1 Introduction

With the growth of new network technologies, communication of multimedia files like audio, image, video over internet has increased. Audio data such as songs are transferred through internet by many commercial organizations such as iTunes, Spotify where many people can listen to their favorite music. Such organizations need to store huge audio data that require security aspects. Cloud is a place where many organizations can store their multimedia data securely. Due to security issues in single cloud, users are going for multi-clouds or inter-clouds. One technique for securing the data in multi-clouds is secret sharing algorithms [6, 10, 11, 14]. Not only in cloud computing, secret sharing scheme provides security services in other applications such as Internet of Things [7, 13] and sensor networks [19].

Secret sharing is used in situations where keeping a secret with one person is not reliable. Instead, the secret is split into shares and delivered to a group of authorized persons. Decryption of secret is achieved whenever threshold number of participants agrees and put together their shares. A threshold scheme based on polynomial interpolation has been introduced by Shamir [24] and Berkely [3] independently to protect cryptographic keys. Thien and Lin discussed an image secret sharing method that produces shares of reduced dimensions. The dimensionality reduction is based on threshold. Larger the threshold more reduced the dimensions of the shares [27].

In above schemes, it is supposed that the participants are honest, but in fact, it is impossible in the real world. Participant may himself be dishonest and may submit fake share or tampered instead of original share. This issue has been addressed in this paper. The aim of this work is to propose anew secret sharing scheme to identify cheating behavior of participants before reconstruction of secret and to protect audio and image data from hackers. Our scheme generates encoded shares of reduced size and also verifies whether the participants have submitted the true or fake information before reconstruction of the secret. This scheme consists of mainly three actors namely dealer, participants and combiner. Dealer is a secret holder and generates encoded shares of secret with reduced dimension. Dealer distributes these encoded shares to participants. Participants who want to reconstruct the secret have to submit their encoded shares to combiner. Combiner is a trusted entity or may be a trusted participant who reconstructs the secret after verifying the participant’s information. The main goal of proposed method is to identify the cheating behavior and provide confidentiality to audio and image data.

Following are the main contributions of our proposed work from previous schemes:

  1. i)

    Shorten share dimensions: Proposed secret sharing scheme that generates shares of smaller dimensions. Original audio can be reconstructed without any loss of information.

  2. ii)

    Verifiable scheme: Proposed new scheme is able to identify if the participant is submitting genuine information or fake information before retrieving the secret.

  3. iii)

    High security: Since participants possess encoded shares instead of original shares, it will be very difficult for adversary to gain original secret. Experimental result shows that the shares distributed to participants are completely noisy and provides no information about the secret. Thus, our proposed method provides high level security.

The rest of the paper is organized as follows: Some works related to proposed scheme are presented in Section 2. The three phases of proposed work are illustrated in Section 3. Section 4 discusses security analysis. Section 5 shows experimental results and strength of the scheme using different metrics. Section 6 presents advantage of our method. Comparison of our work with other related works are provided in Section 7. Conclusions are highlighted in Section 8.

2 Related work

In this section we illustrate some existing schemes related to our proposed method. Shamir [13] introduced the concept of sharing a secret among a group of n members, where any t members of the group can cooperate with each other to retrieve the secret. This is said to be (t,n) threshold scheme. Adapting Shamir’s method, Thien-Lin et al. [19] proposed a method for sharing image among a group. Dealer truncates the pixel values of grey scale image to range 0–250 and then permutes them with a secret key so that the image becomes noisy-looking. This noisy image is divided into sections such that each section contains t pixels. Further, image shares are generated by evaluating Eq. 1 with t pixels of each section.

$$f(x)={b}_0+{b}_1x+{b}_2{x}^2+\dots +{b}_t{x}^{t-1}mod251$$
(1)

As t pixels of each section of original image correspond to one pixel in the share, shares generated are of reduced size. To reconstruct the secret, any t shares are required. Applying Lagrange interpolation along with first non-processed pixels of t shares, we can determine the coefficients. These coefficients are t pixel values of noisy image. To get the original image these pixels go through inverse permutation.

Lin and Tsai introduced a method that not only hides the shares into camouflage images but also furnished with the ability of authentication while reconstructing the secret. Disadvantage of this method is that shares constructed are of huge capacity [17]. Authentication ability of [17] has been improvised by Yang et al. [31] to prevent cheating by dishonest participant. Further, to achieve lossless secret sharing they applied Galois Field GF(28). Wang and Shyu introduced scalability method that requires all participants to put their shares for reconstruction of secret. Threshold number of participants can recover only partial secret. To get entire secret all participants in the group must combine. This method is limited to (2,n) scheme [28]. Yang and Huang [30] enhanced the (2,n) scheme to (k,n) secret scheme. Lein Harn [15] introduced a scheme against submitting a fake share by both inside and outside adversaries. Kanso [12] employed secret sharing scheme for securing medical images. They used run length encoding scheme for compressing medical images and then shares are generated with GF(31). In traditional secret sharing schemes, threshold t is fixed which may have some problems. So Xingxing Jia [29] proposed a scheme based on Chinese Remainder Theorem to change the threshold from t to t’ without updating the shares. Dong Xie [5] adapted compressed sensing technique to generate shares of flexible sizes based on different applications. Their scheme also has addition capability of smooth scalability, noise-resilient capability, and high security. Abhishek Parakh et al. [2] presented a new scheme based on recursive polynomial interpolation for dividing a secret s into shadows of reduced size to achieve storage space efficiency. Noar and Shamir proposed visual secret sharing where decryption is done by simply stacking the shares [20].

Similar studies have also been done on audio known as audio secret sharing scheme (ASS). Desmedt et al. [32] proposed (2,n) ASS based on sound inference property, it requires log2n cover sounds to embed secret binary text. By simultaneous playing of audio shares and detecting changes in sound volume one can decrypt the secret text. Based on time division Lin et al. [16] developed framework that requires only single cover sound instead of log2n cover sounds. Daniel et al. [4] extended (2,n) ASS to (k,n) ASS by using flat frequencies instead of sound inference property. Huan et al. proposed a framework where the n audio shares generated from binary audio are embedded in n shelter audios which are pretreated by high dimensional matrix transformation [9]. Shivendra Shivani et al. presented a method to provide security to online song repositories. Their method provided confidentiality to the songs stored in the repositories along with integrity verification and access control to the songs [25].

Zhao et al. [23] extended Thien-Lin scheme to verifiable secret sharing scheme to identify dishonest participant. They used discrete logarithms to identify cheater. Participants choose their own secret shadow and hence no security channel required for communication between dealer and participant. Ma et al. [18] scheme is capable of identifying cheaters when k participants involve in reconstruction. The cheating identification ability and size of shadow in the proposed scheme are improved from the previous cheating identifiable secret image sharing scheme. For cheating detection, some secret sharing schemes [21, 26] adopted a trusted third entity called combiner to verify the participants.

In this paper, we proposed a new secret sharing scheme that generates shares of reduced size and capable of identifying cheaters. Using proposed scheme, dealer generates encoded shares and distributes them to the participants. Since the shares are encoded participants cannot gain any information about the secret. Also, dealer generates verifiable code using one-way hash functions. Combiner uses this code to authenticate the information provided by the participants. Experimental results and statistical analysis show that encoded shares generated are noisy and secret can be reconstructed without any loss of information.

Proposed method is to safe guard audio and image data that can be used in following applications:

Call centers stores call recordings of their customers in servers. Some call recordings contain sensitive information which cannot be accessed by single person. Our proposed work (t,n) audio secret sharing can be used to protect such sensitive audio messages. The General Manager (dealer) of call center generates encoded shares of secret audio data and distributes among n supervisors (participants). Only when at least t or more number of supervisors submit their true encoded shares to the branch manager (combiner), secret audio data can be retrieved.

In medical applications some patient’s medical conditions and their images has to be kept secret. Disclosing entire condition of some important patient to one doctor is not reliable. In such scenarios, our proposed secret sharing scheme on image can be used which divides medical image into encoded shares that are distributed among a group of doctors and a threshold number of doctors under a trusted entity can retrieve the image for diagnosis.

Military communications include transmission of secret image such as military map along with audio signals that contain sensitive messages. Providing the entire sensitive information to single commander is not secure as he may compromise. In such conditions proposed multi secret sharing scheme can be applied. The secret (audio and image) at a time can be distributed among a group of commanders in the form of encoded shares. Secret can be retrieved only by combiner when sufficient number of commanders comes together.

3 Proposed scheme

The proposed method allows the secret audio A to be divided into n shares with smaller dimensions, and identify dishonest participant before secret reconstruction. Dealer D is a trusted entity and a secret holder, generates shares from the secret and distributes them to the participants. To reconstruct the secret, threshold number of participants has to come together. They have to submit their shares to the combiner C. Combiner is a trusted third party whose role is to verify whether the participants have submitted true information. If the information submitted by the participants is true than combiner reconstructs the secret and reveals the secret to the participants. This section is divided into three phases: Initialization phase, share construction and distribution phase, verification and secret reconstruction phase. The notations of variables used in the proposed work is provided in Table 1.

Table 1 Notations of variables used
Full size table

In initialization phase, dealer generates values (N, g, e, d) with the properties of RSA algorithm and transmits (e,d) value to combiner through secure channel. In share construction and distribution phase, dealer computes ID value by choosing a unique value for each participant. Then using IDi value and secret audio A, dealer generates shares Ai from proposed share generation procedure. Dealer encodes IDi to EIDi using discrete logarithms, Ai to ESi with pseudo random sequence and generates a verifiable code HSi from one way hash function. The values (EIDi, ESi, HSi) are distributed to the participanti, for i ɛ [1,n] instead of original IDi and Ai.

In verification and reconstruction phase, any t or more number of participants have to come together to retrieve the secret. Each participant has to submit their (EIDi, ESi, HSi) to the combiner. Combiner reconstructs the original Ai and IDi and checks its authenticity with the verification code HSi. If found authentic, means participanti has provided true information. After authenticating all the t participants and obtaining valid information, combiner reconstruct the secret audio A using Lagrange’s interpolation and reveals the secret to t participants. Figure 1 shows three phases of proposed method.

Fig. 1
figure 1

Proposed method

Full size image

3.1 Initialization phase

This module deals with computation of (N, g, e, d) values by the dealer. Considering the properties of RSA algorithm, dealer chooses p and q two prime numbers and calculates N = p × q. Finds generator g∈[N1/2,N] and also relatively prime to p and q. Finds an integer e ∈ [2,N] in a way that e is relatively prime to (p-1) and (q-1) and then computes d such that e × d ≡ 1 mod ∅(N) where ∅(N) is Euler phi function. Then sends (e,d) to the combiner through secure channel.

3.2 Share construction and distribution phase

In this phase, dealer generates shadows of the shares along with verification code that are distributed among the participants P = (P1, P2, .. Pn).

3.2.1 Identity generation

For each participant Pi ∈ P, D randomly selects a unique value vi∈ [2,N] and calculates IDi using Eq. 2.

$${ID}_i={g}^{v_i}mod\;N$$
(2)

3.2.2 Share generation

In this module, polynomial based Secret sharing scheme of (t,n) threshold for secret audio A is proposed that generates n audio shares (A1, A2, A3An) of smaller dimensions. D generates a polynomial function of (t-1) degree. The secret audio is read with a sample depth of 8 bits so that the sampled values (a0, a1, a2…) are in range 0–255. These are further divided into portions such that each portion consists of (t-1) audio samples. While defining the polynomial function, (t-1) audio samples of a given portion are considered as coefficients for lower degree terms. Random number is generated and is taken as coefficient for leading term. Then polynomial function is evaluated for n participants to obtain n shares with x value defined by the participant.

Since (t-1) sampled values of a given portion are evaluated to one sampled value of audio share, we obtain shares whose dimensions are diminished to 1/t-1 of confidential audio. The subsequent steps followed by D for constructing audio shares are given below:

  1. 1.

    Let the secret audio be A. Scan the audio data from A and write into y.

  2. 2.

    For each value ai of y

    1. 2.1

      If ai< 250 then store ai value in array B

    2. 2.2

      If ai≥ 250 then store ai in B as two values first 250 and then (ai-250)

  3. 3.

    Divide the array B into portions such that each portion has t-1 values.

  4. 4.

    Generate an array of random numbers r, of size equal to the number of portions.

  5. 5.

    For each portion j and random value rj, we define polynomial function as Eq. 3.

    $$f(x)=a_0+a_1x+\cdots.+a_{t-1}x^{t-2}+r_jx^{t-1}mod251$$
    (3)

    To generate share Ai for the Pi participant where i ϵ [1, n], evaluate above equation as qj = f(IDi) for each portion and assign the corresponding qj value to Ai. IDi is a unique value computed by D for participant Pi.

  6. 6.

    Repeat step 5 for all n participants to get shares (A1, A2, A3An).

3.2.3 Share encoding and distribution

Before distributing the shares, dealer encodes IDi and audio shares Ai of the participants.

Dealer computes encoded identity EIDi from IDi along with secret value e using Eq. 4.

$${EID}_i={\left({ID}_i\right)}^e\ mod\;N$$
(4)

To encode the audio share, pseudo random sequence is generated using pseudo random function PRNG that takes a seed value. Seed value is generated from Eq. 5 with secret entity e and IDi of the participant,

$${seed}_i=e{\vert\vert}{ID}_i$$
(5)
$${RN}_i= PRNG\left({seed}_i\right)$$
(6)

Pseudo random sequence RNi generated from Eq. 6 is XORed with audio share Ai, to obtain encoded share ESi as shown in Eq. 7.

$${ES}_i={A}^i\oplus {RN}_i$$
(7)

Dealer computes verification code HSi from Eq. 8, by applying hash function h on original audio share Ai and identity IDi.

$${HS}_i=h\;\left[h\left(A^i\right){\vert\vert}{ID}_i\right]$$
(8)

Dealer sends (EIDi, ESi, HSi) to participant Pi. Hash function ‘h’ and pseudo random function PRNG is private between dealer and combiner.

3.3 Verification and reconstruction phase

Decipherment of secret is done by pooling t or more encoded shares. Consider P = (P1, P2…. Pt) be group of members who want to reconstruct the secret.

3.3.1 Verification process

Members of P have to submit their (EIDi, ESi, HSi) values to the combiner. Combiner decodes audio shares and identities with secret pair (e, d). First IDi is decoded from EIDi using Eq. 9.

$${ID}_i={\left({EID}_i\right)}^d\ mod\;N$$
(9)

Next, for decoding audio share Ai from ESi, combiner creates Eqs. 4 and 5 from e and IDi as mentioned below

$$\begin{array}{c}{seed}_i=e{\vert\vert}{ID}_i\\{RN}_i= PRNG\left({seed}_i\right)\end{array}$$

Original share Ai is acquired from Eq. 10, where pseudo random sequence RNi is XORed with audio share ESi

$${A}^i={ES}_i\oplus {RN}_i$$
(10)

From Aand IDi, combiner computes \({HS}_i^1=h\;\left[\;h\left(A^i\right){\vert\vert}ID_i\right]\) and checks if \({HS}_i^1={HS}_i?\). If ‘yes’ information submitted by participant Pi is true else Pi is dishonest.

3.3.2 Reconstruction of secret

The members in the group P can reconstruct the secret with their t pairs of (IDi, Ai). The following steps are to be proceeded for reconstruction of secret:

  1. 1.

    Extract the first unused amplitude values from each of the t audio shares (A1, A2, A3At). Let the first sampled values of t audio shares be \(\left({a}_0^1,{a}_0^2,{a}_0^3\dots {a}_0^t\right)\).

  2. 2.

    Substituting these t values and IDi as xi values of P = (P1, P2…. Pt) in Eq. 11.

$$f(x)={a}_0^1\frac{\left(x-{x}_2\right)\left(x-{x}_3\right)\dots \left(x-{x}_t\right)}{\left({x}_1-{x}_2\right)\left({x}_1-{x}_3\right)\dots \left({x}_1-{x}_t\right)}+{a}_0^2\frac{\left(x-{x}_1\right)\left(x-{x}_3\right)\dots \left(x-{x}_t\right)}{\left({x}_2-{x}_1\right)\left({x}_2-{x}_3\right)\dots \left({x}_2-{x}_t\right)}+\dots +{a}_0^t\frac{\left(x-{x}_1\right)\left(x-{x}_2\right)\dots \left(x-{x}_{t-1}\right)}{\left({x}_t-{x}_1\right)\left({x}_t-{x}_2\right)\dots \left({x}_t-{x}_{t-1}\right)}$$
(11)
  1. 3.

    Simplifying Eq. 11, we obtain a polynomial function f(x) (Eq. 12) of degree (t-1). The terms in f(x) are arranged from left to right in ascending order.

    $$f(x)=a_0+a_1x+\cdots.+a_{t-1}x^{t-2}+r_jx^{t-1}mod251$$
    (12)

    The t-1 coefficients of above equation are stored in array B.

  2. 4.

    Repeat steps from 1 to 3, until all sampled values of audio shares are processed.

  3. 5.

    For each element oi of B

    1. 5.1

      If oi < 250 then store oi into A’ and sequentially read the next value in B.

    2. 5.2

      If oi = 250 then read immediate next value oi + 1 and store (oi + oi + 1) value in A’. As oi + 1 has been used, we read the next value oi + 2.

  4. 6.

    A’ is the reconstructed audio which is obtained without any loss of information.

For example, in a (3, 4) scheme, let the first two amplitude values in the audio are (a0,a1) = (78, 241) and random value 92. Let the participant’s identities are 50, 60, 150, 160 for shares 1, 2, 3 and 4 respectively. Then first amplitude values for four shares are obtained using Eq. 3 in Section 3.2:

$$\begin{array}{c}a_0^1=78+241\times50+92\times50^2mod\;251=164\\{a}_0^2=78+241\times 60+92\times {60}^2mod \;251=111\\{a}_0^3=78+241\times 150+92\times {150}^2mod\;251=87\\{a}_0^4=78+241\times 160+92\times {160}^2mod\; 251=51\end{array}$$

Repeating the above procedure for all amplitude values creates four audio shares. For decoding, any three participants have to submit their identities. Suppose we have (50, 164), (60, 111), (150, 87). We could gain f(x) from Eq. 11 in Section 3.3 as follows:

$$\begin{array}{l}f(x)=164\frac{\left(x-60\right)\left(x-150\right)}{\left(50-60\right)\left(50-150\right)}+111\frac{\left(x-50\right)\left(x-150\right)}{\left(60-50\right)\left(60-150\right)}+87\frac{\left(x-50\right)\left(x-60\right)}{\left(150-50\right)\left(150-60\right)}\\f(x)=78+241x+92x^2mod251\end{array}$$

Finally, 78 and 241 are the two amplitude values of original audio that are recovered.

4 Security analysis

In this section we have analyzed the recoverability and confidentiality of shares generated through our proposed scheme. We also discussed how cheaters can be identified efficiently.

Theorem 1

Any (t-1) or fewer participants cannot gain any information about the secret.

Proof

Suppose (t-1) participants cooperate together, with (t-1) encoded shares they can construct (t-1) polynomials equations and has to solve these set of equations.

$$\begin{array}{l}f\left({ID}_1\right)=a_0+a_1{ID}_1+\cdots.+a_{t-1}{ID}_1^{t-2}+r_1{ID}_1^{t-1}mod\;251\\f\left({ID}_2\right)=a_0+a_1{ID}_2+\cdots.+a_{t-1}{ID}_2^{t-2}+r_2{ID}_2^{t-1}mod\;251\\\vdots\\f\left({ID}_{t-1}\right)=a_0+a_1{ID}_{t-1}+\cdots.+a_{t-1}{ID}_{t-1}^{t-2}+r_j{ID}_{t-1}^{t-1}mod\;251\end{array}$$

Since the amplitude values of audio shares are in range 0 to 250. The possibility of guessing each a value is \(\frac{1}{251}\). For a secret audio of size 91240 × 1, there are 91240 × 1/(t-1) polynomials. The possibility to achieve the secret audio is

$${\left(\frac{1}{251}\right)}^{91240\times 1/t-1}$$

As this is a very small number, there is a very little chance of getting the secret audio. Further, the participants have the encoded version of shares ESiand identities EIDi, rather than original shares and identities. Decoding them by participants requires secret entity e, d of the combiner. Thus, it is difficult for the participants to gain the original identities and shares from (ESi, EIDi). Therefore, any (t-1) participants cannot recover the secret by pooling their information.

Theorem 2

Having t or more true encoded shares, the retrieval of secret is realizable only by the combiner rather than the participants.

Proof

As mentioned in Section 3.2, each participant holds encoded shares (EIDi, ESi) generated with secret entity e of the combiner. Since, \({EID}_i={g}^{v_ie}mod\;N\). From this deriving IDi is difficulty as the adversary do not having any information about values (vi,e) and it requires solving discrete logarithms which is NP problem. Further, computation of Ai from ESirequires seedi derived from (e,IDi) pair. Thus, the participants cannot retrieve the secret. As the secret values (e,d) are known to the combiner, the following operations are performed to get (IDi, Ai).

Computes IDi with d value: \({\left({EID}_i\right)}^d={g}^{v_i ed}={g}^{v_i}mod\;N={ID}_{i.}\)

Achieving IDi and knowing e value, compute share Ai as follows:

$$\begin{array}{l}{seed}_i=e{\vert\vert}ID_i\\{RN}_i=PRNG\left({seed}_i\right)\\{ES}_i\oplus{RN}_i=A^i\oplus{RN}_i\oplus{RN}_i=A^i\end{array}$$

Thus, combiner successfully decodes the information of participanti as (IDi,Ai). Likewise, after decoding information of all participants, combiner applies Lagrange’s interpolation and retrieves the secret.

Theorem 3

Combiner can successfully identify the dishonest participant

Proof

To retrieve the secret, at least t participants must submit (ESi,EIDi,HSi) to the combiner. Let participantj submit \(\left({EID}_j^{\prime },{ES}_j^{\prime}\right)\) instead of (EIDj, ESj) then combiner with his secret value e and d computes

$$\begin{array}{l}\left({EID}_j^{'}\right)^d={ID}_j^{'}\;different\;from\;{ID}_j\\e{\vert\vert}ID_j^{\prime}={seed}_j^{\prime }\\{RN}_j^{\prime }= PRNG\left({seed}_j^{\prime}\right)\\{ES}_j^{\prime}\oplus {RN}_j^{\prime }={A}^{j^{\prime }}\ne {A}^j\\{HS}_j^{\prime }=h\left[h\left({A}^{j^{\prime }}\right){\vert\vert}ID_j^{\prime}\right]\end{array}$$

As \({HS}_j^{\prime }\) is different from HSj, participantj is marked as ‘dishonest’. It is very hard for participantj to change the values of (ESj,EIDj) such that it matches HSj.

5 Experimental analysis

5.1 Feasibility of our method for (3, 4) threshold scheme

As mentioned in Section 3.1, dealer computes secret pair (e,d) and sends to combiner through secure channel. With 4 participants and 3 as threshold, dealer generates 4 shares such that any 3 participants can retrieve the secret. For this, initially dealer chooses 4 distinct values for 4 participants and computes 265, 584, 78, 815 as IDi for each participant using Eq. 2.

For secret audio A, dealer generates shares Ai by evaluating Eq. 3. Results of audio sharing process is shown in Fig. 2a is the secret audio of dimension 91,240 × 1; (b)-(e) are the audio shares of dimension 45,620 × 1 generated for four participants with ID values (265, 584, 78, 815); f) is the lossless reconstructed audio constructed with (265, 584, 78).

Fig. 2
figure 2

a to f are audio plots related to share construction and reconstruction of secret

Full size image

Dealer encodes the identities IDi of the participants with secret value e (Eq. 4) and also audio shares Ai with pseudo random sequence generated from the seed value (Eqs. 5, 6 and 7). Figure 3 shows the encoded shares that are distributed to the participants.

Fig. 3
figure 3

Encoded shares distributed to the participants

Full size image

5.2 Correlation analysis

The proposed method generates shares of smaller dimensions provided that they are noisy for concealing information. In audio data the adjacent amplitude values are correlated. To eliminate the correlation between audio samples, our proposed method includes a random coefficient for higher degree term as a blinding factor and other lower terms takes amplitude values as given in Eq. 3.

To compute similarity among audio shares and original audio, we used Pearson correlation coefficient represented by Eq. 13.

$$r=\frac{\sum_{i=1}^m\left({X}_i-\overline{X}\right)\left({Y}_i-\overline{Y}\right)}{\sqrt{\Big(\sum_{i=1}^m\left(\left({X}_i-\overline{X}\right)\Big){}^2\right)\left(\sum_{i=1}^m{\left(\left({Y}_i-\overline{Y}\right)\right)}^2\right)}}$$
(13)

Here m is total number of audio samples in audio share. \({\left({X}_i\right)}_{i=1}^m\) are the first m adjacent sampled values of the original audio. \({\left({Y}_i\right)}_{i=1}^m\) are the adjacent audio samples of audio share. Results are shown in Table 3. For shares as the correlation coefficient is less, we can say that original audio and shares are dissimilar. The relation between the sampled values present in original audio is eliminated in the shares thereby providing no information about the secret. Similarity score is about 1 between original audio and reconstructed audio which shows that audio is reconstructed without any loss of information. Figure 4 shows plot of randomly selected 3000 adjacent sampled values of original audio and shares generated. Figure 4a shows the plot of adjacent sampled values of original audio which are in diagonal line that indicates close similarity between them, (b) to (e) are plots of encoded shares where the correlation between sampled values are eliminated thereby showing random pattern. For horizontal adjacent pairs we get the correlation coefficient values for original audio and encoded share as 0.95, −0.0075, 0.00101, −0.00109, 0.0033.

Fig. 4
figure 4

Plot for 3000 random horizontal adjacent sampled values of original audio and encoded shares

Full size image

5.3 Histogram analysis

Histogram for audio provides visual representation of signal distribution. Figure 5a, b, c, d, e shows histogram of original audio, its encoded shares and reconstructed audio. Histograms of encoded audio shares shows that the amplitude values are distributed nearly flat which indicates that they are noisy and have no statistical relation with original audio samples. Histogram of reconstructed audio in Fig. 5e is identical to the histogram of original audio shown in Fig. 5a. This proves that proposed method can successfully reconstruct the secret audio without any loss of amplitude values.

Fig. 5
figure 5

Histogram analysis

Full size image

5.4 Number of samples change rate (NSCR)

One important requirement of secret sharing process is that the shares should be totally different from the original secret. Number of samples change rate (NSCR) is a test that computes the difference between the two audio segments and can be calculated using Eq. 14.

$$NSCR=\frac{\sum_i{D}_i}{L}\times 100$$
(14)

Where Di is 1 if corresponding samples of two audios are different, otherwise Di is 0. Table 3 shows the NSCR test results between original audio and audio shares. Obtained NSCR values for audio shares and encoded shares are listed in Table 4. NSCR values in both tables are high, indicating that two audios are significantly different from one another. In Table 3, last row indicates NSCR value for original audio and reconstructed audio which is zero. This shows that our proposed scheme is lossless secret sharing scheme.

5.5 UACI (Unified Average Changing Intensity)

One test to measure similarity between two noisy signals is UACI (Unified Average Changing Intensity). Suppose S1 and S2 are two noisy signals of length N. UACI value can be calculated using Eq. 15.

$$UACI=\frac{1}{N\ }\sum_i\frac{\mid {S}_1(i)-{S}_2(i)\mid }{255}$$
(15)

Table 2 shows UACI values obtained between the encoded shares that are distributed to participants. According to literature [1, 8], it can be observed that the values are higher than ideal value (33.46%) which shows the proposed scheme is resistive to different attacks. In Table 4, UACI values are nearer to ideal value which shows that there is no similarity between the audio shares and its respective encoded shares.

Table 2 UACI values obtained between the encoded shares
Full size table

5.6 Peak signal-to-noise ratio

PSNR is most commonly used to test quality between original image and reconstructed image. The PSNR value for original audio with reference to obtained audio shares, along with reconstructed audio are listed in Table 3. Smaller PSNR values in Table 3, shows that shares are noisy which means that signals are almost destroyed and does not provide any information about the secret audio. PSNR value between original and reconstructed audio is ∞. This proves the lossless reconstruction of secret audio. In our proposed method, participants are provided with encoded audio shares instead of original audio shares and PSNR values between these two are shown in Table 4. These values shows that audio shares distributed to participants are dramatically randomized and are resistant to attacks.

Table 3 PSNR, NSCR and correlation coefficient for original and audio shares
Full size table
Table 4 PSNR, NSCR, UACI and correlation coefficient for audio shares and encoded audio shares
Full size table

5.7 Results of proposed method for images

As grayscale images carry pixel values in range 0–255, so our proposed scheme is applicable to images also. To generate image shares, D will execute steps 1 to 6 of Section 3.2 with pixels of the secret image instead of sampled values of secret audio. Experimental results of our proposed scheme on images are shown in Fig. 6a secret image; (b) to (e) are encoded shares; (f) shows reconstructed secret image.

Fig. 6
figure 6

Experimental results for image

Full size image

6 Benefit of our proposed scheme

One benefit of our scheme is that it supports multi secret sharing. Suppose the dealer want to share a secret image along with secret audio that is two secrets during one secret sharing process. Initially the dealer truncates the values in range 251–255 in audio and image to 250. Dealer then encrypts the image with symmetric key k so the correlation between pixels can be eliminated. The encryption process is as follows:

  1. 1.

    With k as seed value, generate an array r of random numbers. The size of this array is equal to the size of image I.

  2. 2.

    Every pixel in the image I is treated with Eq. 16 to get the encrypted image I′

$${b}_i^{\prime }={b}_i+{r}_i+{b}_{i-1}^{\prime }mod\;251$$
(16)

Where bi is ith pixel of image I, ri is ith random value in array r, \({b}_i^{\prime}\kern0.5em \textrm{and}\ {b}_{i-{\it{1}}}^{\prime}\) are ith and (i-1)th pixel of image I′. Initially \({b}_{i-{\it{1}}}^{\prime}\) is 0.

After encryption of image, shares are generated using the proposed secret sharing process in Section 3.2 where the lower degree terms of the polynomial Eq. 3 have truncated sampled values of audio as coefficients and pixels of encrypted image as coefficient of higher degree term instead of random numbers.

Secrets are reconstructed by executing the steps 1 to 3 in Section 3.3, whereby the polynomial of degree (t-1) is built. The (t-1) coefficients of the polynomial are extracted and stored as audio values and the coefficient of leading term is stored as pixel value of image. Image obtained is an encrypted image I′ which requires decryption. Using key k as seed value, random numbers equal to number of pixels in encrypted image are generated and stored in array r. The pixels of image I is obtained from the Eq. 17.

$${b}_i=\left({b}_i^{\prime }-{r}_i-{b}_{i-1}^{\prime }\ \right) mod\; 251$$
(17)

Finally obtained audio data and pixels of the image carry values less than 250. They are restored to range 251–255 by executing step 5 in Section 3.3 so as to obtain lossless secret audio and image. Experimental results for sharing both audio and image in one secret sharing process is shown in Fig. 7. Results shows that shadows for image are not generated because the pixel values are combined with audio samples of audio shares. So, the dealer can use this method for watermarking purpose also. The present method of multiple secrets is performed using audio and image. It can also be extended to text [22] using ASCII values.

Fig. 7
figure 7

a secret audio; b secret image; c encrypted image of b; d to g are generated shares; h reconstructed secret audio; i reconstructed image; j decrypted image of i

Full size image

7 Comparison

When compared to existing secret sharing scheme our new scheme has some important properties which are summarized in Table 5. Our scheme has following properties:

  1. 1)

    Combiner can successfully verify any participant whether he/she is providing true information before reconstructing the secret.

  2. 2)

    As shares are encrypted with the secret pair (e,d) in Section 3.1, dealer can use either secure channel or public channel to distribute the encrypted shares to the participant.

  3. 3)

    In our proposed secret sharing scheme, (t-1) sampled values of the secret audio for a given section of original audio is evaluated to one audio sample of the share. Hence the size of the shares is reduced to 1/t-1 of the original image.

  4. 4)

    Our scheme does not require any permutation operations before construction of shares. Having random number as the leading coefficient of polynomial Eq. 2 in Section 3.2, itself is sufficient for generating noisy shares. Further noisy shares are encrypted thereby increasing the security of the scheme.

  5. 5)

    Experimental results in Section 6 shows that in one secret sharing process, we can share two secrets. So, our method can be used for multi secret sharing.

Table 5 Comparison of proposed method with other works
Full size table

8 Conclusion

We proposed a method for deriving audio shares from the secret audio characterized by dimensionality reduction and noisiness. Dimension of individual share is diminished to 1/t-1 of the secret audio by having the coefficient of the polynomial as amplitude values in conjunction with random values. Inclusion of random numbers creates noise audio shares thereby reducing the burden of performing permutations before share generation process. Additionally, another method is also proposed where the participants are verified by the combiner before secret reconstruction against cheating. Experimental results show that our scheme is applicable to image files and also supports multi secret sharing scheme. Proposed system ensures that the shares generated are noisy and can be reconstructed without loss of information along with a verification mechanism to identify dishonest participant.