CryptoQR System based on RSA

CryptoQR System based on RSA
Homam Reda El-Taj
Computing Department
Global College of Engineering and
Technology (GCET)
homam@gcet.edu.om
Ruqaiya Alhadhrami
Computing Department
Global College of Engineering and
Technology (GCET)
20151139@gcet.edu.om
Abstract— nowadays it is important to consider data security and
the effectiveness of securing data. There are various research studies
have been conducted relating to secure data field. However; due to
the increased of security requirement and the increase influence on
information exchange, a new secure QR code based RSA encryption
method is introduced. This paper illustrates a QR code system based
RSA algorithm, which can be used for bank customers to share their
data in secure way. The users will need to scan the code and acquire
their information which is stored in QR code. The paper explains the
high level implementation details of the proposed system.
Additionally, it deliberates how the system verifies for each user
identity to eliminate false registrations.
Keywords—QR Code; RSA algorithm; Bank System
INTRODUCTION
In these modern days it has become a challenge to secure
and hide personal confidential information. Because of the lack
of security and confidentiality, confidential information forgery
can cause a person to lose a huge margin. Sharing personal
information between one person and another is become an
important now a days. One of the most popular examples in this
matter is the exchange of banking information, for example,
where it is common to exchange some of the banking
information between an institution and one of the clients in
order to solve a problem to facilitate the operations banking. As
some banks or other institutions allow this process for all users
to see some banking operations, such as transferring money to
other accounts and knowing the amount of the remaining
balance. Banks also allow through short text messages (SMS)
that you send to their users to provide them with the latest
banking expansions and offers similarly offered by each bank.
In recent years, the phenomenon of bank information stealing
by SMS intrusion has increased and spread rapidly. This type
of intrusion is widespread with technological development and
the presence of some spyware. In this paper, a system was
proposed that encrypt messages between one person and other
with the aim of ensuring a higher level of security in the QR
code by combining both the QR code and the RSA algorithm
together [1].
It appears that 70% of users use smartphones in the world.
Thus, with the spread of smartphones on a large scale among
all groups of society, this paper covered the problem of
insecurity in the way messages are exchanged between one
person and another, and not allowing any person to spy on
banking information or other personal information for everyone
and steal it. The proposed solution introduces the RSA
algorithm with a QR code for the user to allow them to scan and
read encryption massage. Otherwise, no one can read the QR
code unless the user himself, because he has a public and
private key [2].
This way, the system will secure not only QR code but also,
it secures the data which are shared between both sender and
receiver. It will secure up the process of sharing the data. It
gives users security in exchanging the massages through the
Crypto QR system.
The proposed system also takes care in preventing
unauthorized sharing of QR code image using multi-factor
authentication. That is, it is considered as an advanced stage in
the protection of information. As it is possible that the image of
the QR code is shared with many people, but one person is able
to decode the QR code.
This paper will be organized as follow, section two will
cover the related work. Section three will give an overview to
QR codes. Section four will give an overview to RSA
algorithm. Section five will describe the system methodology,
finally in section six will provide the overall conclusion of the
research.
RELATED APPROACHES/WORK
There are many researches talk about QR code and RSA
algorithm. As it is shows below there are four papers talk about
systems using QR code with RSA algorithm:
Abhijeet Mendhe et.al, they proposes three layered
architecture with QR code image to combine in one layer to
secure message sharing mechanism. The three layered
architecture make use of cryptography techniques. They
provide in this paper a higher level for securing the massage
sharing. [3]
Vitalii Susukailo et.al they proposed to provide secure
access control systems by using one of the asymmetric type
which is RSA algorithm. The aim of this project is to reduce the
number of the people who can access to the system .they work
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 18, No. 6, June 2020
13 https://sites.google.com/site/ijcsis/
ISSN 1947-5500

to develop an encryption application to providing that
information security for access control systems beads on QR
code technology. [4]
Fadi Masalha et.al they proposes software application to be
installed in mobile phone. This application is used for checking
the student’s attendance. The students will scanning the QR
code to confirm their attendance in each lecture. [5]
Yijing Xun et.al, they proposed an anti-counterfeiting
method combining the coding characteristics of the two-
dimensional code and the digital watermark to enhance the
security of the QR code. The method uses RSA encryption
algorithm in the encoding process and DWT-SVD algorithm in
digital watermark process. The embedding watermark is very
good in invisibility and robustness, and it can implement cross
verification QR code image. [6]
The QR code has wide spread recently. It has become very
easy to access the QR code since any phone can decode the
response code. Therefore it has become easy to access it. Thus,
another proposal discusses another way to encrypt the QR code
using the RSA algorithm. This paper introduces a type of
encryption and decryption method based on image encrypt (QR
Code). As this process is done on a number of tasks. Each task
is performed separately to encrypt the image of QR code to gray
image, where white and black color are mixed, and to get
another new image that is completely encrypted from the first
image that was entered.[7]
By looking at the proposals above, it can be concluded that
there are many research papers that contribute significantly in
providing security to the quick response code. Each paper
presents a program that differs from the others in terms of
requirements. Some research can be seen that combines words
from a QR code with RSA.
QR CODE: QUICK RESPONSE CODE
Quick Response (QR) code used to store information by
encrypting it using eigenvalue algorithm. Eigenvalue are a
special set of scalars associated with a linear system of
equations (i.e., a matrix equation) that are sometimes also
known as characteristic roots, characteristic values. QR Code is
a 2D barcode which was invented by Denso Wave Incorporated
in 1994 as a type of data matrix codes There are 40 versions of
the QR code, starting with the smallest one (21*21) pixels up
to the largest one (177*177) pixels. There are four error
correction levels are available for users to choose according to
the operating environment. The levels are (L, M, Q, H) where
L allows the code to be read even if 7% of it is unreadable, M:
provides 15% error correction, Q: provides 25% and H:
provides 30%, error correction levels are illustrated in table 1
[8, 9].
Table 1: four error correction levels [10]
Levels of error correction Recovery capacity (%)
L Approx. 7%
M Approx. 15%
Q Approx. 25%
H Approx. 30%
QR system has two type (generator and scanner). To
generate QR code there are many website to convert the data
such as email to QR code by inserting the data. Finally will get
the QR code with the data encrypted in it. QR Scanner (Reader)
is an application used to convert the QR code to get the original
data (decrypting data).
Figure: 1 QR code [11]
RSA algorithm:
RSA Encryption method named by the initials of its co-
founders family name which are Ron Rivest, Adi Shamir and
Leonard Adleman[12].
RSA scheme is a cipher in which the plaintext and cipher
text are integers between 0 and n - 1 for some n. A typical size
for n is 1024 bits, or 309 decimal digits. That is, n is less than
21024. Plaintext is encrypted in blocks, with each block having
a binary value less than some number n. That is, the block size
must be less than or = 2( ) + 1. [13]RSA set of rules is
one of the famous safety cryptosystem based totally on range
concept. RSA method guarantees that data is exclusive and
authenticated, as a result it affords steady conversation over the
community. RSA encryption makes use of top factorization
because of the trapdoor for encryption. It makes use of public
key encryption in which all of us use public key to encrypt the
statistics and send over the network. However; it provides
authentication and safety over the community with a purpose to
provide personal key to decrypt the information. Therefore;
only indented receiver can decrypt the facts. RSA algorithm is
used for both records encryption and digital signature [14, 15].
Vol. 18, No. 6, June 2020
ISSN 1947-5500

THE PROPOSED SYSTEM
At the time, the protection of the information of the
customer is the significant concern for large, medium and small
companies. Therefore, many companies seek to provide their
customers with complete confidentiality in preserving data and
also not allowing another party to tamper with this information.
The proposed scheme is a strategic combination of QR code
with RSA algorithm. This system focused on enhancing the
security requirements by using QR code with RSA algorithm.
A two layers architecture is proposed in order to accomplish the
task. In the first layer the QR code include two phases (sending
and Receiving) massage. In the second layer, RSA algorithm
also have two phases (Encryption and Decryption) methods.
The system requires a simple login process by the admin
through its Server to generate an encrypted QR code with
specific information. This can be done by leading the admin to
insert the massage and encrypted to start generating the QR
code. After selecting the receiver the QR code will be
transformation successfully. The receiver will open his / her
page to encode the QR code to get what is inside it.
There are two layers to describe the overall system work:
First layer:
QR System got two phases (Sending, Receiving):
Phase One: (Sending Phase).
Figure 2 shows the process of sending and data. The Plain
data is encrypted by using the RSA process to get encrypted
data as cipher data, the cipher data will be processed by the QR
generator to generate a QR code.
Phase Two: (Receiving Phase).
Figure 3 illustrated the receiving phase. When the receiver
receives QR code, the QR scanner will process the QR code to
get the Data (encrypted data) then RSA method will decrypt the
encrypted data to get the plain data. RSA Method got two
phases (Encryption and Decryption).
Figure2: Sending Phase Figure3: Receiving Phase
Second layer:
RSA Method got two phases (Encryption and Decryption)
Phase One: (Encryption phase).
Figure 4 shows RSA encryption method. Plain data will be
converted to numbers, then these numbers will be encrypted by
using the public key for the receiver and the privet key of the
sender. The final step is to get encrypted data.
Phase Two: (Decryption Phase).
Figure 5 shows the process of decryption data by using
RSA. Encryption data will be used as input. This encryption
data will be decrypted by using the public key for the sender
and the privet key of the receiver. However; the decrypted data
will present as numbers which should be converted to text. The
final result will plain data.
Vol. 18, No. 6, June 2020
ISSN 1947-5500

Figure4: Encryption Data by RSA Figure5: Receiving data by RSA
As mentioned earlier, the system is composed of two parts:
the database and the system part. The following subsection will
describe the tasks for each part
Database part:
The database used for the following tasks:
• Store the user information of registration process.
• Fetch data for login process
• Store E, R and N for generating the keys.
• Store QR image after encryption process.
The database used to store information of each user. Also it
used for storing the QR code after generating it in the
application.
System part:
The system is holding the RSA algorithm, create QR code
and reading QR code methods. This three methods will work
together to send the QR code with encryption massage by RSA
to other side. Figure 6 show how the Crypto QR system is
working.
As it is shown in Figure6 there are six step explain
CryptoQR ideas. First of all the user will enter the massage he
or she want to send it in the text filed as it is shows in figure A.
The massage which is the user interred in the text filed will
encrypted by RSA algorithm after the user will inter in encrypt
button shows in figure B. However after applying RSA
algorithm to the massage, we will get an encryption massage
next step is to apply the encrypted massage to QR code by using
create QR code method in the system. Now the QR code is
ready to send it to selected user shows in figure C. The receiver
will receive the QR code as it is shows in figure D. in the next
step the QR code was decrypted and the result is RSA stander
massage(encrypt massage). At final step will decrypt the RSA
massage to normal massage, so the receiver can read it
(readable) format. Other ways cannot any one to read it.
Figure 6: CryptoQR idea
ANALYSIS
It is important to secure any system with username and
password. Therefore, it is important to take this step to prevent
unauthorized access to the system and tamper with user
information. Including the entry of those who are not
authorized into the system to perform some fraudulent
operations and spying on customer information. Including in
contravention of the privacy policy.
The system requires three steps. The first step is to open the
application and insert to the system username and password. If
the user is new it is requires him/her to log in as a new user and
fill out his/her form containing the email and other information.
After the user successfully logs in, the user will take the next
step, and the system will allow the user to encrypt any text
he/she needs and convert it into a QR code image. As for the
third step, which is to send a QR code to the required person, it
must be registered in the system.
When the user will runs the application it will appear page
to start Register and log in process. Then, if the user first time
to use this application, they should register themselves in the
application by clicking on the registration button and the form
will appear. The user should fills the registration fields. After
all the fields filled the user presses the Register button to store
the data into the database. Once the registration process is
completed next is the login process. Login process is done by
Vol. 18, No. 6, June 2020
ISSN 1947-5500

filling out the field’s username and password fields, by pressing
the Login button will execute the login process. The application
will verify the username and password input by the user. If the
password corrects the application home page will display.
However, if the username, password, or both incorrect, then
massage appears that tell (Username or password is incorrect)
and user cannot access to the next application process.
Generate QR Code:
Starting Generate QR Code process, the user will type
whatever want to write. Once the user is finished typed then
clicking on encryption button the next step is to select the name
of the receiver. After that convert user's massage to encryption
massage and store it in side QR code. Once the process is
finished user are ready to send this QR code to others as it is
shows in figure 8.
As it shows in figure 9, sender page is display the QR code
with the massage which is encrypt by using RSA algorithm
when the sender enter show detail the encryption massage and
decryption massage will display . Other ways if this QR code
scanned by any other person he / she will get only the
encryption massage. The right person which is the receiver only
will be able to read this QR code.
After the sender send the QR code successfully to the
receiver, the receiver page will display as it shows in figure 10.
Only the person how is mentioned by the sender can read
the QR code other ways they will get as encryption massage
which cannot be read the QR code.
If the user will try to open another user profile which is not
the right person to receive the QR code they cannot read the QR
code as illustrated in figure 11.
CONCLUSION
With the rapid development in the technology’s field, it has
become an important to use some technologies to increase
privacy and security for all users. Also, with the increase in
attacks on users and the breach of their privacy, it has become
important to use algorithms for security problems. Keeping up
with these technologies has become necessary to enable the
user to protect their information and give them the security in
the field of technology. The proposed system allows the
exchange of messages and other texts by encoding and storing
them within the quick response code to allow both the sender
and the recipient to exchange messages in secure conditions in
the field of modern technology.
Figure 7: Step one (login)
Figure 8: Step two (insert the massage)
Figure 9: Step three (QR code with RSA algorithm)
Vol. 18, No. 6, June 2020
ISSN 1947-5500

Figure 10: receiver home page
Figure 11: receiver error home page
ACKNOWLEDGMENT
Thanks to Global College of Engineering and Technology
(GCET) for the financial support.
REFERENCES
[1] M. S. Ahamed and H. Asiful Mustafa, "A Secure QR Code System
for Sharing Personal Confidential Information," 2019 International Conference
on Computer, Communication, Chemical, Materials and Electronic
Engineering (IC4ME2), Rajshahi, Bangladesh, 2019, pp. 1-4.
[2] Osman, M.A., Talib, A.Z., Sanusi, Z.A., Shiang-Yen, T. and Alwi,
A.S. (2012) A Study of the Trend of Smartphone and its Usage Behavior in
Malaysia.
[3] A. Mendhe, D. K. Gupta and K. P. Sharma, "Secure QR-Code Based
Message Sharing System Using Cryptography and Steganography," 2018 First
International Conference on Secure Cyber Computing and Communication
(ICSCCC), Jalandhar, India, 2018, pp. 188-191
[4] V. Susukailo and Y. Lakh, "Access Control System Based on
Encryption in QR-Code Technology," 2018 IEEE 4th International Symposium
on Wireless Systems within the International Conferences on Intelligent Data
Acquisition and Advanced Computing Systems (IDAACS-SWS), Lviv, 2018,
pp. 158-161
[5] Almasalha, F., Masalha, F. and Hirzallah, N. (2014) A Students
Attendance System Using QR Code Smart Attendance System View project
Studying and evaluating several aspects of the Internet of Things (IoT)
platforms and implementations View project A Students Attendance System
Using QR Code. Article in International Journal of Advanced Computer
Science and Applications
[6] Xun, Y., Li, Z., Zhong, X., Li, S., Su, J. and Zhang, K. (2019) Dual
Anti-counterfeiting of QR Code Based on Information Encryption and Digital
Watermarking. In: Lecture Notes in Electrical Engineering. 2019 (no place)
Springer Verlag. pp. 187–196.
[7] Muming Li, P. Cao, Lifang Yu, Liuping Feng, Jianbo Chen and Jing
Wang, "The research of information hiding and extraction based on QR code
positioning function," 2016 2nd IEEE International Conference on Computer
and Communications (ICCC), Chengdu, 2016, pp. 589-593
[8] S. Tiwari, "An Introduction to QR Code Technology," 2016
International Conference on Information Technology (ICIT), Bhubaneswar,
2016, pp. 39-44, doi: 10.1109/ICIT.2016.021.
[9] M. S. Ahamed and H. Asiful Mustafa, "A Secure QR Code System
for Sharing Personal Confidential Information," 2019 International Conference
on Computer, Communication, Chemical, Materials and Electronic
Engineering (IC4ME2), Rajshahi, Bangladesh, 2019, pp. 1-4
[10] G. Patel and G. Panchal, "Quick response codes decodability
improvements using error correction levels," 2017 International Conference on
Intelligent Sustainable Systems (ICISS), Palladam, 2017, pp. 231-234
[11] M. Li, P. Cao, L. Feng, L. Yu, J. Chen and J. Wang, "The research
of QR code image correction based on image gray feature," 2017 First
International Conference on Electronics Instrumentation & Information
Systems (EIIS), Harbin, 2017, pp. 1-5
[12] K. N. Bangera, N. V. S. Reddy, Y. Paddambail and G. Shivaprasad,
"Multilayer security using RSA cryptography and dual audio steganography,"
2017 2nd IEEE International Conference on Recent Trends in Electronics,
Information & Communication Technology (RTEICT), Bangalore, 2017, pp.
492-495
[13] N. M. S. Iswari, "Key generation algorithm design combination of
RSA and ElGamal algorithm," 2016 8th International Conference on
Information Technology and Electrical Engineering (ICITEE), Yogyakarta,
2016, pp. 1-5, doi: 10.1109/ICITEED.2016.7863255.
[14] F. J. Aufa, Endroyono and A. Affandi, "Security System Analysis
in Combination Method: RSA Encryption and Digital Signature Algorithm,"
2018 4th International Conference on Science and Technology (ICST),
Yogyakarta, 2018, pp. 1-5
[15] Y. Liu, W. Gong and W. Fan, "Application of AES and RSA Hybrid
Algorithm in E-mail," 2018 IEEE/ACIS 17th International Conference on
Computer and Information Science (ICIS), Singapore, 2018, pp. 701-703
Vol. 18, No. 6, June 2020
ISSN 1947-5500

AUTHORS PROFILE
Homam Reda El-Taj finished his Bachelor degree in
Computer Science (CSCIS) from Philadelphia University
Jordan in 2003, then he continued his graduate studies in
Universiti Sains Malaysia (USM), he finished his master degree
on distributed systems, and PhD on Network Security.
Homam published several articles on Computer Networks
field to cover subjects as: Real time Network Security
(Botnets/Worms/viruses), Intelligent Techniques in Detecting
Network threats, Advanced Networking Mechanisms and
protocols, Intrusion Detection of DOS & DDOS, Intrusion
Anomaly Detection Methods, Intrusion Prevention Techniques,
Intrusion Prevention, Decision Making, Intrusion Prevention
Threats Behavior, Application Network traffic tracing,
Network users and misuse detection, Intrusion Detection on QR
Code, and Overlay Network.
Ruqaiya Mohamed Alhadhrami is a software engineering
student in Global College of Engineering and Technology
(GCET), her research interests focus on cryptography and
network security.
Vol. 18, No. 6, June 2020
ISSN 1947-5500

CryptoQR System based on RSA

Recommended

Recommended

More Related Content

What's hot

What's hot (18)

Similar to CryptoQR System based on RSA

Similar to CryptoQR System based on RSA (20)

Recently uploaded

Recently uploaded (20)

CryptoQR System based on RSA