Reversible image data hiding (RIDH) is a special category of data hiding technique, which ensures perfect reconstruction of the cover image upon the extraction of the embedded message. The reversibility makes such image data hiding approach particularly attractive in the critical scenarios, e.g., military and remote sensing, medical images sharing, law forensics and copyright authentication, where high fidelity of the reconstructed cover image is required.
The majority of the existing RIDH algorithms are designed over the plaintext domain, namely, the message bits are embedded into the original, un-encrypted images. The early works mainly utilized the lossless compression algorithm to compress certain image features, in order to vacate room for message embedding. However, the embedding capacity of this type of method is rather limited and the incurred distortion on the watermarked image is severe. Histogram shifting (HS)-based technique is another class of approach achieving better embedding performance though shifting the histogram of some image features. The latest prediction error expansion (PEE)-based schemes were shown to be able to offer the state-of-the-art capacity-distortion performance.
Recently, the research on signal processing over encrypted domain has gained increasing attention, primarily driven by the needs from Cloud computing platforms and various privacy-preserving applications. This has triggered the investigation of embedding additional data in the encrypted images in a reversible fashion. In many practical scenarios, e.g., secure remote sensing and Cloud computing, the parties who process the image data are un-trusted. To protect the privacy and security, all images will be encrypted before being forwarded to an un-trusted third party for further processing. This implies that the message embedding operations have to be conducted entirely over the encrypted domain. In addition, similar to the case of Cloud computing, it is practically very costly to implement a reliable key management system (KMS) in such multi-party environment over insecure public networks, due to the differences in ownership and control of underlying infrastructures on which the KMS and the protected resources are located.
Some recent attempts were made on embedding message bits into the encrypted images. For example, a simple substitution method to insert additional bits into AES encrypted images. Local standard deviation (SD) was then exploited at the decoder side to extract the embedded bits and reconstruct the original image. For instance, a method to embed additional message bits into stream cipher encrypted images by flipping 3 LSBs of half of the pixels in a block. The data extraction can be performed by utilizing the local smoothness inherent to natural images. This method was improved through a side match technique. As local smoothness does not always hold for natural images, data extraction errors can be observed in the textured regions. Further, a separable RIDH method such that the protection scopes of data hiding key and encryption key are gracefully separated was proposed. The lossless compression based RIDH approach was extended to the encrypted domain, namely, losslessly compress half of the 4th LSBs of the encrypted image via LDPC coding to create space for data hiding. As the source coding with side information at the decoder requires a feedback channel, this scheme would face severe challenges in many practical scenarios, e.g., secure remote sensing, where the feedback channel could be very costly. More recently, a new embedding method by reserving room before encryption with a traditional reversible image watermarking algorithm as suggested. Essentially, partial embedding operations were shifted to the encode side, resulting in non-negligible increase of the encryption complexity and non-standard way of performing encryption. Other approaches were also reported.
It should be noted that the embedding security of all the existing encrypted-domain RIDH schemes depends on an extra data hiding key shared between the data hider and the recipient. As mentioned earlier, the key management functions, e.g., the key generation, activation, de-activation, suspension, expiration, destruction, archival, and revocation, are difficult to be reliably implemented within such distributed infrastructure.