Journal of Real-Time Image Processing (2024) 21:83

https://doi.org/10.1007/s11554-024-01450-8

RESEARCH

Software and hardware realizations for different designs

of chaos‑based secret image sharing systems
Bishoy K. Sharobim1,4 · Muhammad Hosam1 · Salwa K. Abd‑El‑Hafiz2 · Wafaa S. Sayed2 · Lobna A. Said1 ·
Ahmed G. Radwan2,3

Received: 14 December 2023 / Accepted: 1 March 2024 / Published online: 6 May 2024
© The Author(s) 2024

Abstract
Secret image sharing (SIS) conveys a secret image to mutually suspicious receivers by sending meaningless shares to the
participants, and all shares must be present to recover the secret. This paper proposes and compares three systems for secret
sharing, where a visual cryptography system is designed with a fast recovery scheme as the backbone for all systems. Then,
an SIS system is introduced for sharing any type of image, where it improves security using the Lorenz chaotic system as
the source of randomness and the generalized Arnold transform as a permutation module. The second SIS system further
enhances security and robustness by utilizing SHA-256 and RSA cryptosystem. The presented architectures are implemented
on a field programmable gate array (FPGA) to enhance computational efficiency and facilitate real-time processing. Detailed
experimental results and comparisons between the software and hardware realizations are presented. Security analysis and
comparisons with related literature are also introduced with good results, including statistical tests, differential attack meas-
ures, robustness tests against noise and crop attacks, key sensitivity tests, and performance analysis.

Keywords Chaos · FPGA · Secret image sharing · SHA-256 · Visual secret sharing

1 Introduction increased in the information security fields such as cryptog-

raphy, information hiding, and secret sharing (SS) [1].
Digital data have become essential to modern telecom- SS is a relatively new idea introduced by Shamir in 1979,
munications, especially where vast images are stored and where a secret number is sent to a group of participants as
transferred. This increased the awareness of privacy and n shares of the secret in a meaningless form [2]. Each share
information security, and made protecting digital images alone does not give any information about the secret num-
a very important requirement. As a result, research efforts ber, while a group of k or more shares can reveal the secret,
where k ≤ n. The idea was based on polynomial interpola-
tion, and it is useful when the recipients are mutually suspi-
cious or must cooperate. It is also used in cloud computing
This work is supported by the Science, Technology, and Innovation and distributed storage [1].
Funding Authority (STIFA), Egypt, under grant number 45631. The idea of SS was improved to work for images in 1995
by Naor and Shamir, who introduced Visual Secret Sharing
* Bishoy K. Sharobim
[email protected] (VSS) [3]. In VSS, the recovery process is as easy as stack-
ing the shares to recover the secret image using the human
1
Nanoelectronics Integrated Systems Center (NISC), Nile visual system. Stacking images is equivalent to the boolean
University, Giza 12588, Egypt OR operation between the images [4]. More secure systems
2
Engineering Mathematics and Physics Department, Faculty were needed, which led to the introduction of Secret Image
of Engineering, Cairo University, Giza 12613, Egypt Sharing (SIS) by Thien and Lin in 2002 [5]. They used poly-
3
School of Engineering and Applied Sciences, Nile nomial interpolation with shares of size 1/k of the secret
University, Giza 12588, Egypt image, but it needed more computation power compared to
4
Centre of Informatics Science, School of Information VSS.
Technology and Computer Science, Nile University, Giza,
12588, Egypt

Vol.:(0123456789)

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

83 Page 2 of 16 Journal of Real-Time Image Processing (2024) 21:83

The need for acceleration and easily integrating encryp- of the recovered image [11]. Another type is the tagged
tion into existing systems led to the use of field program- shares, which adds information in each share to differen-
mable gate arrays (FPGAs) as pivotal tools in the realms of tiate between shares by folding the share, for example, to
both cryptographic operations and VSS. Their distinctive show the tag [12]. Others added features like meaningful
ability to be customized for specific tasks, coupled with their shares [13] or sharing multiple images [14].
prowess in parallel processing, has propelled them to the As previuosly mentioned, the recovered image quality in
forefront of secure data processing [6]. Security applica- VSS increases when using XOR. Hence, it is the primary
tions often favor FPGAs over general-purpose computers recovery method for recently proposed systems. A lossless
because of their low power consumption, high throughput, system was introduced for binary and grayscale images by
design adaptability, cost-effectiveness in development per converting the image into a bitstream and sharing it using pixel
unit, rapid processing speed, resilience to noise, and elevated vectorization [15]. Another proposed system prioritized differ-
security levels [7, 8]. ent shares, giving high importance to some shares that can be
This work presents a VSS system as a main block for SIS used in recovery and give better quality, but this system was
to ensure fast recovery. Then, two new lossless (n, n)-SIS lossy [16]. Another system requires some essential shares to be
systems are introduced for sharing binary, grayscale, or color present in the recovery process to recover the secret, and it can
images using the VSS system as the backbone. The first SIS not be recovered without including those essential shares [17].
system uses the Lorenz chaotic system as a source of ran- While VSS is simple, it is not robust to noise and lacks good
domness, utilizes the generalized Arnold transform to per- quality for the recovered images in most systems.
form permutations, and has a long and sensitive system key. On the other hand, the common techniques used in SIS
The second SIS system further enhances security and robust- systems are the Chinese Remainder Theorem (CRT) and poly-
ness using SHA-256 and RSA public-key cryptosystem. nomial interpolation, where the size of the shares can be a
Software implementations and FPGA realizations, includ- portion of the secret size or with fixed size [18]. Some features
ing all the used modules, are presented for the three systems. are also added to SIS, such as meaningful shares [19] and
Security analysis is performed between the secret image and sharing multiple secrets [20]. A system for grayscale images
shares, and validated hardware results are presented. The was proposed that produced fixed size shares of 23 × 23 [18].
experimental results show the systems’ effectiveness when Other systems used CRT to have smaller shares with size 1/k
deployed on FPGAs, exhibiting real-time processing capa- of the secret image size [21]. Another system prioritized par-
bilities and minimal resource utilization. Performance analy- ticipants, where high priority shares recover the secret with
sis and comparisons with recent approaches are also pre- higher quality [22]. Quick Response (QR) codes are also used
sented. The results demonstrate that the proposed enhanced to conceal shares and make them less suspicious[23]. Another
system is a secure, robust and efficient SIS system. system used CRT, XOR and a modification of Shamir’s secret
The next section of this paper briefly reviews the recent sharing to share different types of images [24].
related approaches of secret sharing. Section 3 describes
the background needed for the proposed systems. Section 4
describes the VSS system, and Sect. 5 describes how the 3 Background
VSS system is modified to create the first SIS system. Sec-
tion 6 describes the second SIS system. Section 7 describes This section describes the background needed for the proposed
the hardware implementations for the three systems. Sec- systems, including the Lorenz chaotic system which is used
tion 8 gives the results and comparisons, and Sect. 9 briefly as a source of randomness, the generalized Arnold transform
gives the conclusions and future work. which is a permutation algorithm, SHA-256 which is a hash
function, and the evaluation criteria used to test the proposed
systems.
2 Related work
3.1 The Lorenz chaotic system
Most VSS systems use halftoning to convert all types of
images into binary images and process them. Halftoning The Lorenz system is used as a Pseudo Random Number Gen-
represents the image as dots, which affects the quality of erator (PRNG) of the proposed systems, and it has the follow-
the images [9]. Due to data loss when OR is used in recov- ing equation [25]:
ery, XOR is used in recent literature to provide better qual- dx dy dz
ity for the recovered images [10]. There are different types = 𝜎(y − x), = x(𝜌 − z), = xy − 𝛽z, (1)
dt dt dt
of VSS introduced for different purposes, such as weighted
VSS, which gives different weights for shares, and the total where 𝜎, 𝜌, and 𝛽 are the system’s parameters. The system is
weight available in the recovery process defines the quality solved by Euler method using the following formulae [26]:

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

Journal of Real-Time Image Processing (2024) 21:83 Page 3 of 16 83

256 bits

Key Part 43 bits 43 bits 43 bits 43 bits 42 bits 42 bits

Equation

Range

Fig. 1  Subkeys generation

[ ] [ ][ ]
xt+1 = xt + h(𝜎(yt − xt )), (2a) x 𝛾𝜁 + 1 − 𝛾 x�
y
=
−𝜁 1 y�
mod N, (5)

yt+1 = yt + h(xt (𝜌 − zt )), (2b)

3.3 Secure hash algorithm: SHA‑256
zt+1 = zt + h(xt yt − 𝛽zt ), (2c)
The SHA-256 is a well-known hash function that takes an
where h = 2−7 is the time step, and x0 , y0 and z0 are the
input of size < 264 bits and maps it into a 256-bit digest [29].
initial conditions.
The SHA-256 has a word size of 32-bit, where all the opera-
The step h is chosen as a negative power of 2 to be
tions are performed on words. First, the functions used in the
used in the hardware implementation as shifting instead of
algorithm are given as follows:
multiplication [27].
The following equation is used to extract l bits from x: Ch(x, y, z) = (x ∧ y) ⊕ (¬x ∧ z), (6a)

⌊xt × sf ⌋ mod 2l , (3)

Maj(x, y, z) = (x ∧ y) ⊕ (x ∧ z) ⊕ (y ∧ z), (6b)
where sf is a scaling factor chosen to ensure randomness,
⌊⋅⌋ is the floor function, and similar equations are used for 𝛺0 (x) = ROTR2 (x) ⊕ ROTR13 (x) ⊕ ROTR22 (x), (6c)
y and z.
To generate the initial conditions and parameters for the
𝛺1 (x) = ROTR6 (x) ⊕ ROTR11 (x) ⊕ ROTR25 (x), (6d)
Lorenz system, a system key is used with a size of 256 bits to
resist brute force attacks. Figure 1 illustrates how to extract the
initial conditions and parameters, with the ranges required for 𝜔0 (x) = ROTR7 (x) ⊕ ROTR18 (x) ⊕ SHR3 (x), (6e)
the chaotic operation of the Lorenz system.
The same extraction process is performed in the generation 𝜔1 (x) = ROTR17 (x) ⊕ ROTR19 (x) ⊕ SHR10 (x), (6f)
and recovery schemes, using the same system key, to guaran-
tee the correct operation of both sides of the sharing system. where ROTRn is circular right shift n positions and SHRn is
The randomness test results for the Lorenz chaotic system are right shift n positions.
provided in the supplementary file. The SHA-256 starts with initializing two types of con-
stants [29], the first type is a set of 64 constant words,
3.2 Generalized Arnold transform K0 , K1 , ⋯ , K63. They come from the first 64 prime numbers,
where 32 bits of the fractional parts of cube roots are used.
Arnold transform is used to permute the pixels of an image, The second type of constants is the set of initial hash values,
where a pixel in the position (x, y) is transformed to the new H0 , H1 , ⋯ , H7, which consists of 8 words obtained from the
position ( x� , y� ) [28]. The generalized Arnold transform has square root of the first 8 prime numbers, where the first 32
the following equation: bits of the fractional part are used.
[ �] [ ][ ] After initializing the constants, two steps of preprocess-
x 1 𝛾 x ing are done on the input. The first step is padding the mes-
y�
=
𝜁 𝛾𝜁 + 1 y
mod N, (4)
sage to be able to parse it into equal 512-bit blocks. For a
message of size l, one bit "1" is appended to the end of the
where 𝛾 and 𝜁 are the parameters for the transformation, and
message followed by k zero bits, where k is the smallest
N is the dimension of a square image. The inverse transfor-
positive solution for the equation:
mation is given by
l + 1 + k ≡ 448 mod 512. (7)

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

83 Page 4 of 16 Journal of Real-Time Image Processing (2024) 21:83

Then, append the binary value of l in 64 bits, to have a pad- 4 The VSS system
ded message whose size is a multiple of 512. Afterward, the
padded message is parsed into 512-bit blocks. Each message The VSS generation scheme is shown in Fig. 2a, generat-
block, M, consists of 16 words, M0 , M1, ⋯, M15, and is pro- ing n shares from the input image using the Lorenz chaotic
cessed as follows, where the operations are performed on the system. First, a random number Rand in the range [1, n] is
blocks consecutively to get the final hash and all additions generated from Lorenz using:
are mod 232 :
Rand = (⌊xt × sf ⌋ mod n) + 1, (13)
1. Prepare W: where sf = 240.
⎧M, Then, for each pixel PS in the secret image I, (n − 1) ran-
0 ≤ t ≤ 15 dom pixels are generated from the Lorenz chaotic system.
⎪ t
Wt = ⎨ 𝜔1 (Wt−2 ) + Wt−7 + 16 ≤ t ≤ 63 (8) Each random pixel Pi is generated using:
⎪ 𝜔0 (Wt−15 ) + Wt−16 ,
⎩
Pi {R, G, B} = ⌊{xt , yt , zt } × sf ⌋ mod 28 , (14)
2. Initialize variables for current hash:
where the three outputs of the Lorenz chaotic system are first
a = H0 , b = H1 , c = H2 , d = H3 , (9a) scaled by sf to access the fractional parts. Then, the 8 least
significant bits (LSBs) are extracted using the mod operation
to obtain three 8-bit random numbers that represent the R,
e = H4 , f = H5 , g = H6 , h = H7 . (9b)
G, and B channels of a random pixel, Pi.
3. For each word in W, t = 0 to 63: Using PS and the generated random pixels Pi, the nth pixel
PRand is calculated as
T1 = h + 𝛺1 (e) + Ch(e, f , g) + Kt + Wt , (10a)
⨁
n−1
PRand = PS ⊕ Pi , (15)
T2 = 𝛺0 (a) + Maj(a, b, c), (10b) i=1
⨁
h = g, g = f, f = e, e = d + T1 (10c) where ni xi represents an XOR of many terms.
The (n − 1) random pixels and PRand are distributed into
the n shares according to the value of Rand using the dis-
d = c, c = b, b = a, a = T1 + T2 . (10d) tributing table shown in Fig. 2a, where PRand is assigned to
4. Compute the new hash values after the block: the share SRand , and the random pixels Pi are consecutively
placed in the other shares. The recovery scheme is simple,
H0 = a + H0 , H1 = b + H1 , H2 = c + H2 , (11a) as shown in Fig. 2b, where the shares are XORed to recover
the secret.
H3 = d + H3 , H4 = e + H4 , H5 = f + H5 , (11b) The statistical analysis results are given in [31], where
the system passes all statistical tests. The robustness analy-
H6 = g + H6 , H7 = h + H7 . (11c) sis results are shown in Table 2, where the system does not
pass the crop and differential attack tests. Key sensitivity is
After repeating the above steps for all the blocks, the final not applicable, because no key is used in decryption. Modi-
digest is formed by concatenating the final binary hash values fications to the system will be introduced in the following
using: sections to pass the aforementioned tests.
H0 ∥ H1 ∥ H2 ∥ H3 ∥ H4 ∥ H5 ∥ H6 ∥ H7 , (12)
where ∥ is the concatenation operation.
5 The first SIS system
3.4 Evaluation criteria
The generation scheme of the first proposed SIS system,
The statistical security criteria and robustness of the proposed SIS-I, is shown in Fig. 2c, where it consists of substitution
systems against different attacks are evaluated, where the tests and permutation phases followed by the VSS system. The
and the attacks are described in Table 1 with the description, substitution and permutation phases enhance the system’s
formula, ranges, and optimal values. security by incorporating the confusion and diffusion prop-
erties as defined by Shannon [32]. The permutation stage
also enables the system to resist crop attacks.

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

 Table 1  Evaluation criteria
Name Description Formula Range Optimal
Journal of Real-Time Image Processing (2024) 21:83

Histogram Shows the distribution of pixel values – Any dist Uniform dist
Entropy Measures the randomness in an image − i=0 P(i)log2 P(i), where P(i) is the probability of the pixel value i
∑255 [0, 8] 8
Root Mean Square Measures the difference between two images [0, 255] –
Error (RMSE) W×H i=1 j=1
(x(i, j) − y(i, j))2 ,
where W and H are the width and height of
�
1 ∑H ∑W

the images, respectively, and x(i, j) is the pixel value at row i and column j in the
image x
n n n n n
Correlation coefficient The correlation coefficient, 𝜌, measures the degree of similarity 1∑ 1∑ 1∑ 1∑ 1∑ 2 [−1, 1] 0
/ Adjacent pixels between two vectors / between adjacent pixels in horizontal, verti- Cov(x, y) = (xi − xj )(yi − yj ), D(x) = (xi − x) ,
n i=1 n i=j n i=j n i=1 n i=j j
correlation cal, and diagonal directions
Cov(x,y)
𝜌= ,
D(x) D(y)
√ √

NIST SP 800-22 A group of 15 tests of randomness issued by NIST [30]. The P-value [0, 1] [0, 1] P-value ≥α
is calculated for each test, with a selection of an 𝛼 = 0.01 or 0.001
for encryption applications"
Noise attacks Noise is added to the shares, and the recovered image is investigated 255 [0, ∞] –
to study the effect of noise by measuring the Peak signal-to-Noise
PSNR = 20 log10
RMSE
Ratio (PSNR)
Crop attack Parts of the shares are cropped, and the recovered image is investi- PSNR [0, ∞] –
gated to study the effect of cropped parts
Key sensitivity One bit is changed in the key during decryption and the RMSE and RMSE, BER RMSE [0, 255] BER 0.5
Bit Error Rate (BER) are measured between the original image and BER [0, 1]
the wrongly recovered image
{
Differential attacks Study the impact of changes in the plain image on the cipher image. A [0, 100] NPCR 99.61%
0 if (E1 (i, j) = E2 (i, j)), 1 ∑H ∑W
change in the LSB of a random pixel in the original image is done. D(i, j) = NPCR = H×W i=1 j=1 D(i, j) × 100% UACI33.46%
The Number of Pixel Change Rate (NPCR) and the Unified Average 1 if (E1 (i, j) ≠ E2 (i, j))
Changing Intensity (UACI) are measured between the cipher images × 100%
UACI = H×W i=1 j=1 255

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

from the original image E1 and the the modified image E2
1 ∑H ∑W ∣E1 (i,j)−E2 (i,j)∣
Page 5 of 16 83
83 Page 6 of 16 Journal of Real-Time Image Processing (2024) 21:83

Fig. 2  Block diagrams of the proposed (a) VSS generation, (b) VSS recovery, (c) SIS-I generation, (d) SIS-I recovery, (e) SIS-II generation, and
(f) SIS-II recovery

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

 Table 2  Results of different attacks
Criteria VSS SIS-I SIS-II
RMSE RMSE
Key part R G B Avg. Key part R G B Avg.

Key Sensitivity N/A k1 50.89 85.33 47.81 61.34 k1 50.77 85.47 47.89 61.38
k2 50.79 85.12 47.74 61.22 k2 50.83 85.57 47.93 61.44
k3 k3
Journal of Real-Time Image Processing (2024) 21:83

50.85 85.45 47.89 61.40 50.84 85.11 47.69 61.21

k4 50.78 85.39 47.81 61.33 k4 50.84 85.11 47.78 61.24
k5 50.95 85.63 48.01 61.53 k5 50.93 85.36 47.80 61.36
k6 50.84 85.32 47.86 61.34 k6 50.90 85.40 47.86 61.39

PSNR PSNR PSNR

Img. R G B Avg. Img. R G B Avg. Img. R G B Avg.
Noise Attacks (25% S& P) I, R 33.84 33.82 33.82 33.83 I, R 33.82 33.82 33.82 33.82 I, R 33.82 33.82 33.82 33.82

PSNR PSNR PSNR

Img. R G B Avg. Img. R G B Avg. Img. R G B Avg.
Crop Attacks (25%) I, R 33.91 33.93 33.92 33.92 I, R 33.92 33.91 33.91 33.91 I, R 33.93 33.93 33.91 33.93
Images NPCR UACI Images NPCR UACI Images NPCR UACI
Differential Attacks S1 , MS1 00.000 00.000 S1 , MS1 00.000 00.000 S1 , MS1 99.610 33.465
S2 , MS2 00.000 00.000 S2 , MS2 00.000 00.000 S2 , MS2 99.605 33.487
S3 , MS3 00.000 00.000 S3 , MS3 00.000 00.000 S3 , MS3 99.602 33.450

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

Page 7 of 16 83
83 Page 8 of 16 Journal of Real-Time Image Processing (2024) 21:83

The system starts by performing an XOR between the 7 Hardware implementation

secret image, I, and a random image, L, generated from
the Lorenz system. Eight bits are extracted from the x, y, The hardware architectures for the three proposed systems
and z states for each pixel to encrypt the R, G, and B are designed and implemented on an FPGA from Xilinix:
channels, respectively. The image E is generated from Genesys2 XC7K325TFFG900-2 [35]. To validate the results
this substitution stage. and performance, a high-definition multimedia interface
The permutation stage uses the generalized Arnold (HDMI) display was utilized. In all implementations, 16
transform, where the parameters 𝛾 and 𝜁 are extracted bits address busses were used to interface with 65536 depth
from the Lorenz system as log2 N bits from x and y, memories that are suitable for image sizes of 256 × 256. It is
respectively. Hence, the image E is permuted to generate worth mentioning that, to the best of the authors’ knowledge,
the image H. Finally, the image H is shared as n shares there is no hardware validation in the literature for such SIS
using the previously described VSS system. systems.
The recovery scheme for SIS-I is shown in Fig. 2d.
First, the n shares are XORed to recover the image H as in
the VSS recovery system. Then, the Lorenz system is used
7.1 Main building blocks
to generate the random image L, and extract 𝛾 and 𝜁 . The
7.1.1 Lorenz chaotic system
inverse generalized Arnold transform is used to recover
the unscrambled image, E. Finally, inverse substitution
The architecture of Lorenz chaotic system is shown in
is applied by performing an XOR between L and E, to
Fig. 3a, where it takes the outputs from the Subkeys Gen-
recover the secret, R.
eration to generate x, y and z. This block takes x0 , y0 and z0 as
Because SIS-I has substitution and permutation stages
inputs in the first clock cycle, then the outputs x, y and z are
in addition to the VSS system, it passes all statistical
used as the new inputs every new clock cycle. This scheme
tests. The robustness results are shown in Table 2, where
uses 55-bit fixed point arithmetic, with 1 sign bit, 12 bits for
the system passes all the tests except differential attacks,
the integer part and 42 bits for the fractional part, which are
because there is no dependency on the input image. Modi-
enough to represent the chaotic system output. The output
fication of the system will be introduced in the following
from each multiplication operation has the size of 110 bits.
section to pass this test.
Only bits 96 down to 42 are taken to keep the integrity of the
used 55 fixed point operations. Figure 4a shows oscilloscope
projection of 12 bits integer part of Lorenz x-z and Fig. 4b
shows x-time projection.
6 The second SIS system

A dependency on the input image pixels must be pre- 7.1.2 Shares generation

sent in the second SIS system, SIS-II, to resist differen-
tial attacks. This dependency is created by passing the In Fig. 3b, the 8 LSBs of the fractional parts of x, y and
secret image as input to SHA-256 to produce 256 bits z are transmitted between three registers each clock cycle
digest [33]. The digest is then XORred with the system to be saved. The 8 bits x, y and z of each cycle are con-
key to produce a modified key for the Lorenz system. The catenated to generate the random pixels P1 , P2 and P3 ,
block diagram of SIS-II generation scehme is shown in where: P1 = [xt−2 , yt−2 , zt−2 ], P2 = [xt−1 , yt−1 , zt−1 ] and
Fig. 2e, depicting the addition of SHA-256 to SIS-I. P3 = [xt , yt , zt ]. After that, the input image pixel PS is XORed
The digest must be sent to the receiver to generate the with P1 , P2 and P3 to generate PRand . The 2 LSBs of xt−2 are
same chaotic sequence from Lorenz system. RSA, which extracted to select the output of each of the four multiplex-
is a well-known secured public key cryptosystem, is used ers, which deliver to the four shares.
to transmit this small digest of 256 bits [34]. It should be
noted that RSA is not suitable for encrypting large data,
7.1.3 Generalized Arnold transform
such as images, due to its complexity.
The recovery scheme of SIS-II, as shown in Fig. 2f, is
In generalized Arnold transform, demonstrated in Fig. 3c,
the same as that of SIS-I but with the utilization of the
the 16 bits pixel memory address is transformed to a new
digest as obtained from RSA. The robustness results are
memory address. Arnold parameters, 𝛾 and 𝜁 , are taken
shown in Table 2, where the system passes all the tests,
from the previously mentioned Lorenz block at a specific
giving a secure and robust SIS system.
clock cycle giving the system extra security. The memory
address is initially transformed to the (x, y) coordinates

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

Journal of Real-Time Image Processing (2024) 21:83 Page 9 of 16 83

on the screen. Then, 𝛾 and 𝜁 are used with simple XOR 7.1.4 SHA‑256 pre‑processing
and addition operations to output (x� , y� ) and, hence, a new
memory address. Examples of generalized Arnold trans- In Fig. 6, SHA-256 is utilized to generate a 256 bits hash.
form with different 𝛾 and 𝜁 values are given in Fig. 5. A memory, distinct in both depth, width and address buss
from other memories in the system, houses the secret
image and yields a 512-bit stream. This stream undergoes

Fig. 3  Hardware architecture of: (a) Lorenz system, (b) shares generation, and (c) generalized Arnold transform

Fig. 4  Lorenz on oscilloscope:

(a) X–Z projection, (b) X-time

Fig. 5  Generalized Arnold

example: (a) original image,
(b) 𝛾 = 1, 𝜁 = 1, and (c)
𝛾 = 35, 𝜁 = 9

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

83 Page 10 of 16 Journal of Real-Time Image Processing (2024) 21:83

Fig. 6  Hardware architecture of SHA-256

hash is updated with these values as H0 = H0 + a through

H7 = H7 + h.

7.2 Implementation of the VSS system

The generation scheme of the VSS system is mainly based

on the Lorenz and shares generation blocks. Lorenz delivers
the current x, y and z in each cycle to the shares genera-
tion. The process of the shares generation and distribution
ends with constructing the four shares of the secret image.
The recovery scheme of the VSS system is a straightforward
XORing between the four shares to reconstruct the secret
Fig. 7  VSS hardware results of the Genesys2 FPGA implementation image.
showing (a) secret image I and (b) S1 Figure 7 shows the secret image and one of the generated
shares on a screen as a result from implementing the VSS
system. The utilization in Table 3 shows the employment
restructuring in another smaller memory as shown in the of the FPGA resources. Generation and recovery schemes
figure. Zero padding is performed to complete the memory utilize a large percentage of Block RAMs (BRAMs) as each
vacancy. Then, an iterative process starts to modify the generated share is stored in addition to the secret and random
values of these zeros starting from i = 16 . After this data images. One Mixed-Mode Clock Manager (MMCM) was
preparation, starting from j = 0 , each word is employed to utilized to generate the system clock. The employed Inputs
update the values of [a, b, c, d, e, f, g, h] passing through and Outputs (IO) are mainly for the HDMI module in addi-
straightforward rotation and XOR operations. Finally, the tion to a number of switches and LEDs for system interface.

Table 3  Hardware utilization

Resource Available VSS SIS-I SIS-II
Generation Recovery Generation Recovery Generation Recovery
Util Util.(%) Util Util.(%) Util Util.(%) Util Util.(%) Util Util.(%) Util Util.(%)

LUT 203800 1766 0.87 742 0.36 2130 1.05 2032 1.00 9792 4.80 2076 1.02
FF 407600 661 0.16 241 0.06 755 0.19 687 0.17 3110 0.76 743 0.18
BRAM 445 220 49.44 220 49.44 308 69.21 352 79.10 358.50 80.56 352 79.10
DSP 840 36 4.29 0 0.00 36 4.29 36 4.29 36 4.29 37 4.40
IO 500 24 4.80 20 4.00 25 5.00 20 4.00 25 5.0 0 20 4.00
MMCM 10 1 10.00 1 10 1 10 1 10.00 1 10 1 10

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

Journal of Real-Time Image Processing (2024) 21:83 Page 11 of 16 83

Lookup tables (LUTs), Flip Flops (FF) and Digital Signal 7.4 Implementation of SIS‑II
Processors (DSP) percentages are relatively small.
As depicted in Fig. 8a, the generation process of SIS-II uses
the four main building blocks. The initial stage involves pre-
7.3 Implementation of SIS‑I processing, wherein the system key undergoes modification
using the SHA-256 block. The resultant 256-bit digest is
Leveraging the Lorenz, shares generation and Arnold blocks, then XORed with the system key to yield the modified key.
three consequent stages are needed for SIS-I generation. In Then, Lorenz starts with the new modified key, and the gen-
the first stage, the Lorenz block initiates a random genera- eration process continues as in SIS-I.
tion process to form the random image ’L’ mirroring the In SIS-II, the recovery scheme shown in Fig. 8b is almost
dimensions of the secret image. A bitwise XOR operation identical to that of SIS-I except for the initial modification of
is then employed on ’L’ and the secret image to produce the the system key. The original system key is XORed with the
’E’ image. In the second stage, Lorenz transmits the current SHA-256 digest to get the same modified system key used
8 LSBs of ’x’ and ’y’ values to the Arnold block, serving as in the generation scheme.
’𝛾 ’ and ’𝜁 ’ parameters. Arnold subsequently transforms the The utilization of SIS-II given in Table 3 shows that
memory address, generating a new writing address for the BRAM and LUT utilization in the generation scheme are
image ’H’. In the third stage, the ’H’ image undergoes the more than the previous system due to the addition of SHA-
same process as in the VSS system going through bitwise 256 pre-processing. The recovery utilization is exactly as in
XORing with the random pixels to finally generate the four SIS-I, where the only difference between them is the starting
shares. system key.
The recovery scheme of SIS-I starts with XORing the
four shares to get the ’H’ image in parallel with operating
Lorenz to build the ’L’ image. Afterward, the inverse Arnold 8 Results and comparisons
transform takes its parameters from Lorenz to reconstruct
the image ’E’ from the ’H’ image. The ’L’ image stage must The images used in evaluating the three systems are from
come before the inverse Arnold stage to match the same 𝛾 the USC-SIPI image database as shown in Table 4 with their
and 𝜁 of the generation scheme. Finally, ’L’ and ’E’ images names, descriptions, and sizes [36]. The Tree image is used
are XORed to recover the secret image. to show the software and hardware results of the three sys-
The experimental results of SIS-I look similar to those tems in detail when n = 4 . Additional detailed results for
given in Fig. 7. As shown in Table 3, the system utilizes all the images of Table 4 are provided in the supplementary
more BRAMs in its generation and recovery schemes than document with different n values and similar good results.
the VSS system due to the addition of the random images The histograms of the secret I and the first share S1, from
’H’, ’E’ and ’L’. In the generation process, however, ’L’ does SIS-II hardware, are given in Fig. 9, where all the shares in
not need to be stored in a memory as it is XORed with the the three systems give similar uniform histograms indicating
original image directly to generate and store the ’E’ image. good encryption.
In the recovery process, this cannot be done as the XOR Table 5 shows the average security analysis results of the
operation is the final step. software and hardware for Tree when n = 4 for the three

Fig. 8  Architecture diagram of SIS-II: (a) generation scheme and (b) recovery scheme

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

83 Page 12 of 16 Journal of Real-Time Image Processing (2024) 21:83

Table 4  Used images from USC-SIPI database [36] low in the horizontal, vertical, and diagonal directions in
the three systems. Also, the adjacent pixels scatter diagrams
Image
in the vertical direction of the secret and the first share for
SIS-II are shown in Fig. 10, where all the shares in the three
systems in different directions give similar no correlation
Name 4.1.06 4.1.08 4.2.03 diagrams indicating good encryption.
Description Tree Jelly beans Mandrill NIST test results of S1 for SIS-II are given in Table 6 with
Size 256 × 256 512 × 512 𝛼 = 0.001, where all the shares of the three systems give
Image similar passing results. A secret image of size 1024 × 1024
is used to satisfy the NIST requirement of at least one mil-
lion numbers.
The key sensitivity tests were conducted on the differ-
Name 4.2.07 2.2.05 2.2.07 ent parts of the system key by changing the LSB of each
Description Peppers San Diego Oakland part separately, and the results for SIS-I and SIS-II were
Size 512 × 512 1024 × 1024 calculated since VSS does not use the key in the recovery
stage. The results of the RMSE are given in Table 2, show-
ing good key sensitivity results. These results also show that
proposed systems, where the detailed results are given in different shares can be produced for the same image if the
the supplementary document. key changes.
Even though the software implementation uses floating- The BER is also measured between the original image
point arithmetic and the hardware implementation uses and the recovered image when one bit is changed in differ-
fixed-point arithmetic, the table demonstrates that both ent locations of the key [37]. Figure 11 shows BER results
implementations provide good and comparable security near 0.5, which is the desired value, demonstrating good key
measures. The values of the hardware and software results sensitivity and that no partial information can be revealed
are too close to each other but different due to the differ- about the original image [38].
ent implementations. More detailed results for the different Noise attack results are the same for the three systems, as
channels are given in the supplementary file. shown in Table 2, where salt and pepper noise with intensity
The entropy results in the produced shares for the three 25% was added to the first share. The resulting PSNR values
systems are close to 8, indicating good randomness. The indicate good resistance to noise attacks.
RMSE and correlation values between the secret image and Crop attack results are better for SIS-I and SIS-II because
the shares in the three systems give high RMSE and low of the presence of the permutation stage, which plays an
correlation values, indicating good encryption. The corre- important role in passing crop attacks. The software crop
lation results between the adjacent pixels in the shares are attack results for the three systems are shown in Table 2,

Fig. 9  Histograms of (a)–(c)

Tree, and (d)–(f) S1 from SIS-II
hardware when n = 4

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

Journal of Real-Time Image Processing (2024) 21:83 Page 13 of 16 83

Table 5  Security analysis Test VSS SIS-I SIS-II

results for software and
hardware of Tree when n = 4 Shares

Images SW HW SW HW SW HW

Entropy
S1 7.9971 7.9974 7.9975 7.9974 7.9973 7.9971
S2 7.9973 7.9973 7.9973 7.9971 7.9971 7.9971
S3 7.9970 7.9972 7.9972 7.9971 7.9969 7.9971
S4 7.9973 7.9970 7.9972 7.9972 7.9973 7.9969
Adjacent pixels correlation
S1 0.0005 0.0007 0.0026 −0.0013 0.0001 0.0016
S2 0.0009 0.0003 −0.0012 −0.0008 0.0012 −0.0005
S3 0.0006 0.0001 0.0016 −0.0001 −0.0028 0.0013
S4 0.0004 0.0004 0.0011 0.0013 −0.0014 0.0008
Correlation
I, S1 0.0010 0.0012 0.0018 0.0002 −0.0000 0.0038
I, S2 0.0013 0.0011 0.0019 −0.0042 0.0005 0.0023
I, S3 −0.0016 −0.0001 −0.0007 0.0009 −0.0045 0.0050
I, S4 0.0007 0.0023 −0.0027 −0.0011 0.0001 0.0003
S1 , S2 −0.0032 0.0022 −0.0043 0.0023 0.0026 0.0009
S1 , S3 0.0019 0.0040 −0.0038 0.0035 0.0047 −0.0031
S1 , S4 −0.0041 0.0014 0.0018 −0.0012 −0.0004 0.0001
S2 , S3 −0.0007 0.0007 0.0059 −0.0008 0.0009 −0.0020
S2 , S4 −0.0002 −0.0007 −0.0002 0.0019 0.0017 −0.0000
S3 , S4 0.0029 0.0009 0.0019 0.0005 −0.0008 0.0021
RMSE
I, S1 99.42 99.43 99.43 99.48 99.51 99.27
I, S2 99.40 99.42 99.35 99.61 99.33 99.46
I, S3 99.61 99.58 99.50 99.44 99.73 99.21
I, S4 99.48 99.41 99.59 99.61 99.53 99.50
S1 , S2 104.63 104.35 104.73 104.28 104.24 104.48
S1 , S3 104.42 104.37 104.69 104.29 104.31 104.59
S1 , S4 104.70 104.42 104.41 104.63 104.58 104.51
S2 , S3 104.57 104.54 104.13 104.44 104.32 104.61
S2 , S4 104.51 104.53 104.46 104.40 104.28 104.59
S3 , S4 104.41 104.56 104.34 104.54 104.60 104.39

while the recovered images from the hardware are given in average of fifty runs is given in Table 7, where the number
Fig. 12. Although the PSNR values are the same in the three of shares slightly affects the recovery time. In generation,
systems, because the amount of data lost is the same, the the modifications on the VSS only add one second of runt-
VSS system does not pass the test visually. ime for SIS-I and SIS-II systems, while maintaining the
Only SIS-II resists differential attacks due to the pres- fast recovery. The used setup is (Windows 11 Pro, Intel(R)
ence of SHA-256, which builds the dependency on the input Core(TM) i7-8750 H CPU @ 2.20 GHz, 15.8 GB RAM)
image. Table 2 shows the results, where SIS-II gives the using Python programming language on JupyterLab IDE.
optimal values for UACI and NPCR. To compare the proposed SIS-II with previous tech-
Runtime is measured for the three systems with differ- niques, it was adopted for grayscale images and compared
ent numbers of shares and images of size 512 × 512 . The with the system in [24], for the used grayscale Mandrill

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

83 Page 14 of 16 Journal of Real-Time Image Processing (2024) 21:83

Fig. 10  Scatter diagrams

between adjacent pixels in the
vertical direction of (a)–(c)
Tree, and (d)–(f) S1 for SIS-II
hardware when n = 4

Table 6  NIST results of S1 for SIS-II Lorenz chaotic system as the source of randomness, and
Test P-Value PP Result the generalized Arnold transform as a permutation mod-
ule. Finally, SIS-II added extra levels of security by uti-
Frequency 0.162606 0.958 ✓ lizing SHA-256 and RSA. Moreover, FPGA architectures
Block Frequency 0.002043 0.958 ✓ were designed and implemented to boost computational
Cumulative Sums 0.523809 0.958 ✓ efficiency and enable seamless real-time processing. The
Runs 0.350485 1.000 ✓ experimental results validated the effectiveness and prac-
Longest Run 0.025193 1.000 ✓ ticality of these implementations with minimal resource
Rank 0.437274 1.000 ✓ utilization. Security analysis and comparisons with related
FFT 0.350485 1.000 ✓ literature were presented with good results including sta-
Non Overlapping Template 0.332769 0.988 ✓ tistical tests, differential attack measures, robustness tests
Overlapping Template 0.066882 0.958 ✓ against noise and crop attacks, key sensitivity tests, and
Universal 0.048716 1.000 ✓ performance analysis. Other permutation algorithms, cha-
Approximate Entropy 0.090936 1.000 ✓ otic systems, and VSS systems can be further investigated
Random Excursions 0.124944 0.992 ✓ to find the best combination for creating SIS systems.
Random Excursions Variant 0.099629 0.996 ✓
Serial 0.342918 1.000 ✓
Linear Complexity 0.122325 1.000 ✓

image. The comparison is given in Table 8, where the

results are good.

9 Conclusions

Three systems were proposed for sharing any type of

image, starting with the VSS system as the basic module Fig. 11  BER between the original and recovered images using differ-
to ensure a fast recovery process. Then, SIS-I used the ent keys with a modified bit in different locations

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

Journal of Real-Time Image Processing (2024) 21:83 Page 15 of 16 83

Fig. 12  Recovered images

from hardware after 25% crop
attack: (a) VSS, (b) SIS-I, and
(c) SIS-II

Table 7  Runtime, in seconds, n VSS SIS-I SIS-II

for color images of size
512 × 512 and different Gen. Rec. Gen. Rec. Gen. Rec.
numbers of shares, n
2 1.285 0.001 2.249 0.484 2.257 0.486
3 1.985 0.002 2.907 0.484 2.916 0.486
4 2.633 0.002 3.548 0.484 3.549 0.486
5 3.301 0.003 4.174 0.484 4.188 0.486

Table 8  Comparison with RMSE Correlation PSNR UACI NPCR

previous scheme using
grayscale Mandrill with n = 4 Images [24] Prop [24] Prop [24] Prop [24] Prop [24] Prop

Ii , Si I1 , S1 84.7894 85.2110 0.0045 0.0002 9.5640 9.5209 – – – –

I2 , S2 85.2877 85.3137 − 0.0048 − 0.0023 9.5131 9.5104 – – – –
I3 , S3 85.4143 85.0411 −0.0084 0.0034 9.5002 9.5382 – – – –
I4 , S4 85.1378 85.2989 0.0001 −0.0030 9.5284 9.5119 – – – –
Si , Sj S1 , S2 102.8805 108.4050 0.0258 −0.0293 7.8841 7.4298 32.97 34.94 99.99 99.02
S1 , S3 109.6515 102.4483 0.0106 0.0959 7.3305 7.9207 35.12 32.45 99.88 99.80
S1 , S4 101.2383 108.8057 0.0571 − 0.0300 8.0239 7.3978 31.95 35.19 99.89 99.41
S2 , S3 105.4132 105.5462 − 0.0202 − 0.0068 7.6729 7.6620 33.75 33.65 99.99 99.02
S2 , S4 106.3458 102.0771 − 0.0376 0.0488 7.5964 7.9522 33.90 31.91 98.22 98.63
S3 , S4 106.2978 105.8779 − 0.0369 − 0.0092 7.6003 7.6347 34.35 33.77 99.98 99.22

Supplementary Information The online version contains supplemen- Conflict of interest The authors declare that they have no Conflict of
tary material available at https://d​ oi.o​ rg/1​ 0.1​ 007/s​ 11554-0​ 24-0​ 1450-8. interest.

Acknowledgements We thank Marwan A. Fetteha (Nile University) Open Access This article is licensed under a Creative Commons Attri-
and Abdallah S. Salem (Nile University) for their support in the hard- bution 4.0 International License, which permits use, sharing, adapta-
ware implementation of the Lorenz chaotic system and VSS system. tion, distribution and reproduction in any medium or format, as long
as you give appropriate credit to the original author(s) and the source,
Funding Open access funding provided by The Science, Technology & provide a link to the Creative Commons licence, and indicate if changes
Innovation Funding Authority (STDF) in cooperation with The Egyp- were made. The images or other third party material in this article are
tian Knowledge Bank (EKB). included in the article’s Creative Commons licence, unless indicated
otherwise in a credit line to the material. If material is not included in
Data availability Images used in testing the proposed systems are pub- the article’s Creative Commons licence and your intended use is not
licly available: https://​sipi.​usc.​edu/​datab​ase/ Ref. [36]. permitted by statutory regulation or exceeds the permitted use, you will
need to obtain permission directly from the copyright holder. To view a
Declarations copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.

Funding This work is supported by the Science, Technology, and Inno-

vation Funding Authority (STIFA), Egypt, under grant number 45631.

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

83 Page 16 of 16 Journal of Real-Time Image Processing (2024) 21:83

References 21. Chen, J., Liu, K., Yan, X., Liu, L., Zhou, X., Tan, L.: Chinese
remainder theorem-based secret image sharing with small-sized
shadow images. Symmetry, 10(8), (2018)
1. Ibrahim, D.R., Teh, J.S., Abdullah, R.: An overview of visual
22. Liu, Y.N., Zhong, Q., Xie, M., Chen, Z.B.: A novel multiple-
cryptography techniques. Multimedia Tools Appl. 80, 31927-
level secret image sharing scheme. Multimedia Tools Appl. 77,
31952 (2021). (9)
6017–6031 (2018). (3)
2. Shamir, A.: How to share a secret. Commun. ACM 22(11),
23. Cheng, Y., Fu, Z., Yu, B.: Improved visual secret sharing
612–613 (1979)
scheme for QR code applications. IEEE Trans. Inform. Foren-
3. Naor, M., Shamir, A.: Visual cryptography. Advances in Cryp-
sics Secur. 13, 2393–2403 (2018). (9)
tology – EUROCRYPT’94 (1995)
24. Pande, D., Rawat, A.S., Deshmukh, M., Singh, M.: Single secret
4. Li, P., Yang, C.-N., Kong, Q.: A novel two-in-one image secret
sharing scheme using chinese remainder theorem, modified
sharing scheme based on perfect black visual cryptography. J.
shamir’s scheme and XOR operation. Wirel. Personal Commun.
Real-Time Image Process. 14(1), 41–50 (2016)
130(2), 957–985 (2023). (3)
5. Thien, C.-C., Lin, J.-C.: Secret image sharing. Comput. Graph.
25. Lorenz, E.N.: Deterministic Nonperiodic Flow. J. Atmospheric
26(5), 765–770 (2002)
Sci. 20, 130–141 (1963). (3)
6. Elsafty, A.H., Tolba, M.F., Said, L.A., Madian, A.H., Radwan,
26. Butcher, J.C.: Numerical Methods for Ordinary Differential
A.G.: Enhanced hardware implementation of a mixed-order
Equations. Wiley (2016). (7)
nonlinear chaotic system and speech encryption application.
27. Mansingka, A., Affan Zidan, M., Barakat, M., Radwan, A.,
AEU-Int. J. Electron. Commun. 125, 153347 (2020)
Salama, K.: Fully digital jerk-based chaotic oscillators for high
7. Ravichandran, D., Rajagopalan, S., Upadhyay, H.N., Rayappan,
throughput pseudo-random number generators up to 8.77gbits/s.
J.B.B., Amirtharajan, R.: Encrypted biography of biomedical
Microelectron. J. 44(9), 744–752 (2013). https://​d oi.​o rg/​1 0.​
image-a pentalayer cryptosystem on fpga. J, Signal Process.
1016/j.​mejo.​2013.​06.​007
Syst. 91, 475–501 (2019)
28. Liu, H., Zhao, B., Huang, L.: Quantum image encryption
8. Monmasson, E., Cirstea, M.N.: Fpga design methodology for
scheme using arnold transform and s-box scrambling. Entropy
industrial control systems-a review. IEEE Trans. Ind. Electron.
21(4), 343, 3 (2019)
54(4), 1824–1842 (2007)
29. Dang, Q.H.: Secure hash standard. National Institute of Stand-
9. Shivani, S., Patel, S.C., Arora, V., Sharma, B., Jolfaei, A., Sriv-
ards and Technology, Tech. Rep., (Jul. 2015)
astava, G.: Real-time cheating immune secret sharing for remote
30. Bassham, L., Rukhin, A., Soto, J., Nechvatal, J., Smid, M.,
sensing images. J. Real-Time Image Process. 18(5), 1493–1508
Leigh, S., Levenson, M., Vangel, M., Heckert, N., Banks, D.:
(2020)
A statistical test suite for random and pseudorandom number
10. Wan, S., Qi, L., Yang, G., Lu, Y., Yan, X., Li, L.: Visual secret
generators for cryptographic applications. 2010-09-16 (2010)
sharing scheme with (n, n) threshold for selective secret content
31. Sharobim, B.K., Abd-El-Hafiz, S.K., Sayed, W.S., Said, L.A.,
based on QR codes. Multimedia Tools Appl. 79(3–4), 2789–
Radwan, A.G.: Pixel-based visual secret sharing using lorenz
2811 (2019). (12)
system. In: Proceedings of the 2023 8th International Confer-
11. Liu, Z., Zhu, G., Ding, F., Kwong, S.: Weighted visual secret
ence on Cloud Computing and Internet of Things, ser. CCIOT
sharing for general access structures based on random grids.
’23. New York, NY, USA: Association for Computing Machin-
Signal Process. 92, 116129 (2021). (3)
ery (2023)
12. Chiu, P.-L., Lee, K.-H.: Threshold visual cryptography schemes
32. Abd-El-Hafiz, S.K., AbdElHaleem, S.H., Radwan, A.G.: Novel
with tagged shares. IEEE Access 8, 111 330-111 346 (2020)
permutation measures for image encryption algorithms. Opt.
13. JBA, Raj, C, Sukumaran, R., S.M.G.: Enhanced semantic visual
Lasers Eng. 85, 72–83 (2016). (10)
secret sharing scheme for the secure image communication.
33. Wang, J., Liu, G., Chen, Y., Wang, S.: Construction and analysis
Multimedia Tools and Applications, 79(23-24), 17 057–17 079,
of SHA-256 compression function based on chaos s-box. IEEE
4 (2019)
Access 9, 61 768-61 777 (2021)
14. Wang, L., Yan, B., Yang, H.-M., Pan, J.-S.: Flip extended visual
34. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtain-
cryptography for gray-scale and color cover images. Symmetry
ing digital signatures and public-key cryptosystems. Commun.
13, 65, 12 (2020)
ACM 21(2), 120–126 (1978). (2)
15. Kannojia, S.P., Kumar, J.: XOR-based visual secret sharing
35. Digilent: “Genesys 2 FPGA Board Reference Manual,” Digilent,
scheme using pixel vectorization. Multimedia Tools Appl.
(2017). [Online]. https://​digil​ent.​com
80(4), 14609-14635 (2021)
36. Weber, A.: The USC-SIPI image database. Signal Image Pro-
16. Sridhar, S., Sudha, G.F.: Quality improved (k, n) priority based
cess. Inst. Univ. South. California., (1997). [Online]. https://​
progressive visual secret sharing. Multimedia Tools Appl.
sipi.​usc.​edu/​datab​ase/
79(17–18), 11459-11486 (2020). (1)
37. Merah, L., Adnane, A., Ali-Pacha, A., Ramdani, S., Hadj-
17. Li, P., Ma, J., Ma, Q.: (t, k, n) XOR-based visual cryptography
said, N.: Real-time implementation of a chaos based cryp-
scheme with essential shadows. J. Visual Commun. Image Rep-
tosystem on low-cost hardware. Iran. J. Sci. Technol. Trans.
resentation 72, 102911, 10 (2020)
Electr. Eng. 45(4), 1127–1150 (2021). https://​doi.​org/​10.​1007/​
18. Patil, S.M., Purushothama, B.: Pixel co-ordinate-based secret
s40998-​021-​00433-w
image sharing scheme with constant size shadow images. Com-
38. Merah, L., Ali-Pacha, A., Hadj-Said, N.: Real-time cryp-
put. Electr. Eng. 89, 106937 (2021)
tosystem based on synchronized chaotic systems. Nonlin-
19. Xiong, L., Zhong, X., Yang, C.-N., Han, X.: Transform domain-
ear Dyn. 82(1–2), 877–890 (2015). https://​d oi.​o rg/​1 0.​1 007/​
based invertible and lossless secret image sharing with authen-
s11071-​015-​2202-2
tication. IEEE Trans. Inform. Forensics Secur. 16, 2912–2925
(2021)
Publisher's Note Springer Nature remains neutral with regard to
20. Sharobim, B.K., Fetteha, M.A., Abd-El-Hafiz, S.K., Sayed,
jurisdictional claims in published maps and institutional affiliations.
W.S., Said, L.A., Radwan, A.G.: An efficient multi-secret image
sharing system based on Chinese remainder theorem and its
FPGA realization. IEEE Access 11, 9511–9520 (2023)

Content courtesy of Springer Nature, terms of use apply. Rights reserved.

Terms and Conditions
Springer Nature journal content, brought to you courtesy of Springer Nature Customer Service Center GmbH (“Springer Nature”).
Springer Nature supports a reasonable amount of sharing of research papers by authors, subscribers and authorised users (“Users”), for small-
scale personal, non-commercial use provided that all copyright, trade and service marks and other proprietary notices are maintained. By
accessing, sharing, receiving or otherwise using the Springer Nature journal content you agree to these terms of use (“Terms”). For these
purposes, Springer Nature considers academic use (by researchers and students) to be non-commercial.
These Terms are supplementary and will apply in addition to any applicable website terms and conditions, a relevant site licence or a personal
subscription. These Terms will prevail over any conflict or ambiguity with regards to the relevant terms, a site licence or a personal subscription
(to the extent of the conflict or ambiguity only). For Creative Commons-licensed articles, the terms of the Creative Commons license used will
apply.
We collect and use personal data to provide access to the Springer Nature journal content. We may also use these personal data internally within
ResearchGate and Springer Nature and as agreed share it, in an anonymised way, for purposes of tracking, analysis and reporting. We will not
otherwise disclose your personal data outside the ResearchGate or the Springer Nature group of companies unless we have your permission as
detailed in the Privacy Policy.
While Users may use the Springer Nature journal content for small scale, personal non-commercial use, it is important to note that Users may
not:

1. use such content for the purpose of providing other users with access on a regular or large scale basis or as a means to circumvent access
control;
2. use such content where to do so would be considered a criminal or statutory offence in any jurisdiction, or gives rise to civil liability, or is
otherwise unlawful;
3. falsely or misleadingly imply or suggest endorsement, approval , sponsorship, or association unless explicitly agreed to by Springer Nature in
writing;
4. use bots or other automated methods to access the content or redirect messages
5. override any security feature or exclusionary protocol; or
6. share the content in order to create substitute for Springer Nature products or services or a systematic database of Springer Nature journal
content.
In line with the restriction against commercial use, Springer Nature does not permit the creation of a product or service that creates revenue,
royalties, rent or income from our content or its inclusion as part of a paid for service or for other commercial gain. Springer Nature journal
content cannot be used for inter-library loans and librarians may not upload Springer Nature journal content on a large scale into their, or any
other, institutional repository.
These terms of use are reviewed regularly and may be amended at any time. Springer Nature is not obligated to publish any information or
content on this website and may remove it or features or functionality at our sole discretion, at any time with or without notice. Springer Nature
may revoke this licence to you at any time and remove access to any copies of the Springer Nature journal content which have been saved.
To the fullest extent permitted by law, Springer Nature makes no warranties, representations or guarantees to Users, either express or implied
with respect to the Springer nature journal content and all parties disclaim and waive any implied warranties or warranties imposed by law,
including merchantability or fitness for any particular purpose.
Please note that these rights do not automatically extend to content, data or other material published by Springer Nature that may be licensed
from third parties.
If you would like to use or distribute our Springer Nature journal content to a wider audience or on a regular basis or in any other manner not
expressly permitted by these Terms, please contact Springer Nature at

[email protected]