Abstract
This contribution proposes a novel steganographic method based on the compression standard according to the Joint Photographic Expert Group and an Entropy Thresholding technique. The steganographic algorithm uses one public key and one private key to generate a binary sequence of pseudorandom numbers that indicate where the elements of the binary sequence of a secret message will be inserted. The insertion takes eventually place at the first seven AC coefficients in the transformed DCT domain. Before the insertion of the message the image undergoes several transformations. After the insertion the inverse transformations are applied in reverse order to the original transformations. The insertion itself takes only place if an entropy threshold of the corresponding block is satisfied and if the pseudorandom number indicates to do so. The experimental work on the validation of the algorithm consists of the calculation of the peak signaltonoise ratio (PSNR), the difference and correlation distortion metrics, the histogram analysis, and the relative entropy, comparing the same characteristics for the cover and stego image. The proposed algorithm improves the level of imperceptibility analyzed through the PSNR values. A steganalysis experiment shows that the proposed algorithm is highly resistant against the Chisquare attack.
1. Introduction
1.1. Motivation
Nowadays, there is a risk that confidential information may be acceded by nonauthorized people, being consulted, divulged, modified, destroyed, or sabotaged, affecting its availability and legal access. Evidently, the information that transits through insecure channels can be easily intercepted. Therefore, the use of Cryptography and Steganography plays a significant role in information security management [1].
Cryptography is the science of protecting information by encryption techniques. As cryptography on its own does not hide the fact that a message is secret, to provide this steganography is used.
The ability to protect sensible information from adversaries, especially during their transmission through channels that are opposed to have leaks, is crucial in a world of emerging cyberwar. Nowadays, all electronic communications are being continuously and automatically monitored by both private and stateowned intelligent systems that have an enormous computer power. In particular, every transmission of ciphertext calls the attention of any of these systems and certainly is chosen to be analyzed, among others, by competitors and any sort of opposing forces. The use of electronic transmission media requires a method that calls less attention of the supervisory automatic systems. Modern Steganography offers a level of service that includes privacy, authenticity, integrity, and confidentiality of the transmitted data.
1.2. State of the Art
Steganography is the art of hiding information by impeding the detection of hidden messages [2]. Steganography involves communicating secret data in an appropriate multimedia carrier, like image [3], audio [4], or video files [5]. The media with or without hidden information are called Stego Media and Cover Media, respectively. Thus, the cover image with the secret message embedded is called the stego image.
1.2.1. Embedding Capacity
The performance of steganographic algorithms can be measured by two main criteria, embedding capacity and detectability. Thus, novel steganographic algorithms are expected to increase the image capacity and the encryption strength of the message. The image capacity can be increased by adaptive strategies which decide where to insert best the message. For example, the PixelValue Differencing method [6] proposes to embed more data in edged areas than in smooth areas.
In steganography the embedding capacity is defined as the maximum number of bits that can be embedded in a given cover image. However, the steganographic capacity is the maximum number of bits that can be embedded in a given cover image with a negligible probability of detection by an adversary. Therefore, the embedding capacity is larger than the steganographic capacity [7].
1.2.2. Methods of Embedding Data
There are two common methods of embedding data, which can be classified into two categories, namely, spatialdomain and frequencydomain methods. In the spatial domain method, the secret message is inserted directly into the least significant bit (LSB) of image pixels [8, 9]. In the frequencydomain method [10] the cover image is first transformed from the spatial to a frequencydomain using transformation methods such as discrete cosine transform (DCT) [11, 12], discrete Fourier transform (DFT) [13], or discrete wavelet transform (DWT) [13–15]. Then the secret message is embedded in the transformed coefficients [16], and finally the data are transformed back from the frequencydomain to the spatial domain.
There are different strategies to additionally encrypt hidden steganographic data, like permutation [17] or by a statistical threshold [18]. One should not confuse cryptography with steganography: Cryptography modifies the data to make them incomprehensible, while steganography on its own simply hides them between other data. In many instances the combination of both techniques provide a high level security to the protected information; see, for instance, [3, 19–23].
In this contribution we adopt the twodimensional discrete cosine transform [11] as the most common frequency domain method used in image processing. For a recent survey on steganography see [24], where our approach can be classified within DCT based steganography. A frequent method that uses the DCT is the JpegJsteg embedding method [25], where the secret message is embedded in those LSB of the quantized DCT coefficients whose values are not 0, 1, or −1.
1.2.3. Design Principles That Counter Steganalysis
Westfeld [26] introduced the F5 steganographic algorithm, where, instead of replacing the LSB of the quantized DCT coefficients by the secret bits, the absolute value of the coefficients is reduced by 1. Since the F5 algorithm randomly chooses DCT coefficients to embed the secret bits it is strong against the Chisquare attack.
To counter the Chisquare attack, Provos [25, 27] proposed the OutGuess steganographic algorithm. This method embeds data by a similar way as JpegJsteg, though its embedding capacity is much lower than that of JpegJsteg.
There are general design principles for less detectable stegosystems [28]. However, some steganalyis concepts are specialized in the detection of data hidden in the least significant bits of a natural image [29]. For recent improvements in LSB steganography approaches see [28, 30].
In [31], Chang et al. presented a new steganography method based upon Joint Photographic ExpertGroup (JPEG) and a quantization table modification. In this case, the secret message is first encrypted and then embedded in the 26 coefficients located in the middlefrequency area of the cover image. In [32], Noda et al. proposed two JPEG steganography schemes using a quantization index modulation in DCT domain.
In [33], Wong et al. presented a novel DCT based on a blind Mod4 steganography method for still images. In [34], Chang et al. proposed a lossless and reversible embedding of secret data in each block of DCT coefficients based on the compressed image technique JPEG. In this scheme, two successive zero coefficients of the mediumfrequency components in each block are used to hide the secret data. Li and Wang [35] proposed a novel steganographic method, based on JPEG and the Particle Swarm Optimization algorithm. Here, the transformed messages are embedded in the 36 coefficients located in the middlefrequency components of the quantized DCT coefficients of the coverimage.
1.2.4. Embedding Strategies
In [36], VelascoBautista et al. present the Entropy Thresholding method, where the secret message is inserted in the DCT domain. In [37], Lin and Shiu suggest a high capacity data hiding scheme, where the secret data are embedded in the middle frequency of the DCT coefficients. Narayana and Prasad [21] introduce two new methods wherein cryptography and steganography are combined to encrypt the secret message that is hidden. In [38], Lin proposes a reversible data hiding method which is based on the DCT of the cover image. The cover image is decomposed into different frequencies, where the secret messages are embedded into the highfrequency parts. Mali et al. propose a novel image steganographic method using a block level Entropy Thresholding technique where the secret message is embedded in the 26 coefficients located in the middlefrequency area of the cover image [16]. Amin et al. present an efficient data hiding technique based on the DCT, where secret bits are embedded in all frequency components of the quantized DCT coefficient [11]. Jaheel and Beiji combine two steganography algorithms, namely, JpegJsteg and OutGuess algorithms, with the purpose of enhancing a major security level [39]. In [1], Soria et al. propose a new steganographic algorithm in the frequency domain. This method uses a private key of 64 bits that suggest the positions where the secret bits are inserted after applying the Entropy Thresholding method; the experimental analysis accomplishes a comparison of the results with respect to the Entropy Thresholding method proposed by VelascoBautista et al. [36].
In the present work, we show an experimental comparison of the proposed method with respect to the two previous methods. All three approaches use the Entropy Thresholding method. The VelascoBautista method does not use keys, the Soria method uses a private key of 64 bits, and the proposed method uses two keys, one public key and one private key of 64 bits.
1.3. Transformation of the Blocks
A digital image is represented in computer systems as an array of pixels. In this paper, we work with a steganography algorithm for embedding a secret message into a RGB 24bit color image, where each pixel has three color components: Red, Green, and Blue (RGB). Each RGB component is represented by a byte. The values range from 0 to 255, where zero represents the darkest and 255 the brightest shade of a color.
Since we consider a RGB 24bit color image as three blocks of bytes corresponding to each color component, in the proposed method the cover image of size is divided into different blocks of bytes such that the DCT transformation can be performed on each one of them. Here we assume that and are divisible by .
Let be the th block of bytes of the image, with , and let be its two dimensional discrete cosine transform, with . The relationship between and its inverse is given by where for and otherwise. A DCT of a integer matrix becomes a matrix of real numbers. By definition, the coefficient is the DC coefficient (zero frequency) and all others are called the AC coefficients.
1.4. This Contribution
In this paper, two steganography methods are combined, namely, the JPEG steganography method and the Entropy Thresholding technique [36, 39]. This combination allows to hide secret messages in images while maintaining a high visual quality and a low detectability. The JPEG method divides the cover image into nonoverlapping blocks of bytes and then applies the discrete cosine transform with the purpose of hiding the secret message in the DCT domain by modifying certain coefficients located in the lowfrequency area of the cover image.
The Entropy Thresholding method decides whether or not to embed the secret message in a certain matrix of order of transformed coefficients, depending on the entropy within that matrix.
2. Determination of Location of Message
In this section we describe how to determine the encrypted random locations where the secret message is inserted. It is assumed that is the length of the binary sequence of the secret message where is a bit containing or . The locations where the secret message is hidden is determined by a pseudorandom sequence defined by We denote by the number of bits of an array of bits which are equal to . We continue to concatenate the pseudorandom sequence as long as we reach a cardinality ; that is, the length of the message is covered.
In the next subsections, first, we describe the generation of 15 subkeys, and then how the subkeys are used to determine a pseudorandom sequence of locations where the secret bits are inserted.
2.1. Creation of 15 Subkeys
There are two types of cryptography techniques, namely, private key and public key cryptography. Public key cryptography is an asymmetric cryptography technique which encrypts the message with a private key and decrypts the message with a public key. Private key cryptography is a symmetric cryptography technique which encrypts and decrypts a message with the same key. The DES (Data Encryption Standard) algorithm [40] is the most widely used symmetric encryption algorithm in the world and its design idea is still used in numerous block ciphers.
In this paper we use steps similar to those developed for the Data Encryption Standard (DES) algorithm to generate subkeys, but we only generate 15 new subkeys of 96 bits, with , using compressions (permutations) of 112 and 96 bits, respectively.
The 128bit key is permuted according to the following permutation:
42  37  53  51  33  123  128  114 
27  107  38  29  74  17  92  64 
104  58  45  60  103  23  63  7 
85  8  39  117  65  13  2  101 
35  124  31  97  44  41  110  25 
120  3  105  61  50  70  102  95 
113  77  115  59  75  21  48  125 
20  47  99  100  90  32  19  9 
4  94  68  122  109  89  28  83 
111  82  12  54  84  73  14  78 
62  88  57  55  79  91  10  121 
93  108  98  30  127  87  34  24 
49  1  11  40  71  43  80  69 
15  119  112  22  52  5  81  67 
In order to finish, we generate keys of 96 bits, with , by applying the following permutation to each of the concatenated pairs :
44  14  77  49  45  111  68  37 
23  47  81  31  32  67  9  12 
102  73  69  29  88  3  27  62 
75  15  89  34  11  10  97  58 
105  104  84  70  5  103  100  78 
87  21  83  63  1  71  17  30 
65  13  50  4  112  53  41  20 
8  109  54  61  38  94  40  80 
74  42  55  101  110  79  64  92 
22  85  91  107  59  24  35  98 
2  33  52  93  99  19  28  51 
90  48  43  82  7  95  25  57 
In summary, this procedure uses one key of 128 bits, to determine 15 subkeys of 96 bits, which, through the procedure that is described in continuation, generates a pseudorandom sequence that determines the location to insert the secret bits.
2.2. Generation of Pseudorandom Sequence of Locations
Apply the permutation.
41  60  75  61  7  68  77  71 
1  87  23  31  87  27  57  87 
65  62  5  48  92  24  22  36 
93  5  80  10  13  87  7  6 
72  85  96  76  63  7  19  9 
26  4  66  4  55  42  53  79 
86  2  7  64  33  4  39  35 
58  54  32  70  77  12  27  34 
89  5  15  52  5  46  44  27 
56  82  81  73  57  78  43  20 
77  59  83  8  45  67  77  77 
27  88  77  77  29  40  11  51 
94  3  49  14  4  21  14  37 
90  47  14  84  38  30  50  91 
57  5  87  17  69  5  74  7 
77  16  57  28  18  95  25  77 
3. Proposed Algorithm
In this section we propose a new algorithm for steganography. Given a procedure for the determination of the possible locations of the subkeys (as described in Section 2.2), the algorithm is mainly about the effective insertion of the message according to a threshold. The embedding algorithm has a sandwich structure, where first several transformations are applied subsequently. In the core of the algorithm the secret message is inserted respectively extracted whenever an entropy threshold criterion is satisfied. Finally, inverse transformations are applied in reverse order. See Algorithm 1 for a pseudocode, where the operating mode is switched to embedding or extraction by setting the parameter mode to EMBEDDING or EXTRACTION, respectively.

Roughly speaking, bits of the secret message are inserted at given locations whenever the entropy of a block is above a certain threshold value. Therefore, the proposed algorithm divides the cover image into nonoverlapping blocks of bytes and then applies the discrete cosine transform to each matrix of them. The Entropy Thresholding method determines the matrices that will be quantized. The combined privatepublic key determines a binary sequence of pseudorandom numbers that indicate the first seven AC coefficients where the elements of the binary sequence of the secret image will be inserted.
3.1. Replacement Rule
We denote by the function that replaces a value by the corresponding secret message bit . For the rule is defined byAnalogously, for we define asThe effect of different values of and on is shown in (7). The replacement rule is designed such that corresponds to even and to odd values of and thus provides the rule for the inverse operation for the following extraction function defined byThe process of extraction follows the same procedure as executed in the process of insertion, except that instead of inserting the least significant bit, the corresponding message bit is extracted. For both processes, embedding and extraction, the input consists of the stego image, private key, public key, and the quality factor.
3.2. Embedding Algorithm
The secret message is inserted into the cover image by the embedding procedure described in Algorithm 1.
Input. Secret message, cover image, private key, public key, and quality factor.
Procedure. In the proposed algorithm, it is assumed that the emitter as well as the receiver holds the same system of private keys. Indeed, the receiver sends the public key to the emitter by an insecure channel. Then, the emitter generates the stego image with both keys and sends it through another insecure channel to the receiver, which can extract the secret message from the public and private key; see Figure 2.
The emitter generates the stego image according to Algorithm 1. Firstly, the proposed algorithm subtracts 128 from each byte of the image. Next, it splits the cover image up into nonoverlapping blocks of bytes and then applies the discrete cosine transform to each one of them. From each transformed block it calculates the entropy.
By the Entropy Thresholding method it decides whether or not to embed the secret message in the transformed block. If the entropy of a block is greater than the overall average entropy then each selected block is quantified using the quantification matrix (9); the zigzag scan is applied, with the purpose to align frequency coefficients in ascending order; see Figure 3. Afterwards, the elements of the binary sequence of the secret message are inserted in the first seven AC coefficients whenever the elements are equal to 1. Since the replacement rule operates on natural numbers, the real valued coefficients have to be rounded.
After insertion of the secret message the back transformation is realized in reverse order: By the zigzag scan the matrix of order is reconstructed, which afterwards is unquantified multiplying by the quantification matrix (10). Finally, the Inverse Discrete Cosine Transform (IDCT) is applied, and to each byte of the resultant image the value 128 is added in order to reconstruct the image, obtaining the expected stego image.
3.3. Details on Quantification Procedure and ZigZag Scan
In the quantification procedure each block of bytes selected by the Entropy Thresholding method is quantified using the given quantification matrix that scales the quantized values by a compression quality factor ; see [36] for more details. The quantized DCT coefficients are computed aswhere is the matrixHere, the quantization matrix is chosen to be the Lohscheller matrix: The transformation of the matrix , with , to a vector of length 64 is done by the zigzag order scan; see Figure 3, which aligns frequency coefficients in ascending order starting from frequency zero (DC coefficient) to nonzero frequency components (AC coefficients). Indeed, the DC coefficient contains a significant fraction of the image energy. In addition, the AC coefficients can be classified in three groups, those that occur at low (yellow color), at middle (green color), and at high (blue color) frequency, respectively. Out of the 9 low frequency AC coefficients (yellow color) only the first 7 AC coefficients are considered, whenever the pseudorandom sequence and the entropy threshold permits.
Usually, zero AC coefficients occur at middle and high frequency, so modifications to them break the structure of continuous zeros. Abrupt nonzero values give a hint of the existence of secret bits. The nonzero AC coefficients occur at low and middle frequency such that perturbations to them do not affect the visual quality [41].
4. Experimental Results
In this Section the experimental results of the proposed algorithm are presented. The proposed algorithm is implemented in Matlab. Five different images consisting of pixels are used, with a quality factor equal to . The cover images and the stego images are shown in Figure 1.
The used keys were taken randomly. We have tested our proposed algorithm by inserting the following message to each of the five images:
Nec vero habere virtutem satis est quasi artem aliquam nisi utare; etsi ars quidem cum ea non utare scientia tamen ipsa teneri potest, virtus in usu sui tota posita est. (Cicero, “De re publica”)
In addition, a comparison of the proposed method with respect to the Entropy Thresholding method proposed by VelascoBautista et al. [36] and to the method proposed by Soria et al. [1] is included in this section. The performance of the proposed approach has been studied using different kinds of statistical measures.
4.1. Imperceptibility Test
The information security through steganography depends in great part on the level of imperceptibility, since a steganographic system has to generate a sufficiently innocent stego image. Therefore, the degree of distortion or imperceptibility of a stego image in relation to the original image plays a fundamental role. Usually, the image distortion is measured by the peak signaltonoise ratio (PSNR), which is given bywhere and and are the cover and stego image, respectively. The index set sums over the set of bytes aswhere , account for the image size, addresses the three colours, and .
In the first experiment, the PSNR values indicate the level of imperceptibility and distortion of those images. In this experiment, 128 randomly chosen pairs of different keys were used. The experimental results show that the proposed algorithm produces high quality stego images with appropriate PSNR values; see Figures 4–8, which is in correspondence with the heuristic values of PSNR (30 to 50 db) found in literature [42]. Moreover, this experiment shows that the proposed method gives usually better results than the methods proposed by Soria et al. [1] and VelascoBautista et al. [36].
4.2. Image Quality Measures
The relationship between the display and the human visual system can be quantitatively expressed by mathematical relationships of Image Quality Measures (IQMs). Steganographic schemes eventually leave statistical evidence that can be used to quantify the hidden content in the stego image relative to the cover image; see [43]. The metrics measure the similarity between the cover image and the stego image after insertion of the message, summing over the set of all bytes as defined by (14): The IQMs based on correlation of the content of the images include Correlation Quality (CQ) and Structure Content (SC); see [43, 44]. In addition, the IQMs based on difference distortion and pixel distance include Image Fidelity (IF) and Average Absolute Difference (AD), respectively; see [43, 44].
In the case of the metrics CQ, SC, IF, and AD, the closer the value is to one, the higher the level of similarity is. However, in the case of the metric AD, the closer the value is to zero, the lower the global distortion of the stego image is with respect to the cover image. A large value of AD means that the stego image is very poor in quality.
In the second experiment, the values of CQ, SC, IF, and AD were found for seven pairs of different keys. It can be observed that CQ, SC, and IF tend to one (see Figures 9 and 10) while the AD values are small (see Table 1), which shows that between the cover image and the stego image there are no significant differences.
4.3. Histogram Analysis
In the third experiment we use the Peppers image. The calculation of the previous quantities produced similar results (not shown). In Figure 11, the histograms for the red block of the analyzed image are shown. A distortion metric is the Histogram Similarity (HS), which is calculated as where is the relative frequency of level in a 256level image; see [43, 45]. This measure is connected to the differences between each histogram pair. Table 2 shows that the values of HS are close to zero, which corresponds to the values calculated in the previous example.
4.4. Security Test
The security of a steganographic system can be evaluated beyond examining the distribution of the cover and stego image. Cachin [46] proposed a statistical measure for steganographic systems, which is called secure and given by where and represent the distribution of cover image and stego image, and RE is the relative entropy between the two probability distributions. Moreover, a steganographic system is called perfectly secure if .
In the fourth experiment we observe that the values of the relative entropy are close to zero, which affirms that the steganographic system obtained from the proposed algorithm is sufficiently secure; see Table 3 and Figure 12 corresponding to the City image.
4.5. Steganalysis Experiment: ChiSquare Attack Resistance Test
Steganalysis is the science of detecting hidden information. In other words, steganalysis intends to find the secret information that carries some stegoinformation by attacking the security of the used steganography algorithm. During the design of secure steganographic algorithms, the simulation of attacks is essential to evaluate the security. In this work some of the stego images produced by the SoriaLorente method, the VelascoBautista method, and the proposed method have been tested against the wellknown Chisquare attack [47]. The Chisquare attack is one of the algorithms to test the detectability of any secret data embedding algorithm. This test is based on the frequency with which pixel values appear. It is unusual for the frequency of pixel value to be (nearly) equal to the frequency of pixel value in a typical image with no embedded information. The Chisquared attack was designed to detect these nearequal biases in images and bases the probability of embedding on how close to equal the even pixel values and their corresponding odd pixel values are in the test image. Indeed, in [48] it was shown that the Chisquare attack detects successfully the existence of the embedded secret bits in the first half of the DCT coefficients of the stego image created by the JpegJsteg method; see also [32].
The Chisquare statistic with degrees of freedom is given as where and are the total pixels in image sample of gray value and , respectively. The values of the Chisquare statistic are always positive. The expectation is that, for a stego image, is relatively small because should be near , by the hypothesis, and for a nonstego image, is relatively large because should be far from . The final step of the process is calculating , the probability of embedding, by integrating the density function with as its upper limit: This probability of embedding is the probability of under the condition that for . The density function, , converges to as approaches infinity, so approaches as approaches infinity. Therefore, for large , the probability of embedding is near . In other words, larger values of the mean a lower probability of embedding. However, when is small relative to , then is near to zero and hence is near to . Thus for relatively small , the probability of embedding is near .
In the fifth experiment we verify that the stego images created by the SoriaLorente method and the proposed method cannot be detected by the Chisquare attack; see Figures 13 and 14. This means that the proposed method is robust against the Chisquare attack. However, in Figure 14, one can observe that the Chisquare attack detects the existence of the embedded secret bits approximately in 1.02% of the stego images created by the VelascoBautista method, with a probability of embedding of .
5. Conclusions and Discussion
In this contribution, we propose a new steganographic algorithm which uses two keys, one public and another private, in order to reduce the detectability. According to the analyses of PSNR, of histograms and IQMs values, it is demonstrated that in the stego image there are no detectable anomalies with respect to the cover image. Moreover, the obtained values for the relative entropy show that the steganographic system obtained by the proposed algorithm is sufficiently secure. In addition, by the values of embedding probability it was demonstrated that the proposed algorithm is highly resistant against the Chisquare attack.
Competing Interests
The authors declare that there is no conflict of interests regarding the publication of this paper.
Acknowledgments
The authors wish to thank the Clavemat project, financed by the European Union, the University of Granma, and Fundación EPAS. The Universidad Católica de Temuco supported the authors through the project DGIPUCT no. 2015CASF04 (supported by the “Dirección General de Investigación y Postgrado”) and through the Master Program of Applied Mathematics.