Separable reversible data hiding by vacating room after encryption using encrypted pixel difference

Abstract

As the number of people using the Internet has increased, more information is stored and accessible daily. As a result, the requirement for information security also grows. In the early stages of data security, cryptography is used. Cryptography turns readable information into an unreadable form. Steganography is the next generation of information security. The main downside of this steganography is that the digital media becomes damaged due to hiding information in digital media. The next stage of information security is Reversible Data Hiding (RDH). This method can restore personal information and digital media without error. The next method, Separable Reversible Data Hiding in Encrypted Digital Media, recovers the digital media and extracts concealed information independently without disturbing or knowing each other. This paper presents a novel Separable Reversible Data Hiding by Vacating Room After Encryption using the Encrypted Pixel Difference (SRDH-VRAE-EPD) method, which combines homomorphic encryption and encrypted pixel differences. The proposed method offers the following advantages. It achieves an embedding rate of 1.2 bpp, significantly improving upon standard VRAE algorithms while allowing for lossless data extraction and image recovery. The encrypted image ensures high security against various attacks, including statistical, differential, and chosen plaintext attacks, and it allows for the extraction of secret data and recovery of the original image independently, making it a separable process.

Introduction

The term “information” refers to a collection of well-known facts. Previously, the only way to receive information was through books, but now we can obtain information from various sources via the Internet. Communication has now become an open source for all, with anyone from anywhere in the world able to access it anytime. Further advancements in internet access have resulted in a revolution in which people may now not only access information but also store it on the cloud via the Internet. However, privacy is something that every customer expects from their service provider. Privacy can be the confidence that the user’s information will be kept private and secure from prying eyes. The number of individuals interacting with online information has grown in recent years. As cloud access has recently increased, cloud platform information security and privacy requirements have become a significant concern^1,2. Cryptography and steganography are two technologies used to safeguard digital information.

Cryptography is the safe transfer of information using mathematical calculations. Cryptography’s core purpose is to convey information securely and with the assurance of privacy. In cryptography, mathematical methods are built on precise computations to change the information into unreadable and make decoding difficult unless the algorithm and key used for encryption are known. Authentication, confidentiality, integrity, and non-repudiation are all essential properties of cryptography. In cryptography, while it can be known that someone is secretly communicating, nobody can know the secrets. Although the information is in plain sight of everyone, the information conveyed is always kept secret. This openness, on the other hand, entices intruders to try breaking into the confidentiality.

Steganography is a technique for hiding communication. Everybody can see the communication in cryptography, but the content is unreadable. On the contrary, steganography covers even the existence of communication, and nobody detects it. Hence, steganography is more secure than cryptography. Steganography conceals communication by embedding data in digital media such as images, text, or video files. The file used for embedding is called cover, and the resulting digital file is called stego. The process of determining hidden information from stego is known as steganalysis. Typically, conventional steganography methods substitute the Least Significant Bit (LSB). In image steganography, for example, the secret message bits replace the image’s LSB bits. There are no visible changes in the image due to the LSB bit changes. Watermarks include copyright information in images and video files without altering the original image quality³. However, changing the cover bits for embedding may sometimes create some distortion in the cover^4,5. One fundamental concern with steganography is that the cover cannot be recovered from data embedding damages. As a result, a novel technique known as Reversible Data Hiding (RDH) was introduced.

Reversible Data Hiding (RDH) has emerged as a critical data protection strategy. Because it can retrieve the cover without causing any damage, RDH is generally utilised to disguise potentially sensitive data from varied fields such as the military, image processing applications, pharmaceutical and medical industries, and remote sensing^6–9. Digital image applications in technological fields greatly impacted traditional RDH schemes^10–13. Many reversible data-hiding techniques in the past relied on the idea of lossless compression. Lossless compression of the cover is used to generate the information storage space. Another approach is suggested in¹⁴, known as Context-based Adaptive Lossless Image Codec (CALIC). The main drawbacks of adopting these technologies are the severe visual distortion and limited information embedding capabilities. Consequently, numerous systems with high embedding capacities and minimal image distortion have been developed.

Tian¹⁵ proposed the difference expansion technique, in which he embeds the hidden information in the pixel difference. Ref.¹⁶ discusses the implementation of RDH using machine learning¹⁷ presented an adaptive reversible information hiding approach to achieve efficient embedding capacity. To recover the original pixel value from stego pixel values in¹⁸, After, data embedding, the order of the pixel values is left unchanged. Data Hiding in JPEG images is implemented in¹⁹. These solutions effectively protect the data stored in the image but not the cover. Due to this, Reversible Data Hiding in Encrypted Image (RDHEI) was developed.

One application of Reversible Data Hiding in Encrypted Images is the retention of healthcare-related data of some VIP patients in medical imaging and the protection of their health-related information. As a result, it is even more essential to ensure that the information concealed in images is safe, lowers the impact of data disclosure for data breaches and that the data can be retrieved without error by any third-party authorised person. The^10,20,21 discuss successfully recovering both embedded data and medical images. Another real-world use of RDHEI is the protection of customers’ data privacy in the cloud^22–47.

Separable Reversible Data Hiding in Encrypted Images (SRDH-EI) was developed to advance information security. The SRDH-EI will be used if the receiver wants to get the image or the data. Image recovery and secret extraction are distinct processes and do not depend on each other. People can extract the relevant information using the key available to the receiver. Assume two keys, key1 and key2, and three receivers, reciever1, reciever2, and reciever3. The receiver1 has key1, receiver2 has key2, and receiver3 has key1 and key2. The ke1 can retrieve the embedded information in the image, whereas key2 can recover the image used for embedding. The receiver1 can only extract the embedded information, whereas the receiver2 can only recover the image used for embedding. The receiver3 with keys 1 and 2 can extract the information hidden in the image and recover the image used for embedding. This analogy suggests that the type of key availability impacts which data is recovered by the receiver, which is the major focus of the approach to Separable reversible data hiding in encrypted images (SRDH-EI)^26–44 discusses various SRDH-EI techniques. In³⁶, homomorphic encryption encrypts the image, and the permutation-ordered binary (POB) number system embeds the data. The data is embedded in the MSB difference of the adjacent pixels in³⁷ via homomorphic encryption.

The room has been made available in the encrypted image using a Vacating Room After Encryption (VRAE) technique. To increase the embedding rate and maintain some correlation between the MSBs of some of the pixels in the smooth blocks, Qin et al.³¹ a distinct encryption method was used to encrypt the alternating pixels. Unfortunately, using these conventional VRAE approaches leads to issues with the retrieved data or the decrypted image. Additionally, the embedding rates of these techniques are often modest, which limits the application scenarios.

In recent years, some block-based Separable Reversible Data Hiding by Vacating Room After Encryption (SRDH-VRAE) systems have been presented to increase the embedding rate and prevent errors. The original image is split into several blocks into these schemes, and each block is encrypted using the same key. The relevancy of the pixels within the block can be maintained. Based on this feature, Huang et al.³⁸ the histogram shifting technique was applied to the prediction error histogram obtained from each encrypted block for the two-tier data embedding schemes. Later, to increase the embedding rate, Ge et al. ³⁹ suggested a multi-level strategy. The encrypted blocks in⁴⁰ employ the LSB flipping approach, with various LSBs flipped by the secret bits. Through the use of pixel rotation, Wang et al.⁴¹ proposed a Pixel Rotation Reversible Data-Hiding in Encrypted Image (PR-RDHEI) and Lossless PR-RDHEI (LPR-RDHEI)

The paper is titled Separable Reversible Data Hiding by Vacating Room After Encryption using Encrypted Pixel Difference (SRDH-VRAE-EPD). This scheme combines data hiding with image encryption to embed secret information securely into an encrypted image. Instead of directly storing the image’s pixel values, this scheme calculates the difference between adjacent pixel values. These differences are utilised to produce a new representation of the image that can help efficiently allocate space for embedding secret data later. Additive Homomorphic Encryption is applied to the source image. This encryption technique enables mathematical operations like addition to the encrypted image, which helps add the secret data to the encrypted image. In this way, the image and the secrets are kept safe while stored and transmitted. Then, the data hider inserts the secret in an encrypted image without the original image’s knowledge. Finally, at the receiver’s end, both the secret extraction and the recovery of the images are carried out independently without any loss. This means that secret extraction is possible without image decryption. Moreover, the image can be restored without secret extraction. Therefore, the following can be used to summarise the key points of the proposed work:

1. The proposed SRDH-VRAE-EPD strategy takes advantage of the pixel difference to significantly enhance the embedding rate in contrast to standard VRAE algorithms, which can embed 1.2 bpp of secret data into the encrypted image and allow lossless data extraction and image recovery.

2. The data can be sent to a data hider with high security since the image is encrypted using homomorphic encryption. The encrypted image result also demonstrates that this method can survive many attacks, such as statistical, differential, and chosen plain text attacks.

3. The secret may be extracted from an encrypted image without the knowledge of the original image. Similarly, the original image can be recovered without knowing the secret. As a result, the proposed method is, by nature, separable.

4. The secret can be extracted with zero error in a noise-free channel since the proposed method’s bit error rate for extracted secrets is zero.

The rest of this paper is organised as follows. First, the proposed method concepts, including image encryption, secret embedding, image recovery, and secret extraction, are explained in “Proposed methodology—(SRDH-VRAE-EPD)” Section. Then, “Results and analysis” Section presents the experimental findings and performance comparison. Finally, “Conclusions” Section discusses the findings and future work.

Proposed methodology—(SRDH-VRAE-EPD)

By exploiting the encrypted pixel difference, the data are inserted in the space of the encrypted image using the suggested approach. Figure 1 shows the general layout of the proposed method. This method includes three phases: phase one involves image encryption, phase two involves secret embedding, and phase three involves secret extraction and image recovery.

Fig. 1.

Secure data storage in the cloud.

Phase1: image encryption

The image is divided into an ‘n’ number of 2×2 blocks, and homomorphic encryption is applied to each block. The encryption process is further elaborated in Eqs. (1) to (4). These equations show the mathematical methods and transformations of data involved so that they will not expose privacy but, at the same time, allow the computation of encrypted data. The sender’s and receiver’s private and public keys are given in Eqs. (1) and (2). These keys can be computed based on any natural number NNo, which serves as the basis for deriving the public keys for both parties.

1

2

A random number (Ri) is generated for each ith block encryption. This random number is then used to encrypt four pixels (P_i1, P_i2, P_i3, P_i4) within the block, according to procedures described in equations (3-6).

3

4

5

6

where CP_ij is the encrypted jth pixel value in the ith block and ‘b’ is the number of bits used to indicate a pixel value, the ‘b’ value for a grayscale image is 8. Algorithm 1 demonstrates the image encryption process step by step.

Algorithm 1.

Encryption.

The 8×8 image in Fig. 2 demonstrates the image encryption process. The encryption is done using the Natural Number (NNo) 120, the sender’s private key (Spri_key) 31, the receiver’s private key (Rpri_key) 23, the receiver’s public key 2760 (Rpub_key = Rpri_key×NNo = 23×120 = 2760), and random numbers 200, 28, 216, 175, 217, 106, 103, 110, 188, 27, 50, 189, 54, 131, 182, 175 respectively for each block. The Fig. 3 shows the resulting encrypted image.

Fig. 2.

8 × 8 plain image.

Fig. 3.

8 × 8 encrypted image.

Phase 2: data embedding

The encrypted image is divided into 2 × 2 blocks. The first box in Fig. 4 depicts the encrypted image’s ith block, where CPi1, CPi2, CPi3, and CPi4 are the four encrypted pixel values in the ith block. The second box indicates the difference between the pixel values and the 2nd-row 2nd column element in a block. Fig. 5a shows an 8×8 encrypted image. The encrypted image is divided into an ‘n’ number of 2 × 2 blocks. Fig. 5b shows the encrypted image’s 2 × 2 block representation.

Fig. 4.

Block pixel difference.

Fig. 5.

Encrypted image’s pixel blocks.

As shown in Fig. 4, the pixel difference (d) is calculated for the ith block as d_i1 = CP_i4–CP_i1, d_i2 = CP_i4–CP_i2, d_i3 = CP_i4–CP_i3. Equations (7-13) outline the data embedding process using the Vacating Room After Encryption (VRAE) method. The number of bits embedded within a block depends on five specific conditions: C₁, C₂, C₃, C₄, and C₅, as detailed in Equation (7).

7

After secret embedding in an encrypted pixel (CP), the pixel is known as the stego pixel. Equation 8 generates the stego pixel for C₁, C₂, and C₃ conditions.

8

Equations 9 and 10 illustrate the indicator bits and amount of bits that can be embedded in a pixel for the conditions C₁, C₂, C3, C4, and C₅. If the difference(d) value is positive, the sign bit value is ‘0’; otherwise, it is ‘1,’ as indicated in Eq. 11. Equation 12 shows the binary bits of |d| for each stego pixel in the ith block. Finally, for conditions C₄ and C_5, the stego pixel creation is shown in Eq. 13.

9

10

11

12

For the conditions C₄ C_5, the stego pixels are created by Eq. (13)

13

The procedure of embedding the secret bits into the encrypted pixels is depicted in Figs. 6, 7 and 8. When the C₁ requirement is met, the three secret bits could be embedded in the encrypted pixels: CP_i1, CP_i2, and CP_i3 in the ith block. The 5th block in this encrypted image satisfies the C₁ condition; the secret bits 010, 110, and 010 are embedded in the block, as illustrated in Fig. 6.

Fig. 6.

Secret Embedding for condition C₁.

Fig. 7.

Secret embedding for condition C₂.

Fig. 8.

Secret embedding for condition C₃.

The 14th block satisfies the C₂ condition; 2 bits of secret (e.g., 10, 11, 01) are embedded into the pixels.

The 9th block satisfies the C3 condition, 1 bit of secret bits embedded into the pixels (e.g., 0, 1, 1) as follows.

No secret bits are embedded in the pixels when C4 and C5 conditions are met, as shown in Figs. 9 and 10. In condition C5, the ith block is registered in the location map (LM) if two right-most bits of encrypted pixels, CPi1, CPi2, and CPi3, are equivalent. The 12th block satisfies the C4 condition, and the stego pixel creation for that block is as follows.

Fig. 9.

Stego pixel for condition C₄.

Fig. 10.

Stego pixel and Location map for condition C₅.

The C₅ condition is satisfied by the 10th and 15th blocks, resulting in no pixel change, as illustrated in Fig. 10.

Algorithm 2 demonstrates the secret embedding process in an encrypted image step by step.

Algorithm 2.

Data embedding.

Phase3: secret extraction and image recovery

The stego image is divided into the ‘n’ number of non-overlapping blocks for image recovery. The procedure for obtaining Recovered Encrypted Pixels (REP) for indicator “00” for the fifth block of the stego image is shown in Fig. 11.

Fig. 11.

Recovered Encrypted Pixels (REP) for Indicator 00.

Then, using Eqs. (14–15), the Recovered Encrypted Image (REI) is decrypted to obtain the Recovered Image (RI). The decryption process of the 5th block of the Recovered Encrypted Image is shown in Fig. 12. The pixel values of each indicator of all the blocks are recovered similarly. If the leftmost bits of SPi1, SPi2, and SPi3 in a block are different, and if any block is found in the location map, those blocks are decrypted directly.

14

15

Fig. 12.

Recovered Pixels (RP).

REPij represents the recovered encrypted jth pixel value in the ith block. DPij and RPij indicate the jth decrypted and recovered pixel values in the ith block.

Algorithms 3 and 4 show step-by-step instructions on how to recover an image from a stego image.

Algorithm 3.

Image recovery (stego image).

Algorithm 4.

Image decryption (REI).

Retrieving the secret from the stego image is based on identifying the indicators, the two left-most bits of the stego pixels. The steps to retrieve the secret are given in algorithm 5.

Algorithm 5.

Secret extraction (StegoImage).

Results and analysis

Tests on various images (http://sipi.usc.edu/database/) were conducted to determine the efficacy of the suggested methodology. The sample-tested grayscale images are displayed in Fig. 13. Based on the findings of the experiments, the proposed method’s encryption strength, embedding capacity, decrypted image visual quality, error rate, and degree of reversibility were examined.

Fig. 13.

Test Images.

Statistical attack analysis

Reading data into incomprehensible data is the goal of an efficient encryption method. An encrypted image’s histogram, entropy, Deviation from ideality, and correlation coefficients can be used to measure the strength of the encryption algorithm.

Encrypted image’s histogram

The frequency of each intensity value in an image is referred to as a histogram. If an encrypted image’s intensity levels are evenly distributed, detecting the original image’s statistical nature is complex. For example, the encrypted image and after data embedding on the encrypted image in Fig. 14 have evenly distributed intensity values; therefore, this encryption method guards against being broken by a statistical assault.

Fig. 14.

Image Histogram.

Entropy

An essential metric for determining an encrypted image’s randomness is the global Shannon entropy, which may be calculated using Eq. (16).

16

P(k_j) is the likelihood that the symbol k_j will appear, and “HI” is the image’s highest intensity value. For an 8-bit image, the highest intensity is 255; the maximum intensity for a ‘b’ bit image is 2^b-1. The encrypted image entropy value should be very close to ‘b’ to prevent easy prediction of information about the original image. Entropy measures the randomness or unpredictability of information. A value for entropy close to the bit depth, for example, 8 for an 8-bit image, indicates that each pixel’s intensity is almost equally likely and contains no patterns or recognisable structures. Encryption converts the image into a random, noise-like form. High entropy means that the pixel values are uncorrelated or lack any repetitive structure, which is necessary for humans or machines to recognise them. In the maximal entropy case, pixel values would be uniformly distributed in their range. Uniformity hides all the distinguishing features or recognisable content and cannot be recovered or identified visually. Table 1 displays the entropy values of the encrypted image. Since all these encrypted images have entropy values closer to “b,” it is evident that the proposed method can withstand the statistical attack.

Table 1.

Metrics for statistical attack analysis.

Images		Entropy	Horizontal correlation	Vertical correlation	Diagonal correlation	Deviation from Ideality
Lena	Encrypted image	7.9993	− 0.0004	0.0004	0.0077	0.0255
	Encrypted image after data hiding	7.9993	0.0008	− 0.0005	0.0073	0.0267
Boat	Encrypted image	7.9993	0.0012	− 0.0005	0.0032	0.0252
	Encrypted image after data hiding	7.9992	− 0.0011	− 0.0004	0.0021	0.0264
Couple	Encrypted image	7.9992	− 0.0032	0.0055	0.0056	0.0251
	Encrypted image after data hiding	7.9993	− 0.0014	0.0068	0.0058	0.0265
Sailboat	Encrypted image	7.9993	0.0001	0.0008	0.0065	0.0256
	Encrypted image after data hiding	7.9993	0.0009	0.0038	0.0055	0.0257
Peppers	Encrypted image	7.9993	0.0002	− 0.0027	0.0032	0.0262
	Encrypted image after data hiding	7.9993	− 0.0004	− 0.0003	0.0067	0.0259
Airplane	Encrypted image	7.9992	0.0005	− 0.0007	0.0053	0.0241
	Encrypted image after data hiding	7.9993	− 0.0004	0.0005	0.0051	0.0247
Baboon	Encrypted image	7.9992	− 0.0046	0.0032	0.0068	0.0232
	Encrypted image after data hiding	7.9993	0.0008	0.0015	0.0048	0.0245
Elaine	Encrypted image	7.9992	− 0.0034	0.0024	0.0049	0.0255
	Encrypted image after data hiding	7.9993	0.0007	− 0.0014	0.0045	0.0261

Correlation coefficient

Finding the original image content becomes very challenging if there is little or no similarity between adjacent pixels in the encrypted image. To test the suggested method’s correlation coefficient, In the horizontal, vertical, and diagonal directions, 10,000 pairs of pixels are randomly selected. Low correlation coefficients in encrypted images suggest that adjacent pixels have little or no similarity, a characteristic of strong encryption. In natural images, neighbouring pixels are usually highly correlated because of smooth gradients and coherent patterns. Encryption breaks this dependency so that adjacent pixels don’t have characteristics similar to those before. Low correlation coefficients indicate that the encryption process has effectively randomised the pixel values in all directions: horizontally, vertically, and diagonally. This randomness leads to very high uncertainty and prevents the predictability of the value of one pixel based on its neighbours. The high correlation in an image can hint at the structure and contents of an image that could be attacked. Low correlation ensures that the encrypted image does not have patterns or structures and is resistant to cryptanalysis. Highly low correlation coefficients show that the encryption technique eliminates the statistical redundancies found in the original image, resulting in a completely secure image because the encrypted image would appear like noise. This way, the reported correlation coefficients in Table 1 confirm the validity of the proposed method to reach very high uncertainty and robustness in encryption. Table 1 lists the test images’ horizontal, vertical, and diagonal correlation coefficients. Since these values are extremely low, the suggested model exhibits high uncertainty features.

Deviation from ideality

The difference between the encrypted image and the ideal image is measured using this metric. The Deviation from ideality is calculated using the following Eqs. (17–18).

17

18

where ‘W’ and ‘H’ represent the image’s width and height, the pixel values 0 to 255 are evenly distributed in an Ideal grayscale image. Each pixel value appears 1024 times in an ideal 512 × 512 grayscale image. Table 1 lists the predicted Deviation from Ideality (DI). An image’s high degree of randomness will be reflected by a lower value of the estimated Deviation from ideality (DI). The tabulated data is shown; the encrypted image resembles an Ideal image.

Chosen plaintext attack analysis

Encrypting the plain images PI1 and PI2 creates the cipher images CPI1 and CPI2. The algorithm cannot withstand the chosen plain text attack if the XOR value of CPI1 and CPI2 is the same as the XOR between PI1 and PI2, as indicated in Eq. (19). The XORed image of a plain Lena and a plain airplane is displayed in Fig. 15a. The XORed image of an encrypted Lena and an encrypted airplane can be seen in Fig. 15b. It is apparent from Fig. 13a,b that the suggested technique is not prone to the chosen plain text attack.

19

Fig. 15.

XOR image (a) PI₁(i, j) ⊕ PI₂(i, j) (b) CPI₁(i, j) ⊕ CPI₂(i, j).

Differential attack analysis

Two extensively used metrics are the Number of Pixel Change Rate (NPCR) and Unified Average Change in Intensity (UACI) to evaluate how well an algorithm withstands differential attacks. The following formulae calculate the NPCR and UACI (20-22). CPI1 is the cipher image created by encrypting the plain image, and CPI2 is the result of encrypting the plain image after changing its first pixel. Table 2 contains the NPCR and UACI results for the test images.

20

21

22

Table 2.

NPCR and UACI.

Images	Lena	Boat	Couple	Sailboat	Peppers	Airplane	Baboon	Elaine
NPCR	99.6414	99.6414	99.6414	99.6414	99.6414	99.6414	99.6414	99.6414
UACI	33.562	33.493	33.555	33.532	33.599	33.6138	33.5059	33.6339

Critical value of NPCR with 5% is 99.5693 and UACI with 5% is 33.2824–33.6447).

Embedding capacity

Embedding capacity is the maximum number of bits that can be embedded into a single pixel. Equation 23 is utilised to calculate it. Table 3 compares the proposed method’s embedding capacity with several existing methods. The outcome demonstrates that the proposed method has a high embedding capacity compared to other methods.

23

Table 3.

Embedding capacity.

Images	EC(bpp)
	Qin et al.31	Ren and Niu36	Ge et al.39	Bhardwaj40	Wang et al. PR-RDHEI41	Wang et al. LPR-RDHEI41	Proposed
Airplane	0.0323	0.7072	0.2452	0.2500	0.4994	0.4421	1.4879
Baboon	0.0323	0.2767	0.0134	0.2500	0.4993	0.3522	0.4998
Boat	0.0323	0.6017	0.0651	0.2500	0.4994	0.4308	1.2334
Couple	0.0323	0.5623	0.1047	0.2500	0.4994	0.4290	0.9399
Elaine	0.0323	0.7003	0.0660	0.2500	0.4994	0.4486	1.3241
Lena	0.0323	0.6958	0.1382	0.2500	0.4995	0.4570	1.2876
Peppers	0.0323	0.6137	0.0899	0.2500	0.4993	0.4435	1.5292
Sailboat	0.0323	0.5312	0.0861	0.2500	0.4993	0.4351	0.9291
Average	0.0323	0.5861	0.1011	0.2500	0.4994	0.4298	1.1538

Bit error rate (BER)

The BER determines how many extracted bits differ from the original secret bits. Equation 24 is used to calculate it. The recovered bits are error-free because of the proposed method’s zero BER value.

24

Performance comparison

This section compares our proposed method to a few state-of-the-art schemes. We primarily compared our proposed schemes with numerous block-based VRAE schemes^36–39 because the spare rooms of our suggested schemes, SRDH–VRAE–EPD, are all created in a fully encrypted image. Comparisons of the embedding rate with PSNR on the four test images, Airplane, Baboon, Lena, and Peppers, are shown in Fig. 16a–d, respectively. Our proposed method has higher embedding rates than previous state-of-the-art schemes^40–44. The original image is completely recovered without any errors using the proposed method, so the PSNR of recovered images is always equal to infinite, as seen in Fig. 16.

Fig. 16.

Comparisons of the embedding capacity with PSNR.

Conclusions

This paper proposes a separable reversible data-hiding scheme for encrypted images, exploiting the encrypted pixel differences to leave space for embedding even after encryption. The most critical disadvantages of most reversible data-hiding techniques lie in the fact that they cannot resist statistical, differential, or chosen plaintext attacks and thus reduce their security level when sensitive applications are concerned. Our proposed method innovatively enhances resistance against a broad category of attacks, including statistical, differential, and chosen plaintext attacks, and thus makes it superior in security compared to others. One of the significant contributions of our scheme is the full independence among the secret extraction and image recoveries. Our approach recovers the original image and the embedded secrets with high-degree precision in noise-less channels. Besides, most existing strategies need to improve their embedding capacities, which are insufficient for scenarios requiring even higher data payloads. By contrast, our method achieves an average embedding capacity of 1.2 bpp, outperforming all the other methods to remove this significant bottleneck more effectively. Therefore, our method stands as the best solution for secure image transmission of sensitive military and medical images in cloud-based applications in a manner that ensures robustness but is practical. Nevertheless, problems persist regarding recovering the original cover image and the embedded secret from noisy channels. Despite all these limitations, our scheme still makes a fair contribution toward improving the efficiency and security of reversible data hiding in encrypted images. Further, it opens up avenues for future adaptations that help address those problems posed by noisy environments.

Author contributions

Conceptualisation, V.V., A.R., and R.A.; methodology, H.M., and P.V.M.; software, H.M., and P.V.M.; validation, H.M., and P.V.M.; formal analysis, V.V. and A.R; investigation, H.M., and P.V.M.; resources, data curation, V.V., A.R. and R.A.; writing—original draft preparation, V.V., A.R. and R.A.; writing—review and editing, A.R., and R.A.; visualisation, P.V.M.; supervision, R.A. and A.R.; project administration, V.V., A.R. and R.A.; funding acquisition, A . R. All authors have read and agreed to the published version of the manuscript.

Funding

The authors thank the Department of Science & Technology, New Delhi, for the FIST funding (SR/FST/ET-I/2018/221(C)).

Data availability

The datasets generated during and/or analysed during the current study are available from the corresponding author upon reasonable request.

Declarations

Competing interests

The authors declare no competing interests.