#### Abstract

A secure spatial domain, hybrid watermarking technique for obtaining watermark (authentication information) robustness and fragility of the host medical image (content integrity) using product codes, chaos theory, and residue number system (RNS) is proposed. The proposed scheme is highly fragile and unrecoverable in terms of the host image, but it is significantly robust and recoverable in terms of the watermark. Altering the medical image may result in misdiagnosis, hence the watermark that may contain patient information and organization logo must be protected against certain attacks. The host medical image is separated into two parts, namely, the region of interest (ROI) and region of noninterest (RONI) using a rectangular region. The RONI part is used to embed the watermark information. Moreover, two watermarks are used: one to achieve authenticity of image and the other to achieve the robustness against both incidental and malicious attacks. Effectiveness in terms of security, robustness, and fragility of the proposed scheme is demonstrated by the simulations and comparison with the other state-of-the-art techniques.

#### 1. Introduction

Digital watermarking is one of the most promising techniques for authentication, copyright protection, and ownership identification. In digital watermarking, the watermark information could be fragile, semifragile, robust, or hybrid. Fragile watermarks are very sensitive and are used for tamper detection, while the robust watermarks are used to withstand common image processing operations. The watermark having robustness against friendly attacks while fragile against malicious attacks is called semifragile, and the one having mixed properties is called a hybrid watermark [1]. Medical image watermarking is becoming more promising in terms of security, privacy, and authenticity; hence, several schemes have been investigated in this regard. Major purposes of the medical image watermarking are authenticity and integrity control. Here, the authenticity is referred to as the measure through which it is ensured that the image source is valid and the image belongs to the right patient. The integrity control is a capability to validate that image has not been tampered by any means. Since, in some cases, little modifications in the medical image may cause a wrong diagnosis [2, 3], the authors in [4] focused on integrity control and authentication of patient electronic record (PER). While in [5], the authors focused on three areas in medical image watermarking that are authentication, data hiding, and their combination. In this paper, a DICOM image was selected for experiments, after being divided into ROI and RONI parts. The major drawback of the technique was fragility of the watermark. Because the PER is an important information, it must not be preserved through the fragile methods that make it vulnerable against many attacks. In [6], the authors proposed an integrity verification and authentication of a medical image (ultrasound) by considering it from DICOM image bank. The ROI was divided by a rectangular region from the RONI area. Then, the hash value of the whole image was calculated by means of hash function SHA-256. For the sake of enhancing the security, two secret keys were used: one as the hash key and the other as the embedded watermark key. Eventually, the watermark was embedded in the LBS of the RONI area. The received image was assumed authenticated if it possessed a high degree of correlation. Akin to [6], in [7], the authors also selected the RONI as watermarking area for authentication purpose. However, the reversibility was not ensured, if the RONI was altered. In [8–10], the authors proposed a reversible watermarking scheme for medical images. The scheme is secure but exhibits a very low level of imperceptibility. The authors proposed a blind hybrid watermarking technique for medical images in [11]. The first watermark was made robust that consisted of doctor ID, patient information, and LSBs map of ROI which were embedded into the RONI after encryption. The second watermark was used for the sake of fragility (integrity control). It consisted of a binary pattern and was embedded inside the ROI. The results show that the proposed scheme does not provide a good measure of hybridization. In [12], the authors presented a fragile image watermarking technique using SVD characteristics for authentication. Akin to this, in [13], the authors presented a perceptual hash algorithm for multispectral image authentication. In [14], the authors presented a semifragile, blind image authentication using discrete curvelet transform. The scheme was promising in terms of robustness and high normalized correlation. In [15, 16], the authors proposed techniques to optimize the three conflicting parameters of image watermarking. However, the techniques are not suitable for medical images in general. In [17], the authors provide a secure transform domain watermarking scheme using error correcting codes. The scheme exhibits good protection against various attacks including checkmark and channel noise. A similar approach has been carried out in [18] where the authors utilized product codes and cubic product codes for watermark protection in spatial domain for medical images. However, there is no detail provided regarding imperceptibility and capacity. In [19], the authors proposed a spread spectrum-based medical image watermarking technique. The scheme provided high level of fragility, but the capacity and imperceptibility of the scheme were not up to the mark. In [20], the authors provided a medical image authentication technique using RNS and chaos theory. However, the scheme exhibits a very poor imperceptibility. Yu et al. [21] presented a comprehensive review of recoverable and nonrecoverable semifragile watermarking techniques on medical images in spatial and transform domain.

It is concluded that there does not exist a perfect semifragile watermarking technique that can distinguish between the friendly (image processing) and malicious attacks. Moreover, it is hard to balance between fragility and robustness [21]. Similarly, there does not exist a technique that results in a robust watermark (authentication) and a perfectly fragile host medical image that does not tolerate on a single pixel tamper (100% content integrity). Because that pixel/s may be important for some diagnostics such as tumor detection. The situation becomes even critical if the watermark information is significant in size compared to the host image and a considerable level of imperceptibility is to be achieved. To overcome these issues, in this paper, a spatial domain, secure, hybrid watermarking technique for making the watermark (patient information/organization logo) robust and the host medical image highly fragile (content integrity) using product codes, chaos theory, and RNS is proposed. The technique is unrecoverable in terms of the host image; however, the watermark is recoverable because of error correcting codes (ECC). The image is divided into the region of interest (ROI) and the region of noninterest (RONI) using the smallest rectangular area. Then, based on a chaotic key, some precalculated pixels in RONI are made zero. Then, this RONI is rearranged with residued ROI, and a hash is generated for the whole image which acts as a basis of a fragile watermark. This will give us 128 bits. On the contrary, the watermark is converted to redundant residues and then encoded using error correcting codes to achieve robustness and is concatenated with fragile watermark. Again, based on the same chaotic key, concatenated watermark is embedded in RONI pixels by replacing its 4 LSBs. On the receiver side, based on the chaotic key, both watermarks are extracted. Hence, the chaotic key provides the means of security.

The rest of the paper is divided as follows: Section 2 introduces the techniques used. Section 3 contains the proposed technique. Section 4 contains simulation results, while Section 5 concludes the paper.

#### 2. Techniques Applied

##### 2.1. Chaotic Systems

Chaotic systems exhibit many characteristics that differentiate them from the other systems. One characteristic is their sensitivity to the initial conditions which if slightly modified, an entirely different pattern is obtained. Hence, a chaotic system can be used as a pseudonoise (PN) generator. It means many nonperiodic and noise-like sequences can be generated. One of the simplest maps is logistic map which has a recursive relation that describes population growth over the time which is given aswhere is a bifurcation parameter and 3.57 < *r* ≤ 4 for the system to be chaotic and *x*_{0} belongs to (0, 1). Once the sequence of real numbers is generated, a binary sequence is produced with approximately equal number of 1’s and 0’s.

##### 2.2. Hash Function

Hash is a one-way function that can produce a signature called a message digest/hash value after applying on the data. Reverse never happens that given the hash value, it computes the data as depicted in Figure 1. This, one-way property of hash algorithm can be used for authenticity of data. Secure hash algorithm (SHA-256) is also a kind of hashing function which gives 256-bit message digest.

##### 2.3. Product Codes

Product codes are two-dimensional codes where each dimension contains block codes. Due to their unique arrangement, product codes have capability of correcting random errors as well as burst errors since any upcoming error in row-wise can be easily corrected through column-wise and vice versa. Since burst error occurring in rows will become single error for column code and vice versa so, by using these codes, the error correcting capability can be enhanced, as shown in Figure 2. More specifically, the product code can be easily understood in the following manner. In this work, a low complexity decoder of the product codes is utilized [22, 23]. Suppose we have two block codes A_{1} with attributes (*n*_{1}, *k*_{1}, and *d*_{1}) and A_{2} with attributes (*n*_{2}, *k*_{2}, and *d*_{2}), where *n*_{i}, *k*_{i}, and *d*_{i} are code word length, message size, and minimum distance of constituent codes, respectively:(1)Place an array of *k*_{1} × *k*_{2} information bits with *k*_{2} columns and *k*_{1} rows as shown in Figure 2(2)Encode *k*_{2} rows using code *A*_{1}, which will result in an array of *k*_{2} × *n*_{1}(3)Now encode *n*_{1} columns using code A_{2}, which will result in *n*_{1} × *n*_{2} product code.

##### 2.4. Residue Number System (RNS) and Chinese Remainder Theorem (CRT)

A riddle posted in a book by a Chinese scholar called Sun Tzu in the first century was the first documented manifestation of residue number system (RNS) representation as discussed by Grosswald (1996) and Jenkins (1993) [24]. In RNS, any integer *X* can be represented with a small set of integers called residues (*x*_{1}, *x*_{2}, …, *x*_{i}), where *x*_{i} represents the *i*th residue. The relation can be given aswhere is the *i*th modulus.

The RNS provides unique representation for all integers in the range between 0 and M. If the integer *X* is greater than *M* − 1, the RNS representation repeats itself. Therefore, more than one integer might have the same residue representation. The dynamic range of RNS is given as follows: . It is important to emphasize that the moduli must be relatively prime to be able to exploit the full dynamic range *M*. Given a set of pair-wise relatively prime moduli and a residue representation (*x*_{1}, *x*_{2}, …, *x*_{k}) in that system from which residues have been made. Here, the number *X* can be calculated using CRT as follows:where and , in which is the multiplicative inverse of with respect to .

#### 3. Proposed Watermarking Scheme

This section presents the proposed digital watermarking scheme for medical images.

##### 3.1. Watermarking Embedding

Watermarking embedding and watermark and original image extraction schemes are given in Figures 3 and 4, respectively. Detailed steps of watermark embedding are as follows:(1)Extract the possible ROI from the original image by bounding the smallest rectangle around the desired area, since only the ROI part of the image is to be converted to residues as explained in step 2.(2)The value 255 is factorized to 17 and 15 (relatively prime factors) corresponding to the moduli pair (*m*_{1}, *m*_{2}) of the RNS to be used for this image. Since the dynamic range of RNS is 0 to 254, every pixel with intensity value 255 is treated separately as explained below. Preprocessing of the pixel being converted to residue is a key to get pixels back. For every pixel of ROI, we get the residue pair (*x*_{1}, *x*_{2}), where *x*_{i} = *X* mod *m*_{i} such that *x*_{1} ≤ 16 and *x*_{2} ≤ 14. Except for the case when *x*_{1} = 16, where 5 bits are needed to represent 16, all *x*_{i} occupied 4 bits. This makes the pair (*x*_{1}, *x*_{2}) to be represented over 8 bits. Now to resolve the issue of having those pairs where the first residue *x*_{1} is 16, here, we applied a trick. The pairs having first residue as 16 are mapped to corresponding unique pairs which do not otherwise occur in this RNS scheme. The mapping scheme is given in Table 1. All the pairs which were to be represented by 9 bits each are mapped to the unique pairs which can be represented by 8 bits each. Since 15 cannot occur in the normal pairs as a second residue, it acts as an indicator that these pairs are exceptional pairs. Forward process and inverse process for these exceptional pairs are as follows:(a)Forward process at transmitter end: (16, 12) → (12, 16) → (12, 15)(b)Inverse process at receiver end: (12, 15) → (15, 12) → (16, 12)

Similarly, pixel 255 has residue (0, 0). We need to differentiate it from pixel 0 which also has residue (0, 0). We send the pixel valued 255 as a pair (15, 15), which can again be represented by 8 bits. This unique pair will not occur in this residual scheme with moduli 17 and 1.

Now change the above sequence into sum sequence aswhere .

After changing into sum sequence, divide each sequence by 2 so that its range corresponds within RONI and then take its ceiling as

This sequence which is an outcome of chaotic key will give locations for embedding the concatenated watermark in RONI:(4)Arrange all the pixels of RONI in the vector form using the chaotic sequence obtained in previous step and make the first 4 LSBs of those corresponding to pixel of RONI to zero.(5)Rearrange the RONI pixels obtained in step 4 with residued ROI obtained in step 2.(6)Compute the hash of the image obtained in step 5. This will give 128 bits one-way hash value which will be used as an authentication watermark for the image.(7)Read the second watermark logo which should be made robust and convert it into binary *k*_{1} × *k*_{2} matrix.(8)Encode the binary watermark logo using product codes which gives us a product encoded watermark.(9)Arrange the encoded watermark in a vector and concatenate it with the hash computed in previous step and call it a concatenated watermark *W*_{c} as(10)Again, arrange the pixels of RONI in the vector form as in step 4 and embed the watermark based on the chaotic key computed in step 3 by replacing the four LSBs of RONI with every 4 bits of the watermark .(11)Rearrange the RONI pixels in their original position to obtain the watermarked image. Now the concatenated watermark exists in RONI while the ROI is residued.

##### 3.2. Watermark and Original Image Extraction Scheme

Watermark and original image extraction steps are as follows:(1)Separate the RONI from the ROI in the watermarked image.(2)Arrange all the pixels of RONI in some arbitrary vector. Now by knowing the chaotic key, watermarked pixels are indicated as

This sequence is an outcome of chaotic key which will give locations for extracting the concatenated watermark from RONI.(3)Using the chaotic sequence obtained in step 2, extract the concatenated watermark from the first 4 LSBs of RONI pixels in some vector and place 4 bit values as zero at that location as .(4)Separate the encoded watermark *W*_{e} from the concatenated watermark *W*_{c} and decode it to get the actual information.(5)Rearrange these RONI pixels with the residued ROI to form the image.(6)Rearrange these RONI pixels with the residue converted ROI to form an image.(7)Now compute the hash of this whole image and store it as hash_2. Also separate the hash from the concatenated watermark *W*_{c} and store it as hash_1.(8)Compare hash_1 with hash_2. If the hash is same, then the image is authentic, and hence it goes to next steps, otherwise the image is tampered.(9)In scanning residued ROI, the residue pairs having second residue as 15 go through conversion process as given in the step 2 of embedding. In this way, all of the residue pairs are converted into 9 bits again. Then again apply CRT in (3) to get back original pixels of ROI from residues.(10)Combine these ROI pixels with RONI pixels to get the original image.

#### 4. Simulation Results

To see the effectiveness of the proposed system, the experiment was conducted in MATLAB. The test image is ultrasound image of size 194 × 259 greyscale pixels, and the watermark logo of size 30 × 30 was considered. BCH codes (127, 99, and 4) were used as row-wise as well as column-wise in the formation of product codes, respectively, for the robustness of the watermark. The proposed watermarking scheme effectively embeds both the watermarks into original image and then extracts both the watermarks from the watermarked image. The logistic map 2 given in (1) with initial conditions *x*(0) = 0.25 and *r* = 3.58 at embedding side and SHA-128 hash algorithm are used to calculate the hash of image. Figure 5(a) shows the original ultrasound image in which ROI is selected as the smallest rectangular region that bounds the ROI region, and Figure 5(b) shows the watermark logo and Figure 5(c) shows the watermarked image. Hash of the image is given with the figure captions.

**(a)**

**(b)**

**(c)**

##### 4.1. Security Analysis

In this experiment, security analysis of the proposed scheme is shown firstly by using same initial conditions of the chaotic system at extracting stage and then by using slightly modifying initial conditions at extracting stage. Exact hash and original image is recovered when no attack is applied to the watermarked image. Figure 6 shows the recovered image and hash with initial conditions *x*(0) = 0.25 and *r* = 3.58 which are exactly the same as the image shown in Figure 5 and the hash given with Figure 5. Table 2 shows the recovered hash by using same initial conditions and with slightly modified initial conditions *x*(0) = 0.250001 and *r* = 3.58. In the latter case, exact hash is not recovered, which means the image is tampered. This shows the effectiveness of the proposed scheme in terms of fragility.

##### 4.2. Robustness Analysis

This section provides analysis of the proposed scheme in terms of robustness. In this way, the watermark will be introduced to various well-known attacks, and effectiveness of the scheme is examined. To check the robustness of the image or how much the image is robust against an attack, a normalized correlation is calculated which is a correlation of original and recovered image, given by the following equation:where and represent the original and extracted watermarks of dimension *M* × *N* each, respectively.

###### 4.2.1. Robustness against Salt and Pepper Noise

Robustness of a watermark against salt and pepper noise having variances 0.02, 0.03, 0.05, and 0.2, respectively, are considered in this experiment, and objective measures for these variances are shown in Figure 7 with their extracted watermarks. As we can see that when noise variance was enhanced to 0.2, the watermark is still clearly detectable; this clearly demonstrates the robustness of our proposed scheme. The correlation analysis is given in Table 3. It shows that with variances 0.02, 0.03, and 0.05, there is no effect on image normalized correlation *N*_{c} while in the case of 0.2, there is 0.0571 amount of degradation in the correlation value and still the image is very much recognizable by the naked eye.

**(a)**

**(b)**

**(c)**

**(d)**

###### 4.2.2. Robustness against Speckle Noise

Robustness of the watermark against speckle noise having variances 0.02, 0.03, 0.05, and 0.2 is considered in this experiment, and objective measures for these variances are shown in Figure 8. The correlation analysis is given in Table 4. It shows that for all the variances of speckle noise taken (0.02, 0.03, 0.05, and 0.2), there is no effect on image normalized correlation; hence there is no significant degradation in the image. So, the scheme is highly robust against the speckle noise.

**(a)**

**(b)**

**(c)**

**(d)**

###### 4.2.3. Robustness against Gaussian Noise

Robustness of the watermark against Gaussian noise having variances 0.03 and 0.05 is considered in this experiment. *N*_{c} and hash for these variances are calculated and are given in Tables 5 and 8, respectively, while the recovered watermark is given in Figure 9.

**(a)**

**(b)**

###### 4.2.4. Robustness against Median Filtering

Robustness of the watermark against median filtering with window sizes of 3 × 3 and 5 × 5 is considered.

Effects of these filters are shown in Figure 10.

**(a)**

**(b)**

**(c)**

The correlation analysis is given in Table 6. It shows that with the window size of 3 × 3, the effect on image correlation is 0.0739, while in case of window size 5 × 5, there is 0.0179 amount of degradation in the correlation value and hence the image is very much recognizable.

###### 4.2.5. Robustness against Tampering

Robustness against tampering is demonstrated, as shown in Figure 11. A total of 9 bits were modified in RONI part of the watermarked image and the watermark is extracted. The watermark is still recognizable as shown in Figure 11(a). When the corrupted bits were of 18 bits, the watermark is still readable as shown in Figure 11(b), which shows the high robustness of the proposed scheme.

**(a)**

**(b)**

The correlation analysis is given in Table 7. It shows that with the tampering of 9 bits, the effect on image correlation is 0.0144, while in case of 18 bits tampering, there is 0.0917 amount of degradation in the correlation value and still the image is very much recognizable.

###### 4.2.6. Robustness against Rotation

Robustness of the watermark against rotation attack of 2 and 8 degrees is shown in Figures 12(a) and 12(b), respectively. The experiment shows that the watermark is still recognizable after the rotation attack of 2 degrees, as shown in Figure 12(a). Similarly, when the watermarked image is again rotated with 8 degrees, the watermark is still detectable as shown in Figure 12(b) which demonstrates the high robustness of the proposed scheme against rotation. The normalized correlation is 0.9856 and 0.9752 which corresponds to a degradation of 0.0144 and 0.0248, respectively, which is given in Table 8.

**(a)**

**(b)**

The values given in Tables 3–8 show that the proposed scheme exhibits a significant level of robustness against the given attacks. This is how we made the watermark, which comprises the patient information, robust. This is accomplished by the product codes used in the proposed scheme, and this scheme exhibits good error correction capability.

##### 4.3. Fragility Analysis

The proposed scheme offers high degree of fragility for medical image and high robustness against several attacks to safeguard the watermark. Table 8 shows the fragility analysis of the proposed scheme for all the aforementioned given attacks. In this regard, the only check is comparison of the recovered hash with the original embedded hash of the image. This is given by [a16c4d371f512de40f836428ea2541fe]. From Table 9, it is apparent that the recovered hash after any of the attacks is totally different from the original hash. It shows that the proposed scheme provides a high level of fragility to the medical images.

##### 4.4. Imperceptibility Analysis

To show the efficiency of the proposed scheme in terms of imperceptibility, a different set of experiments are conducted. Same greyscale ultrasound image of size 194 × 259 pixels is taken as host image and the watermark logos “A,” “C,” “H,” and “M” were considered having sizes 30 × 30, 40 × 40, 50 × 50, and 60 × 60, respectively, for different payload analysis. Figure 13(a) shows the original ultrasound image with rectangular selected ROI. Figures 13(b) and 13(c) show the watermark logo ‘A,’ the watermarked image. Figures 13(d)–13(f) show watermark logos “C,” “H,” and “M,” respectively. Consequently, Figures 13(g)–13(i) contain watermarked images using logos “C,” “H,” and “M”. Hash of the image is given with the figure caption.

**(a)**

**(b)**

**(c)**

**(d)**

**(e)**

**(f)**

**(g)**

**(h)**

**(i)**

As far as the perceptual quality of the watermarked images is concerned, from the naked eye test, the ROI area does not seem to be much affected, however, the RONI is changed. The peak signal to noise ratio (PSNR) values of the watermarked images (which is the measure of imperceptibility) are given with them. The worst PSNR is against the largest logo “M,” which is 30.2 dB, which is acceptable practically [1]. PSNR can be given by the following equation:where and are original and watermarked images, respectively, of dimensions *M* × *N*. Comparison of the proposed scheme with [6] in terms of capacity and imperceptibility is given in Table 10. Capacity is taken as a ratio of watermark size to image size. For the cases where capacity is lower than 10%, the scheme in [6] outperforms the proposed scheme in terms of imperceptibility, for example, a PSNR of 249.6 dB achieved at 7.2% capacity. However, for capacity values higher than 10%, proposed scheme outperforms. For example, the maximum capacity demonstrated in [6] is 14.6% with PSNR achieved as 27.4 dB while in the proposed scheme, 42.4 dB PSNR is achieved with 14% capacity. Moreover, for the capacity 42.9%, the proposed scheme exhibits a PSNR of 30.2 dB while in [6], PSNR value of 31.7 dB is achieved for capacity value 13.6%. Hence, for higher capacities, the proposed scheme performs way better.

Figure 14 shows the comparison of the proposed scheme with the scheme given in [6] in terms of capacity and imperceptibility. The graph is plotted based on Table 10 values. Capacity ratio and PSNR (dB) vales are shown on the *x* and *y* axis, respectively. For capacity values greater than 10%, the proposed scheme outperforms the scheme in [6]. Exponential trend lines show that the proposed scheme exhibits a linear drop while the scheme in [6] exhibits an exponential drop in imperceptibility with increasing capacity ratio. At the capacity ratio above 40%, the proposed scheme exhibits a sustainable imperceptibility while the scheme in [6] shatters.

#### 5. Conclusion

A novel digital watermarking scheme for medical images which offers robustness to the watermark information and fragility to the host medical image based on chaotic key, hash function, product codes, and RNS is proposed. In the proposed watermarking scheme, the watermark is robust against a variety of common attacks while the host image is highly fragile against tampering. Added hash function and chaotic key-based embedding ensure the security measures. Embedding locations, duly generated with the help of chaotic system, are highly sensitive to initial conditions. These initial conditions are known at the receiver side that makes possible a blind recovery. The proposed scheme is robust against a variety of attacks because of the error correcting codes utilized. A wide spectrum of simulation results shows the effectiveness of the proposed scheme in terms of robustness, fragility, security, capacity, and imperceptibility. In future, the proposed scheme may be extended for colored (3D) medical images, and to withstand more attacks, host image robustness will make the scheme even interesting.

#### Conflicts of Interest

The authors declare that there are no conflicts of interest regarding the publication of this paper.