General Construction for Extended Visual Cryptography

DOI: 10.4018/IJDCF.2019010101

International Journal of Digital Crime and ForensicsVolume 11 • Issue 1 • January-March 2019

Copyright©2019,IGIGlobal.CopyingordistributinginprintorelectronicformswithoutwrittenpermissionofIGIGlobalisprohibited.

1

General Construction for Extended Visual Cryptography Scheme Using QR CodesYuqiao Cheng, Science and Technology on Information Assurance Laboratory, Beijing, China

Zhengxin Fu, Zhengzhou Information Science and Technology Institute, Zhengzhou, China

Bin Yu, Zhengzhou Information Science and Technology Institute, Zhengzhou, China

Gang Shen, Zhengzhou Information Science and Technology Institute, Zhengzhou, China

ABSTRACT

Thisarticledescribeshowavisualcryptographyscheme,withoneprominentfeature—decryptingsimply, has attractedmuch research attention since itwas first proposed.However,meaninglesssharesremainacontinuingchallengeinthedevelopmentofVCS.Inthisarticle,anextendedvisualcryptographyscheme(EVCS)basedonXORoperationisproposed,inwhichQRcodesareutilizedasthecoverimagesofshares.Bydesignation,allthesharesgeneratedintheschemecanbedecodedbystandardQRcodereaderswithspecificmeaning.Inaddition,toachievehighsharingefficiency,amethodofsimultaneouslysharingasecretQRcodeamongmultiplesubsetsispresented.Also,sufficientandnecessaryconditionsofthemethodareanalyzedwithanintegerprogrammingmodel,providingageneralconstructionapproachforEVCSunderarbitraryaccessstructures.

KEywoRDSError Correction Capacity, Extended Visual Cryptography Scheme (EVCS), General Access Structure, Multiple Subset Sharing (MSS), QR Codes

1. INTRoDUCTIoN

Asanimportantbranchofsecretsharing,theconceptofvisualcryptographyscheme(VCS)wasfirstproposedbyNaorandShamir(1995).Accordingtotheoriginaldefinitionofa(k,n)-VCS,asecretimageisdistributedintonshares.Nosecretinformationwillberevealedwithpossessionoffewerthankshares.Butwhenkormoresharesaresuperimposed,thesecretcanbeeasilydecryptedbyhumanvision.Inthepastfewdecades,VCSdevelopedrapidlyandhasmadegreatprogressinmanyaspects(Liu&Yan,2014).Aschemeforgeneralaccessstructureswasgiventherewith(Ateniese,Blundo,Santis,&Stinson,1996),gettingridofthresholdconstraintsonthequalifiedsubsets.Optimalpixelexpansion(Shyu&Chen,2015)andcontrast(Lin,Chen,&Lin,2010)wereexploredlater.Tofurtherimprovetheperformanceofrecovery,XORoperationwasintroducedintothestudyofVCS(Shen,Liu,Fu,&Yu,2017;Yang&Wang,2014;Wu&Sun,2014).Forthesakeofflexiblesharingstrategies,effortshavebeenmadeformultiplesecrets(Jia,Wang,Nie,&Zhang,2016),cheat

Thisarticle,originallypublishedunderIGIGlobal’scopyrightonJanuary1,2019willproceedwithpublicationasanOpenAccessarticlestartingonFebruary2,2021inthegoldOpenAccessjournal,InternationalJournalofDigitalCrimeandForensics(convertedtogoldOpenAccessJanuary1,2021),andwillbedistributedunderthetermsoftheCreativeCommonsAttributionLicense(http://creativecommons.org/

licenses/by/4.0/)whichpermitsunrestricteduse,distribution,andproductioninanymedium,providedtheauthoroftheoriginalworkandoriginalpublicationsourceareproperlycredited.


2

prevention(Chen,Tsai,&Horng,2013),regionorfullyincrementing(Hu,Shen,Fu,Yu,&Wang,2016;Chen,2017)andprogressiveschemes(Hou&Quan,2012).

All studiesmentionedabovecontributea lot to thepracticalapplicationsofVCS.Theonlydownsideisthatthesharesintheseschemesaremeaninglessandeasilyarousesuspicionof somepotential attackerswhendistributedviaapublic channel.Therefore, theextendedVCS(EVCS)seemsmoreattractivebecauseitgeneratesmeaningfulsharesinsteadofrandomimages(Naor&Shamir,1995).Byaddingsomeextracolumnsintothebasismatrices,Wangetal.(Wang,Yi,&Li,2009)designeda(k,n)-EVCSwithpoorcontrastofshares.Toimprovevisualperformance,aschemewasproposedonthebasisofhalftoneimagetechnology(Kang,Arce,&Lee,2011).Andotherstudieshavealsobeenattemptedwithbetterresults(Liu&Wu,2011;Yang,Sun,&Cai,2016;Yan,Wang,Niu,&Yang,2015;Ou,Sun,&Wu,2015).Nevertheless,thecamouflageeffectofsharesintheseschemeswasstillunsatisfactorysincethereweremanynoisypointsvisible.Later,secrethidingtechniqueswereutilizedtogeneratemeaningful shares (Yan,Wang,El-Latif,&Niu,2015;Amiri&Moghaddam,2016;Yuan,2014),butwithlargecomputationalload.

QuickResponse(QR)codeisatwo-dimensionalcodedevelopedbytheJapaneseDensoWaveCompany,andnowhasbeenadoptedasauniversalspecificationperformedbyISO(2006).Withthepopularizationofintelligentterminals,QRcodeshavebeenwidelyusedinfieldssuchasinformationstorage,mobilepaymentandelectronictickets.ForagivenQRcode,wecanhardlyacquireitsmessagebyhumanvisionsincethedarkandlightmodulesarerandomlydistributed.ThismeaninglessappearanceissimilartotheimagecharacteristicofVCSshares.Assuch,QRcodecanbeagoodchoiceforthemaskofVCSshare.Therefore,investigationsoftheVCSandQRcodescombinationshaveattractedconsiderableattention.Atfirst,QRcodeswereembeddedassomepartsofsharestoauthenticateaVCS(Wang,Liu,&Yan,2014).Thismethodsoughtthebest embedding regionof agiven share, thus reducing the influenceof secret revealing.Later,acontinuous-toneVCS(Yang,Liao,Wu,&Yamaguchi,2016)wasdevelopedwherethecolorofasecretmodulewasdeterminedbythegraynessofblackdots.Subsequently,aclassofEVCSsbasedonQRcodeswasproposed.Inviewofmachinerecognitioncharacteristic,anEVCSwaspresentedfortwo-levelinformationstoragebyLiuetal.(Liu,Fu,&Wang,2016).Inthisscheme,aproperscanningdistanceandanglearestrictlyrequiredtodecodingtheshares,whichsignificantlyincreasestheinconvenienceofpracticalapplications.ByexploitingerrorcorrectionmechanismofQRcodes,a(n,n)sharingmethodwasdesigned(Chow,Susilo,Yang,Phillips,Pranata,&Barmawi,2016),andthen,a(k,n)schemeunderthetheoryofrandomgridswerefurtherimplemented(Wan,Lu,Yan,Wang,&Chang,2017).Sometimes,thesecretimagemaybeaQRcode,andthenWanetal.’sschemebecomesinvalidbecausetheerrorscontainedintherecoveredsecretarebeyonderrorcorrectioncapability.OnesolutiontothisproblemisthatrepeatedlyperformingChowetal.’smethodoneachminimalqualifiedsubset.Then,alargenumberofsharinginstancesarerequired.

Inthispaper,anovelEVCSispresentedcombiningwithQRcodes.First,toreducethenumberofsharinginstances,weintroduceanideaofMSSandprovideitssufficientandnecessaryconditionswithanintegerprogrammingmodel.Andbasedonthismodel,wedividetheinitialaccessstructureintoseveralcollections,eachofwhichcanachieveaMSSinstance.Further,detailedsharingalgorithmofMSSispresented.Experimentalresultsandcomparisonsshowthevalidityandadvantagesoftheproposedscheme.

Theremainderofthispaperisorganizedasfollows.Section2introducessomepreliminariesconcerningourstudy.TheproposedschemeisdescribedinSection3whilesomeconditionsaretheoreticallyprovedinSection4.ExperimentsandanalysisarepresentedinSection5toillustratethefeasibilityofthisworkandhowitimprovesonpreviouswork.


3

2. PRELIMINARIES

Inthissection,wewillgivesomebasicdefinitionsconcerningtheVCSandtheQRcode.First,thedenotationofsymbolsinourpaperisgiveninTable1.

2.1. EVCSExtendedXOR-basedVCS(EXVCS)isa typeofEVCS,inwhichtherecoveryprocessisbasedonXORoperation.BecauseXORoperationcanreverse1to0,recoveredcontrastissignificantlyimprovedinEXVCS,especiallyin(n,n)-EXVCSthesecretiscompletelyreconstructed.

Definition 1 [3].SupposeallparticipantsconstituteasetP={1,2, ,n}.LetΓQ,ΓF⊆2PandΓQ∩ΓF=∅.MembersofΓQandΓFaredefinedasqualifiedsubsetsandforbiddensubsets,respectively.Thepair(ΓQ,ΓF)iscalledanaccessstructure.IfΓQismonotoneincreasingwhileΓFismonotonedecreasing,andΓQ∪ΓF=2P,then(ΓQ,ΓF)issaidtobestrong.Moreover,definethebasisΓ0={Q∈ΓQ|Q′∉ΓQifQ′⊂Q}.AllofthemembersinΓ0areminimalqualifiedsubsets.

Definition 2.LetΓ=(ΓQ,ΓF)beanaccessstructureonPanditsbasisΓ0={Q1,Q2, ,Qt}.AnEXVCSbasedonQRcodesisconstitutedunderΓifthreeconditionsaresatisfied.(1) EachsharecanbedecodedbyastandardQRcodereaderanditsmessageismeaningful.(2) AnyforbiddensubsetQf={i1,i2, ,if}∈ΓFisinaccessibletothesecretinformation.(3) ForanyqualifiedsubsetQq∈ΓQ,∃Q’⊆QqandQ’∈Γ0,thesecretcanbereconstructedby

XOR-ingthesharesofQ’.

2.2. QR CodeQRcodesconveyinformationbasedonthearrangementofdarkandlightmodules.Thereare40versionswithdifferentdatacapacities.Version1iscomposedof21×21modules.Eachsubsequentversionincreasesbyfouradditionalmodulesperside,uptoversion40,whichiscomposedof177×177modules.

Table 1. Denotation of symbols

Symbol Denotation

c thenumberofallcodewordsinablock

b thenumberofdatacodewordsinablock

r thenumberoferrorsallowableinablock

S thesecretQRcode

Tj theshareofthej-thparticipant

Cj thecoverQRcodeofTj

Qi thei-thminimalqualifiedsubset

R[Qi] theresultofT1⊕T2⊕⊕TmifQi={1,2, ,m}

D[Qi] theresultofR[Qi]⊕S

Tj(u,v) moduleofTjattheu-throwandv-thcolumn

Q1ΔQ2 thesymmetricdifferenceofQ1andQ2


4

Figure1isthestructureofversion7.Asshown,aQRcodeincludestwoparts:functionpatternsandencodingregion.Theformerarespecificstructuresdesignedforgeometriccorrectionandeffectivedecoding,andthelattercontainsseveralQRblocksandsomeauxiliaryformatorversioninformation,suchaserrorcorrectionlevels,maskpatterns,andsymbolversions.Theformatinformationisabinarysequencewithfivedatabitsandtenerrorcorrectionbits.

Anothersignificant featureofaQRcode iserrorcorrection,whichallowsQRcodereaderstocorrectlydecodedata, even ifpartsof the symbolaredirtyordamaged.Thereare fourerrorcorrectionlevelstoprovidedifferentcapabilities(L:7%,M:15%,Q:25%,andH:30%).Ahigherlevelcorrespondstoalargerdatapayload.Table2liststhecharacteristicofversion4∼7.

3. THE PRoPoSED SCHEME

Thissectionproposesaschemewithmeaningfulsharesforgeneralaccessstructures.Bytakingfulladvantageof theerrorcorrectioncapacitiesofQRcodes, lessstoragespaceofshares isrequiredintheproposedscheme.AsshowninFigure2,thewholesharingprocessincludestwoparts:collectiondivisionandMSS,withtheirdetailedalgorithmsillustratedinSection2.1and2.2,respectively.

3.1. Collection DivisionBythe(n,n)sharingmethod(Chow,Susilo,Yang,Phillips,Pranata,&Barmawi,2016),foranyΓ0={Q1,Q2, ,Qh},theEXVCSunderΓ0isconstructedasfollows.

InFigure3,aparticipantneedstsharesifitbelongstotsubsetsofΓ0,whichwouldcostmuchspacetostoresharesastgrows.Toimprovesharingefficiency,weattempttodealwithmultiplesubsetsbyonlyone(n,n)-MSSinstance.

Differentfrompreviouswork,theproposedmethodillustratedinFigure4performsonlyoneMSSinstanceasn=|Q1∪Q2∪∪Qh|.Thenaparticipantneedsonlyoneshareevenifitiscontainedinmorethanonesubsets.However,therearesomeconstraintstotheexistenceofsuchaninstance.Initially,weletTj=Cj(j=1,2, ,n).ToobtainthesecretmessageofS,differencesbetweenR[Qi](i=1,2, ,h)andSshouldbewithintheerrorcorrectioncapacityofS.Therefore,somecodewordsofTj(j=1,2, ,n)needmodifyingtoadjustthevalueofR[Qi].WetakeeachQRcodeblockastheresearchobjectforsubsequentanalysis.LetXbeathree-dimensionalmatrixwiththesizeofh×(n+1)×c.Amathematicalmodelissetuptodeterminewhethera(n,n)-MSSinstanceofQ1,Q2, ,Qhcanbesatisfied.

Figure 1. The symbol structure of version 7


5

Table 2. Error correction characteristics of several versions

Version Error correction level Number of blocks (c, b, r)

4

L 1 (100,80,10)

M 2 (50,32,9)

Q 2 (50,24,13)

H 4 (25,9,8)

5

L 1 (134,108,13)

M 2 (67,43,12)

Q2 (33,15,9)

2 (34,16,9)

H2 (33,11,11)

2 (34,12,11)

6

L 2 (86,68,9)

M 4 (43,27,8)

Q 4 (43,19,12)

H 4 (43,15,14)

7

L 2 (98,78,10)

M 4 (49,31,9)

Q2 (32,14,9)

4 (33,15,9)

H4 (39,13,13)

1 (40,14,13)

Figure 2. The sharing process of the proposed scheme


6

X i h k c

X r j n

X

ijkj

n

ijkk

c

i

h

i n kk

�

�

��

�

�

��

� � � � �

� � �

1

1

11

1

1 1 1

1

( , )

( )

( )

��

� � � � � ��

1

1

0 1 1

0 1 1 1

c

ijk i

ijk

r i h

X i h j Q k cX i h j

( )

( , , )

{ , }( , ��

�

�

��

�

�� n k c1 1, )

(1)

Chooseanyt(2≤t≤h)subsetsfromQ1,Q2, ,QhandassumetheyareQp1,Qp2

, ,Qpt.

LetQa=Qp1∪Qp2

∪∪Qpt−Qp1

ΔQp2ΔΔQpt

,then

X X X t v v v Q k cp v k p v k p v k t at t1 1 2 2 1 2 1� � � � � � � ( , , , , ) (2)

If(1)and(2)haveacommonsolution,Q1,Q2, ,Qhcanconstituteacollection,ofwhichallsubsetscanbesharedbyone(n,n)-MSSinstance.Xijk=1indicatesthatthek-thcodeword(1≤k≤c)ofTjwouldbemodifiedtoletR[Qi]=S.AndXi(n+1)k=1denotesthatthek-thcodewordofR[Qi]isdifferentwiththatofS.Insomecases,morethanonecommonsolutionto(1)and(2)arepossible,sowearesupposedtochooseaproperonefromthem.Generally,asolutionisgoodornotdependsonthedifferencebetweenthenumberoferrorsinTj(j=1,2, ,n)andthatinR[Qi](i=1,2, ,h),namely

Figure 3. The previous method

Figure 4. The proposed method


7

min ( )X Xijkk

c

i

h

i n kk

c

��

��

��

��11

1

1

(3)

Withabovemodel,basisΓ0ofanyaccessstructurecanbedividedintoanumberofcollectionsΓ1,Γ2, ,Γd.

3.2. MMSInthesharingprocedure,themodulesoffunctionpatternsandversioninformation,aswellastenerrorcorrectionbitsofformatinformation,arefixed.DetailedalgorithmisgiveninAlgorithm1.

Inordertorestorethesecret,wefirstobtainR[Qk](1≤k≤h)byXOR-ingsharesinQk.AndthenwecandeducesecretformatinformationaccordingtotheformatdatabitsofR[Qk].Finally,thesecretmessageisreconstructed.Notethatthefixedmoduleswillnotbehandledwithduringtherecoveryprocess.

4. THEoRETICAL PRooFS

Thevalidityoftheproposedschemeisanalyzedinthissectionfromtwoaspects.Oneprovesthesecuritythatforbiddensubsetsarehardlytoobtainsecretmessages;theotherillustratesthatacommonsolutionto(1)and(2)isthesufficientandnecessaryconditionsofaMSSinstance.

4.1. Security

Theorem 1.Anyindividualsharecannotobtainanyinformationaboutthesecret.Proof: Because QR codes adopt a universal encoding standard, an adversary can easily decode

themessageofashare,furtherinferringtheknowledgeofitscorrespondingcoverQRcode.Accordingtotheproposedscheme,nomorethanrcodewordsaredifferentbetweenashareanditscover.Andthisdifferencemakesnosensebecausetheadversaryknowsnothingaboutothershares.Therefore,reconstructingthesecretwithonlyoneshareisimpossible.

Algorithm 1. Sharing algorithm

Input:ThesetP={1,2, ,n}thatconsistsofallparticipantsfromQ1,Q2, ,Qh;ncoverQRcodesC1,C2, ,Cn;asecretQRcodeS.(EachQRcodehasdblocksandthesymbolsizeisa×a.)Output: nsharesT1,T2, ,Tn. Algorithm starts. Step 1:Leti=j=0andTk=Ck(1≤k≤n).GotoStep2. Step 2:Calculateacommonsolutionto(1)and(2)fortheu-thblock(1≤u≤d)anddenoteitbyXu.Moreover,acommonsolutionXwhereXk(n+1)v=0(1≤k≤h,1≤v≤5)iscalculatedforsharingfiveformatinformationdatabits.GotoStep3. Step 3:Leti=i+1.Ifi≤a,gotoStep4;else,gotoStep9. Step 4:Letj=j+1.Ifj≤a,gotoStep5;else,letj=0andgotoStep3. Step 5:IfS(i,j)isafixedmodule,skipandgotoStep4;elseifS(i,j)isamodulefromdataanderrorcorrectionblock,gotoStep6;else,gotoStep7.Step 6:SupposeS(i,j)isamoduleofthev-thcodewordoftheu-thblock.ForQk(1≤k≤h),findtheq-thelementthat

satisfies Xkqvu =1 .Ifq=n+1,skipandgotoStep4;else,gotoStep8.

Step 7:SupposeS(i,j)isthev-thbitofformatinformation.ForQk(1≤k≤h),findtheq-thelementthatsatisfiesXkqv=1.GotoStep8. Step 8:AdjustTq(i,j)toletS(i,j)=R[Qk](i,j),andgotoStep4.Step 9:OutputnsharesT1,T2, ,Tn. Algorithm ends.


8

Theorem 2.Noknowledgeofthesecretcanbeobtainedwithsharesofanyforbiddensubset.Proof: In terms of QR code specification, dark and light modules of a QR code are randomly

distributed.Therefore,thepossibilityofeachmodule’scolorisapproximately0.5.For∀Q∈Γ0andQF⊂Q,supposeQ={a1,a2, ,ax,b1,b2, ,by}andQF={b1,b2, ,by}.Then,

T T T S T T Tb b b a a ay x1 2 1 2� � � � � � � � (4)

SinceT T Ta a ax1 2⊕ ⊕ ⊕ arerandom,theinformationaboutSisinaccessible.

4.2. Sufficient and Necessary Conditions

Theorem 3.Thereisatleastonecommonsolutionto(1)and(2)ifaMSSinstancecanbesatisfied.Proof:Ifamulti-subsetsharinginstancecanbeappliedonQ1,Q2, ,Qh,thereisR[Qi]⊕D[Qi]=

S(1≤i≤h).ConsideringthesharingofQ1andsupposeQ1={j1,j2, ,jm}.InordertosatisfytheresultR[Q1](u,v)⊕D[Q1](u,v)=S(u,v)(1≤u≤a,1≤v≤a),amodulefromT1(u,v),T2(u,v), ,Tm(u,v)shouldbereversedorletD[Q1](u,v)=1.ThisstepisnotrequiredunlessT1(u,v)⊕T2(u,v)⊕⊕Tm(u,v)=S(u,v)underthepossibilityof1/2.Forthek-thcodeword(1≤k≤c),thereis

X

X

jkj

n

1

1

1

1255

256�

�

� � ��

��the probability of this event is

11

1

1

01

256jk

j

n

�

�

� � ��

��

�

��

the probability of this event is

��

��

(5)

Similarly,theconclusionisappliedtoanalysisofQ2,Q3, ,Qh.Thus,foranysubsetQi(1≤i≤h)andanycodewordk(1≤k≤c),thereis

X

X

ijkj

n

�

�

� � ��

��

1

1

1255

256the probability of this event is

iijkj

n

�

�

� � ��

��

�

��

1

1

01

256the probability of this event is

��

��

(6)

Sincetheprobabilityof255/256isfarlargerthan1/256,thuswecanapproximatelyconsider(6)

as Xijkj

n

�

�

� �1

1

1 .Moreover,tokeepbothreadabilityofthereconstructedsecretandshares,thereare

X ri n kk

c

( )�� 1

1

and X rijkk

c

i

h

��

11.Therefore,(1)canbeinferred.

ConsideringtheintersectionamongQ1,Q2, ,Qt,therelationshipXajk=Xbjk=1maynotalwaysbesatisfiedforanyaandb.Forexample,supposetwosubsetsQp={ja1,ja2, ,jat,jb1,jb2, ,jbx}andQq={ja1,ja2, ,jat,jc1,jc2, ,jcy}.BecauseR[Qp]⊕D[Qp]=R[Qq]⊕D[Qq]=S,thereis


9

T T T T T T D Q D Qj j j j j j p qb b bx c c cy1 2 1 2� � � � � � � � � [ ] [ ] (7)

Tosatisfy(7),twoapproachesareprovidedinthefollowing.

1. ChangeacodewordfromTjb1,Tjb2

, ,Tjbx ,Tjc1 ,Tjc2, ,Tjcy ;

2. LetD[Qp]=1orD[Qq]=1.

Atthismoment,ifa∈Qp∩Qqandb∈Qp∩Qq,Xajk=Xbjk=1isalmostimpossible.So(2)canbeobtained.

Theorem 4.AMSSinstancecanbeconstructedif(1)and(2)haveacommonsolution.Proof:If(1)and(2)haveacommonsolution,itmeansthereisanXthatsatisfies(1)and(2)atthe

sametime.Apparently,Xensuresthaterrorscontainedintherecoveredsecretandthesharesarebothwithintheirerrorcorrectioncapacities.Supposeanyt(2≤t≤h)subsetsfromQ1,Q2, ,QhareQp1

,Qp2, ,Qpt

,thereis

R Q D Q R Q D Q R Q D Q Sp p p p p pt t[ ] [ ] [ ] [ ] [ ] [ ]

1 1 2 2� � � � � � � (8)

AssumeQb=Qp1ΔQp2

ΔΔQpt={i1,i2, ,ix}.Then(8)canbesimplifiedas

T T T D Q D Q D Q t

T Ti i i p p p

i i

x t1 2 1 2

1 2

0 2 4 6� � � � � � � � �

� �

[ ] [ ] [ ] ( , , , )

��

��

�� T D Q D Q D Q S ti p p px t[ ] [ ] [ ] ( , , , )

1 21 3 5

(9)

Undertherequirementsgivenby(2),wecanalwaysfindacodewordfromTi1 ,Ti2 , ,Tix ,orletoneofD Qp[ ]

1,D Qp[ ]

2, ,D Qpt

[ ] be1.Then,(9)canbesatisfied.

5. EXPERIMENTS AND ANALySIS

In this section, the feasibilityof theproposed scheme is evaluatedbyexperiments.Suppose theparticipantsetP={1,2, ,9}anditsbasisΓ0={{1,2,3,4},{3,4,5,6},{1,2,7,8},{5,6,8,9}}.The secretmessage is “IJDCF-2017”and the first cover is “20170801|Beijing|123456789”.Messageformatsofothercoversaresimilartothefirstcover,soweomitthedescriptionofthemforbrevity.TheexperimentaldatasetisgiveninTable3.

Table 3. The experimental dataset

Data groups Secret QR code Cover QR code

1 version6-levelH version6-levelH

2 version6-levelM version6-levelH

3 version6-levelL version6-levelH


10

First,weobtainasolutionto(1)and(2)underdatagroup1.Theresultisgotbytheoptimizer“Lingo11”,asshowninFigure5.

Figure5declaresthatacommonsolutionto(1)and(2)exists,whichindicatesthataMSSinstancecanbeimplementedwiththesolvedX,anditsexperimentalresultisgivenbelow.ThedecodingtoolisthesourcedemoprovidedbyZXing.Net.

InFigure6,(a)and(e)aretheoriginalcoverandsecretQRcodes,respectively.Accordingtotheproposedmethod,(b)isgeneratedfrom(a)bychangingsomecodewordsshownbythewhiteregionsin(c).Moreover,(d)demonstratesthattheshare(b)isreadable.(f)isthereconstructedsecretobtainedbyXOR-ingT1,T2,T3andT4,and(g)representstheerrorscontainedin(f)thatshouldbecorrectedbyitself.Becausethefaultcodewordsin(f)arewithintheerrorcorrectioncapacity,themessageof(f)iscorrectlydecoded.HereweonlyexhibittheresultsofT1andR[Q1]forbrevity,whicharesametothoseofothersharesandreconstructedsecrets,exceptthatthemessagesofcoverQRcodesaredifferent.Moreover,(i)-(l)demonstratethatnosecretinformationcanbeobtainedbyanyforbiddensubsets.

Next(1)and(2)aresolvedwiththedatasetofgroup2,andtheresultisshownbyFigure7(a).Figure7clarifiesthatthemodelofMSSunderΓ0isunsolvable.Therefore,wedivideΓ0into

twocollectionsΓ1andΓ2,eachofwhichcansupportaMSSinstance.HerewesetΓ1={{1,2,3,4},{1,2,7,8}}andΓ2={{3,4,5,6},{5,6,8,9}},andthesolutionofthemodelbuiltonΓ1isdisplayedasFigure8.

Figure9isthesharingresultofdatagroup2.SinceΓ0isdividedintotwocollections,Γ1andΓ2correspondtotworespectiveMSSinstances.Becauseparticipant3belongstobothofthetwocollections,itneedstwoshares,whichisshowninFigure9(b)and(c).However,participant2isonlycontainedbythesubsetsincollectionΓ1,therefore,participant2onlyneedsoneshare,asshowninFigure9(a).Apparently,theMSSmethodisalsousefulinthisexperimentevenifthenumberofsharesisnotreducedforsomeparticipants.

Figure 5. The solution of data group 1


11

ProvidingthatΓ1={{1,2,3,4},{1,2,7,8}}andΓ2={{3,4,5,6},{5,6,8,9}},thereisnosolutiontodatagroup3.Sowere-divideΓ0intoΓ1={{1,2,3,4}},Γ2={{3,4,5,6}}andΓ3={{1,2,7,8},{5,6,8,9}}.Andatthistimeonlythenumberofsharesforparticipant8decreases.

Toshowtheefficiencyoftheproposedscheme,thedecreaseofsharinginstancesiscalculatedunderseveralspecific(k,n)accessstructures,aslistedinTable4.(AllofthesecretandcoverQRcodesareofversion6andlevel’H’.)PartsofthecollectiondivisionresultaregiveninAppendix.

Figure 6. The MSS result of data group 1. (a) cover QR code C1; (b) share T1; (c) C1 ⊕ T1; (d) decoding of (b); (e) secret QR code S; (f) recovered secret R[Q1]; (g) S ⊕ R[Q1]; (h) decoding of (f); (i) T2 ⊕ T3; (j) T2 ⊕ T3 ⊕ T4; (k) T2 ⊕ T3 ⊕ T4 ⊕ T5; (l) decoding of (i) (or (j),(k))

Figure 7. Solution of data group 2 on Γ0


12

Figure 8. Solution of data group 2 on Γ1

Figure 9. The sharing result of data group 2. (a) share of participant 2; (b) the first share of participant 3; (c) the second share of participant 3

Table 4. The decreasing number of sharing instances

kn

3 4 5 6 7 8

3 1(1) 4(4) 5(10) 10(20) 12(35) 19(56)

4 — 1(1) 3(5) 8(15) 12(35) 24(70)

5 — — 1(1) 3(6) 7(21) 19(56)

6 — — — 1(1) 3(7) 10(28)

7 — — — — 1(1) 3(8)

8 — — — — — 1(1)


13

AccordingtoTable4,thenumberofinstancesdecreasesatleast50%inourscheme,exceptfor(3,4)and(n,n)accessstructuressince(1)cannotbesatisfiedinthetwocases.Inaddition,thedifficultyofdecodingsharesinLiuetal.’s(Liu,Fu,&Wang,2016)schemeisillustratedinFigure10.

Liuetal.’sschemeisdesignedonthebasisofmachinerecognitioncharacteristicswhereeachmoduleofitsshareisdistinguishedbytakingeachblockconsistingof2×2sub-modulesasawhole.Inthiscase,ZXing.NetdemocannotcorrectlydecodetheshareasshowninFigure10(b),whichmeansthattheshareisunabletobeusedelectronically.Figure10(c)and(d)aredecodingresultsindifferentscanningdistancebyamobilereader“BarcodeScanner”.Apparently,aproperscanningwayisakeyfactortocorrectlydecodetheshare.Then,decodingisinconvenient.Finally,functionalcomparisonsofthispaperwithotherrelatedworkaregiveninTable5.

AsisexhibitedinTable5,theproposedschemehasamoreflexiblesharingstrategythansomeotherwork(Wang,Yi,&Li,2009;Yang,Sun,&Cai,2016;Yan,Wang,Niu,&Yang,2015;Ou,Sun,&Wu,2015;Yan,Wang,El-Latif,&Niu,2015;Amiri&Moghaddam,2016;Yuan,2014;Liu,Fu,&Wang,2016;Chow,Susilo,Yang,Phillips,Pranata,&Barmawi,2016;Wan,Lu,Yan,Wang,&Chang,2017),becausetheproposedschemeisdesignedforgeneralaccessstructures.Forthesakeofvisualcharacteristic,theQRcodeisanexcellentchoicetocovertheshares.Therefore,thecamouflageeffectishighinthispaperandsomeotherworkrelatedtoQRcodes(Liu,Fu,&Wang,2016;Chow,Susilo,Yang,Phillips,Pranata,&Barmawi,2016;Wan,Lu,Yan,Wang,&Chang,2017)orstenography(Ou,Sun,&Wu,2015;Yan,Wang,El-Latif,&Niu,2015;Amiri&Moghaddam,2016;Yuan,2014).Inaddition,thecomputationalcomplexityofVCSislowerthanthatofotherstudies(Yan,Wang,El-Latif,&Niu,2015;Amiri&Moghaddam,2016).

Figure 10. The decoding results with different scanning ways. (a) share T1; (b) decoding of (a) by computer demo; (c) decoding of (a) by the mobile reader with the scanning distance of 6cm; (d) decoding of (a) by the mobile reader with the scanning distance of 12cm


14

6. CoNCLUSIoN

ThispaperproposesanovelEVCSthatallsharesaremeaningfulQRcodes.Itreducesthelikelihoodofbeingsuspectedbypotentialattackersifdistributedviapublicchannels.Moreover,theproposedschemecanalsobeusedtoimprovethesecuritywhenQRcodesareappliedinsomesecretapplicationfields.ByfurtherutilizingerrorcorrectioncapacitiesofQRcodes,thispaperpresentsamethodtosharemultiplesubsetssimultaneously,whichreducesthenumberofsharinginstancesonthebasisofpreviouswork.Asaresult,fewersharesofeachparticipantarerequired.However,ourpaperonlyprovidessufficientandnecessaryconditionsforaMSSinstance;findinganoptimaldivisionmethodremainsanopenproblemtobesolved.

ACKNowLEDGMENT

Theauthorsthanktheanonymousreviewersfortheirvaluablecomments.Thisworkwassupportedinpartby theNationalNaturalScienceFoundationofChinaunderGrantNo.61602513and theOutstandingYouthFoundationofZhengzhouInformationScienceandTechnologyInstituteunderGrantNo.2016611303.

Table 5. Functional comparisons of this paper with other studies

Paper Access Structure

Camouflage effect

Computational complexity

Wang,Yi,&Li,2009 (k,n) low O(1)

Kang,Arce,&Lee,2011 general low O(1)

Liu&Wu,2011 general low O(1)

Yang,Sun,&Cai,2016 (k,n) low O(1)

Yan,Wang,Niu,&Yang,2015 (k,n) low O(1)

Ou,Sun,&Wu,2015 (n,n) high O(1)

Yan,Wang,El-Latif,&Niu,2015 (k,n) high O(n)

Amiri&Moghaddam,2016 (n,n) high O(n2)

Yuan,2014 (k,n) high O(1)

Liu,Fu,&Wang,2016 (2,n)* high O(1)

Chow,Susilo,Yang,Phillips,Pranata,&Barmawi,2016 (n,n) high O(1)

Wan,Lu,Yan,Wang,&Chang,2017 (k,n) high O(1)

thispaper general high O(1)


15

REFERENCES

Amiri,T.,&Moghaddam,M.E.(2016).AnewvisualcryptographybasedwatermarkingschemeusingDWTandSIFT formultiple cover images.Multimedia Tools and Applications,75(14), 8527–8543. doi:10.1007/s11042-015-2770-7

Ateniese,G.,Blundo,C.,Santis,A.D.,&Stinson,D.R.(1996).Visualcryptographyforgeneralaccessstructures.Information and Computation,129(2),86–106.doi:10.1006/inco.1996.0076

Chen,Y.C.(2017).Fullyincrementingvisualcryptographyfromasuccinctnon-monotonicstructure.IEEE Transactions on Information Forensics and Security,12(5),1082–1091.doi:10.1109/TIFS.2016.2641378

Chen,Y.C.,Tsai,D.S.,&Horng,G.(2013).Visualsecretsharingwithcheatingpreventionrevisited.Digital Signal Processing,23(5),1496–1504.doi:10.1016/j.dsp.2013.05.014

Chow,Y.W.,Susilo,W.,Yang,G.,Phillips,J.G.,Pranata,I.,&Barmawi,A.M.(2016).ExploitingtheErrorCorrectionMechanisminQRCodesforSecretSharing. InJ.Liu,&RSteinfeld(Eds.),2016 Australasian Conference on Information Security and Privacy, LNCS(Vol.9722,pp.409-425).Berlin,Germany:Springer-Verlag.doi:10.1007/978-3-319-40253-6_25

Hou,Y.C.,&Quan,Z.Y.(2012).Progressivevisualcryptographywithunexpandedshares.IEEE Transactions on Circuits and Systems for Video Technology,21(11),1760–1764.doi:10.1109/TCSVT.2011.2106291

Hu,H.,Shen,G.,Fu,Z.,Yu,B.,&Wang,J.(2016).GeneralconstructionforXOR-basedvisualcryptographyanditsextendedcapability.Multimedia Tools and Applications,75(21).doi:10.1007/s11042-016-3250-4

ISO/IEC.(2015).ISO/IEC18004:2015Information-Automaticidentificationanddatacapturetechniques-QRCodebarcodesymbologyspecification.

Jia,X.,Wang,D.,Nie,D.,&Zhang,C.(2016).Collaborativevisualcryptographicschemes.IEEE Transactions on Circuits and Systems for Video Technology.

Kang,I.,Arce,G.R.,&Lee,H.K.(2011).Colorextendedvisualcryptographyusingerrordiffusion.IEEE Transactions on Image Processing,20(1),132–145.doi:10.1109/TIP.2010.2056376PMID:20615812

Lin,S.J.,Chen,S.K.,&Lin,J.C.(2010).Flipvisualcryptography(FVC)withperfectsecurity,conditionally-optimalcontrast,andnoexpansion.Journal of Visual Communication and Image Representation,21(8),900–916.doi:10.1016/j.jvcir.2010.08.006

Liu,F.,&Wu,C.(2011).Embeddedextendedvisualcryptographyschemes.IEEE Transactions on Information Forensics and Security,6(2),307–322.doi:10.1109/TIFS.2011.2116782

Liu,F.,&Yan,W.Q.(2014).Visual cryptography for image processing and security.SpringerInternationalPublishing.doi:10.1007/978-3-319-09644-5

Liu,Y.,Fu,Z.,&Wang,Y.(2016).Two-levelinformationmanagementschemebasedonvisualcryptographyandQRcode.Jisuanji Yingyong Yanjiu,33(11),3460–3463.

Naor,M.,&Shamir,A.(1995).Visualcryptography.InA.DeSantis(Ed.),LectureNotesinComputerScience:Vol. 950. Advances in Cryptology — EUROCRYPT’94. EUROCRYPT 1994. Berlin Heidelberg, Germany:Springer-Verlag.doi:10.1007/BFb0053419

Ou,D.,Sun,W.,&Wu,X.(2015).Non-expansiblexor-basedvisualcryptographyschemewithmeaningfulshares.Signal Processing,108,604–621.doi:10.1016/j.sigpro.2014.10.011

Shen,G.,Liu,F.,Fu,Z.,&Yu,B.(2017).Perfectcontrastxor-basedvisualcryptographyschemesvialinearalgebra.Designs, Codes and Cryptography,85(1),15–37.doi:10.1007/s10623-016-0285-5

Shyu,S.J.,&Chen,M.C.(2015).Minimizingpixelexpansioninvisualcryptographicschemeforgeneralaccessstructures.IEEE Transactions on Circuits and Systems for Video Technology,25(9),1557–1561.doi:10.1109/TCSVT.2015.2389372

Wan,S.,Lu,Y.,Yan,X.,Wang,Y.,&Chang,C.(2017).Visualsecretsharingschemefor(k,n)thresholdbasedonqrcodewithmultipledecryptions.Journal of Real-Time Image Processing,9,1–16.

http://dx.doi.org/10.1007/s11042-015-2770-7

http://dx.doi.org/10.1007/s11042-015-2770-7

http://dx.doi.org/10.1006/inco.1996.0076

http://dx.doi.org/10.1109/TIFS.2016.2641378

http://dx.doi.org/10.1016/j.dsp.2013.05.014

http://dx.doi.org/10.1007/978-3-319-40253-6_25

http://dx.doi.org/10.1109/TCSVT.2011.2106291

http://dx.doi.org/10.1007/s11042-016-3250-4

http://dx.doi.org/10.1109/TIP.2010.2056376

http://www.ncbi.nlm.nih.gov/pubmed/20615812

http://dx.doi.org/10.1016/j.jvcir.2010.08.006


http://dx.doi.org/10.1007/978-3-319-09644-5

http://dx.doi.org/10.1007/BFb0053419

http://dx.doi.org/10.1016/j.sigpro.2014.10.011

http://dx.doi.org/10.1007/s10623-016-0285-5




16

Wang,D.,Yi,F.,&Li,X.(2009).Ongeneralconstructionforextendedvisualcryptographyschemes.Pattern Recognition,42(11),3071–3082.doi:10.1016/j.patcog.2009.02.015

Wang,G.,Liu,F.,&Yan,W.Q.(2016).2DBarcodesforvisualcryptography.Multimedia Tools and Applications,75(2),1223–1241.doi:10.1007/s11042-014-2365-8

Wu,X.,&Sun,W. (2014).Extendedcapabilities forxor-basedvisualcryptography. IEEE Transactions on Information Forensics and Security,9(10),1592–1605.doi:10.1109/TIFS.2014.2346014

Yan,X.,Wang,S.,El-Latif,A.A.A.,&Niu,X.(2015).Newapproachesforefficientinformationhiding-basedsecretimagesharingschemes.Signal, Image and Video Processing,9(3),499–510.doi:10.1007/s11760-013-0465-y

Yan,X.,Wang,S.,Niu,X.,&Yang,C.N.(2015).Halftonevisualcryptographywithminimumauxiliaryblackpixelsanduniformimagequality.Digital Signal Processing,38(C),53–65.doi:10.1016/j.dsp.2014.12.002

Yang,C.N.,Liao,J.K.,Wu,F.H.,&Yamaguchi,Y.(2016).Developingvisualcryptographyforauthenticationonsmartphones. In J.Wan, I.Humar,&DZhang (Eds.),2016 International Conference on Industrial IoT Technologies and Applications, LNICSSITE(Vol.173,pp.189-200).BerlinHeidelberg,Germany:Springer-Verlag.doi:10.1007/978-3-319-44350-8_19

Yang,C.N.,Sun,L.Z.,&Cai,S.R.(2016).Extendedcolorvisualcryptographyforblackandwhitesecretimage.Theoretical Computer Science,609(P1),143–161.doi:10.1016/j.tcs.2015.09.016

Yang,C.N.,&Wang,D.S.(2014).Propertyanalysisofxor-basedvisualcryptography.IEEE Transactions on Circuits and Systems for Video Technology,24(2),189–197.doi:10.1109/TCSVT.2013.2276708

Yuan,H.D.(2014).Secretsharingwithmulti-coveradaptivesteganography.Information Sciences,254,197–212.doi:10.1016/j.ins.2013.08.012

http://dx.doi.org/10.1016/j.patcog.2009.02.015

http://dx.doi.org/10.1007/s11042-014-2365-8


http://dx.doi.org/10.1007/s11760-013-0465-y

http://dx.doi.org/10.1007/s11760-013-0465-y

http://dx.doi.org/10.1016/j.dsp.2014.12.002

http://dx.doi.org/10.1007/978-3-319-44350-8_19

http://dx.doi.org/10.1016/j.tcs.2015.09.016


http://dx.doi.org/10.1016/j.ins.2013.08.012


17

Yuqiao Cheng received the MS degree in information security at Zhengzhou Information Science and Technology Institute. Her research interests include visual cryptography and information security.

Zhengxin Fu received the PhD degree from Zhengzhou Information Science and Technology Institute in 2014. His research interests include visual cryptography and information security.

Bin Yu is a professor of the Department of Computer Science and Information Engineering at Zhengzhou Information Science and Technology Institute. His research interests include the design and analysis of algorithms, visual secret sharing and network security.

Gang Shen received the PhD degree from Zhengzhou Information Science and Technology Institute in 2017. His research interests include: visual security and cryptography, image security.

APPENDIX

1) Collectionsof(3,5)accessstructure:

Γ1={{1,2,3},{1,4,5}};Γ2={{1,2,4},{2,3,5}};Γ3={{1,2,5},{3,4,5}};Γ4={{1,3,5},{2,3,4}};Γ5={{1,3,4},{2,4,5}}.


Γ1={{1,2,3,4},{1,2,3,5}};Γ2={{1,2,3,6},{1,2,4,5}};Γ3={{1,2,4,6},{1,2,5,6}};Γ4={{1,3,4,5},{1,3,4,6}};Γ5={{1,3,5,6},{1,4,5,6}};Γ6={{2,3,4,5},{2,3,4,6}};Γ7={{2,3,5,6},{2,4,5,6}};Γ8={{3,4,5,6}}.


Γ1={{1,2,3,4,5},{1,2,3,4,6},{1,2,3,4,7}};Γ2={{1,2,3,5,7},{1,2,3,6,7},{1,2,4,6,7}};Γ3={{1,2,5,6,7},{1,3,4,5,6},{1,3,4,5,7}};Γ4={{1,3,4,6,7},{2,3,4,5,6},{2,3,4,6,7}};Γ5={{1,3,5,6,7},{1,4,5,6,7},{2,3,4,5,6}};Γ6={{2,3,5,6,7},{2,4,5,6,7},{1,2,4,5,6}};Γ7={{3,4,5,6,7},{1,2,4,5,7},{1,2,3,5,6}}.


Γ1={{1,2,3,4,5,6},{1,2,3,4,5,7},{1,2,3,4,5,8}};Γ2={{1,2,3,5,6,7},{1,2,3,5,6,8},{1,2,3,4,6,7}};Γ3={{1,2,3,5,7,8},{1,2,3,6,7,8},{1,2,3,4,6,8}};Γ4={{1,2,4,5,6,7},{1,2,4,5,6,8},{2,3,5,6,7,8}};Γ5={{1,2,4,5,7,8},{1,2,4,6,7,8},{1,3,4,6,7,8}};Γ6={{1,2,5,6,7,8},{1,3,4,5,6,7},{1,3,5,6,7,8}};Γ7={{2,3,4,5,6,7},{2,3,4,5,6,8},{1,3,4,5,6,8}};Γ8={{2,3,4,5,7,8},{3,4,5,6,7,8},{1,3,4,5,7,8}};Γ9={{1,2,3,4,7,8},{2,3,4,6,7,8},{2,4,5,6,7,8}};Γ10={{1,4,5,6,7,8}}.

Documents

General Construction for Extended Visual Cryptography