Skip to main content

Errorless robust JPEG steganography using steganographic polar codes


Recently, a robust steganographic algorithm that achieves errorless robustness against JPEG recompression has been proposed. The method employs a lattice embedding scheme and utilizes the syndrome-trellis code (STC) for practical embedding. However, we have noticed that errorless robust embedding with STC may encounter failures due to modifications on wet coefficients, especially when a high quality factor is used by the compression channel. To solve this problem, we have discovered that using steganographic polar code (SPC) for embedding has better performance in avoiding modifications on wet coefficients. In this paper, we conduct theoretical analysis to prove the better performance of SPC in wet paper embedding. We establish the condition of avoiding modifications on wet coefficients, followed by presenting a recursive calculation method for determining the distribution of columns in the generator matrix of SPC. The findings reveal that SPC can avoid modifications on wet coefficients under a larger number of wet coefficients compared with STC, and therefore we propose a better errorless robust embedding method employing SPC. The experimental results demonstrate that under close security performance, the proposed method achieves a higher success rate compared with embedding with STC. Specifically, when the quality factor of the compressor is 95 and the payload size is 0.4 bpnzac, our method achieves a success rate of 99.85%, surpassing the 91.95% success rate of the embedding with STC.

1 Introduction

Steganography means to modify multimedia files like images, audio, and videos without introducing apparent traces, and the information can be extracted from modified files. Steganalysis means to detect the traces that the steganographic algorithms have introduced. To improve the security performance of the most popular multimedia type, i.e., JPEG images, researchers have proposed some adaptive JPEG steganographic algorithms. Usually, adaptive steganography consists of a cost function and a steganographic code. The cost functions in the JPEG domain include J-UNIWARD [1], UED [2], UERD [3], and JMIPOD [4]. In the past decade, most steganographic algorithms have adopted syndrome-trellis code (STC) [5] as the steganographic code. Until recently, steganographic polar code (SPC) [6] and its variant [7] have been proposed with a better performance compared with STC.

Nowadays, using social networks as channels for steganography can be more secure due to their multi-user interaction feature [8]. However, social network channels can be lossy for JPEG compression is usually used to reduce bandwidth. Unfortunately, most adaptive steganographic methods assume that the transmission channel is errorless. For achieving robustness against compression, robust steganography has been proposed. In [9, 10], robust steganographic methods that utilize techniques from watermarking to enhance robustness while ensuring the steganographic security have been proposed. In [11, 12], the authors achieve robustness by generating intermediate stego images using accurate channel modeling or an auto-encoder, where the coefficients of stego images are restored after channel compression. In [13], the authors propose to repeatedly compress images to generate robust images that barely change after compression, and the cost function is modified in [14] to restore the robust domain formed by multiple compression. In [15], the authors improve robustness by embedding on channel-processed cover images and avoiding modifying coefficients that introduce compression errors.

Most robust steganographic algorithms rely on reducing the error rate of the recompressed stego image to improve the success rate of extraction. In practice, the uncertainty of successful extraction increases the difficulty of achieving covert communication. Robust steganography that ensures the receiver can correctly extract the secret message on the sender’s side is very important. Recently, in [16], an errorless robust embedding is constructed by using a local JPEG compressor to obtain the behavior of the compressed DCT coefficients to select robust coefficients, and it uses a lattice embedding method to resolve the correlation between coefficients. Since the method sets the non-robust coefficients as wet coefficients, when steganographic codes are used, it is possible that embedding fails due to the modifications on wet coefficients. The method [16] uses STC for practical embedding and the results show it has the non-negligible possibility of changing wet coefficients, especially when the number of wet coefficients is high. Suppose to enhance the quality of channel images, social networks employ a high-quality factor valued at 95 for compression. In such scenarios, the failure rate for errorless robust steganography using STC embedding [16] is close to \(8\%\) when the payload size is 0.4 bpnzac. The performance inevitably diminishes the efficiency of steganographic communication in practical applications. Consequently, there is a demand for an errorless robust embedding method that performs better in avoiding wet coefficient modifications. Through our observation, the SPC embedding has better performance in wet paper embedding. Thus, in this paper, we propose an errorless embedding method using SPC for message embedding to improve the success rate.

In previous studies [5, 6], the analysis of the performance of steganographic codes in wet paper embedding was mostly conducted through experiments rather than theoretical analyses. The main contributions of this paper are the theoretical analysis that proves the better performance of SPC in wet paper embedding and we proposing an errorless robust embedding method that improves the success rate. The analyzing process are as follows. Firstly, we prove the condition for avoiding wet coefficient modification in steganographic codes. Secondly, by analyzing the construction of the generator matrix of SPC, we deduce a recursive calculation method to compute the distribution of columns with different numbers of ones in the matrix. Then, we verify that the ability of SPC to avoid modifications in wet coefficients is better compared with STC. Without the obvious reduction in security performance, the proposed robust embedding method with SPC enhances the success embedding rate and enables errorless robust embedding in practical scenarios.

The rest of the paper is organized as follows. Section 2 gives the preliminaries of this paper, which include the STC and SPC embedding process, as well as a brief description of errorless robust embedding. In Section 3, the condition of avoiding wet coefficient modification is given, the better performance of SPC embedding is explained, and the proposed errorless embedding method is introduced. Section 4 presents the experimental results under different quality factors and JPEG compressors. Section 5 is the conclusion of this paper.

2 Preliminaries

2.1 The optimal embedding

Suppose \(\textbf{y}\) and \(\textbf{x}\) are stego and cover images with the length n. In adaptive steganography, the distortion function measures the impact of embedding changes based on local characteristics of the image, such as texture and edges. Let \(\rho (y_i)\) represent the local distortion measure and indicate the cost of replacing pixel \(x_i\) with \(y_i\). Under the additive distortion scenario where the local distortion of each changed pixel is independent, the distortion after embedding is:

$$\begin{aligned} D(\textbf{x}, \textbf{y})=\sum \limits _{i=1}^n \rho \left( y_i\right) . \end{aligned}$$

Set the possibility of changing \(x_{i}\) to \(y_{i}\) as \(\pi \left( y_i\right)\), the message \(\textbf{m}\) with length m. In binary embedding, the value of \(y_{i} \in \mathcal {I}_{i} = \{x_{i}, \bar{x}_{i}\}, \bar{x}_{i} \ne x_{i}\). The PLS (payload limited sender) problem can be written as:

$$\begin{aligned}{} & {} \underset{\varvec{\pi }}{{\text {minimize}}} \; E_{\varvec{\pi }}(D) = \sum \limits _{i=1}^n \sum \limits _{t_i \in \mathcal {I}_i} \pi \left( t_i\right) \rho \left( t_i\right) \end{aligned}$$
$$\begin{aligned}{} & {} \text{ subject } \text{ to } H(\varvec{\pi }) = -\sum \limits _{i=1}^n \sum \limits _{t_i \in \mathcal {I}_i} \pi \left( t_i\right) \log _2 \pi \left( t_i\right) =m. \end{aligned}$$

When the optimization problem is solved by the maximum entropy principle, the optimal distribution \(\varvec{\pi }_{\lambda }\) is

$$\begin{aligned} \pi _\lambda \left( y_i\right) =\frac{\exp \left( -\lambda \rho \left( y_i\right) \right) }{\sum \nolimits _{t_i \in \mathcal {I}_i} \exp \left( -\lambda \rho \left( t_i\right) \right) }, \quad 1 \le i \le n, \end{aligned}$$

where \(\lambda\) \((\lambda > 0)\) is the parameter which can be solved by Eq. (3).

2.2 Errorless robust steganography

To ensure errorless robust embedding, robust steganography should preserve the coefficients of a stego image after compression. To achieve this goal, the method in [16] generates a robust set \(\mathcal {R}\) with the output of the JPEG encoder. A coefficient in the robust set satisfies three requirements: (1) it does not change processed coefficients, (2) it preserves the modification, and (3) it preserves its value if there is no change. If a coefficient does not satisfy these requirements, it belongs to the non-robust set with the cost of the modification as infinity, and the value after recompression is used as the embedding domain. Considering the influence of different modifications in the same DCT block, the method divides an image into 64 lattices by the mode in a DCT block. After calculating costs for all coefficients, the method calculates \(\lambda\) using Eq. (3). The payload in each lattice can be calculated with \(\lambda\) and the costs of coefficients in the lattice. The cost calculation and embedding are then performed sequentially in each lattice.

2.3 STC and SPC embedding

STC uses the standard trellis representation of convolutional codes to embed messages. In STC, the parity-check matrix \(\textbf{H} \in \{0,1\}^{m \times n}\) of length n and codimension m is obtained by placing a small submatrix \(\hat{\textbf{H}}\) of size \(h \times w\) as in Fig. 1, where h is called constraint heights, and w is equal to \(\lfloor n/m \rfloor\), where \(\lfloor \cdot \rfloor\) is the floor function. Each \(\textbf{z} \in \{0,1\}^n\) satisfying \(\textbf{H}\textbf{z}=\textbf{m}\) is represented as a path in the syndrome trellis. In the forward Viterbi algorithm, the path with the smaller cost is chosen, and in the backward Viterbi algorithm, the stego image is obtained.

Fig. 1
figure 1

The structure of the STC parity-check matrix

A polar code is specified by \(\left( n, k, \mathcal {A}, \textbf{u}_{\mathcal {A}^c}\right)\). Set \(\mathcal {A}\) of dimension k \((k < n)\) is the set of information indices carrying information \(\textbf{u}_{\mathcal {A}}\), and indices set \(\mathcal {A}^c\) carries frozen bits \(\textbf{u}_{\mathcal {A}^c}\) of dimension \(n - k\). The choice of \(\mathcal {A}^{c}\) corresponds to the section of \(n - k\) worst polarized channels. The source code \(\textbf{u}\) is formed by \(\textbf{u} = (\textbf{u}_{\mathcal {A}}, \textbf{u}_{\mathcal {A}^{c}})\), and the codeword \(\textbf{c}\) is generated by \(\textbf{c} = \textbf{u}\textbf{G}_{n}\). The generator matrix \(\textbf{G}_n=\textbf{B}_n \textbf{F}^{\otimes s}\) for \(n = 2^{s}\), where \(\textbf{B}_{n}\) is the bit-reversal permutation matrix, \(\textbf{F}^{\otimes s}\) denotes the sth Kronecker power of \(\textbf{F}\), and \(\textbf{F} \triangleq \left[ \begin{array}{l} 1,0 \\ 1,1 \end{array}\right]\). The generator matrix of \(s=2\) is

$$\begin{aligned} \textbf{G}_{4} = \left[ \begin{array}{cccc} 1, &{} 0, &{} 0, &{} 0 \\ 1, &{} 0, &{} 1, &{} 0\\ 1, &{} 1, &{} 0, &{} 0\\ 1, &{} 1, &{} 1, &{} 1 \end{array} \right] . \end{aligned}$$

The successive cancelation (SC) decoder is the inherent decoder for polar codes. For a binary channel W, suppose that the received word is \(\textbf{r}\). Given frozen bits \(\textbf{u}_{\mathcal {A}^c}\) and the estimated \(\widehat{\textbf{u}}_{1}^{i-1}\), the successive cancelation decoder estimates \(\widehat{u}_{i}\) by computing Log-likelihood Ratio (LLR) as \(L_n^{(i)}\left( \textbf{r}_1^n, \widehat{\textbf{u}}_1^{i-1}\right) \triangleq \ln \frac{W_n^{(i)}\left( \textbf{r}_1^n, \widehat{\textbf{u}}_1^{i-1} \mid 0\right) }{W_n^{(i)}\left( \textbf{r}_1^n, \widehat{\textbf{u}}_1^{i-1} \mid 1\right) }\), \(1 \le i \le n\). The value of \(\widehat{u}_{i}\) can be determined by

$$\begin{aligned} \hat{u}_i \triangleq \left\{ \begin{array}{ll} u_i &{} i \in \mathcal {A}^c \\ 0 &{} L_n^{(i)}\left( \textbf{r}, \widehat{\textbf{u}}_1^{i-1}\right) \ge 0, i \in \mathcal {A}\\ 1 &{} L_n^{(i)}\left( \textbf{r}, \widehat{\textbf{u}}_1^{i-1}\right) < 0, i \in \mathcal {A} \end{array}\right. , \end{aligned}$$

where \(1 \le i \le n\). The value of \(L_n^{(i)}\left( \textbf{r}_1^n, \widehat{\textbf{u}}_1^{i-1}\right)\) can be calculated using the following recursive formula:

$$\begin{aligned} \left\{ \begin{array}{l} L_n^{(2 j-1)}\left( \textbf{r}_1^n, \widehat{\textbf{u}}_1^{2 j-2}\right) =f\left( L_{n / 2}^{(j)}\left( \textbf{r}_1^{n / 2}, \widehat{\textbf{u}}_{1, o}^{2 j-2} \oplus \widehat{\textbf{u}}_{1, e}^{2 j-2}\right) , L_{n / 2}^{(j)}\left( \textbf{r}_{n / 2+1}^n, \widehat{\textbf{u}}_{1, e}^{2 j-2}\right) \right) \\ L_n^{(2 j)}\left( \textbf{r}_1^n, \widehat{\textbf{u}}_1^{2 j-1}\right) =g\left( L_{n / 2}^{(j)}\left( \textbf{r}_1^{n / 2}, \widehat{\textbf{u}}_{1, o}^{2 j-2} \oplus \widehat{\textbf{u}}_{1, e}^{2 j-2}\right) , L_{n / 2}^{(j)}\left( \textbf{r}_{n / 2+1}^n, \widehat{\textbf{u}}_{1, e}^{2 j-2}\right) , \widehat{u}_{2 j-1}\right) \end{array}\right. \end{aligned}$$

where \(1 \le j \le n/2\), \(f(\theta , \omega ) \triangleq \ln \left( \frac{\exp (\theta +\omega )+1}{\exp (\theta )+\exp (\omega )}\right)\), and \(g(\theta , \omega , u) \triangleq (-1)^u \theta +\omega\), and \(\widehat{\textbf{u}}_{o}\) and \(\widehat{\textbf{u}}_{e}\) are subvectors with odd and even indices of \(\widehat{\textbf{u}}\) respectively. The initial log-likelihood ratio \(L_1^{(1)}\left( r_i\right) \triangleq \ln \frac{W\left( r_i \mid 0\right) }{W\left( r_i \mid 1\right) }\). The SC decoder is a greedy search on a code tree. In contrast, the successive cancelation list (SCL) decoder with list size l can be seen as a breadth-first tree search that preserves the top l paths for decoding. The path with the maximum metric is selected from these l candidates after decoding all the codes. Notably, the SCL decoder reduces to the SC decoder when \(l = 1\).

In steganographic polar code [6], the method treats the steganographic binary channel as the binary symmetric channel with \(W(0|0) = W(1|1) = 1 - \pi (\bar{x})\) and \(W(1|0) = W(0|1) = \pi (\bar{x})\). The embedding process of SPC is firstly calculating the Bhattacharyya parameters \(\textbf{Z}\) as:

$$\begin{aligned} \left\{ \begin{array}{l} Z\left( W_n^{(2 j-1)}\right) =2 Z\left( W_{n / 2}^{(j)}\right) -Z\left( W_{n / 2}^{(j)}\right) ^2 \\ Z\left( W_n^{(2 j)}\right) =Z\left( W_{n / 2}^{(j)}\right) ^2, \quad 1 \le j \le n / 2 \end{array}\right. , \end{aligned}$$

where \(Z\left( W_n^{(1)}\right) = \alpha\) and \(\alpha = m/n\) is the payload size. The positions of m channels with the largest Z values are chosen as the frozen indices \(\mathcal {A}^{c}\). Then \(\lambda\) is solved by Eq. (3), and the initial log-likelihood ratio is calculated as

$$\begin{aligned} L_1^{(1)}\left( x_i\right) =\left( 2 \mathcal {P}\left( x_i\right) -1\right) \cdot \ln \frac{\pi _\lambda \left( \bar{x}_i\right) }{1-\pi _\lambda \left( \bar{x}_i\right) }, \quad 1 \le i \le n \end{aligned}$$

where \(\mathcal {P}(x)\) is the parity of x. Then, \(\textbf{u}_{\mathcal {A}^{c}}\), \(\textbf{L}_1^{(1)}\), list size l, \(\mathcal {A}^{c}\), and \(\mathcal {P}(\textbf{x})\) are input into the successive cancelation list decoder, where \(\textbf{u}_{\mathcal {A}^{c}} = \textbf{m}\), which generates \(\textbf{u}\). Then, the stego image \(\textbf{y}\) can be obtained by \(\textbf{u}\textbf{G}_n\), and the process is denoted as \(\textbf{y} =\) SCL\((\textbf{u}_{\mathcal {A}^{c}},\mathcal {A}^{c},\textbf{L}_1^{(1)},l, \mathcal {P}(\textbf{x}))\). The information can be extracted by \(\mathcal {P}(\textbf{y})\textbf{G}_n\) and \(\mathcal {A}^{c}\). The default list size \(l=6\) in this paper. In [7], the steganographic polar code with high computational efficiency is developed based on sub-polarized channels.

The time complexity of SPC is \(O\left( l\cdot n \log _2 n\right)\), while the time complexity of STC is \(O\left( 2^{h}n\right)\). Given that the length of the cover image is finite, the execution time of SPC embedding may be less than that of STC. For instance, when the image size is \(1024 \times 1024\), with \(h=10\) and \(l=1\), \(n \log _{2} n = 20n < 1024n\). The results in [6] indicate that SPC embedding is applicable with higher embedding efficiency and lower embedding complexity.

3 Proposed method

3.1 The condition of avoiding wet points modification

In errorless robust steganography, the success rate depends on the ability of embedding codes to avoid embedding in wet coefficients. When polar codes are used for steganographic embedding, to maximize the probability of finding a solution in wet paper embedding, the frozen bits used to embed messages should correspond to columns with most ones in the generation matrix. Under this condition, in [17], the authors prove that when the message length is \(log_{2}n + 1\), solutions can always be found in wet paper embedding with polar codes if the number of wet points is less than or equal to \(n/2 -1\). In STC embedding, at most \(h \times w\) cover elements can be changed to embed one bit of information. We use the elimination method in solving linear equations [18] to reduce the number of stego elements in each equation of matrix embedding. After elimination, the input message is changed, but because the message after elimination is derived from the original message, we consider the message after elimination as the updated input message. In STC or polar-code-based steganographic codes, suppose that the minimum length of cover elements used to embed one bit of updated messages is \(l_{m}\), where \(l_{m} \ge 1\). Let the number of wet coefficients be \(w_n\). There are always solutions without changing wet coefficients if \(w_n \le l_{m} - 1\). The proof is as follows, where the values of \(\textbf{x}\), \(\textbf{y}\), and \(\textbf{m}\) are in the binary domain:

  1. 1)

    When \(l_{m}=1\) and \(w_n=0\), there is no wet coefficient to be changed when embedding.

  2. 2)

    Assuming that when \(l_{m} = k\) and \(w_n \le k - 1\), a solution can always be found without changing wet coefficients. When \(l_m = k + 1\) and \(w_n \le k\), suppose cover element \(x_{i}\) is the wet coefficient, and it is used to embed updated message \(m_{j}\) with other k cover elements. Then, delete \(x_{i}\) and replace \(m_{j}\) with \(m_{j} \oplus x_{i}\). If there are other updated message bits \(\mathcal {B}\) that are also embedded using \(x_{i}\), replace them with \(m_p \oplus x_{i}, m_p \in \mathcal {B}\) and remove \(x_{i}\). The operations result in \(l_{m} = k\) and \(w_n \le k - 1\). Since we assume that a solution can be found in this case, when \(l_{m} = k + 1\) and \(w_{n} \le k\), the solution can be found without changing wet coefficients.

We provide an example of the determination of the value of \(l_m\). Suppose the cover length is 4, and the message length is 2. The matrix \(\hat{\textbf{H}}\) in Fig. 1 and Eq. (5) are used for embedding. To acquire the minimum number of cover elements to embed one bit of the updated message, we utilize the elimination method that is used for solving linear equations. After elimination, the STC embedding can be written as Eq. (10), and the polar-code-based embedding can be written as Eq. (11).

$$\begin{aligned}{} & {} y_{1} = m_{1}, y_{2} \oplus y_{3} = m_{1} \oplus m_{2} \end{aligned}$$
$$\begin{aligned}{} & {} y_{1} \oplus y_{2} = m_{1} \oplus m_{2}, y_{3} \oplus y_{4} = m_{2} \end{aligned}$$

In this case, the \(l_{m}\) value in STC is 1, and the number of wet coefficients it can always avoid modifying is 0. It is clear that when \(x_{1}\) is a wet coefficient, it must be modified if \(x_{1} \ne m_{1}\). The \(l_{m}\) value in polar-code-based steganographic codes is 2, so it can always avoid changing wet coefficients when the number of wet coefficients is 1. This example illustrates the method used to determine the value of \(l_m\), but it does not demonstrate that the performance of polar-code-based steganographic codes is consistently superior to that of STC. A detailed comparison is provided in the following section.

3.2 Performance of SPC on wet paper embedding

When embedding the same length of messages, the coding scheme with larger \(l_{m}\) can find a solution in wet paper embedding with the tolerance of larger \(w_n\). Suppose the cover size \(n = 2 ^ s\). Let \(N_{x}(2^{s})\) represent the number of columns in generator matrix \(\textbf{G}_{2^s}\) that have \(2^{(s-x+1)}\) ones, where x is an integer and \(x \ge 0\). From Eq. (5), we can find that \(N_{1}(2^2) = 1\), \(N_{2}(2^2) = 2\), and \(N_{3}(2^2) = 1\). We set \(N_{x}(2^s) = 0, x>s+1\) and \(N_{0}(2^s) = 0\). The recursive method for calculating the distribution of columns in the generator matrix can be concluded as:

$$\begin{aligned} N_{x}(2^s) = N_{x-1}\left( 2^{(s-1)}\right) + N_{x}\left( 2^{(s-1)}\right) . \end{aligned}$$

This is because when s increased by 1, supposing \(\textbf{P}^{s+1} = \textbf{F}^{\otimes s} \otimes \textbf{F}\), the number of ones in the columns of the left half matrix in \(\textbf{P}^{s+1}\) doubles the number of ones in \(\textbf{P}^{s}\), whereas the number of ones in the right half remains the same as in \(\textbf{P}^{s}\). When the length of message is \(log_2^n + 1\), the \(l_{m}\) in polar-code-based codes is n/2, as proven by [17]. For STC, \(l_{m}\) is min\((\lfloor n/(log_2^n + 1)) \rfloor \times h,n)\) with \(h=10\), where min\((\cdot )\) gets the minimum value of inputs. The function min \((\cdot )\) ensures that \(\lfloor n/(log_2^n + 1)) \rfloor \times h\) does not exceed n, as the maximum number of cover elements for embedding one bit of messages is the length of the cover n. Suppose \(l_m\) of STC is \(n/(log_2^n + 1)) \times h\) when the message length is \(log_2^n + 1\). As n increases, the value \(h/(log_2^n + 1)\) becomes less than 1/2. Therefore, as the length of n increases, under the same payload value of \((log_2^n + 1)/n\), the \(l_m\) value of steganographic polar-code-based codes is greater than that of STC.

Set \(l_m\) in STC as min\((\lfloor n/m) \rfloor \times h,n)\) for payload size \(m/n \le 1/2\). When the payload is larger than 1/2, the value of \(l_m\) in STC becomes 1. This is because when \(2/n < m \le n\), we use previous m cover elements for embedding. Based on the proposed recursive calculation method of the distribution of columns in the generator matrix, we can easily evaluate the performance of polar-code-based steganographic codes in avoiding modifications on wet coefficients given any cover lengths and payload sizes. The \(l_m\) in polar-code-based steganographic code is equal to the number of ones in the mth column when the columns are sorted in descending order by the number of ones in each column. In Fig. 2a, we present the \(log_{2}(l_{m})/s\) of polar-code-based steganographic codes and STC under different s and message lengths. As \(n=2^s\) increases, there are more payload values where \(l_m\) of polar-code-based codes is greater than that of STC, and the difference between two codes becomes larger. This is because in STC, \(l_m\) is only related with the payload size and h, while in polar-code-based codes, it also depends on the length of the cover image. With the larger image length, the value of \(l_m\) of polar-code-based codes increases under the same payload size. Figure 2b shows the largest payload size \(p_{f}\) for which \(l_{m}\) in STC is larger than that of polar-code-based codes with different s and h. The results indicate that as h increases, the \(p_{f}\) value increases. More importantly, as s increases, the \(p_{f}\) value decreases. This demonstrates that the resisting-wet-modification performance of polar-code-based codes is better than that of STC when s becomes larger. When \(s>12\), for almost all payload values, the performance of polar-code-based codes is superior to that of STC.

Fig. 2
figure 2

a The value of \(log_{2}(l_{m})/s\) of different codes with different \(n = 2^s\) and payloads (m/n). b Under different values of h and s, the largest payload size \(p_{f}\) under which the \(l_m\) of STC is greater than that in polar-code-based codes

The above comparisons are made based on theoretical analysis, we then evaluate the performance of SPC and STC in actual embedding. We define the wet ratio as \(w_r=w_n/n\), and the payload size on dry coefficients as \(p_d = m/(n-w_n)\). To obtain the possibility of changing wet coefficients \(P_{w}\) in actual embedding, we test \(P_{w}\) under different \(w_r\) and \(p_d\) values using SPC and STC with \(n = 2^{12}\). In each case of different \(w_r\) and \(p_d\) values, random messages are embedded by binary embedding with random cover and random positions for wet coefficients, and the process repeats 100 times. Since ternary embedding can be split into two binary embedding, the results can be extended to ternary embedding as well. The results under the square cost profile are shown in Fig. 3. It can be seen that there are more cases where \(P_{w}=0\) in SPC embedding compared with STC, and most of them are located in cases where \(p_d\) is slightly larger than 0.5. When \(p_d\) is close to 1, neither of two codes can avoid changing wet coefficients, because \(l_{m}\) decreases as \(p_d\) increases as shown in Fig. 2a. When both \(w_r\) and \(p_d\) are high, there are instances where \(P_{w}\) of STC is slightly lower than that of SPC. This occurs because, when the payload is small, the \(l_m\) of STC can be larger than that of SPC. However, the effect is small because \(P_{w}\) of both codes is relatively high (\(P_{w} \ge 0.49\)).

Fig. 3
figure 3

The value of \(P_{w}\) when embedding is performed with different \(w_r\) and \(p_d\) under the square cost profile. a Embedding with STC. b Embedding with SPC

When errorless robust steganography is performed with a representative JPEG compressor, the mean and standard deviation values of \(w_r\) and \(p_d\) in the last lattice when embedding with the random scanning strategy and the payload 0.5 bpnzac are illustrated in Fig. 4. Images are compressed with convert in ImageMagickFootnote 1 under different quality factors (QFs). When QF \(>95\), \(p_d\) is not drawn for its mean value is above 1. The result obtained from a classic JPEG compressor presents that as the quality factor increases, \(w_r\) and \(p_d\) generally increase. From the result of Fig. 3, in most situations of different pairs of \(w_r\) and \(p_d\) in Fig. 4, the SPC embedding has a higher success rate compared with STC when compressed by the tested compressor.

Fig. 4
figure 4

The mean (black line) and standard deviation (blue area) of \(w_r\) and \(p_{d}\) when embedding the last lattice with the random scanning strategy under different quality factors and payload 0.5 bpnzac and compressor ImageMagick’s convert. a mean\((w_r)\) and std\((w_r)\)b mean\((p_d)\) and std\((p_d)\)

figure a

Algorithm 1 Embedding process of ERSSPC

figure b

Algorithm 2 Extraction process of ERSSPC

3.3 The embedding and extraction process

Since steganographic polar code has a higher possibility of success in wet paper embedding, we propose a method called errorless robust steganography with SPC (ERSSPC), which has a high successful errorless robust embedding rate. The embedding process is similar with [16] and is described in Algorithm 1. After the stego image is recompressed by the targeted compressor, the SPC extraction algorithm could be used to extract the message in each lattice, and the receiver can restore the embedded message using the message splitting method shared by the embedder and receiver. The extraction process is described in Algorithm 2.

4 Experimental results

4.1 Experimental setups

The setups of the experiments are as follows. The testing images are grayscale images with size \(512 \times 512\) from BossBase ver 1.01 [19]. The cover images are generated by JPEG compression using ImageMagick’s convert with quality factors 75, 85, 90, and 95. The steganalysis algorithms used for testing the security performance are DCTR [20] and GFR [21] features equipped with ensemble classifiers. The performance is evaluated with ten tests with random splits of testing images, and the average value of error rate \(E_{oob}\) in every test that minimizes the overall detection error rate is used as the quantification of security performance. The cost function used is UERD [3] for its computational efficiency and satisfying security performance.

4.2 Success rate and security performance

The successful embedding means that the message can be successfully embedded into the cover image, and it can be correctly extracted after recompression. The robust embedding used for comparison is errorless robust embedding implemented with STC (errorless STC). The parameter \(h=10\) in STC embedding. The different settings of l in SPC are tested. The results are shown in Table 1. The results demonstrate that STC always has the possibility of embedding failure. The proposed ERSSPC can successfully achieve errorless embedding when QF \(= 75\), 85, and 90. When QF \(= 95\), the proposed method has a small chance of embedding failure, but its success rate is still higher than that of STC. When the payload is 0.4 bpnzac and QF \(=95\), the large gap between the two methods is caused by the fact that \(p_d\) at this time is mostly distributed in the area in Fig. 3 where the \(P_{w} = 0\) while the STC is not.

Table 1 Success rate (%) of proposed ERSSPC and errorless robust embedding with STC with different quality factors and payloads (bpnzac)

The security performance of the proposed method, errorless embedding with STC, and embedding without changing costs based on robustness using two steganographic codes are shown in Fig. 5. From the results, we can observe that using robust costs decreases the security performance, and the decrement is more pronounced at higher quality factors. This is because a higher quality factor results in more non-robust coefficients, leading to more embedding costs being modified. Furthermore, the results illustrate the security performance of ERSSPC is close to errorless STC. The maximum decline in security of the proposed method is \(1.74\%\) when \(l=6\), QF \(= 75\), and the payload 0.2 bpnzac detected by GFR features. Additionally, the comparison between embedding with STC and SPC, both without introducing robustness costs, reveals that the security performance of SPC is comparatively lower. This decrement can be attributed to the lower cover length in each lattice in our experiments compared with the setting in [6], explaining the observed drop in security performance in ERSSPC compared to errorless STC.

Fig. 5
figure 5

Security performance of proposed ERSSPC and errorless robust embedding with STC. a QF = 75. b QF = 85. c QF = 90. d QF = 95

4.3 Influence of the cover size on success embedding rate

In this part, the influence of the cover size on the success embedding rate is tested. We generate three datasets with different image sizes based on grayscale spatial images from Bossbase. The spatial images are resized by imresize function in Matlab and compressed with ImageMagick’s convert with the quality factor 95. The embedding payload is 0.4 bpnzac. The parameter \(l=8\) when ERSSPC is performed. We denote NF as the number of images that fail to embed the message due to modified wet coefficients. The results are presented in Table 2. In Section 3.2, the analysis reveals the different performance when the payload size is calculated with m/n. Therefore, the value of payload size calculated as the ratio of message size to the number of all DCT coefficients influences the performance of errorless STC and ERSSPC. In this case, we use bpc (bits per coefficient) to measure the payload size calculated with the number of all DCT coefficients. Table 2 provides the average payload size value in bpc and average wet ratio calculated in the last lattice when embedding with the payload size 0.4 bpnzac. The robustness performance when the payload size is 0.4 bpc is shown in Table 3.

Table 2 The success embedding rate of different image sizes. The value of ratio is the ratio of the number of failed embedding images of ERSSPC and that of errorless STC. The payload size is 0.4 bpnzac and QF = 95

As we have discussed in Section 3.2, the maximum number of wet coefficients that STC can avoid modifying is determined by the payload size, whereas in SPC, it is further influenced by the cover size. The larger the size of the cover image is, the better the ability of SPC to resist wet point modification compared with STC. In Table 2 and Table 3, we present the ratio of the number of failed embedding images of ERRSPC to that of errorless STC. The value closer to 0 indicates a more noticeable improvement in resisting wet points embedding of ERSSPC compared with errorless STC. The results demonstrate that the ratio decreases as the image size increases, thus validating the aforementioned analysis.

In Table 2, the success rate of errorless STC increases as the image size increases. This is because when the payload embedded is measured in bpnzac, the average payload size in bpc decreases as the image size increases, and thus errorless STC can resist more wet coefficients. When the payload size is measured in bpc and remains constant across different image sizes, as illustrated in Table 3, the success rate of errorless STC decreases with the increased cover size. This decline occurs because, with a constant payload size in bpc, the number of wet coefficients that STC can resist remains unchanged. Consequently, under a similar wet ratio, a larger cover size results in a higher number of wet coefficients, leading to a reduced success rate for Errorless STC. In contrast, with a constant payload size in bpc, the number of wet coefficients that ERSSPC can resist increases as the cover size grows. Therefore, the success rate of the proposed ERSSPC improves as the cover size increases.

Table 3 The success embedding rate of different image sizes. The value of ratio is the ratio of the number of failed embedding images of ERSSPC and that of errorless STC. The payload size is 0.4 bpc and QF = 95

4.4 Success rate on the mozjpeg compression

In this part, we test the robustness performance on the compression channel with mozjpeg. The payload is equally divided in each lattice in this part. The parameter \(l=8\) when ERSSPC is performed. The robust performance of compression of mozjpeg-notrillesFootnote 2 with different payloads and quality factors are shown in Table 4. From the results, we can see that with the mozjpeg compressor, the success rate of ERSSPC is still better than errorless embedding implemented with STC, which proves that the performance of ERSSPC is better under the different JPEG compressor.

Table 4 Success rate (%) of proposed ERSSPC and errorless robust embedding with STC with different quality factors and payloads (bpnzac) when the compressor is Mozjpeg -notrellis. The message is equally divided in each lattice

5 Conclusion

In this paper, we have proved the better performance of SPC on wet paper embedding with theoretical analysis. The analysis includes the condition of avoiding wet point modifications in wet paper embedding and presenting a recursive calculation method to compute the distribution of columns with different numbers of ones in the generator matrix of SPC. Based on the analysis, we mitigate the problem of failed embedding in errorless robust embedding by employing SPC. The method can achieve errorless robust embedding with the success rate of 99.85% when a high quality factor is used by compression channels, significantly improving the steganographic communication efficiency in social networks. Approaching errorless robust embedding with a high success rate under complex compression channels is our future research topic.

Availability of data and materials

No datasets were generated or analyzed during the current study.






Discrete cosine transform


Discrete cosine transform residual


Errorless robust steganography with SPC


Gabor filter residual


Log-likelihood ratio


Number of images that fail to embed the message


Quality factor


Successive cancelation


Successive cancelation list


Steganographic polar code


Syndrome-trellis code


Uniform embedding revisited distortion


  1. V. Holub, J. Fridrich, T. Denemark, Universal distortion function for steganography in an arbitrary domain. EURASIP J. Inf. Secur. 2014, 1–13 (2014).

    Article  Google Scholar 

  2. L. Guo, J. Ni, Y.Q. Shi, Uniform embedding for efficient JPEG steganography. IEEE Trans. Inf. Forensic Secur. 9, 814–825 (2014).

    Article  Google Scholar 

  3. L. Guo, J. Ni, W. Su, C. Tang, Y.Q. Shi, Using statistical image model for JPEG steganography: Uniform embedding revisited. IEEE Trans. Inf. Forensic Secur. 10, 2669–2680 (2015).

    Article  Google Scholar 

  4. R. Cogranne, Q. Giboulot, P. Bas, in Proc. ACM Workshop Inf. Hiding Multimedia Secur. (IH &MMSec). Steganography by minimizing statistical detectability: The cases of JPEG and color images (ACM, Denver, 2020), pp. 161–167.

  5. T. Filler, J. Judas, J. Fridrich, Minimizing additive distortion in steganography using syndrome-trellis codes. IEEE Trans. Inf. Forensic Secur. 6, 920–935 (2011).

    Article  Google Scholar 

  6. W. Li, W. Zhang, L. Li, H. Zhou, N. Yu, Designing near-optimal steganographic codes in practice based on polar codes. IEEE Trans. Commun. 68, 3948–3962 (2020).

    Article  Google Scholar 

  7. H. Fu, X. Zhao, X. He, in IWDW 2022. High-performance steganographic coding based on sub-polarized channel (Springer, Guilin, 2022), pp. 3–19.

  8. X. Zhao, C. Yang, F. Liu, in IWDW 2020. On the sharing-based model of steganography (Springer, Melbourne, 2020), pp. 94–105.

  9. Y. Zhang, X. Luo, C. Yang, D. Ye, F. Liu, in Proc. IEEE 10th Int. Conf. Availability Rel. Secur. A JPEG-compression resistant adaptive steganography based on relative relationship between DCT coefficients (IEEE, Toulouse, 2015), pp. 461–466.

  10. Y. Zhang, X. Zhu, C. Qin, C. Yang, X. Luo, Dither modulation based adaptive steganography resisting JPEG compression and statistic detection. Multimedia Tools Appl. 77, 17913–17935 (2017).

    Article  Google Scholar 

  11. J. Tao, S. Li, X. Zhang, Z. Wang, Towards robust image steganography. IEEE Trans. Circuits Syst. Video Technol. 29, 594–600 (2019).

    Article  Google Scholar 

  12. W. Lu, J. Zhang, X. Zhao, W. Zhang, J. Huang, Secure robust JPEG steganography based on autoencoder with adaptive BCH encoding. IEEE Trans. Circuits Syst. Video Technol. 31, 2909–2922 (2021).

    Article  Google Scholar 

  13. Z. Zhao, Q. Guan, H. Zhang, X. Zhao, Improving the robustness of adaptive steganographic algorithms based on transport channel matching. IEEE Trans. Inf. Forensic Secur. 14, 1843–1856 (2018).

    Article  Google Scholar 

  14. J. Zhang, X. Zhao, X. He, H. Zhang, Improving the robustness of JPEG steganography with robustness cost. IEEE Signal Process. Lett. 29, 164–168 (2021).

    Article  Google Scholar 

  15. K. Zeng, K. Chen, W. Zhang, Y. Wang, N. Yu, Improving robust adaptive steganography via minimizing channel errors. Signal Process. 195, 108498 (2022).

    Article  Google Scholar 

  16. J. Butora, P. Puteaux, P. Bas, Errorless robust JPEG steganography using outputs of JPEG coders. IEEE Trans. Dependable Secure Comput. 1–13 (2023).

  17. B. Diouf, I. Diop, S.M. Farssi, in Int. Conf. Adv. Commun. Technol. ICACT. Performances of polar codes in steganographic embedding impact minimization (IEEE, Pyeongchang, 2017), pp. 927–935.

  18. G. Strang, Introduction to linear algebra (Wellesley-Cambridge Press, Cambridge, 1993)

    Google Scholar 

  19. P. Bas, T. Filler, T. Pevný, in Proc. Inf. Hiding. “Break Our Steganographic System”: The ins and outs of organizing BOSS (Springer, Prague, 2011), pp. 59–70.

  20. V. Holub, J. Fridrich, Low-complexity features for JPEG steganalysis using undecimated DCT. IEEE Trans. Inf. Forensics Secur. 10, 219–228 (2014).

    Article  Google Scholar 

  21. X. Song, F. Liu, C. Yang, X. Luo, Y. Zhang, in Proc. ACM Workshop Inf. Hiding Multimedia Secur. (IH &MMSec). Steganalysis of adaptive JPEG steganography using 2D Gabor filters (ACM, Oregon, 2015), pp. 15–23.

Download references


This work was supported by NSFC under 62272456 and National Key Technology Research and Development Program under 2022QY0101.

Author information

Authors and Affiliations



J.Z. wrote the main manuscipt text. X.H. and Y.C. reviewed and edited the manuscript. All authors read and approved the final manuscript.

Corresponding author

Correspondence to Yun Cao.

Ethics declarations

Ethics approval and consent to participate

Not applicable.

Consent for publication

The authors give permission for this work to be published in the EURASIP Journal on Information Security, and other publications produced by the EURASIP Journal on Information Security, in print and online.

Competing interests

The authors declare no competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhang, J., He, X. & Cao, Y. Errorless robust JPEG steganography using steganographic polar codes. EURASIP J. on Info. Security 2024, 22 (2024).

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: