Literature Review 1

CHAPTER 2
LITERATURE REVIEW

Naor and Shamir [1] formally defined and put forward the visual cryptography scheme
for secret sharing. Since then research on the VC has flourished to become a subject to various
research directions. There are many types of VC and each of these schemes has its own emphasis
on application in practice. The operation of dividing a VC secret image into shares has been
focused on the areas of being applied to different types of the secret such as grayscale and color
images. In this chapter initially, basic knowledge of secret sharing and VC has been introduced
to address the previous achievements. Several contributions to the literature have been discussed
according to different variants of VC scheme suggested in the literature.

The consequence of successful attacks on VC leads to significant loss once VC would be

widely applied to the industry of information hiding. As obtaining VC shares is the most direct
way to access the final secret revealing in VC, it is inevitable that the issue of VC share security
and authentication is closely related to the whole process of VC activities in security. Several
visual and cryptographic features have been reviewed in the context of assessing different VC
schemes. Performance analysis of all the existing visual cryptographic based schemes and their
features has been analyzed with a view of better insight about the available schemes and its
limitation.

2.1 Secret Sharing

Important messages always had an issue with its preservation and protection from
possible misuse or loss. Sometimes, it is believed to be safe in a single hand and at other, it is
thought to be safe when shared in many hands. There are possibilities of leaking the information
when important secret information is managed by individuals. Thus, secrets were divided into a
number of pieces and given to a number of people. Military and defense secrets were a matter of
interest in secret sharing in the past as well as in the modern days. Secret sharing is a very
popular research area among the domain of information security.
Literature Review 2

Secret sharing schemes are useful in many situations that require the availability of
several chosen people such as launching a missile or entering an area of restricted access (e.g., a
bank locker). Assuming, the situation that a locker in a bank that must be opened every day. This
problem can be easily solved using a secret sharing scheme. A system whereby any two of the
three senior officers can gain access to the vault, but no individual person can do so. In a more
generalized situation, one may specify exactly which subsets of the employee should be allowed.

A secret sharing scheme is basically a technique of dividing a secret message into two or
more numbers of pieces, and these pieces of information are called shares. A combiner process is
responsible for the recovery of the secret information from an allowed predefined subset of
shares. Thus, no single share is of any threat to the confidentiality of the secret information. As
the original information can be destroyed forever this would mean that even the person
responsible for the process will not be a threat.

2.1.1 Basic Principle of Secret Sharing

Shamir [30] and Blakeley [41] independently proposed secret sharing schemes back in
1979. The concept of secret sharing is very important in security aspect. The initial suggestions
from the researchers of cryptography were simple and based on polynomial concepts.

Assume a scenario where a company has a computing machine that contains some crucial
and sensitive financial data. To make it secure, the management of an organization can set a
robust password for the machine and then encode this secret password into n many shares and
distribute these shares among the people. Sharing the secret in such a way satisfies the conditions
of secrecy and correctness both.

Shamir’s scheme [30] based on the idea that a unique polynomial of degree can be
fitted to any set of points that lie on the polynomial. Usually points would be required to
determine it.[42] To follow Shamir’s method the organization has to create a polynomial of
degree at most with the secret as the constant term. Next points are to be chosen on the
curve. Each of the authorized person gets one point on the curve. When at least out of the
person reveal their points, the constant term in the fitted polynomial being the secret password.

The Blakeley’s scheme [41] relies on the fact that any nonparallel dimensional
Literature Review 3

hyperplanes intersect at a specific point which is the secret. Ito, Saito, and Nishizeki [43]
suggested a more general method based on access structure. It is based on a specification of all
subsets of participants who can recover the secret Ito [44] gave a methodology to realize secret
sharing schemes for arbitrary monotone access structures. Subsequently, Benaloh and Leichter
[45] suggested more efficient way for perceiving such schemes.

The size of the shares distributed among different participants is a major point in the
design of any secret sharing schemes. Unfortunately, in all secret sharing schemes, the size of the
shares cannot be less than the size of the secret. A scheme which has information rate equal to
one is called an ideal scheme. In most of the schemes, when a large number of participants are
involved, the scheme becomes impractical. There is a close relationship between combinatorial
structures and secret sharing. For example, a (2, 3) threshold scheme can be implemented based
on a small Latin square. In the traditional method of secret sharing schemes, a shared secret
information cannot be revealed without any cryptographic computations. In 1994, Naor and
Shamir invented a visual cryptography scheme which decrypts without cryptographic
computation.

2.2 Visual Cryptography Approach for Secret Sharing

Kafri and Keren [25] suggested that it is possible to create a secret sharing scheme in
which the secret image can be reconstructed visually by superimposing random grids. Each grid
would consist of a transparency, made up of black and white pixels. Later, Naor and Shamir [1]
introduced a specific implementation that was named as visual secret sharing (VSS). This
method can securely share image information (printed text, handwritten notes, pictures, etc.), and
it is possible to decode original secrets by the human visual system. A visual cryptography
scheme (VCS) for a set of participants is a method to encode a secret image, which consists of a
collection of black and white pixels, into shadow images called shares, where each participant
receives one share.Only qualified subsets of the participant can visually recover the secret image by
photocopying their shares onto transparencies and stacking them, but any forbidden set of
participants has no information about the secret image.

The most general type of VCS deals with the situation when the allowed subsets of
participants handpicked from the set of participants . This type of visual cryptographic scheme
Literature Review 4

is known as the VCS for general access structure [46]. One particular case, known as a -
threshold VCS, takes care of the scenario where any allowed set of participants is a subset of
i.e. such that the cardinality of is at least . In this case, any qualified subset of or
more participants can visually recover the secret image, whereas forbidden sets of participants
consisting of or less number of participants have no information on the secret image. The
main difference between a traditional threshold scheme and a visual threshold scheme lies in the
process of secret recovery. A traditional threshold scheme typically involves computations in a
finite field; while in a visual threshold scheme, the computation is performed by the human visual
system [47]. Typically, in (k,n)-VCS, the decryption process cannot be successful unless at least k
pieces are collected and superimposed [48]. The pixel value ‘1’ and ‘0’ represents black and white
pixel respectively. The common basic terminologies used in VC are as follows:
 Grayscale digital image – A grayscale digital image is an image in which value of each
pixel carries only the intensity information. Images of this sort are composed exclusively
of shades of gray, varying from black at the weakest intensity to white at the strongest.
 Binary image – A binary image is a digital image that has only two possible values for
each pixel. It is often referred to a bi-tonal image as typically the two colors, black and
white would be used in a binary image. A binary image can be stored in memory as a
bitmap.
 Aspect ratio – The aspect ratio of an image describes the proportional relationship
between its width and its height. It is commonly expressed as two numbers separated by a
colon as in .
 Contrast –Contrast is the difference in luminance or color that makes an object
distinguishable.
 Halftoning – It is a reprographic technique that simulates continuous tone. A continuous
tone image, such as a photograph, is converted into a black & white image wherein the
density and pattern of black and white dots simulate different shades of gray.

The novelty of visual cryptography lies in the fact that the encrypted message can be
decrypted directly by the human visual system, no complex computation or computer participation
is required [46]. This is the precise reason of visual cryptography attracting a lot of attention since
its inception and as a result, extensive research work has been carried out in this area. In this thesis,
Literature Review 5

we mainly deal with grayscale and black & white types of images as the original nature of VC. The
different model for computation has been proposed in the literature while working with different
aspects of the VCS and assessing it with respect to several parameters.

2.3 Types of Visual Cryptography

As VC is a subset of secret sharing, its encryption and decryption would be constructed
on the basis of the access structure. The traditional VC scheme processes only black and white
pixels. Using the encryption rules of basic VC, extended versions of VCS have been developed
in the context of certain circumstances. The extended VC was developed to handle the request of
enhancing the visual quality of VC shares and to solve others VC challenging issues. Dynamic
VC was proposed to meet the demand of improving the capacity of secret information within a
limited scale of VC shares. Color VC and grayscale VC have been proposed for expanding the
diversity of the handling VC capability to improve its visual effect. Following subsections
describe the different aspects of VC scheme for handling secret image.

2.3.1 Traditional Visual Cryptography

Traditional VC is processed as per the scheme proposed by Naor and Shamir’s [1]. The
construction of the shares can be modeled by a -VCS. Figure 2.1 illustrates the
composition of white and black pixel in traditional VC, where one pixel from the original
image is expanded into four pixels. [1]. The methods for constructing the pixels of shares are
based on designing two basis matrix ( and ).
In basic VC scheme, shares can be generated by the two rules. The first rule picks the pattern of
four sub-pixels with the same arrangement for both shares if a pixel of the secret image is white.
The second rule picks a complementary pair of patterns if a pixel of the original image is black.

Horizontal Shares Vertical Shares Diagonal Shares

Figure 2.1: Partitions for black and white pixels for (2,2) scheme (4 sub-pixels) [1]

In Figure 2.2, the results of applying -VCS basic visual cryptography has been
shown.
Literature Review 6

(a) Image (b) Share1, (c) Share2,

(108×121) (216×242) (216×242)

(d) S1+S2 (216×242)

Figure 2.2: Results of a traditional visual cryptography scheme

The fact that there are solely black and white pixels in traditional VC makes this kind of VCS
easily to be implemented. The drawback of the superimposed result of secret restoration is in the
form of less contrast restored image. This is mainly due to its Boolean OR operation during
decryption which appears to have the problem of contrast loss. HVS is able to differentiate the
dark and white region if the contrast is higher than a certain level [1]. For encrypting the images,
three conditions must be satisfied. Firstly, images belongs to the qualified set access structure,
when superimposed, should reveal the secret image. Secondly, by inspecting the shares, no hint
should be available about the secret hidden within the shares. Finally, the image within the
shares should not be altered in any way.

2.3.1.1 OR-based Monochrome Deterministic VCS

The OR-based scheme (OVCS) specifies how to encode a single pixel, and same rule
would be applied to every pixel in the image to be shared. A pixel is split into two sub-pixels
in each of the two generated shares. If is white, then randomly selected one of the first two
rows in Figure 2.3. Similarly, if is black, choose one of the last two rows in Figure 2.3. The
pixel is encrypted as two sub-pixels in each of the two shares, as picked by the chosen row.
Every pixel in the secret image is encrypted using a new random selection.

Pixel Probability of Share 1 Share 2 Superimposition of

Literature Review 7

occurrence two shares

P=.5

P=.5

P=.5

P=.5
Figure 2.3: (2, 2)-VCS for black and white image [1]

Now, consider the situation when two shares are superimposed as shown in the last
column of Figure 2.3. After superimposition of two shares we get two black sub-pixel in the
superimposed image for black pixel, whereas if is white, then we get one white and one black
sub-pixel in the superimposed image [49]. So the reconstructed pixel has a gray level of 1 if is
black and a gray level of 1⁄2 if is white. So, with a 50% loss of contrast in the reconstructed
image, the reconstructed image is still visible.

Each share consists of black and white sub-pixels. Each share of the sub-pixels is
printed on the transparency. The resulting structure can be described by Boolean
matrix ( ) where if and only if the sub-pixel in the share is black and

if and only if the sub-pixel in the share is white. When transparencies

are stacked together, we see a combined share whose black sub-pixels are
represented by the Boolean OR of rows in .

The gray level of this combined share is proportional to the Hamming weight . This
gray level is interpreted by the visual system of the users as black if for some fixed
threshold . Three variables control the reconstruction of black and white regions in
the recovered image: a threshold value , the pixel expansion and a relative contrast [46].
A Threshold is a numeric value that represents a gray level, which is perceived by the human eye
as the black color.
Literature Review 8

The construction for -OVCS achieves the optimality in terms of both pixel
expansion and relative contrast. Extended research work can be found in Athenies et al. [50]
where the authors have realized VCS on any general access structures. In 1996, Droste [51]
suggested an algorithm by using a linear program to construct -OVCS. Blundo et al. [52]
also relied on the linear programming for optimal contrast. For the first time, Blundo et al.
defined canonical form for a -OVCS and analyzed the contrast of VCS schemes.

In 2011, Shyu and Chen [53] considered the minimization of the pixel expansion of a
-OVCS into an ILP to get the optimum solution. Adhikari et al. [54] proposed a technique
to construct any -OVCS using linear algebra. The technique is useful even for the case
when is large enough. In order to improve the contrast of OR operation in VC, past research
has demonstrated four kinds of solutions. Specifically, the first contrast enhancing method is
based on analyzing the structure of basis matrix [52] [55]. The second effective way is to use
mathematical equations to analyze the contrast [56] [57] [58]. The third method is based on a
searching algorithm to search for the scheme which is able to generate the largest contrast [59]
[28].

In spite of improving the contrast of dark region and white as suggested still, the noise
exists in the pixels. Therefore, the fourth effective way of improving contrast is to use VC
restoration devices designed with other decryption models such as XOR and cover base which is
achieved by distributing more than one VC shares to each participant [11].

2.3.1.2 XOR-based Monochrome Deterministic VCS

The OR-based VCS suffers from the low quality of the reconstructed image. It cannot be
improved beyond a certain level in most of the scheme. Tuyls et al.[28] suggested a VCS scheme
based on the polarization of light where the Boolean XOR is used as underlying mathematical
operation.

It is done by inserting a liquid crystal layer into a liquid crystal display (LCD). In
comparison with OR-based schemes where a participant has to carry a number of transcripts to
update the shares, in an XOR-based VCS a person has to carry just a device that has a display.
Literature Review 9

(a) Original Secret Image (b) Transformed Image by (c) The First Share S0
Halftoning process

(d) The Second Share of S1 (e) Stacked image using OR, (f) Stacked image using XOR,
(S0, S1) (S0, S1)
Figure 2.4: Process of XORing operation on VCS
For recovering the secret image the liquid crystal layers have to be stacked together.
Moreover, due to the rapid advancement of technology, these devices are getting cheaper. In the
suggested scheme for XOR [60] the authors constructed a XOR based -VCS and proved that a
XOR based VCS is equivalent to a binary code.

In general, XOR- based VCS are non-monotone i.e., if a qualified set of parties can
recover the secret image it does not necessarily hold that every superset is able to recover the secret
image. The main difference between these two models of visual cryptography lies in the fact that
the OR model captures strong access structures but in the XOR model due to the randomness of
the XOR operation, it is not possible to satisfy monotone properties However, we can solve this
problem with a slight modification in the definition of XOR scheme.

The security conditions for both the models are same, but the difference lies in the contrast
condition. Naor and Shamir’s [1] original suggestion has been extended in the 2-out-of-2
secret sharing scheme by using a halftoning technique. It also extends basic visual
cryptography a step further by supporting other variants of images.

2.3.2 Halftone Visual Cryptography

Halftoning is a display technique that works with gray-level depth by partitioning an
image into small areas. In this process pixels of different values are arranged to reflect the pixel
Literature Review 10

density. The halftoning technique can be applied to both, color and grayscale images. Halftoning
techniques are frequently used within many VCS.

A halftone scheme was proposed [61] where the quality of the shares is improved by
using contrast enhancement techniques. However, this scheme lacks in perfect security feature.
All the previously discussed VC schemes suffer from pixel expansion in that the shares are larger
than the original secret image.

The error diffusion techniques spread the pixels as uniformly as possible to achieve the
improvements in the shares overall quality. Error diffusion is an adaptive technique that
quantizes each pixel according to the input pixel as well as its neighbors. Error diffusion forces
total tone content to remain the same and attempt to localize the distribution of tone levels [62].
At each pixel, the errors from its preceding neighbors are added to the original pixel value and a
threshold would be applied to this modified value.

(a) Original Grayscale Image (b) Halftone Image (c) The 1st Share S0

(c) The second Share S1 (d) Stacked image using OR, (S0, S1)
Figure 2.5: Halftoning process
Literature Review 11

Based on the idea of extended visual cryptography, Zhou et al. [63] set about improving
these techniques by proposing halftone grayscale images which carry significant visual
information. This drastically improves the security model for visual cryptography. Along with
Zhou, several authors present novel techniques by which halftone images can be shared with
significant visual meaning which have a higher quality than those presented within by employing
error diffusion techniques [62].

Another scheme proposed by Wang et al.[62] uses only boolean operations. The contrast
is also higher than other probabilistic visual cryptography sharing schemes. The area of contrast
within halftone and grayscale VC is an interesting one because the contrast determines exactly
how clear the visual secret is recovered. Cimato et al. [64] developed a visual cryptography
scheme with ideal contrast by using a technique known as reversing technique. The process of
reversing, changes black pixels to white pixels and vice-versa.

In the traditional VC, the VC shares are meaningless pictures which contain a random
pattern after application of halftoning operation.The original image shares are binary pictures or
grayscale pictures which can be transformed into meaningful shares using an extended visual
cryptography concept. The concept helps in providing security of shares.

2.3.3 Extended Visual Cryptography

Extended visual cryptography schemes allow the construction of VCS within which the
shares are meaningful. In extended visual cryptography a recognizable image can be viewed on
each of the shares rather than random shares. Once the shares will be stacked the image on the
shares will disappear and the secret message will be visible.

There are two ways of implementing the extended VC. The first method is to define an
access structure of basis matrix which is used to generate a dither matrix to reproduce the input
image. The second way of generating embedded VC shares is achieved by calibrating the
halftone input image. In EVCS, the first shares need to be images of something like a train, car
or some form of meaningful information. The secret message is normally the message.
This requires a technique that has to take into consideration the color of the pixel in the secret
Literature Review 12

image. When the shares are superimposed, their individual images disappear and the secret
image can be seen.

The contrast of extended VC can be assessed by Hamming weight, which is similar to

traditional VC. Related researches also conducted investigations of improving the contrast of
extended VC shares so as to enhance the visual quality of their input images. Figure 2.6 gives an
example of the extended VC with meaningful shadow over the secret input image.

(a) Secret image (b-c) Shadow 1and 2 with meaningful image

(d) Recovered secret

Figure 2.6: Meaningful Recovery of Secret Image

The share in basic forms of VC potentially gives away the fact that they are encrypted.
Extended VC helps with this, producing meaningful shares which have the same pixel expansion
as the original basic VC schemes but it still has limited contrast with the recovered secret.

2.3.4 Contrast Enhanced VC Schemes

Enhancement in contrast of VC schemes remains an important research area among the
researchers in the security domain. The scheme which minimizes pixel expansion and also
increases the overall contrast always results in a very clear secret recovery during decryption
through HVS. This increases the potential for VC once again, to attain quality in terms of better
contrast. Viet and Kurosawa’s [65] scheme allows for the perfect restoration of the black pixels
Literature Review 13

but only an almost perfect restoration of the white pixels. Cimato et al.[64] provide their results
for perfect restoration of both black and white pixels. Yang et al. [66] presented a scheme that
allowed perfect contrast reconstruction and also looked at the shortcomings of Viet and
Kurosawa’s scheme.

An approach based on coding theory helps to provide an optimal tradeoff between the
contrast and the number of sub-pixels. Optimal schemes are also examined in terms of
contrast related to the Hamming distance, as well as the sub-pixels tradeoff required for these
optimal schemes. The overall contrast affects the quality of the recovered secret so it is an
extremely important evaluation metric for any scheme which supports either a single secret or
multiple secret.

2.3.5 Dynamic Visual Cryptography

Dynamic VC aims at hiding more than one secret in the share of VC. It has been
developed to meet the requirement of multiple-secret sharing in the shares of the secrets. In a
multiple-secret VCS, the first secret can be revealed after superimposing the required two
shares and . By keeping the position of fixed while rotating with a certain angle,
another secret will turn up [67].

Suggested chen et al.[67] scheme is quite limited in its use. Due to the nature of the
angles required, this scheme can only share at most two secrets. As a
significant improvement, further approaches have changed the appearance of shares from rectangles
to circles share[68]. It helps not only to add additional information such as some supplementary
points, lines or markers but also extends the flexibility of the rotating angle to any degrees between
and [68] [69].

Further, dynamic VCS scheme has been suggested that encodes a set of secrets
into two circle shares [70]. This is one of the first set of presented results that is capable of sharing
more than two secrets in two shares only. The expansion is twice the number of secrets to be
hidden, so the size of the circle shares increases when number of secrets are hidden. However, the
number of secrets that are contained within the shares still remains hidden unless marking lines are
added to the circle shares for the alignment. Knowing how many secrets are actually contained
Literature Review 14

within the shares is also a big concern. If many secrets are concealed and rotation of the shares
occurs too quickly, it is possible that all secrets may not be recovered.

Feng et al.’s [70] proposed scheme is formally defined as a - -VSSM extended visual
cryptography secret sharing scheme for secret images. Once the shares are positioned at their
aliquot angles, the secrets are instantly revealed. The contrast of the scheme is also a big issue here.
The previously discussed schemes originated from Wu and Chen [68] and Shyu et al.[69] provide
better contrast, whereas Feng et al.’s scheme contrast is ⁄ times of pixel expansion . As the more
secrets would be added, the contrast becomes lower, so overall image quality deteriorates.

The prime concern of the multiple-secret VC is the determination of the exact position of
two secrets in shares for secret revealing. Especially for circular VC shares in the case of not
knowing the number of total hidden secrets, it is highly likely to result in the missing of the
restoration of unique secrets. Along with the improvement of increasing secret information
capacity, multiple secret visual cryptography has come with few more disadvantages. In
multiple-secret VC, the pixel needs to be expanded times of that in the traditional VC,
denotes to the number of secrets hidden in VC.

2.3.6 Size Invariant Visual Cryptography

Size invariant VC has been proposed to overcome the problem of pixel expansion in the
traditional scheme [71]. Many researchers have worked towards the problem of improvement in
pixel expansion problem [72]. The scheme proposed by Ito et al.[71] uses the traditional
scheme where pixel expansion is equal to one. The recovered secret can be viewed as the
difference of probabilities with which a black pixel in the reconstructed image is generated from
a white and black pixel in the secret image.

The most important part of any VC scheme is the contrast. The contrast for this scheme is
defined as follows: , where and are the probabilities with which a black
pixel on the reconstructed image is generated from a white and black pixel on the secret image.

Another method to deal with size invariant shares was proposed by Yang in which the
frequency of white pixels is used to show the contrast of the recovered image [73][74]. If quality
and contrast matter then the size of the shares also increase, for a user’s particular application. So
Literature Review 15

usually size invariant schemes incur a cost in terms of losing contrast. Image size invariant visual
cryptography for general access structures has also been suggested to improve the visual quality
[75].

The size invariant VCS adopts the access structure to store the information of VC shares and
uses OR operation as the basic secret recovery method. A typical example of the basis matrix of a
-size invariant VCS; it can be illustrated as below.

{ }

{ }

White pixels on the original secret is generated by superimposing two white pixels while
the black pixels is obtained by overlapping one black and one white pixel. Further, other research
in this direction has also been proposed to optimize size invariant VCS which effectively reduces
the pixel expansion scale [73] [74] [76]. Size invariant VCS scheme for color image is highly
needed and further research is required to make it optimal for different color model. Applying
visual cryptography techniques to the color images is a very important area of research because it
allows the use of natural color images to secure information inside the image.

2.3.7 Color Visual Cryptography

Color images are also highly popular in imaging domain. Due to the nature of a color image,
this again helps to reduce the risk of alerting someone to the fact that information is hidden within it.
Until the year 1997, the revealed secret images were all black and white and all available VCS
schemes have less support for color images.

Commonly three ways have been used to achieve color Visual Cryptography Scheme
(CVCS). In particular, the first method is to directly use the colors appeared in original secret
image [77].This CVCS method can also be classified into two approaches of concealing unused
colors on VC shares by black color and increasing or decreasing the color depth to imitate
different colors.The number of available represented colors is limited in most of the CVCS
scheme.
Literature Review 16

One typical example of this scheme is to expand every pixel in secret into a group of
pixels which is filled with red, green, and blue colors. The expanded pixel blocks are chosen from
these combinations which are similar to that of the original pixel in secret. This method effectively
reduces the required colors from to 4.

Another approach of implementing CVCS is based on separation of the color images into
three color channels (RGB) and then use halftone-related VCS to encrypt the three images
suggested by Liao and Huang. Verheul [78] used the concept of arcs to construct a colored visual
cryptography scheme. The key concept for a -color visual cryptography scheme is to transform
one pixel to sub-pixels, and each sub-pixel is divided into color regions. In each sub-pixel,
there is exactly one color region colored, and all the other color regions are black.

Figure 2.7: Process of color visual cryptography[79]

A major disadvantage of this scheme is the number of colors and the number of sub-
pixels to determine the resolution of the revealed secret image. If the number of colors is large,
coloring the sub-pixels will become a very difficult task. Stacking these transparencies correctly
and precisely by human beings is also a difficult problem.

Chang et al.[80] proposed a new secret color image sharing scheme based on modified
Literature Review 17

visual cryptography. It can encode the secret image precisely through a predefined color index
table and a few computations. The number of sub-pixels in this scheme is also proportional to the
number of colors appearing in the secret image. This scheme has another disadvantage in terms
of requirement of additional space to store the color index table.

In [80], Chang proposed a scheme applicable only for schemes in which the size of
the share is fixed and independent of the number of colors appearing in the secret image. Further,
the pixel expansion was only nine times of original pixel, which was the least amongst the
previously proposed methods.

As with many other visual cryptography schemes, pixel expansion is an issue in CVCS
also. However, Shyu’s scheme [81] has a pixel expansion of which is superior to many
other color visual cryptography schemes, especially when , the number of colors in the secret
image becomes large. In most color visual cryptography schemes, when the shares are
superimposed and the secret is recovered, the color image gets darker.

2.3.8 Progressive Visual Cryptography

The issue of progressive visual cryptography is raised due to the secret recovery problem.
The secret recovery quality depends on how the final image is to build up. Normally the contrast
of the final image after the noise removal is closely related to the final visual quality of the
restored secret.

The basic idea of the progressive VC is based on encrypting a secret image into shares
and different qualities of recovered secret can be viewed by stacking different shares.Initial
techniques of the progressive VC were based on halftone with micro block encoding (Hou,
Chang & Tu, 2001). The Quality of the recovered secret gets increased in either resolution or the
completion of colors by superimposing more shares[82]. Moreover, as for the traditional VCS
which requires high recovery quality with less noise, the loss of contrast by using OR operation
can be fixed by XOR operation even though the implementation of using devices with computing
ability is difficult. Progressive VC has been developed in grayscale and color images (Jin, Yan &
Kankanhalli, 2005) as well.
Literature Review 18

(a) Original Secret Image (b) The First Share S0 (c) The Second Share S1

(d) The Third Share S2 (e) The Fourth Share S3 (f) Reconstructed Image from
(S0, S1)

(g) Reconstructed image from (h) Reconstructed image from

(S0, S1, S2) (S0, S1, S2, S3)
Figure 2.8: Result of applying PVC

Research of available different VCS based schemes have been described before the
discussion on the VC authentication problem and cheating immune VC. The previously
mentioned trends that have been emerging within VC require more attention.

2.4 Authentication and Secure Share Problem in Visual Cryptography

From the progress of VC scheme discussion, it has been obvious that protection of secret
image is largely associated with the reliability of VC shares. Cheating in VC scheme depends on
the decryption and analysis of VC shares. The act of cheating could cause damage to victims
because person will authenticate and accept a forged image. Many researchers have
experimented cheating idea with VCS and suggested the solution for its prevention also.
Literature Review 19

Prevention of cheating via authentication methods [83] has been suggested which focus
on identification between two participants to help in the prevention of any type of cheating.
Tzeng et al. [83] proposed two types of cheating prevention mechanisms. The first one uses an
online trust authority to perform the verification between the participants. The second type
involves a change in the VC scheme whereby the stacking of two shares reveals a verification
symbol. The authentication process fails if the stacked VC shares have no appearance of their
predefined symbols. However, this method requires the addition of extra pixels in the secret.

Another cheating prevention scheme is described by Horng et al. [84]. By having an

observation of exact distribution of black and white pixels of each of the shares of honest
participants then the hacker will be able to successfully attack and cheat the scheme. A Method
which prevents the attacker from obtaining this distribution can be used to prevent cheating. Hu
et al.[83] has also presented cheating methods and its solution. Tzeng scheme also presented
improvements in Yang scheme and finally presented new cheating prevention scheme which
attempts to minimize the overall additional pixels.

Hu and Tzeng have also proved that both a malicious participant (MP), that is MP ,
and a malicious outsider (MO), MO , can cheat in specific circumstances. The MP is able to
construct a fake set of shares using his genuine share. As soon as the fake share would be stacked
on the genuine share, the fake secret can be viewed. The second method depicts that a MO is
capable of cheating the VC scheme without the knowledge of any genuine shares. The MO
creates a set of fake shares based on the optimal VCS. The fake shares also required to be
resized to that of the original genuine shares size.

Previous work has made several efforts in proposing cheating immune VCS[85]. Yang et
al. proposed a method of dividing the secret into two barcodes in visual secret sharing schemes
[86]. Commonly used ciphers include barcodes and may be the braille character in some
situation. There are only black or white pixels in a barcode, and it is difficult to be recognized by
human eyes due to its graphic arrangement structure. Conventionally, it’s data is stored in one-
dimensional barcodes by utilizing parallel lines. It is quite possible to utilize these symbols for
VC blind authentication technique.
Literature Review 20

Chen et al.[87], and Tsai & Horng [88] reviewed a number of well-known cheating
activities and Cheating-prevention Visual Secret-sharing Schemes (CPVSS). They categorized
cheated activities into meaningful cheating, non-meaningful cheating, and meaningful
deterministic cheating. Moreover, they analyzed the research challenges in CPVSS, and
proposed a new cheating prevention scheme which is better than the previous schemes in terms
of few security requirements. Not only cheating infact, the process of creation of shares during
the encoding process should always be robust. In all such cases, where the scheme itself
generates the artifact of secret image in any of the generated shares then scheme losses its
information to the corresponding participant. So,the creation of secure shares along with cheating
prevention schemes will be an attempt towards an ideal scheme for secure VCS.

2.5 Feature Analysis of Visual Cryptography

Digital image processing can be used to analyze image features in both spatial and
frequency domains. We could select visual computable features in digital image processing for
VC authentication. Specifically, techniques such as pixel histogram, entropy, moments and
centroid, textures, coefficients of Discrete Wavelet Transform (DWT), MSE, PSNR, and SSIM
features are related to the VC shares security and authentication.

2.5.1 Visual Features of Visual Cryptography

As VC is primarily processed an image which has distinguished visual characteristics,
thus, VC secret images and VC shares certainly can be analyzed with the techniques of digital
image processing. Even though the VC images store a massive information, the image is able to
be perceived by HVS. Moreover, the security of VC shares depends on the complication of the
image computable features. Therefore, it is critical to analyze the recovered secret and shares
generated from secure VC scheme.

For representing the comparison of different pixel distributions in spatial domain of an

image, pixel histogram is an effective method e.g. Figure 2.9. Due to the nature of VC schemes,
the ratio of black and white pixels in randomly distributed VC shares is approximately .
o. of pixels in a tone
Literature Review 21

Figure 2.9 : Sample Histograms of VC random shares

By making any modification in VC shares, the ratio is likely to be changed. However,

only using histogram for image matching in distinguishing two VC shares is improper since there
are only two colors in VC shares. Moreover, the other drawback of histograms for VC analysis is
its representation which is dependent on the color of the secret being shared, while ignoring its
shape and texture.

The Moments are geometric features for describing an object. It describes about the
region, size location as well as shape [89]. The moments in VC authentication system can help to
solve with the problem of size invariance and computational complexity. The moment of a share
image is given as:

where and are the order of the moment, is the coordinate of a pixel in an image
. As for the binary images which only contain black and white pixels, white pixel number can
be simply calculated as:

A moment is a size invariant image feature. In the context of VC, the similarity between
the given VC share and the genuine VC can be calculated with the moments. Moreover, as the
moments are commonly used for pattern recognition, the similarity between the original secret
image and its VC share can also be measured. The similarity between secret and its share is
Literature Review 22

expected to be as low as possible since cheaters are able to extract the features of original secret
from shares if the computable feature of a VC share is close to that of the original secret.

Apart from the above mentioned features like image pixel histogram and moments;
entropy is also a widely utilized measurement for digital image processing. Entropy is a measure of
information capacity that can be used to characterize the texture of the input image. Image entropy
is a quantity which is used to describe the amount of information which must be coded by an
algorithm. Low entropy images usually have very little contrast and a large runs of pixels are
having same or similar values. An image which looks flat will have an entropy as zero.

The texture description of image features can be different, as it is based on the actual
need in practice. Tamura et al. [90] suggested a popular descriptor using image characteristics. It
helps significantly in detecting forgery.Therefore, one can also take advantage of texture as a
features in VC authentication. Specifically, Tamura texture is constituted by directionality,
contrast, roughness, line-likeness, regularity, and coarseness. Discrete wavelet transform, Fourier
transforms and Cosine transform are the widely used transforms for digital image processing in
the frequency domain[91]. Walsh transform used in DWT is a method for those binary images
which are robust and invertible. Apart from visual features, cryptographic features of VC shares
should be another frequently investigated topic for feature analysis of VC secret and shares.
2.5.2 Cryptographic Features of Visual Cryptography
Despite the security nature of VC, the previous evaluation of the security of VC mainly
focuses on designing appropriate VC systems to make this technique resistant against attacks
from cheaters. The Hash code provides the solution for the content based authorization problem
of VC shares in order to distinguish the correct share from the unauthorized ones. The modified
shares can be prevented in the authentication process by using hash code. The Cryptographic
hash function has benefits of easy to calculate the hash value of any input data. Hash functions
are employed in a range of areas related to security, such as message authentication, message
integrity and digital signatures.

There are two popular methods used for authentication of shares and secret. First attempt
is made by using an additional share to check the authentication of the share images and the
revealed secret.The second scheme uses a blind authentication technique to prohibit the
Literature Review 23

prediction of genuine content. A scheme of embedding 2D barcode into VC shares as

authentication channel has been proposed by Weir et al. [92]. This method is quite effective, but
has visual artifact on the shares. The shares can be decoded and modified or used by cheaters
without being notified by VC share keepers.

In this work, we explored the possibility of using these features for VC authentication
and secure share creation. This work provides an extensive survey of research on VCS and its
computational models along with its application. To the best of our knowledge, this is the first
time that these kinds of different features are explored together for VC authentication and a
suggestion in the form of chaos based VC for secure share creation has been given.

2.6 Similarity Measures of Visual Cryptography Based Schemes

Various parameters have been recommended in literature to evaluate the performance of
VCS scheme. Naor and Shamir [1] suggested two main parameters, pixel expansion, and
contrast. Pixel expansion of an image depicts the number of sub-pixels used in the reconstructed
image for each pixel of the secret image. Computational complexity refers to the total time
required for the different step execution of an algorithm required to generate the set of number
of image shares and to restructure the original secret image. For the generation of shares, the
algorithm goes through each pixel of the image.

Suppose that the image is of size then there is a loop to go through each column and
nested loop for each pixel in a row of every column. As many such loops are there sequential, but
no further nested loop, so for just the generation of shares, algorithm complexity is . Say
algorithm step is to be run times, producing shares, then the complexity will be
. So limiting the value of to 5, for generating 6 shares for critical analysis, the complexity
becomes , which again gives the complexity of using asymptotic notation.
Security is satisfied if each share generated by a scheme reveals no information of the secret image
and the original image cannot be reconstructed if fewer than shares are present in ( scheme.
Accuracy is considered to be the quality of the reconstructed secret image and evaluated by different
similarity measures.
Literature Review 24

The major focus of the thesis to provide a secure scheme with advanced feature. So in most
of the schemes presented here, the quality of shares and the recovered original secret image have
been measured. The following approaches have been used in this thesis for image comparison and
analysis. The measures of similarity suggested in literature is mainly the mean squared error (MSE),
peak signal to noise ratio (PSNR), and the structural similarity (SSIM) index measure [93].

2.6.1 Mean Squared Error (MSE)

The MSE represents the cumulative squared error between the decrypted and the original
image. The lower is the value of MSE, the lower is the error. In this thesis, MSE is used to
compare original image and shares as well with the recovered secret. Given an original m × n
monochrome image I and the share generated K, MSE is defined as:

∑ ∑‖ ‖

Where and are the original and reconstructed images respectively, with a size
of .
2.6.2 Peak Signal to Noise Ratio (PSNR)
PSNR is a term for the ratio between the maximum possible power of a signal and the
noise. It represents a measure of the peak error. As signals have a very wide dynamic range, it is
usually expressed in the form of the logarithmic decibel scale. It is usually an approximation to
human perception of quality. Although a higher PSNR generally indicates that the reconstruction
is of higher quality, in some cases it may not. It is defined via the mean squared error (MSE) as:

( ⁄ )

Where, is the maximum possible pixel gray level value in the image. When the
pixels are represented using 8 bits per sample, this is between 0 to 255.

2.6.3 Structural Similarity Index Measure (SSIM)

The structural similarity (SSIM) index is measuring the similarity between two images.
The SSIM index is measuring image quality based on an initial original secret image as a
reference. SSIM is designed to improve on traditional methods like peak signal-to-noise ratio
Literature Review 25

(PSNR) and mean squared error (MSE), which have proven to be inconsistent with human eye
perception.

Structural information is the idea that the pixels have strong relations and carry important
information about the structure of the objects in the visual scene. The SSIM metric is calculated
on different windows over an image[93] [94].

and are the two variables to stabilize the division, with weak denominator. These are
defined as , The default values of and are 0.01 and 0.03
respectively.

2.6.4 Correlation Coefficient (XCOR)

The correlation coefficient is a basically representing the similarity between two images
in relation to their respective pixel intensity. To calculate the cross correlation between two
images first, the two matrices corresponding to pixel intensity values of the images would be
constructed and should be of the same dimension. Now convert these matrices to a long array of
numbers of length The Cross-correlation value of below 0.1 generally
signifies that two images are visually different, whereas a value above 0.6 usually means images
are similar visually. So, if it is between 0.1 and 0.6 after comparing then further analysis is most
probably required.

In order to hide the secrecy, one may go for expansion and increase the number of shares,
but this affects the resolution. Hence, research in VC is towards maintaining the contrast at the
same time maintaining the security.

2.7 Findings of Literature and Contributions

With the growing interests in the field of the image as data and its security, researchers
have been concerned a lot with the different mechanism of VC. Therefore, a number of the visual
computational model, inspired by secret sharing has been developed. The purpose of this section of
the chapter is to bring together the different concepts and ideas suggested in VC research domains
in the last few decades.
Literature Review 26

A detailed comparison among the VCS schemes has been carried out using different
context [32]. As shown in Table 2.1, only a very few visual cryptography schemes attain the
desired minimum pixel expansion ratio. Shyu et al. scheme [95] require less overhead for storage
and transmission to share multiple secrets, while meaningful shares generated by the scheme [96]
[4] and [97] can be helpful to avoid attacks by hackers. The schemes supporting color images
[77] [78] and [80] and sometimes gray images are quite useful in the multimedia environment.
Literature Review 27

Table 2.1: Comparison of different nature of VCS for their suitability

Sr. Authors Year No. of Pixel Image Format Type of Share
No. Secret Expansion generated
Images
1 Naor and Shamir 1995 1 4 Binary Random
2 Wu and chen 1998 2 4 Binary Random
3 Hsu et al. 2004 2 4 Binary Random
4 Wu and cheng 2005 2 4 Binary Meaningful
5 Chin-chen chang 2005 1 4 Binary Random
6 Liguo fang 2006 1 2 Binary Random
7 s. j. shyu 2007 >=2 2 Binary Random
8 w.p.fung 2007 2 9 Binary Random
9 Jen bang 2008 >=2 3 Binary Random
10 Mustafa Ulutas 2008 2 4 Binary Random
11 Tzung-Her Chen et al. 2008 2 1 Binary Random
12 Chen et al. 2008 ( >=2) 4 Binary, Gray, Random
Color
13 Zhengxin Fu 2009 4 9 Binary Random
14 Jonathan Weir et al. 2009 4 Binary Random
15 Xiao-qing Tan 2009 1 1 Binary Random
16 Verheul Tilborg 1997 1 *3 Color Random
17 Yang & Liah 2000 1 *2 Color Radom
18 Chin Chen Chang et al. 2002 1 9 Gray Meaningful
19 Haibo Zhang et al. 2008 1 1 Gray Random
20 Jonathan Weir 2011 1 4 Binary, Gray, Hatched
Color
21 Yang et al. 2013 1 1 Gray Random

Essentially the most important part of any VC scheme is the contrast of the recovered
secret from a particular set of shares. Ideal schemes provide a high contrast when the secret is
recovered. However, a tradeoff is required in some schemes depending on the size of the shares
along with the number of secrets which may be concealed. Especially within extended visual
cryptography schemes, contrast is of major importance. Some schemes present methods which do
not work well with printed transparencies and depends on computation in order to recover the
secret.
Literature Review 28

In this respect, high quality secret recovery is possible, however, it is preferred if the
scheme works well with printed transparencies. After all, this is the core idea behind VC.
Conversely, if an application requires digital recovery of the secrets, then perfect recovery can be
achieved via the XOR operation. Shares size close to the original secret size is the best scheme
designed for any VC, as shares are easier to manage and transmit. Large secrets with even larger
shares become cumbersome. However, at times a tradeoff must be made between the size of the
shares and the contrast of the recovered secret. The tradeoff between size and the secret recovery
must be suitable so that high quality recovery can take place and must also ensure that the shares
do not expand into unmanageable sizes.

The use of grayscale and color images has added value to the field of visual
cryptography. The fact that any image type can be used to share a secret within visual
cryptography shows a great improvement in the very initial work that required an image to be
converted to its binary equivalent before any processing could be done on it. However, the
application of the scheme depends greatly on the type of images to be taken as input. Efficiency
covers a number of things which have already been discussed, such as contrast and the share
size. The concept of measuring efficiency also includes how the shares and images have been
processed.

Many of the schemes of VCS work extremely well and the techniques have proven to be
very useful for many applications for the purpose, such as verification and authentication. The
following noticeable observation has been identified within visual cryptography:
 The various factors affect the VCS scheme before applying for any practical application,
e.g. pixel expansion, contrast, no. of shares generated, and type of shares.
 Color supported VCS has been less explored in the literature and it seems computational
costly also because of its natural characteristics.
 For getting higher contrast X-OR based schemes may be used, but with the cost of losing
natural VCs approach.
 General schemes ( -out-of- ) have a different pixel expansion using the basis matrix
approach.
 By using probability based recreation of pixel, suggested VCS are able to achieve
minimum pixel expansion
Literature Review 29

 For the multimedia environment color VCS and gray level supporting VCS are quite
meaningful
 In case of circular shares it seems difficult to find a reference point although it saves
space complexity of approach.

In order to hide the secrecy, we go for expansion and increase of the number of shares,
but this affects the resolution. Hence, research in VC is towards maintaining the contrast at the
same time maintaining the security. Based on the insight from the literature a new authentication
system has been suggested (to be discussed in the next chapter) which uses the technique of bit
level based processing of lukac and plataniotis [98] to improve the security level of existing
systems.

2.8 Summary
This chapter highlights previous research of VCS and the knowledge that is required for
exploring VC schemes further. Specifically, several paradigms in the research areas of VC have
been introduced, including traditional VC, extended VC, dynamic VC, color VC and progressive
VC. Different research findings have been analyzed and the efficiency, as well as the level of
difficulty, has been brought out. Various examples to illustrate the secret sharing schemes, in
general, has also been discussed. Several features of VC have been reviewed and analyzed in VC
authentication and creation of cheating free VCS.

This literature survey served as a firm grounding on the research topic and helped to
design our new approach. On the basis of past results and assistance from technologies such as
chaotic map, digital image processing, and cryptography, this thesis mainly focuses on making
improvement in enhancing the security of VC shares and along its application in practical cases
for authentication. Overall, this chapter has summarized much of the work done in the area of
visual cryptography. There are still many topics worth exploring within VC to further expand on
its potential in terms of secret sharing, data security, identification, and authentication.