Secret sharing approach for securing cloud-based pre-classification volume ray-casting

Abstract

With the evolution in cloud computing, cloud-based volume rendering, which outsources data rendering tasks to cloud datacenters, is attracting interest. Although this new rendering technique has many advantages, allowing third-party access to potentially sensitive volume data raises security and privacy concerns. In this paper, we address these concerns for cloud-based pre-classification volume ray-casting by using Shamir’s (k, n) secret sharing and its variant (l, k, n) ramp secret sharing, which are homomorphic to addition and scalar multiplication operations, to hide color information of volume data/images in datacenters. To address the incompatibility issue of the modular prime operation used in secret sharing technique with the floating point operations of ray-casting, we consider excluding modular prime operation from secret sharing or converting the floating number operations of ray-casting to fixed point operations – the earlier technique degrades security and the later degrades image quality. Both these techniques, however, result in significant data overhead. To lessen the overhead at the cost of high security, we propose a modified ramp secret sharing scheme that uses the three color components in one secret sharing polynomial and replaces the shares in floating point with smaller integers.

Appendices

Appendix A: Example of conventional pre-classification ray-casting and SR-MPVR

In this section, we will show the working of conventional ray-casting and SR-MPVR with a simple example. Since SR-MSSS and SR-RSS are similar to SR-MPVR, we do not provide examples for these two schemes.

In our example, we will first run through the conventional pre-classification ray-casting, and then will discuss SR-MPVR. We will show that the colors rendered by SR-MPVR is almost equal to the colors rendered by the conventional algorithm

1.1 Conventional pre-classification volume ray-casting

As explained in Section 4.1 and shown in Fig. 1, the conventional volume ray-casting algorithm steps can be divided into the following steps: pre ray-projection, ray-projection, sampling, interpolation, and composition. We discuss these steps with an 8 × 8 × 8 input volume data V.

1.1.1 Pre ray-projection

This step finds the shaded colors and opacities of the voxel values, and stores them in a look up table. For our example, let us assume that the colors and opacities of the voxels are stored in Table 3.

Table 3 Color look up table for V

1.1.2 Ray-projection

In this step, a number of rays are projected to V from the image space. In the image space, the colors and opacity of a pixel are the colors and opacity rendered along the ray originated from it. Since the rendering along a ray is similar to the rendering along other rays, we discuss about the rendering along one ray X.

1.1.3 Sampling

In our example, let us assume that the projected ray X is sampled at two sample points s ₁ and s ₂.

1.1.4 Interpolation

The colors and opacities along s ₁ and s ₂ are found by trilinear interpolation of the colors and opacities of the neighbouring voxels.

In our example, let us assume that the voxels (3, 3, 3)…(4, 4, 4) are the neighbouring voxels of s ₁ and the voxels (5, 5, 5)…(6, 6, 6) are the neighboring voxels of s ₂. If the interpolating factors of voxels (3, 3, 3)…(4, 4, 4) and (5, 5, 5)…(6, 6, 6) are given as D _{3, 3, 3} = 0.125, D _3,3,4 = 0.125, D _3,4,3 = 0.125, D _3,4,4 = 0.125, D _4,3,3 = 0.125, D _4,3,4 = 0.125, D _4,4,3 = 0.125, D _{4, 4, 4=0.125} and D _{5, 5, 5} = 0.125, D _5,5,6 = 0.125, D _5,6,5 = 0, D _5,6,6 = 0.25, D _6,5,5 = 0.25, D _6,5,6 = 0, D _6,6,5 = 0.125, D _{6, 6, 6} = 0.125respectively, the interpolated colors and opacities of s ₁ and s ₂ can be calculated as \(R_{s_{1}} = 42.875, G_{s_{1}} = 70.375, B_{s_{1}} = 142.25, A_{s_{1}} = 0.406\) and \(R_{s_{2}} = 104.375, G_{s_{2}} = 48.875, B_{s_{2}}= 93.25, A_{s_{2}} = 0.3\) respectively.

1.1.5 Composition

In this step, the colors and opacity along the ray are found by compositing the colors and opacities of the sample points. The composited colors are then truncated to get the rendered color.

Therefore, in our example, the rendered colors and opacity are calculated as R = 43, G = 34, B = 68, and A = 0.5842.

1.2 SR-MPVR

As discussed in Section 6, our scheme, such as SR-MPVR, is targeted to cloud-based pre-classification rendering. Figure 2 shows the architecture of our scheme. In our scheme, the server performs the pre ray-projection step of ray-casting and then creates shares of output color in data preparation step. A color share and a copy of opacities represents a share volume, which is sent to a datacenter. The datacenters perform post ray-projection operation, such as sampling, interpolation, and classification, on their share volumes and send the rendered share images to the client. Finally, the client recovers the secret image from the shared images by reconstructing the secret colors from the share colors.

1.2.1 Data preparation

In this step, the server first performs pre ray-projection operations on V, and then creates three shares of V using Shamir’s secret sharing.

Without loss of generality, let us assume that the server uses (2,3) Shamir’s secret sharing. Therefore, three datacenters performing rendering operations, but shared rendered images from at least two datacentres are required to get the secret image.

Suppose we decide to round off the floating point number in interpolation step by 4 decimal places (i.e., d = 4) and the float in composition step by 6 decimal places (i.e., f = 6). Then, the server uses the secret sharing polynomial F(x) = (C + 100x) mod 2570000000011, where C is the color. Using this polynomial, three shares of colors are created. The color shares along with copies of opacities are given in Tables 4, 5, and 6, those represent the share volumes V ₁, V ₂, and V ₃ respectively.

Table 4 Color look up table for V ₁

Table 5 Color look up table for V ₂

Table 6 Color look up table for V ₃

1.3 Ray-projection

The client projects the same rays those it could have projected to the conventional ray-casting, to the data volumes presented by share tables in the datacenters.

1.3.1 Post ray-projection rendering

Post ray-projection steps are as follows.

Sampling: A ray is sampled at the same sample points where it could have been sampled in the conventional ray-casting. Thus, our discussed ray X is sampled at the sample points s ₁(3.5,3.5,3.5) and s ₂(5.5,5,6) for all three datacenters.

Interpolation: In this step, each datacenter finds the color and opacity of the sample points by interpolating the color shares and opacities given in its share table. Since we convert the interpolating factors by rounding off them by 4 decimal places, the interpolating factors of voxels (3, 3, 3)…(4, 4, 4) and (5, 5, 5)…(6, 6, 6) are calculated as \(D^{(4)}_{3, 3, 3} = 1250, D^{(4)}_{3,3,4} = 1250, D^{(4)}_{3,4,3} = 1250, D^{(4)}_{3,4,4} = 1250, D^{(4)}_{4,3,3} = 1250, D^{(4)}_{4,3,4} = 1250, D^{(4)}_{4,4,3} = 1250, D^{(4)}_{4, 4, 4} = 1250\), and \(D^{(4)}_{5, 5, 5} = 1250, D^{(4)}_{5,5,6} = 1250, D^{(4)}_{5,6,5} = 0, D^{(4)}_{5,6,6} = 2500, D^{(4)}_{6,5,5} = 2500, D^{(4)}_{6,5,6} = 0, D^{(4)}_{6,6,5 = 1250}, D^{(4)}_{6, 6, 6} = 1250\)respectively. Using these interpolating factors, the first datacenter, second datacenter, and third datacenter calculate the colors of s ₁ and s ₂ as (R _1,1 = 1428750, G _1,1 = 1703750, B _1,1 = 2422500, R _2,1 = 2043750, G _2,1 = 1488750, B _2,1 = 1932500), (R _1,2 = 2428750, G _1,2 = 2703750, B _1,2 = 3422500, R _2,2 = 3043750, G _2,2 = 2488750, B _2,2 = 2932500), and (R _1,3 = 3428750, G _1,3 = 3703750, B _1,3 = 4422500, R _2,3 = 4043750, G _2,3 = 3488750, B _2,3 = 3932500) respectively.

Interpolation: In this step, the colors and opacity along the ray are found by compositing colors and opacities of the sample points. Each datacenter composites its colors and opacities from the interpolated colors and opacities available to it. In our example, f = 6. Using this value, the first datacenter, the second datacenter, and the third datacenter calculate their composite colors as \((R^{\prime }_{1} = 1019175750000, G^{\prime }_{1} = 930830750000, B^{\prime }_{1} = 1268224500000)\), \((R^{\prime }_{2} = 1603375750000, G^{\prime }_{2} = 1515030750000, B^{\prime }_{2} = 1852424500000)\), and \((R^{\prime }_{3} = 2187575750000, G^{\prime }_{3} = 2099230750000, B^{\prime }_{3} = 2436624500000)\) respectively. For all datacenters, the composited opacity is 0.5842.

1.4 Image recovery

In this step, the client obtains the secret colors and opacities from the share colors and opacities obtained from three datacenters. Since each datacenter has a copy of the secret rendered opacity, the opacity of a pixel is the rendered opacity along that ray at any datacenter. Therefore, for Ray X, the opacity is 0.5842, which is equal to the rendered opacity along that ray by the conventional pre-classification ray-casting.

The secret colors, however, are found by first reconstructing (using Lagrange interpolation) a value from the share colors, and then dividing the value by 10000000000. Since we use (2,3) secret sharing, we need at least two shares to obtain the secret. Without any loss of generality, we choose the shares of first and second datacenters, and find the rendered color as R = 43, G = 34, and B = 68.

Appendix B: List of symbols

Table 7 Symbol table