applied
sciences
Article
Data Hiding and Authentication Scheme for Medical Images
Using Double POB
Fang Ren 1,2 , Xuan Shi 1,2, *, Enya Tang 1 and Mengmeng Zeng 1
Citation: Ren, F.; Shi, X.; Tang, E.;
Zeng, M. Data Hiding and
Authentication Scheme for Medical
Images Using Double POB. Appl. Sci.
2024, 14, 2664. https://doi.org
/10.3390/app14062664
Academic Editor:
Antonino Pietropaolo
Received: 19 February 2024
Revised: 16 March 2024
Accepted: 19 March 2024
Published: 21 March 2024
Copyright: © 2024 by the authors.
Licensee MDPI, Basel, Switzerland.
This article is an open access article
distributed under the terms and
conditions of the Creative Commons
Attribution (CC BY) license (https://
creativecommons.org/licenses/by/
4.0/).
Appl. Sci. 2024, 14, 2664. https://doi.org/10.3390/app14062664
1 School of Cyberspace Security, Xi’an University of Posts and Telecommunications, Xi’an 710121, China;
renfang_81@163.com (F.R.); tangenya1122@163.com (E.T.); zengmengmiao@163.com (M.Z.)
2 National Engineering Research Center for Secured Wireless, Xi’an University of Posts and
Telecommunications, Xi’an 710121, China
* Correspondence: xuann1118@163.com; Tel.: +86-13992448337
Abstract: To protect the security of medical images and to improve the embedding ability of data
in encrypted medical images, this paper proposes a permutation ordered binary (POB) number
system-based hiding and authentication scheme for medical images, which includes three parts:
image preprocessing, double hiding, and information extraction and lossless recovery. In the image
preprocessing and double hiding phase, firstly, the region of significance (ROS) of the original medical
image is segmented into a region of interest (ROI) and a region of non-interest (RONI). Then, the bit
plane of the ROI and RONI are separated and cross-reorganization to obtain two new Share images.
After the two new Share images are compressed, the images are encrypted to generate two encrypted
shares. Finally, the embedding of secret data and attaching of authentication bits in each of these two
encrypted shares was performed using the POB algorithm. In the information extraction and lossless
recovery phase, the POBN algorithm is first used to extract the authentication bits to realize image
tamper detection; then, the embedded secret message is extracted, and the original medical image is
recovered. The method proposed in this research performs better in data embedding and lossless
recovery, as demonstrated by experiments.
Keywords: data hiding; medical images; POB number system; lossless recovery
1. Introduction
With the swift growth of internet technology and network infrastructure, electronic
medical care is also developing rapidly. Nowadays, medical data are mainly maintained
electronically as electronic patient records (EPRs); EPR data include medical images, health
record data, patient history, etc., that need to be transmitted. Medical images have highly
strict image quality criteria because they are one of the most significant tools used by
doctors to diagnose illness. Any small change may lead to an incorrect diagnosis or even
serious medical accidents. To secure the confidentiality, dependability, and availability
of medical images, many data-hiding algorithms and image encryption algorithms have
been proposed. Furthermore, to prevent tampering with the integrity of encrypted images,
image restoration algorithms have become a popular research topic.
Data-hiding technology is often used to protect patients’ privacy information in
telemedicine applications. This technology refers to the process of attaching data in-
formation that needs to be transmitted to the carrier image. There are already many
data-hiding algorithms based on medical images, Priyanka et al. [1] introduced a hybrid
image watermarking scheme based on the separation of ROI and RONI, and medical data
and least significant bits (LSBs) data from the ROI were attached to the RONI. A high-
volume steganography algorithm based on medical images was proposed by Wang et al. [2].
Thakur et al. [3] introduced a robust telemedicine application watermarking technology
that includes singular value decomposition and combines Discrete Wavelet Transformation
https://www.mdpi.com/journal/applsci
Appl. Sci. 2024, 14, 2664 2 of 21

(DWT) and Discrete Cosine Transform (DCT) transforms. A new adaptive reversible water-
marking scheme applied to medical images was proposed by Lee [4]; the algorithm extends
the estimation error of adjacent pixels to embed the watermark and can automatically
segment the target region and background region of a medical image.
Although the visual and embedding quality of the image can be guaranteed by data-
hiding techniques, privacy protection requirements may not be satisfied by simply embed-
ding the hidden data into the original image. Therefore, reversible data hiding in encrypted
images (RDHEI) technology has emerged as a prospective method. Chen et al. [5] separated
the encrypted image into blocks to make room for hiding secret messages by compressing
the difference between pixels. Wang and He [6] proposed a scheme to compress the block
using the uniform most significant bit (MSB) of the pixels in the block, which achieved
good results, but this scheme is not suitable for complex images. Fu et al. [7] determined
the embeddable block by analyzing the position of the MSB layer in the encrypted image.
To make space for embedding data, the MSB layer of the embeddable block needs to be
compressed in an adaptive way. In order to preserve the redundancy in the encryption
block, Liu et al. [8] adopted the classical XOR method to encrypt the block and used the re-
dundancy matrix existing in the encrypted block to generate the available space that could
accommodate the secret message. Gao [9] split the image through blocks for encryption
and compressed it using the data hider to free up space for embedding the encrypted secret
message. To guarantee the quality of the decrypted image, Qin et al. [10] separated the
image into a texture block and a smooth block, and they just inserted additional data into
the smooth block. Nowadays, most block-based RDHEI schemes deal with data hiding
and encryption separately. As a result, it is required and critical to investigate a method for
synchronizing data embedding and encryption in order to reduce the threats of potentially
insecure encryption systems.
RDHEI technology can only ensure the safety of medical images; it cannot guarantee
the dependability and availability of medical images. Therefore, in the field of integrity and
authentication of medical images, Singh et al. [11,12] proposed a technique to detect and
locate the tampered area, which also has the ability to recover tampering by embedding
authentication bits into each block’s three LSBs, and recovery bits are attached to mapping
blocks; this technique restores the tampered area with 50% accuracy. Tiwari et al. [13] use
two watermarking methods to detect and locate real-time tampering in medical images
and other common images. A highly efficient fragile watermarking strategy was proposed
by Gull et al. [14]. A fragile watermarking technique was proposed by Shehab et al. [15],
who replaced an image’s LSB with authentication and self-recovery bits in order to identify
tampering and recover tampered regions. Parah et al. [16] used fragile watermarks and
block checksums to detect and locate tampering. Additionally, in [17], Gao et al. improved
ROI contrast without adding distortion and used it for tamper detection.
The permutation ordered binary (POB) number system was introduced recently
by Sreekumar et al. [18], aiming to construct a novel secret sharing method. It is ap-
plied to medical images to enhance security and protect the integrity of medical images.
Compared with some existing algorithms, the POB number system has been further de-
veloped and applied in tamper detection, lossless recovery, bit plane compression, and
so on. Ren et al. [19] tried to use POB as a solution for re-encrypting the contents of the
image during the data hiding process, but this scheme had a low embedding capacity.
Using a POB number system on a cloud server, Singh and Xiang [20,21] presented a safe
method for detecting and recovering from image tampering. Liu et al. [22] used image
tamper detection and lossless recovery, combined with POB digital system to perform
neighborhood refinement and watermark refinement. The results of the experiment demon-
strated that, under some circumstances, the method performed well, but there were still
some problems in recovering large-scale tampering. To solve such problems, Li et al. [23]
proposed a scheme for medical image authentication recovery based on the POB algorithm.
Experimental findings and theoretical research have demonstrated that this strategy allows
Appl. Sci. 2024, 14, 2664 3 of 21

the lossless recovery of original images under different tampering attacks, but this scheme
can only achieve simple authentication and still has defects in carrying additional data.
Targeting the aforementioned inadequacies, this research proposes a medical image
hiding and authentication algorithm based on double POB system. The scheme not only
realizes the authentication of the medical image but can also transmit additional secret
data during the authentication. Firstly, the region of significance (ROS) part of the original
medical image is separated into an ROI and an RONI by a segmentation algorithm, and
then these two regions are separated and cross-reorganized to generate two shares so as
to prevent the high-bit sensitive pixels in the ROI from being tampered with. Then, the
two Share images were compressed, and the compressed data were repeatedly placed in
the plane with the same size as the original image; then, the plane was encrypted using a
hyperchaotic Lorenz system. Finally, the double POB number system was used to complete
the data hiding and authentication. After successful authentication, the embedded secret
message is extracted, and the original medical image is recovered. If the data are tampered
with, the original image can still be recovered completely by repeating the data placement.
The primary contributions of this research are summarized as follows:
(1) We utilized a double POB digital system to simultaneously achieve data hiding and
the authentication of medical images. The embedding capacity of data hiding is large,
and the process is reversible; the authentication is based on the pixel level, which is
very sensitive to any small tampering and meets the needs of medical images.
(2) We propose a method based on bit plane separation and cross-reorganization to
protect sensitive information in medical images. The bit plane separation method is
based on image segmentation, and the reorganization method protects the high-bit
sensitive pixels in the ROI.
(3) We propose a method for medical image tampering recovery by compressed data re-
peated filling. In the authentication stage, if the authentication fails due to tampering,
the data of the untampered area can be directly used for tampering recovery.
The structure of the rest of this paper is as follows. Section 2 describes the basic theory
related to the proposed scheme. In Section 3, the hiding and authentication process based
on double POB system in medical images is detailed. The experimental results and analysis
are given in Section 4. Finally, this paper is concluded in Section 5.

2. Preliminaries
This section contains some preliminary information about image segmentation, the
POB number system, the hyper-chaos Lorenz system, and Huffman coding.

2.1. Image Segmentation

There are various medical image segmentation methods widely used at present, and
the OTSU algorithm is a classical threshold segmentation method.
The OTSU algorithm, also referred to as the maximal variance between clusters, is
an algorithm that utilizes the image histogram to determine the optimal global threshold.
The advantages include simplicity, a fast calculation speed, and independence from image
brightness and contrast. The basic principle of the OTSU algorithm is as follows. Firstly, it
automatically finds a threshold to divide the image and distinguish the foreground region
from the background region. It divides the histogram into two groups at a certain threshold.
The threshold is determined by maximizing the variance between these two groups of
histograms, thus achieving the optimal segmentation effect.
Specifically, assume that a grayscale image has a range of gray values of [0, L − 1];
the pixel number of gray value i is ni , the number of total pixels is denoted as N, and
each gray value has a probability of pi . The first step involves obtaining a threshold value,
denoted as k. Subsequently, this value is utilized to partition the gray values into two
distinct groups. C0 represents the set of gray values in pixels that are less than or equal to k,
while C0 denotes the set of gray values in pixels greater than k. The probabilities of C0 and
C1 are denoted as m0 , m1 , respectively, so m0 + m1 = 1; the average values of C0 and C1
Appl. Sci. 2024, 14, 2664 4 of 21

are denoted as w0 , w1 , respectively; the whole image’s average gray value is denoted by
w; and w(k) is the average gray value when the threshold is k. The specific expression is
shown in Equation (1).
k

∑ L −1  m 0 = ∑ i =0 p i = m ( k )

N = i =0 n i

 m1 = ∑iL=−k1+1 pi = 1 − m(k)
 
 p = ni
 
i N ip w(k) (1)

 w = ∑iL=−01 ipi 
 w0 = ∑ik=0 m0i = m(k)
w(k) = ∑ik=0 ipi  w = ∑ L−1 ipi = w−w(k)
 

1 i = k +1 m 1 1− m ( k )

The grayscale average of all samples is:

w = m 0 w0 + m 1 w1 (2)

The between-class variance of two sets of gray values can be obtained with the follow-
ing equation:
σ 2 ( k ) = m 0 ( w0 − w ) 2 + m 1 ( w1 − w ) 2
= m 0 m 1 ( w1 − w0 ) 2 (3)
[wm(k)−w(k)]2
= m(k )[1−m(k )]

Traversing the gray level [0, L − 1], the inter-class variance under each threshold k is
calculated in turn, and the k value that can make σ2 (k ) obtain the maximum value is the
optimal threshold.

2.2. POB Number System

The POB number system was proposed by Sreekumar and Sundar [18]. The system is
denoted POB (n, r), where n ≥ r and both n and r are nonnegative integers. In this context,
r stands for the number of 1s in a string, andn stands
 for the number of bits. In the POB
n
number system, the range of P(A) is 0, 1, · · · − 1, where A = a j−1 a j−2 · · · a0 .
r
The following can be used to obtain P(A):

n −1 j
P( A) = ∑ j =0 aj ( )
vj
(4)

where v j = ∑nj=−01 a j .
The POB number in binary form can be calculated by the above equation to obtain the
matching POB value and vice versa.
For example, the 10-bit binary string 1011001010, denoted as POB (10, 5), has a POB
value that can be calculated by Equation (4).
       
0 1 8 9
lP( A) = a0 × + a1 × + · · · . . . + a8 × + a9 ×
0   1    4   5
3 6 7 9
= 0+1+0+ +0+0+ + +0+
2 3 4 5
= 185

The obtained POB value of 185 can be converted to the corresponding 8-bit binary, that
is, 10111001. This result has a crucial impact on some research based on data hiding. It can
simultaneously perform lossless compression and re-encryption in the process of data hiding.
Similarly, 010111011 is denoted as POB (9, 6), and its corresponding POB value is 10,
whereas a POB value of 28 would be 010101101 for POB (9, 5). Since the images used in
this paper are all 8-bit images, and both secret information and authentication bits are
embedded with two bits, the 10-bit POB (10, r) string in each operation can be converted
into an equivalent 8-bit decimal POB value, which ranges from 0 to 251.
 Lorenz system to produce hyperchaotic behavior. The system is expressed as follows:
𝑥 = 𝑎(𝑦 − 𝑥) + 𝑤,
𝑦 = 𝑐𝑥 − 𝑦 − 𝑥𝑧,
Appl. Sci. 2024, 14, 2664 (5)
𝑧 = 𝑥𝑦 − 𝑏𝑧, 5 of 21

𝑤 = −𝑦𝑧 + 𝑟𝑤.
2.3. Hyperchaotic Lorenz System
where a, b, c and r are system parameters, and x, y, z and w are state variables. When a =
In this section, hyperchaotic Lorenz systems are introduced. The method proposed
10, b = 8/3, c = 28, and
by−1.52≤ 𝑟 ≤−0.06,
Wang et al. the system
[24] is superior represents
in performance, a hyper-chaos
which adds state. Hyper-
a nonlinear controller w to the
Lorenz system to produce hyperchaotic behavior. The system
chaotic systems have a higher value in secure communication than ordinary chaotic sys- is expressed as follows:
tems.  .
 x = a(y − x ) + w,
 .
y = cx − y − xz,

. (5)
2.4. Huffman Coding  z = xy − bz,
 .

w = −yz + rw.
Huffman coding is a lossless encoding method in statistics. Its principle is based on
where a, b, c and r are system parameters, and x, y, z and w are state variables. When a = 10,
the frequency of data (pixels in an image), using fewer bits to encode data with a higher
b = 8/3, c = 28, and −1.52 ≤ r ≤ −0.06, the system represents a hyper-chaos state. Hyper-
frequency, which can reduce
chaotic thehave
systems overall coding
a higher length
value in to achieve the
secure communication purpose
than of data
ordinary chaotic com-
systems.
pression. Huffman coding produces the lowest number of redundant codes, has low com-
2.4. Huffman Coding
putational complexity, and is easy to implement. Huffman coding has been effectively
Huffman coding is a lossless encoding method in statistics. Its principle is based on
applied to text, image, video
the frequency compression,
of data (pixels inand so on.using
an image), Forfewer
a more detailed
bits to description
encode data of
with a higher
Huffman coding, refer to [25].
frequency, which can reduce the overall coding length to achieve the purpose of data
compression. Huffman coding produces the lowest number of redundant codes, has low
computational complexity, and is easy to implement. Huffman coding has been effectively
3. The Proposed Scheme
applied to text, image, video compression, and so on. For a more detailed description of
Huffman
This part proposes coding,
a new refer to [25].
scheme based on double POB system for medical image
hiding and authentication. In theScheme
3. The Proposed use of medical images, users are more concerned with
the information in the brighter
This part areas,
proposeswhich
a new is called
scheme theon
based ROS (region
double of significance),
POB system and
for medical image
hiding and authentication. In the use of medical images, users are
the information in the darker areas is redundant in most cases. Therefore, in order to min- more concerned with the
information in the brighter areas, which is called the ROS (region of significance), and the
imize the degradation of medical image quality, the image owner performs image prepro-
information in the darker areas is redundant in most cases. Therefore, in order to minimize
cessing on the ROS for operationofinmedical
the degradation the first place
image andthethen
quality, imageinserts secret data
owner performs imageand authen-
preprocessing
on the ROS for operation in the first place and then inserts secret
tication bits to generate two shares, which are then transmitted to the receiver. After the data and authentication
bits to generate two shares, which are then transmitted to the receiver. After the receiver
receiver authenticates the image, they extract the ciphertext information and complete the
authenticates the image, they extract the ciphertext information and complete the lossless
lossless recovery. The workThe
recovery. of the
workimage owner
of the image owneris shown
is shown in Figure
in Figure 1. 1.

Image Images Bit-plane Data Cross-

Owner Segmentation Seperation reorganization

Region of significance
Medical Image I
M'×N'
M×N
ShareA' ShareA
ShareA" (M×N) Data （M'×N'）
Data Embedding Image Encryption Data Filling
（M×N） Compression

K1
Hyper-chaos
Lorenz System
K1
ShareB' ShareB
ShareB" (M×N) Data （M'×N'）
Data Embedding Image Encryption Data Filling
（M×N） Compression

Hiding and Authentication Image preprocessing

Figure 1. The work of Figure

the image
1. The owner.
work of the image owner.
 3.1. Image Preprocessing
The image owner performs the pre-processing of the ROS of the extract, in
Appl. Sci. 2024, 14, 2664
image segmentation, bit plane separation, data cross-reorganization,6 data
of 21
comp
and data filling.
3.1. Image Preprocessing
3.1.1.
TheImage
imageSegmentation
owner performsand Bit Plane Separation
the pre-processing of the ROSCross-Reorganization
of the extract, including
image To
segmentation, bit plane
better protect the separation,
importantdata
partcross-reorganization, data compression,
of the ROS, the original ROS is first seg
and data filling.
and the best threshold is selected by the OTSU algorithm. The part over the thre
the ROI,
3.1.1. Imageand the partand
Segmentation under the threshold
Bit Plane is the RONI. After
Separation Cross-Reorganization segmentation, the
gions
To start
betterto undergo
protect bit plane
the important partseparation
of the ROS,reorganization.
the original ROS is Firstly, the high five bi
first segmented,
ROItheand
and bestthe low three
threshold bitsby
is selected ofthe
theOTSU
RONI are combined
algorithm. andthe
The part over paired intois athenew 8-b
threshold
ROI, and the part under the threshold is the RONI. After segmentation,
called ShareA. Then, the low three bits of the ROI and the high five bits the two regions startof the R
to undergo bit plane separation reorganization. Firstly, the high five bits of the ROI and the
combined and paired into a new 8-bit image called ShareB. This results in ShareB
low three bits of the RONI are combined and paired into a new 8-bit image called ShareA.
ing less
Then, important
the low three bitspixel
of theinformation
ROI and the high andfive
a more
bits ofimportant
the RONI are ShareA.
combined ShareB
and is pr
over ShareA
paired into a newin8-bit
theimage
subsequent information
called ShareB. This resultsembedding process,
in ShareB containing lessprotecting
important the RO
pixel information
medical image. and a more important ShareA. ShareB is prioritized over ShareA in the
subsequent information embedding process, protecting the ROI of the medical image.
The specifics of the data cross-reorganization process are illustrated in Figur
The specifics of the data cross-reorganization process are illustrated in Figure 2, and
Equation
Equation (6)(6) explains
explains it. it.

(i ) = ([ High5Plane
𝑆ℎ𝑎𝑟𝑒𝐴
ShareA 𝑖 ) = [𝐻𝑖𝑔ℎ5𝑃𝑙𝑎𝑛𝑒 (𝑖 ) + 𝐿𝑜𝑤3𝑃𝑙𝑎𝑛𝑒
ROI (i ) + Low3Plane RON I (i )]
(𝑖 )]
(6)
ShareB(i ) = [ High5Plane RON I (i ) + Low3Plane ROI (i )]
𝑆ℎ𝑎𝑟𝑒𝐵(𝑖 ) = [𝐻𝑖𝑔ℎ5𝑃𝑙𝑎𝑛𝑒 (𝑖 ) + 𝐿𝑜𝑤3𝑃𝑙𝑎𝑛𝑒 (𝑖 )]

Hihg5Plane
ROI ShareA
Low3Plane
Region of
significance
Low3Plane ShareB
RONI
High5Plane

Image Segmentation Bit-Plane Seperation Data Cross-reorganization

Figure
Figure 2. 2.
TheThe process
process of image
of image segmentation
segmentation andseparation
and bit plane bit planereorganization.
separation reorganization.
3.1.2. Data Compression and Data Filling
3.1.2.
In Data Compression
this part, and
ShareA is first Datainto
divided Filling
8 × 8 nonoverlapping blocks, and then the
Huffman In coding
this part, ShareA
algorithm is to
is used first divided
compress eachinto 8 Finally,
block. × 8 nonoverlapping blocks, and
each block’s compressed
data are stored in C,
Huffman coding algorithm is used to compress each block. Finally,filled
where the compressed data’s length is n, and then it is repeatedly each block
in a Share image of 512 × 512 as the size of the original medical image, which needs to be
pressed data are stored in C, where the compressed data’s length is n, and then
filled repeatedly (512 × 512)/n times in order to facilitate image recovery. The same data
peatedly filled
compression in a are
operations Share imageforofShareB.
performed 512 × 512 as the size of the original medica
which needs
We give to be filled
a concrete repeatedly
example: (512medical
if the original × 512)/n times
image sizeinisorder to facilitate
512 × 512, then it hasimage r
262,144 If the size of the extracted ROS is 352 ×
The same data compression operations are performed for ShareB. and the
pixels. 352, it has 123,904 pixels,
extracted ROS pixels are reduced by almost half; then, ShareA is compressed in blocks, and
We give a concrete example: if the original medical image size is 512 × 512, th
the number of pixels after compression is about 30,621. In order to obtain an image of size
262,144
512 × 512,pixels. If the size
the compressed dataofmustthe be
extracted ROS⌊262,
filled at least is 352 × 352,
144/30, 621⌋it=has 123,904
8 times. The pixels,
extracted
processes ROScompression
of data pixels are and reduced by almost
data filling are shown half; then,3.ShareA is compressed in
in Figure
and the number of pixels after compression is about 30,621. In order to obtain an i
size 512 × 512, the compressed data must be filled at least ⌊262,144/30,621⌋ =
The processes of data compression and data filling are shown in Figure 3.
l. Sci. 2024, 14, x FOR PEER REVIEW
Appl. Sci. 2024, 14, 2664 7 of 21

Data 111111001111110
Repeated
compression 011111100111111 Placement in I
001111110011111
1111……

ShareA ShareA'
(M'×N') (M×N)
Figure 3. Processes of data compression and data filling.
Figure 3. Processes of data compression and data filling.
3.2. Double Hiding
The image owner performs image encryption and data embedding on the preprocessed im-
3.2. Double Hiding
age.

TheEncryption
3.2.1. Image image owner performs image encryption and data embe
cessed image.
Two new Share images, namely ShareA′ and ShareB′ , are obtained after data compres-
sion and data filling are completed. To encrypt the two new Share images, the hyperchaotic
Lorentz system generates random numbers with the same size as the image, where the
3.2.1.
key Image
is recorded as Encryption
K1 , and the same key is used for encryption and decryption. Then, the
generated random numbers are used for XOR encryption so that two encrypted ShareA′
Two new
and encrypted ShareBShare
′ images images, namely
with the same ShareA’
size as the and ShareB’,
original medical image are ob-are obt
pression
tained, and theand data secret
subsequent filling are embedding
message completed.basedTo encrypt
on POB the two new Sh
and the authentication
information embedding based on POB are carried out in these two encrypted Shares.
chaotic Lorentz system generates random numbers with the same si
3.2.2. Double Embedding Based on POB
the key is recorded as K1, and the same key is used for encryption a
The POB algorithm is used to embed sensitive messages (such as patient identity,
the generated
condition, random
medical history, numbers
etc.) into are Share,
the encrypted usedwhichfor has
XOR encryption
the function of so
′
ShareA’ and
embedding and encrypted
re-encryption ShareB’ images
synchronization. with the
Since encrypted same
ShareB sizeless
contains as the o
important pixel information than encrypted ShareA′ , in order to protect the information in
are obtained,
sensitive and damaged,
areas from being the subsequent
the former hassecret
a highermessage
priority thanembedding
the latter when based
thentication
embedding information
secret messages, embedding
so the secret based
message is first on POB
embedded are carried
in encrypted ShareB′ . out i
Secret message embedding based on POB concrete steps is as follows:
Shares.
Step 1: Firstly, it traverses the pixels of encrypted ShareB′ to determine whether
the length of the secret message exceeds the capacity of encrypted ShareB′ . If not, the
secret message is directly embedded, and the second and third steps are repeated until all
3.2.2. Double Embedding Based on POB
information is embedded. If it exceeds the capacity, step 4 is completed after completing
The
step 2 and stepPOB
3. algorithm is used to embed sensitive messages (suc
Step 2: The secret message w0 , w1 ∈ {0, 1} is selected and embed it in each pixel of
condition,
encrypted ShareB medical
′ to make thehistory,
pixel turnetc.) intobinary
to a ten-bit the encrypted
number. Share, which h
bedding and re-encryption
Step 3: Through the POB number system, synchronization.
the pixels embedded with Sincesecretencrypted
information Sha
in encrypted ShareB′ are compressed from ten-bit binary numbers to eight-bit binary
portantand
numbers, pixel information
new pixels than
containing secret encrypted
information ShareA’, in order to prot
are generated.
′
sensitive
Step 4: Ifareas from
the capacity being damaged,
of encrypted the former
ShareB is not enough, has aishigher
the embedding continuedpriorit
in encrypted ShareA′ using the methods in steps 2 and 3.
embedding
After the secretsecret messages,
message is embedded, so the
theencrypted
secret message is first
image containing the embedded
secret
messageSecret message
is obtained, embedding
and the POB is used again based
to embedon POB concrete
the authentication steps
bit in the two is as f
encrypted images containing the secret information.
TheStep 1: Firstly,
authentication it traverses
information embedding the pixels
based on POBof encrypted
concrete steps is asShareB’
follows: to d
length
Step 1:ofEach
the8-bitsecret
pixel message
of the encryptedexceeds thecontains
image that capacity of encrypted
the secret message is Sha
used to calculate two authentication bits, and they are then attached to the 8-bit pixel.
message is directly embedded, and the second and third steps are re
Step 2: The first one in the authentication bit is denoted as the number of 1s in the first
mation
four istheembedded.
digits of eight pixels, and Ifthe
it second
exceedsone isthe capacity,
denoted stepof 41sis
as the number completed
in the last
four digits, which is denoted as 1 when odd and 0 when even.
2 and step 3.
Step 2: The secret message 𝑤 , 𝑤 ∈ {0, 1} is selected and em
encrypted ShareB’ to make the pixel turn to a ten-bit binary numbe
Step 3: Through the POB number system, the pixels embedd
Appl. Sci. 2024, 14, x FOR PEER REVIEW

Appl. Sci. 2024, 14, 2664 8 of 21

Step 3: Finally, the ten-bit pixels embedded with authentication bits are co
intoStep
eight-bit POBthe
3: Finally, values
ten-bitthrough the POBwith
pixels embedded number system, bits
authentication andare
ShareA” and Shar
converted
into eight-bit
generated. POB values through the POB number system, and ShareA” and ShareB” are
generated.
As shown in Figure 4, pixels 169 and 98 are selected as examples to carry ou
As shown in Figure 4, pixels 169 and 98 are selected as examples to carry out double
embedding
embedding based
based onPOB
on the the system.
POB system.

1 0
1 0 0 1 1 0
0 1 0 1 0 1
Embedding
0 1 {W ,W ,W ,W } 1 0 1 0
0 1 2 3
Binary 1 0 =0,1,1,1 0 0 POB Binary 0 1
169 98 0 0 1 0
172 92 1 1
76 104 1 0 0 1 1 1
0 1 1 0 0 0
1 0 0 1 0 0
(a) 1 1

1 0
1 0 0 1
0 1 1 0
1 1 0 1 Embedded
1 1 authentication bits
0 0 Binary POB
1 1
175 104 1 1
1 0 0 0
1 0 0 0
1 0 0 0
0 0
(b)

Figure
Figure 4. 4. Double
Double embedding
embedding based
based on on the
the POB POB(a)system.
system. (a) Secret
Secret message message
embedding embedding
based on the bas
POB system. (b) Authentication information embedding based on the POB system.
POB system. (b) Authentication information embedding based on the POB system.
The double embedding based on the POB algorithm not only greatly increases the ca-
pacity The
of datadouble
hiding embedding based
but also enhances on the ofPOB
the security algorithm
images. not only
This is because greatly incre
the method
capacity
can of data
automatically hidingthebut
re-encrypt also processed
currently enhancespixels
the during
security
dataof images.
hiding This is beca
and authen-
tication bit embedding, thus destroying the local correlation preserved
method can automatically re-encrypt the currently processed pixels during by the design of the data
cryptosystem, and the encrypted image, after embedding, is more difficult to understand.
and authentication bit embedding, thus destroying the local correlation preserve
design
3.3. of theExtraction
Information cryptosystem, and
and Lossless the encrypted image, after embedding, is more
Recovery
to understand.
In order to obtain a patient’s information for remote treatment, the recipient needs
to extract the embedded secret message from the encrypted shared image they receive.
The
3.3.medical image Extraction
Information must be protected using theRecovery
and Lossless lossless recovery method for data recovery.
Figure 5 illustrates the information extraction and lossless recovery scheme using the exam-
In orderFirstly,
ple of ShareA”. to obtain a patient’sbit
an authentication information for remote
is extracted from treatment,
ShareA” for the recipient
authentication bit
extract the embedded secret message from the encrypted shared image
detection. If it is not tampered with, the receiver extracts the secret message and completes they rece
image
medicalrecovery.
image If itmust
is detected that the Share
be protected has been
using tampered recovery
the lossless with, only the tampering
method for data r
recovery operation is performed. The same operation is performed for ShareB”.
Figure 5 illustrates the information extraction and lossless recovery scheme using
ample of ShareA”. Firstly, an authentication bit is extracted from ShareA” for aut
tion bit detection. If it is not tampered with, the receiver extracts the secret mess
completes image recovery. If it is detected that the Share has been tampered wi
the tampering recovery operation is performed. The same operation is perfor
ShareB”.
Appl. Sci. 2024, 14, x FOR PEER REVIEW
Appl. Sci. 2024, 14, 2664 9 of 21

ShareA"

Conversion from POB

value to POB number

Tamper detection
Authentication bit Authentication bit
extraction calculation

Yes No
Is equal
Extract secret data and recover

Extracting secret data K1 Decrypting

with POBN the image

Tamper Recovery
Lorenz system
Hyper-chaos

Decrypting K1 Extracting
the image compressed data

Extracting
Decompression
compressed data

Decompression Image recovery

ShareA

Figure
Figure5. Process flow chart
5. Process flow of chart
extracting
of secret information
extracting andinformation
secret image recovery.and image recovery.
3.3.1. POBN Algorithm
3.3.1.
ThePOBN Algorithm
receiver adopts two inverse POB algorithms in order to recover the received Share
image, as the two received shares were formed in accordance with the POB number system.
The receiver adopts two inverse POB algorithms in order to recove
Refer to Algorithm 1, also known as the POBN algorithm, for further information. Two
Shareofimage,
rounds the POBNas the two
algorithm arereceived
performed.shares
In orderwere formed
to extract in accordance
the authentication bit fromwith th
each pixel, the
system. POBN
Refer toalgorithm
Algorithmis first1,used
alsotoknown
convert the
asPOB
thevalue
POBN to the corresponding
algorithm, for furth
POB number. The authentication bit in the 10-bit data is then erased if it is found to be
Two rounds of the POBN algorithm are performed. In order to extract the
identical to the authentication bit determined by the statistical technique, indicating that
bit from each pixel, the POBN algorithm is first used to convert the POB v
responding POB number. The authentication bit in the 10-bit data is then
found to be identical to the authentication bit determined by the statistica
dicating that the image has not been tampered with. In the second executio
Appl. Sci. 2024, 14, 2664 10 of 21

the image has not been tampered with. In the second execution of the POBN algorithm
execution, each pixel’s hidden information is extracted, the POB value is converted to a
ten-POB number after the identity bit is removed, the embedded information is extracted
from each POB number, the ten-bit data are converted to eight-bit data, and the encrypted
ShareA′ and encrypted ShareB′ are recovered.

Algorithm 1 Converts the POB value to the corresponding POB number

 
n
Input: n, r, and v, where r ≤ n and 0 ≤ v ≤ − 1.
r
Output: the POB number A = a j−1 a j−2 · · · a0 .
(i) Let j = n and temp = v.
(ii) For k = r down to 1, perform the following:
1. Repeat {
2. j = j − 1;
 
j
3. p = ;
k
4. if (temp ≥ p)
5. temp = temp − p;
6. a j = 1;
7. else a j =0;
8. } until a j = 1 );
(iii) If (j > 0)
for k = j − 1 down to 0, perform the following:
ak = 0;
end.
(iv) Return A.

3.3.2. Secret Information Extraction and Image Authentication

The same key used for the encryption is used to decrypt the two encrypted Shares that
are recovered. The compressed data are extracted and then decompressed to obtain ShareA
and ShareB following decryption. The detailed steps are as follows, using ShareA” as an
example:
Step 1: If the extracted and calculated authentication bits are the same, the process
starts from the third step; if they differ, it proves that the image has been tampered with,
and the process starts from the second step.
Step 2: The tampered regions are located by the comparison results of the authentica-
tion bits, and only the third, fourth, and fifth steps are performed on the regions that are
not tampered with.
Step 3: After the authentication bit is removed, the POBN algorithm is used to convert
the 8-bit POB value to the 10-bit POB number, and the embedded secret information is
extracted.
Step 4: The random number generated by the hyperchaotic Lorentz system is used for
XOR decryption, and the key used for decryption is identical to the encryption key. After
decryption, an image composed of repeated filling with compressed data is obtained.
Step 5: After extracting the compressed data from the filled image and decompressing
the data, ShareA, composed of the reorganized data, is recovered.
The same steps are performed for ShareB” until the embedded secret information is
extracted and ShareB is recovered.

3.3.3. Image Reorganization and Recovery

The obtained ShareA and ShareB undergo bit plane separation, and the data are reorga-
nized. To obtain the ROI data, the high five bits of ShareA and the low three bits of ShareB
are extracted, and then they are combined. Then, extract the low three bits of ShareA and the
high five bits of ShareB and combine them to obtain the RONI data. Finally, combine the ROI
and RONI data to recover the ROS. Figure 6 depicts the detailed steps involved.
Appl. Sci. 2024, 14, x FOR PEER REVIEW 11 of 20
Appl.Appl.
Sci. 2024, 14, 14,
Sci. 2024, 2664x FOR PEER REVIEW 11 of 20 11 of 21

Hihg5Plane
Hihg5Plane
ShareA ROI
ShareA ROI
Low3Plane
Low3Plane Region of
Region of
significance
significance
Low3Plane
Low3Plane
ShareB
ShareB RONIRONI
High5Plane
High5Plane

Bit-Plane Seperation
Bit-Plane Seperation Data Reorganization
Data Reorganization RegionRegion
Recovery
Recovery

Figure 6. The
Theprocess
processofofdata reorganization and region recovery.
Figure 6. The process data reorganization and region recovery.
recovery.

4.4.Analysis
4.
Analysis of
Analysis ofSimulation
of Simulation
Simulation
Result
Result
Result
In this
In this part,
thispart, Python
part,Python 3.6
Python3.6 is used
3.6is is to simulate
used the proposed scheme and evaluate its per-
In
formance. The medical image setused
was to to
chosen
simulate
simulate
for thethe proposed
proposed
experimental testing
scheme
scheme
to and and
provide a
evaluate
evaluate its
its per-
better a
performance. The medical image set was chosen for experimental testing to provide better
formance.
estimation The
of themedical image
algorithm’s set was chosen
performance. As shownfor in
experimental testing
Figure 7, eight medicaltoimages
provideof a better
estimation of the algorithm’s performance. As shown in Figure 7, eight medical images of
estimation of the
different sizes, algorithm’s
different performance.
body parts, As shown
and different in Figure
types were selected7, for
eight medical to
simulations images of
different sizes, different body parts, and different types were selected for simulations to
different sizes, different body parts, and different types were selected for simulations to
verify the effectiveness of the scheme.
verify the effectiveness of the scheme.
verify the effectiveness of the scheme.

(a) (b) (c) (d)

(a) (b) (c) (d)

(e) (f) (g) (h)

(e) (f) (g) (h)

(i) (j) (k) (l)

(i) (j) (k) (l)

(m) (n) (o) (p)

Figure 7. The standard medical images used for testing. (a) Brain 01 MRI (512 × 512); (b) Brain 02
MRI (512 × 512); (c) Pulmonary 01 CT (256 × 256); (d) Pulmonary 02 DICOM (256 × 256); (e) Pancreas
MRI (180 × 180); (f) Chest CT (256 × 256); (g) Knee X-ray (300 × 162); (h) Hand X-ray (64 × 64);
(i–p) The(m) (n)(i) Brain 01 (352 × 352);
ROS region of extracted. (o) (j) Brain 02 (464 × 464);
(p) (k) Pulmonary 01
(176 × 176); (l) Pulmonary 02 (176 × 176); (m) Pancreas (120 × 120); (n) Chest (228 × 188); (o) Knee
Figure
Figure 7.162);
(212 × 7.
The
The standard
(p)standard
medical
medical
Hand X-ray
images
imagesused
(46 × 60). usedforfortesting.
testing.(a)(a)
Brain 0101
Brain MRIMRI(512 × 512);
(512 (b) (b)
× 512); Brain 02
Brain
MRI (512(512
02 MRI × 512);
× (c) Pulmonary
512); 01 CT (256
(c) Pulmonary 01 CT× 256);
(256(d)
× Pulmonary 02 DICOM02
256); (d) Pulmonary (256 × 256); (256
DICOM (e) Pancreas
× 256);
MRI (180 × 180); (f) Chest CT (256 × 256); (g) Knee X-ray (300 × 162); (h) Hand X-ray (64 × 64);
(e) Pancreas MRI (180 × 180); (f) Chest CT (256 × 256); (g) Knee X-ray (300 × 162); (h) Hand X-ray
(i–p) The ROS region of extracted. (i) Brain 01 (352 × 352); (j) Brain 02 (464 × 464); (k) Pulmonary 01
(64 × 64); (i–p) The ROS region of extracted. (i) Brain 01 (352 × 352); (j) Brain 02 (464 × 464);
(176 × 176); (l) Pulmonary 02 (176 × 176); (m) Pancreas (120 × 120); (n) Chest (228 × 188); (o) Knee
(k) Pulmonary 01 (176 × 176); (l) Pulmonary 02 (176 × 176); (m) Pancreas (120 × 120); (n) Chest (228
(212 × 162); (p) Hand X-ray (46 × 60).
× 188); (o) Knee (212 × 162); (p) Hand X-ray (46 × 60).
Appl. Sci. 2024, 14, 2664 12 of 21
Appl. Sci. 2024, 14, x FOR PEER REVIEW 12 of 20

4.1. Encryption Performance

In this section,
4.1. Encryption ShareA is selected for testing. We analyze the proposed scheme’s
Performance
security through the key space,
In this section, ShareA the gray
is selected for histogram,
testing. We and the the
analyze correlation
proposedofscheme’s
adjacent se-
pixels.
curity through the key space, the gray histogram, and the correlation of adjacent pixels.
4.1.1. Key Space Analysis
4.1.1.For
Keythe encryption
Space Analysis method in this paper, the four initial values of the hyperchaotic
Lorentz system are K = { x0 , y0 ,inz0this
For the encryption method
, w0 }paper,
, which are double precision numbers, so the size
the four initial values of the hyperchaotic
16 4 213
of the key
Lorentz spaces
system areare
𝐾= (10{𝑥0 ,)𝑦0≈
, 𝑧02, 𝑤0.},Itwhich
can be
areseen thatprecision
double the key space of the
numbers, hyperchaotic
so the size of
Lorentz system is very16 large,
4 which
213 makes it very difficult to crack
the key spaces are (10 ) ≈ 2 . It can be seen that the key space of the hyperchaotic the key. In addition,
when
Lorentz using theisPOB
system veryfor hiding
large, whichandmakes
authentication, converts
it verydifficult a 10-bit
to crack POBIn
the key. (10, r) string to
addition,
when using thePOB
POBvalue,
for hiding n
an equivalent it canand
rangeauthentication,
from 0 to converts a 10-bit
− 1. For POB (10,
example, when r) string
n is 10toand r
𝑛 r
an equivalent POB value, it can range from 0 to ( ) − 1. For example, when n is 10 and r
is 4, there are 210 possible POB values. Thus, the 𝑟 probability of successfully analyzing a
is 4, there are 210 possible POB values. Thus, theprobabilityM× N of successfully analyzing a
1𝑀×𝑁
Share image for an image of size M × N is 1 210 .
Share image for an image of size M × N is ( ) .
210

4.1.2. Gray Histogram Analysis

4.1.2. Gray Histogram Analysis
The gray
The gray histogram
histogramdescribes
describesthethenumber
number of of pixels
pixels of different
of different brightness
brightness levels
levels in in
an image, which is an important feature in statistical analysis. An ideal encrypted
an image, which is an important feature in statistical analysis. An ideal encrypted image image
histogram shouldbe
histogram should beuniform
uniformandandflat.
flat.Figure
Figure 8 shows
8 shows thethe
graygray histograms
histograms of original
of the the original
and
and encrypted images. The encrypted image’s histogram appears to be very different fromfrom
encrypted images. The encrypted image’s histogram appears to be very different
the
the original
original image’s
image’s histogram,
histogram, withwith aa quite
quite uniform
uniform distribution.
distribution.Therefore,
Therefore,the
theencryp-
encryption
scheme can resist
tion scheme statistical
can resist analysis.
statistical analysis.

(a)

(b)

(c)

Figure 8. Cont.
Appl.
Appl. Sci.
Appl.
Sci. 2024,
Sci.
2024, 14,
14,x2664
2024,14, xFOR
FORPEER
PEERREVIEW
REVIEW 13 of1320
13ofof 20
21

(d)
(d)
Figure 8.
Figure 8.The
Thegray
grayhistograms of the
histograms original
of the and and
original encrypted images.
encrypted (a) Brain
images. (a)01; (b) Brain
Brain 01; (b)02;Brain
(c) 02;
Figure 8.
Pulmonary The
01; gray
(d) histograms
Pulmonary of
02.
(c) Pulmonary 01; (d) Pulmonary 02. the original and encrypted images. (a) Brain 01; (b) Brain 02; (c)
Pulmonary 01; (d) Pulmonary 02.
4.1.3. Correlation
CorrelationofofAdjacent AdjacentPixels Pixels Analysis
Analysis
4.1.3.The
Correlation
The degree of Adjacent
degreeofofcorrelation
correlation Pixels
between
between Analysis
adjacent
adjacent pixels in an in
pixels imagean imageis represented by the by
is represented
correlation
the The degree
correlation of adjacent pixels.
ofofadjacent
correlation Abetween
meaningful
pixels. imagepixels
adjacent
A meaningful has a in
image high
hasan a degree
image
high is of represented
correlation
degree be-
by the
of correlation
tween adjacent
correlation
between adjacent pixels
of adjacent in pixels.
pixels all directions.
in all A meaningful
directions. When When encrypting
image
encrypting has anaimage,high
an breaking
degree
image, ofstrong
breaking pixelpixel
correlation
strong be-
correlation
tween adjacent
correlation is an important
is anpixels part of
in all directions.
important the
part of theWhen image encryption
imageencrypting
encryptionan algorithm. An
image, breaking
algorithm. effective
An effective image
strongimage pixel
encryption algorithm
correlation
encryption is
algorithm should
an important shouldattempt
part
attemptof tothe minimize
to image
minimize thethecorrelation
encryption between
algorithm.
correlation An
betweenadjacent
effective
adjacent pixelsimage
pixels
and try
and try to
encryption to achieve
achieve
algorithm zero
zero correlation.
shouldcorrelation.
attempt Usually,
Usually,
to minimize thethe encrypted
encrypted
the correlation image image has a low
has
between correlation
a low correlation
adjacent pixels
coefficient,
coefficient,
and so it looks
so it looks
try to achieve like a noisy
likecorrelation.
zero image.
a noisy image. The correlation
The correlation
Usually, the encrypted of adjacent
of adjacent pixels
image pixels can
has a low be
canobtained
be obtained
correlation
with Equation
with Equation (7).
coefficient, so it(7).looks like a noisy image. The correlation of adjacent pixels can be obtained
1 𝑁
with Equation (7). ∑𝑁
𝑖=1(𝑥𝑖 −𝑁 ∑𝑖=1 𝑥𝑖 )(𝑦 𝑖 −𝑁1 ∑𝑁 𝑖=1 𝑦𝑖 )
𝐶 = ∑ N xi −

1 N 1 N
i= 1 1 N ∑ i = 1 x i y i − 1N ∑ i = 1 y i (7)
C= r √∑𝑁 𝑖=1(𝑥 ∑ 𝑖 −𝑁( ∑𝑁 𝑖=1 𝑥∑
2
𝑖 ) ×∑𝑖=1
𝑁 (𝑦 − ∑∑𝑁 𝑦 )2
)( 𝑖 𝑁 𝑖=1 𝑖) (7)
𝐶 N=  1 N
2
N

1 N
2 (7)
From the image’s grayscale ∑i=1 ∑xpixel i −( N ∑i=∑1matrix,
value xi )××∑ N∑pairs
i =1( yof ∑N ∑i=)1 pixels
i −adjacent yi are selected
at random, where the pixel values of two adjacent pixels are represented by the parame-
From
From the𝑦𝑖 .image’s
image’s grayscale
grayscale pixel pixel value
value matrix,
matrix, N N pairs
pairs of of adjacent
adjacent pixels
pixels are are selected
ters 𝑥 𝑖 andthe selected
at random,
at random,
In order where
where
to verify the pixel
the pixel
that the values
valuesPOBofhasof two
twothe adjacent
adjacent
property pixels
pixels are represented
are represented
of re-encryption, by
webyanalyze the parame-
the parameters
and
ters
xi and𝑥 yand
compare 𝑦.
i .the correlation of adjacent pixels between the original image and the image after
In
In order
re-encryption
order by to
to verify
the POB
verify that the
the POB
system.
that POBFirst,has 6000theadjacent
property pixelof re-encryption,
pairs are randomly we
we analyze
selected and
analyze and
compare
compare the correlation
from the original image and
correlation of adjacent pixels between
the re-encrypted image in
between the
the theoriginal
horizontal,
original image
image and
and the
vertical, and
the image
diag-after
image after
re-encryption
onal directions;by
re-encryption by the
then, POB
thethe system. First,
correlation of these
First, 6000
adjacent
6000 adjacent
adjacent pixels pixel
pixel pairs
pairs are randomly
is calculated, and simulation
randomly selected
selected
tests are
from
from the carried
originalout.
original imageFigure
image and9the
and shows
the the correlation
re-encrypted
re-encrypted image
image of
inin adjacent
the the pixels vertical,
horizontal,
horizontal, between
vertical, theand
and fourdiag-
diagonal
original
onal
directions; ROS
directions; images
then, then, and
the the re-encrypted
correlation
the correlation of these of theseimages.
adjacent adjacentIt is obvious
pixels pixels is from
is calculated, the
calculated,
and figure
andthat thetests
simulation
simulation
correlation
tests are carried
are carried coefficient
out. Figure of
out. Figure the
9 shows original
9 shows image is close
the correlation
the correlation to
of adjacent 1, indicating
of adjacent
pixels betweenthat there
pixels between is a strong
the fourthe four
original
correlation
original
ROS imagesROS between
images
and theadjacent
and thepixels,
re-encrypted while after
re-encrypted
images. isre-encryption,
Itimages. obvious It isfrom there
obvious is
the figure a lower
from correlation
the figure
that that the
the correlation
between adjacent
coefficient
correlation of the pixels
coefficient ofinthe
original the
imageimage.is close
original image to 1,isindicating
close to 1, that there isthat
indicating a strong
there correlation
is a strong
between adjacent
correlation between pixels,
adjacent while afterwhile
pixels, re-encryption,
after re-encryption, there is a there loweriscorrelation between
a lower correlation
adjacent adjacent
between pixels in pixelsthe image.in the image.

(a)

(a)
Figure 9. Cont.
Appl. Sci.
Appl. Sci. 2024,
2024, 14,
14, 2664
x FOR PEER REVIEW 14 of 20
14 of 21

(b)

(c)

(d)
Figure 9.9. The correlation comparison of the original and re-encrypted
re-encrypted image.
image. (a) Brain 01; (b) Brain
02; (c) Pulmonary 01; (d) Pulmonary 02.
02; (c) Pulmonary 01; (d) Pulmonary 02.

4.2. Hiding Performance

4.2.1.
4.2.1. Embedding
Embedding Capacity
Capacity Analysis
Analysis
This part will
This part willanalyze
analyzethethe embedding
embedding capabilities
capabilities of scheme
of the the scheme
in thisinpaper.
this paper.
To in-
To intuitively measure the embedding capacity, it is usually expressed
tuitively measure the embedding capacity, it is usually expressed by the embedding by the embed-
rate
ding
(ER),rate (ER),
which is which is the of
the amount amount of data
data that canthat can be embedded
be embedded in each in eachonpixel
pixel on average,
average, calcu-
calculated by Equation (8):
lated by Equation (8):
n(bit)
ER = ( ) ( bpp ) (8)
𝐸𝑅 M= × N (𝑏𝑝𝑝) (8)
×
where n is the bits of the embedded data and M × N is the number of pixels in the embed-
where n is the bits of the embedded data and M × N is the number of pixels in the embed-
ded image.
ded image.
Because the scheme proposed in this paper is based on the POB algorithm for data
Because the scheme proposed in this paper is based on the POB algorithm for data
hiding, two extra pieces of data can be attached to each pixel, so the embedding capacity
hiding,
is two extra
very large. pieces of data
In addition, can be attached
the method to each
of separation ofpixel,
sharessoisthe embedding
adopted in thiscapacity
paper,
and data embedding can be carried out in both ShareA” and ShareB”. To protect and
is very large. In addition, the method of separation of shares is adopted in this paper, the
data embedding
sensitive can be carried
areas of medical images,out in both
hiding canShareA”
be givenand ShareB”.
priority To protect
in ShareB”. the
If the sensitive
secret data
areas
are of medical
embedded in images,
a share of hiding
a 256 can be image,
× 256 given priority in ShareB”.
the embedding rateIfcan
thereach
secret2, data are
and the
embedded in a share of a 256 × 256 image, the embedding rate can
maximum embedding capacity is 2 × 65,536 bits. Compared with the previous methods reach 2, and the maxi-
mum embedding capacity is 2 × 65,536 bits. Compared with the previous methods of using
 the POB system to hide data in images, the embedding capacity of this paper’s me
greatly improved.
Table 1 shows the maximum embedding capacity and maximum embedding
our scheme and the scheme of [19] in four medical images. The embedding in the s
Appl. Sci. 2024, 14, 2664 15 of 21 where
of [19] is only carried out at the peak and sub-peak points of the image,
scheme has a very high embedding capacity because it can embed secret message
pixels
of usingofthe thePOB
image.
system to hide data in images, the embedding capacity of this paper’s
In addition,
method the ER of our scheme in common images is compared with that of s
is greatly improved.
relatedTable 1 shows the maximum
information-hiding embedding
methods. capacity
Figure 10 and maximum
shows embedding
that the ER of our ratescheme
of is
our scheme and the scheme of [19] in four medical images. The embedding
icantly higher than that of other schemes. Meanwhile, the ER of our scheme is a coin the scheme
of [19] is only carried out at the peak and sub-peak points of the image, whereas our scheme
value thathigh
has a very is not affectedcapacity
embedding by thebecause
imageitdistribution. Among
can embed secret these
messages in allexisting
pixels of metho
embedding
the image. rate of some methods depends on the image distribution. Images
smooth texture can obtain a higher embedding rate, while those with a complex t
Comparison
Table a1. lower
have of maximum
embedding embedding
rate, so thecapacity and maximum
proposed methodembedding
can avoidratethis
between our
problem.
scheme and the scheme of [19] in four test images.

Table 1. Comparison of maximum

Our Scheme (Encrypted embedding
ShareA’) capacity and maximum
Scheme of [19]embedding rate betw
Test Images scheme
ROS and the scheme
Maximum of [19] in four test
Maximum images. Maximum Maximum
Embedding Embedding Embedding Embedding
Our(bits)
Capacity Scheme (Encrypted
Rate (bpp) ShareA’)
Capacity (bits) Scheme
Rate (bpp) of [19]
Brain 01(512 × 512) 352 × 352 2 × 262,144 2 263,216 1.0041
02 (512 × 512)
BrainImages 464 × 464
Maximum
2 × 262,144 2
Maximum 185,322 Maximum 0.7069
Maximu
Test ROS
Pulmonary 01 (256 × 256) 176 × 176 Embedding
2 × 65,536 2 Embedding 93,598 Embedding 1.4282 Embedd
Pulmonary 02 (256 × 256) 176 × 176 2 × 65,536 2 94,742 1.4456
Pancreas (180 × 180) 120 × 120 2 ×Capacity
32,400 (bits) 2 Rate (bpp) 5808 Capacity (bits) 0.1793 Rate (bp
Chest (256 × 256) 228 × 188 2 × 65,536 2 47,166 0.7197
Brain Knee
01(512 × 162)
(300 × 512) 212352
× 162× 352 2 × 262,144
2 × 48,600 2 2 29,028 263,216 0.5973 1.0041
Hand (64 × 64) 46 × 60 2 × 4096 2 2058 0.5024
Brain 02 (512 × 512) 464 × 464 2 × 262,144 2 185,322 0.7069
Pulmonary 01 (256 × 256) 176 × 176 2 × 65,536 2 93,598 1.4282
Pulmonary 02 (256 × 256) In addition,
176 × 176 the ER of our
2 × 65,536scheme in common 2 images is compared with
94,742 that of several 1.4456
related information-hiding methods. Figure 10 shows that the ER of our scheme is signifi-
Pancreas (180 × 180) 120 × higher
cantly 120 than that 2 ×of32,400 2
other schemes. Meanwhile, 5808 is a constant 0.1793
the ER of our scheme
Chest (256 × 256) 228 ×that
value 188is not affected
2 × 65,536 2 Among these existing
by the image distribution. 47,166 methods, the 0.7197
Knee (300 × 162) embedding
212 × 162 rate of some methods
2 × 48,600 depends on the image
2 distribution. Images
29,028with a smooth 0.5973
texture can obtain a higher embedding rate, while those with a complex texture have a
Hand (64 × 64) 46 × 60 2 × 4096 2 2058 0.5024
lower embedding rate, so the proposed method can avoid this problem.

Figure 10. Comparison of ER between our scheme and related schemes [5–9] in ordinary images.
Figure 10. Comparison of ER between our scheme and related schemes [5–9] in ordinary im

4.2.2. PSNR and SSIM Analysis

The PSNR (peak signal-to-noise ratio) is an important index to measure imag
ity. It is often used to compare the difference between two images or to measure the
of an algorithm on an image. The PSNR is calculated as follows:
Appl. Sci. 2024, 14, 2664 16 of 21

4.2.2. PSNR and SSIM Analysis

The PSNR (peak signal-to-noise ratio) is an important index to measure image quality.
It is often used to compare the difference between two images or to measure the effect of
an algorithm on an image. The PSNR is calculated as follows:

I 2 max
PSNR = 10 × lg( ) (9)
MSE
1 M N
M × N ∑ i =1 ∑ j =1
MSE = ( P(i, j) − C (i, j))2 (10)

where M × N represents the image’s size, C (i, j) is the recovered image’s gray value of the
pixel, P(i, j) is the original image’s gray value of the pixel, and Imax is the maximum pixel
value of the original image.
SSIMs (structural similarity index metrics) are often used to assess the degree of
similarity between two images. SSIMs can be calculated by Equation (11):



2µ x µy + C1 2σxy + C2
SSI M( x, y) =    (11)
µ2x + µ2y + C1 σx2 + σy2 + C2

where x and y denote the two images, µ x and µy denote their means, σx2 and σy2 represent
their variances, σxy represents their covariances, and C1 and C2 are two constants used to
ensure calculation stability. The value range of the SSIM is [−1, 1]. When two images are
identical, the SSIM is 1.
Table 2 shows that the PSNR and SSIM values of the restored image are obtained
after data of different sizes are embedded into four images of different sizes through the
proposed scheme. The experimental results show that the SSIM value of the original image
and the restored image in the proposed scheme is 1, further demonstrating the reversibility
of the scheme.

Table 2. PSNR and SSIM of recovered images under different embedding capacities.

Embedding Embedded
Test Images PSNR SSIM
Method Capacity (bits)
512 × 512 Brain 01 Encrypted ShareA’ 52,428 (10%) ∞ 1
512 × 512 Brain 02 Encrypted ShareB’ 157,286 (30%) ∞ 1
256 × 256 Pulmonary 01 Encrypted ShareA’ 65,536 (50%) ∞ 1
256 × 256 Pulmonary 02 Encrypted ShareB’ 104,857 (80%) ∞ 1
180 × 180 Pancreas Encrypted ShareA’ 12,960 (20%) ∞ 1
256 × 256 Chest Encrypted ShareB’ 19,660 (15%) ∞ 1
300 × 162 Knee Encrypted ShareB’ 29,160 (30%) ∞ 1
64 × 64 Hand Encrypted ShareA’ 3276 (40%) ∞ 1

4.2.3. Time Efficiency Analysis

The experiments are implemented on a computer with a 1.60 GHz Intel i5 processor,
8.00GB memory, and Windows 10 operating system. Using the POB algorithm, because of
the simultaneous compression and re-encryption operations, will lead to a slightly higher
time overhead in programming implementation. Table 3 lists the time overhead of using
single POB and double POB embedding in different embedding capacities. In the table,
it can be seen that although the use of double POB embedding has a slightly larger time
overhead, it does not affect the practical application.
 Appl. Sci. 2024, 14, 2664 17 of 21

Table 3. Comparison of time efficiency between single POB and double POB embedding in the same
image with different embedding capacities.

pl. Sci. 2024, 14, x FORTest

PEER REVIEW
Images
Embedding Embedded Single Double
Method Capacity (bits) POB (ms) POB (ms)
Brain 01 Encrypted ShareA’ 52,428 (10%) 9740.6 21,453.5
512 × 512
Brain 01 Encrypted ShareA’ 157,286 (30%) 11,404.6 24,227.8
Pulmonary 01 Encrypted ShareA’ 65,536 (50%) 4594.2 8070.3
256 × 256
4.3. 01Recovery
Pulmonary Evaluation
Encrypted ShareA’ 104,857 (80%) 4752.9 8586.2

In order to verify the performance of the tamper recovery schem

4.3. Recovery Evaluation
scheme, ShareA” of Brain 01 is used as an example here, and an attack
In order to verify the performance of the tamper recovery scheme in the proposed
on ShareA”
scheme, ShareA”with embedded
of Brain secret
01 is used as an data
example here,and authentication
and an attack test is carriedbits.
out onThree c
ShareA” with embedded secret data and authentication bits. Three classic attack methods
ods are adopted, including content cropping, text addition, and cont
are adopted, including content cropping, text addition, and content exchange. The attack
attack results
results and andrecovery
tampering tampering recovery
results are results
shown in Figure 11. are shown in Figure 11.

(a) (b) (c)

(d) (e) (f)

(g) (h) (i)

Results
Figure 11.11.
Figure of attack
Results oftest. (a–c) ShareA”;
attack (d–f)ShareA”;
test. (a–c) the attacks of(d–f)
content cropping,
the attackstextof
addition,
content cro
and content exchange carried out on ShareA”; (g–i) the recovered ShareA.
and content exchange carried out on ShareA”; (g–i) the recovered ShareA.
The first column shows a content cropping attack on ShareA”, from which a block
with a size of 200 × 200 is cropped. The second column performs a text addition attack on
The first column shows a content cropping attack on ShareA”, fr
ShareA”. The third column is replaced with “Pulmonary 01” in the upper left corner of
with a size of 200 × 200 is cropped. The second column performs a text
ShareA”. The third column is replaced with “Pulmonary 01” in the u
ShareA”; its size is 256 × 256, and the last line represents the recovery
after the attack. In addition, the same attack was tested on ShareB”, an
Appl. Sci. 2024, 14, 2664 18 of 21

ShareA”; its size is 256 × 256, and the last line represents the recovery result of ShareA”
after the attack. In addition, the same attack was tested on ShareB”, and the same results
were obtained.
Four different images were tested for different tampering methods and recovered;
Table 4 shows the PSNR and SSIM values of the recovered images.

Table 4. PSNR and SSIM of the recovered image under different tampering methods.

Tampered Tampering
Test Images PSNR SSIM
Region Methods
Brain 01 ShareA” cropping (200 × 200) ∞ 1
512 × 512
Brain 02 ShareB” exchange (256 × 256) ∞ 1
Pulmonary 01 ShareA” text addition ∞ 1
256 × 256
Pulmonary 02 ShareB” cropping (50 × 50) ∞ 1

ShareA’’ShareB’’ShareA′ ’ShareB’’

4.4. Comparison with the Related Schemes

The comparison results between the proposed scheme and some related schemes are
shown in Table 5.

Table 5. The comparison between the proposed scheme and some related schemes.

Tamper
Watermarking ROI Share
Scheme Reversibility Recovery
Consideration Consideration Consideration
Consideration
Priyanka [1] Robust No Yes No No
Wang [2] Fragile No Yes No No
Thakur [3] Robust No No No No
Shehab [15] Fragile No No No No
Parah [16] Fragile Yes No No No
Gao [17] Fragile Yes Yes No No
Li [23] None No No Yes Yes
Singh [20] Robust Yes / Yes No
Ren [19] Robust Yes / No No
Ours Robust Yes Yes Yes Yes

The algorithm in [3] is designed to irreversibly embed message bits to resist at-
tacks, but it cannot recover the original medical image after extracting information bits.
For authentication and integrity reasons, the algorithms in [2,15] embed message bits in a
vulnerable way, but they still cannot recover the original medical image. Compared with
other algorithms, the algorithm in [16] modifies the sensitive pixel values in the ROI to a
greater extent, which is not allowed in the use of medical images. Although the algorithm
in [17] considers the ROI, the difference between the watermark image and the original
image is still large. Although the algorithm in [23] adopts the secret sharing method to
detect tampering, it does not have the function of embedding watermark messages, and
it does not consider the sensitive pixels in the ROI. Although POB system based on se-
cret sharing was considered in [20], it could not guarantee lossless recovery. In [19], a
method based on POB system was used to hide data in the peak point, but it did not have
the function of preventing tamper detection. The method in this paper not only carries
additional secret data during image transmission but also makes use of secret sharing
to increase the embedding capacity of data and protect the content security of medical
images. In addition, it also has an authentication function that can recover the original
image through lossless recovery, which is very suitable for the needs of medical images,
and it has better performance in data hiding and lossless recovery.
 Appl. Sci. 2024, 14, 2664 19 of 21

4.5. Application Scenario of the Proposed Scheme

In the application of telemedicine, there will be attacks to tamper with, steal, and
forge patient private information or medical image content, and these attacks may lead to a
wrong diagnosis by the receiver and produce serious medical accidents, which is firmly
not allowed. Therefore, in view of these possible attacks, while the secret information
R PEER REVIEW is embedded, the scheme in this paper also carries out an identity authentication 19on of
the20
medical image, as shown in Figure 12, which can not only protect the personal information
of patients but also ensure the integrity and security of the medical image.

Image owner Receiver

Transmission

Authentication
bit calculation

EShare A'
Preprocessed Share B"
ROS image
EShare B' Share B"
No
Authentication bit extraction Is equal?
POB
embedded
Yes
Patient private information Patient private information

Authentication bit Image recover

Figure 12. The application scenario

Figure 12. of the scenario
The application proposed
of thescheme.
proposed scheme.

5. Conclusions
5. Conclusions This paper proposes a new medical image hiding and authentication algorithm based
on double
This paper proposes a new POB system.
medical Firstly,
image thehiding
ROS is extracted, and then the ROI
and authentication and RONI
algorithm are
based
separated by an image segmentation algorithm. After bit plane separation and cross-
on double POB system. Firstly, two
reorganization, theencrypted
ROS is extracted, and then
shares are obtained thethe
through ROI andcompression
lossless RONI areand sep-
arated by an imageimage
segmentation algorithm.
encryption algorithm. In After bit plane separation
the double-hiding and message
process, the secret cross-reorgan-
and au-
thentication bits are embedded using the POB number
ization, two encrypted shares are obtained through the lossless compression and image system. In the recovery process,
authentication is carried out first; if it is not tampered with, the receiver will extract the
encryption algorithm. Inmessage
secret the double-hiding
and complete theprocess,
recovery of thethesecret
originalmessage and
image. If the authentication
authentication fails,
bits are embedded the using the POB
repeatedly fillednumber system.
data are directly usedIn forthe recovery
lossless process, authentication
recovery.
is carried out first; if itThe experimental
is not tampered results showed
with, thethat the scheme
receiver in this
will paper the
extract significantly
secret enhances
message
the embedding capacity without damaging the perceptual quality of the image. Compared
and complete the recovery
with otherof the original
schemes, image.
it has good If the authentication
performance in data embeddingfails, the repeatedly
and lossless recovery.
filled data are directly used for
Additionally, thelossless
bit planerecovery.
separation and cross-reorganization method effectively safe-
guardresults
The experimental highly sensitive
showed pixels
thatwithin the ROI of
the scheme inmedical images,
this paper which is crucialenhances
significantly for their
utilization. However, when using double POB system, compression and re-encryption
the embedding capacity
operations without damaging
are performed at the samethetime,
perceptual
which leadsquality ofhigher
to a slightly the image. Com-
time overhead.
pared with other schemes, it haswegood
In future work, performance
will mainly focus on howin data embedding
to reduce the time cost and lossless
of using recov-
the double
POB function.
ery. Additionally, the bit plane separation and cross-reorganization method effectively
safeguard highly sensitive pixels within the ROI of medical images, which is crucial for
their utilization. However, when using double POB system, compression and re-encryp-
tion operations are performed at the same time, which leads to a slightly higher time over-
head. In future work, we will mainly focus on how to reduce the time cost of using the
double POB function.

Author Contributions: Conceptualization, X.S.; Methodology, X.S.; Software, X.S. and E.T.; Writ-
Appl. Sci. 2024, 14, 2664 20 of 21

Author Contributions: Conceptualization, X.S.; Methodology, X.S.; Software, X.S. and E.T.; Writing—
review and editing, F.R.; Formal analysis, E.T.; Investigation, M.Z.; All authors have read and agreed
to the published version of the manuscript.
Funding: This paper was supported by the National Nature Science Foundation of China (Program
No. 62202377), the Natural Science Basic Research Plan of Shaanxi Province of China (Program No.
2024JC-YBMS-524, 2022JM-353), the Key Research and Development Program of Shaanxi (Program
No. 2023-YBGY-015), and the Scientific Research Program Funded by Shaanxi Provincial Education
Department (No. 22JK0560).
Institutional Review Board Statement: Not applicable for studies not involving humans or animals.
Informed Consent Statement: Not applicable for studies not involving humans.
Data Availability Statement: All data generated or analyzed during this study are included in this
published article. The datasets generated during and/or analyzed during the current study are
available from the corresponding author on reasonable request.
Acknowledgments: The authors would like to thank the anonymous reviewers for their valuable
comments and suggestions.
Conflicts of Interest: The authors declare no conflicts of interest.

References
1. Priyanka; Maheshkar, S. Region-based hybrid medical image watermarking for secure telemedicine applications. Multimed. Tools
Appl. 2017, 76, 3617–3647. [CrossRef]
2. Wang, D.; Chen, D.; Ma, B.; Xu, L.; Zhang, J. A high capacity spatial domain data hiding scheme for medical images. J. Signal
Process. Syst. 2017, 87, 215–227. [CrossRef]
3. Thakur, S.; Singh, A.K.; Ghrera, S.P.; Elhoseny, M. Multi-layer security of medical data through watermarking and chaotic
encryption for tele-health applications. Multimed. Tools Appl. 2019, 78, 3457–3470. [CrossRef]
4. Lee, H.Y. Adaptive reversible watermarking for authentication and privacy protection of medical records. Multimed. Tools Appl.
2019, 78, 19663–19680. [CrossRef]
5. Chen, K.M. High capacity reversible data hiding based on the compression of pixel differences. Mathematics 2020, 8, 1435.
[CrossRef]
6. Wang, Y.; He, W. High capacity reversible data hiding in encrypted image based on adaptive MSB prediction. IEEE Trans.
Multimed. 2021, 24, 1288–1298. [CrossRef]
7. Fu, Y.; Kong, P.; Yao, H.; Tang, Z.; Qin, C. Effective reversible data hiding in encrypted image with adaptive encoding strategy.
Inf. Sci. 2019, 494, 21–36. [CrossRef]
8. Liu, Z.L.; Pun, C.M. Reversible data hiding in encrypted images using chunk encryption and redundancy matrix representation.
IEEE Trans. Dependable Secur. Comput. 2020, 19, 1382–1394. [CrossRef]
9. Gao, K.; Horng, J.H.; Chang, C.C. High-capacity reversible data hiding in encrypted images based on adaptive block encoding.
J. Vis. Commun. Image Represent. 2022, 84, 103481. [CrossRef]
10. Qin, C.; Zhang, W.; Cao, F.; Zhang, X.; Chang, C.C. Separable reversible data hiding in encrypted images via adaptive embedding
strategy with block selection. Signal Process. 2018, 153, 109–122. [CrossRef]
11. Singh, D.; Singh, S.K. DCT based efficient fragile watermarking scheme for image authentication and restoration. Multimed. Tools
Appl. 2017, 76, 953–977. [CrossRef]
12. Singh, D.; Singh, S.K. Effective self-embedding watermarking scheme for image tampered detection and localization with
recovery capability. J. Vis. Commun. Image Represent. 2016, 38, 775–789. [CrossRef]
13. Tiwari, A.; Sharma, M.; Tamrakar, R.K. Watermarking based image authentication and tamper detection algorithm using vector
quantization approach. AEU-Int. J. Electron. Commun. 2017, 78, 114–123. [CrossRef]
14. Gull, S.; Loan, N.A.; Parah, S.A.; Sheikh, J.A.; Bhat, G.M. An efficient watermarking technique for tamper detection and
localization of medical images. J. Ambient. Intell. Humaniz. Comput. 2020, 11, 1799–1808. [CrossRef]
15. Shehab, A.; Elhoseny, M.; Muhammad, K.; Sangaiah, A.K.; Yang, P.; Huang, H.; Hou, G. Secure and robust fragile watermarking
scheme for medical images. IEEE Access 2018, 6, 10269–10278. [CrossRef]
16. Parah, S.A.; Ahad, F.; Sheikh, J.A.; Bhat, G.M. Hiding clinical information in medical images: A new high capacity and reversible
data hiding technique. J. Biomed. Inform. 2017, 66, 214–230. [CrossRef] [PubMed]
17. Gao, G.; Wan, X.; Yao, S.; Cui, Z.; Zhou, C.; Sun, X. Reversible data hiding with contrast enhancement and tamper localization for
medical images. Inf. Sci. 2017, 385, 250–265. [CrossRef]
18. Sreekumar, A.; Sundar, S.B. An efficient secret sharing scheme for n out of n scheme using POB-number system. Hack 2009, 1, 33–37.
19. Ren, H.; Niu, S.; Wang, X. Reversible data hiding in encrypted images using POB number system. IEEE Access 2019, 7, 149527–149541.
[CrossRef]
Appl. Sci. 2024, 14, 2664 21 of 21

20. Singh, P.; Raman, B.; Agarwal, N. Toward encrypted video tampering detection and localization based on POB number system
over cloud. IEEE Trans. Circuits Syst. Video Technol. 2017, 28, 2116–2130. [CrossRef]
21. Xiang, Y.; Xiao, D.; Wang, H.; Li, X. A secure image tampering detection and self-recovery scheme using POB number system
over cloud. Signal Process. 2019, 162, 282–295. [CrossRef]
22. Liu, Y.; You, Z.; Gao, T. Lossless image hierarchical recovery based on POB number system. Signal Process. 2020, 167, 107293.
[CrossRef]
23. Li, Q.; Fu, Y.; Zhang, Z.; Fofanah, A.J.; Gao, T. Medical images lossless recovery based on POB number system and image
compression. Multimed. Tools Appl. 2022, 81, 11415–11440. [CrossRef] [PubMed]
24. Wang, X.; Wang, M. A hyperchaos generated from Lorenz system. Phys. A Stat. Mech. Its Appl. 2008, 387, 3751–3758. [CrossRef]
25. Erdal, E. Huffman-based lossless image encoding scheme. J. Electron. Imaging 2021, 30, 053004. [CrossRef]

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual
author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to
people or property resulting from any ideas, methods, instructions or products referred to in the content.