu, Bin Yu, “A cheater detectable VCS without fringes,” CACIS2007, Ningbo, 2007: 1335-1339 .

[5] Qin Chen, Wenfang Peng, “Visual cryptography scheme for cheating prevention based on permu Visual cryptography scheme tation and combination,” Application Research of Computers. Vol.28, No.1, Jan 2011: 318-324.

[6] Bin Yu, Yiwei Wang, “Anti-cheating visual cryptography scheme based on probability,” Journal of Computer Applications. Vol.29, No.7, July 2009:1782-1786.

[7] Bin Yu, Xiaohui Xu, “A Cheater Detectable VCS Based on Cumulative Array,” Journal of Electronics Information Technology. Vol.31, No.4, Apr 2009: 950-955.

[8] Bin Yu, Xiaohui Xu, Liguo Fang, “Multi-secret sharing threshed visual cryptography,” CIS Workshops 2007, Harbin, 2007: 815-818.

[9] Yanyan Han, “Study of Visual Cryptography Technology,” Xidian University. Xi’an, China. Apr 2009.

[10] Zhengxin Fu, Yiwei Wang,Yu Bin, “A Verifiable Visual Cryptography Scheme without Pixel Expansion,” Computer technology and application progress,2009: 539-543.

[11] Beniian Wang, Yong Fang, “A program of Visual cryptography to prevent cheaters,” Information and Electronic Engineering, Vol.7, No.4, Aug 2009:339-341,365.

[12] Yiwei Wang, Yu Bin, “A(k’,k,n)-Cheater Preventable VCS,” Computer technology and application progress,2008:492-496.