Skip to main content
SpringerLink
Log in

MurQRI: Encrypted Multi-layer QR Codes for Electronic Identity Management

  • Conference paper
  • First Online:
Silicon Valley Cybersecurity Conference (SVCC 2020)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1383))

Included in the following conference series:

Abstract

Quick Response (QR) codes are widely used due to their versatility and low deployment cost. However, the existing QR code standard is ineffective for security-critical applications (e.g., electronic identity management) as the stored information can be easily exposed to unauthorized parties. Moreover, it does not provide sufficient storage capacity to employ robust encryption schemes for complex access control and authentication. In this paper, we present a novel approach of employing encrypted multi-layer QR codes, MurQRI (pronounced “Mercury”), for secure user authentication and fine-grained access control in various domains (e.g., airport and hospital). MurQRI is designed to store up to 45 kilobytes of data and protect the stored information via biometric authentication and encryption. To support fine-grained access control, we employ attribute-based encryption. We also introduce real-world applications where MurQRI can be used effectively and discuss possible methods to enhance security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. The electronic passport in 2020 and beyond. https://www.thalesgroup.com/en/markets/digital-identity-and-security/government/passport/electronic-passport-trends

  2. QR code basics: Getting started with QR codes, June 2020. https://www.qr-code-generator.com/qr-code-marketing/qr-codes-basics/

  3. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy (SP 2007), pp. 321–334 (2007). https://doi.org/10.1109/SP.2007.11

  4. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13

    Chapter  Google Scholar 

  5. Bui, T.V., Vu, N.K., Nguyen, T.T.P., Echizen, I., Nguyen, T.D.: Robust message hiding for QR code. In: 2014 Tenth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, pp. 520–523 (2014). https://doi.org/10.1109/IIH-MSP.2014.135

  6. Bulan, O., Blasinski, H., Sharma, G.: Color QR codes: increased capacity via per-channel data encoding and interference cancellation. In: Color Imaging Conference (2011)

    Google Scholar 

  7. California State Legislature: (1965). https://leginfo.legislature.ca.gov/faces/codes_displayText.xhtml?lawCode=EVID&division=8.&title=&part=&chapter=4.&article=6, division 8. Priviliges Chapter 4. Particular Priviliges Article 6. Physician-Patient Privilege

  8. Chambers, B.: How COVID-19 Has Accelerated QR Code Adoption in the UK and EU. Mobileiron.com, October 2020. https://www.mobileiron.com/en/blog/how-covid-19-has-accelerated-qr-code-adoption-uk-eu

  9. Chiang, Y.J., Lin, P.Y., Wang, R.Z., Chen, Y.H.: Blind QR code steganographic approach based upon error correction capability. KSII Trans. Internet Inf. Syst. 7, 2527–2543 (2013). https://doi.org/10.3837/tiis.2013.10.012

    Article  Google Scholar 

  10. Chow, Y.-W., Susilo, W., Baek, J.: Covert QR codes: how to hide in the crowd. In: Liu, J.K., Samarati, P. (eds.) ISPEC 2017. LNCS, vol. 10701, pp. 678–693. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-72359-4_42

    Chapter  Google Scholar 

  11. Dean, T., Dunn, C.: Quick layered response (QLR) codes (2012)

    Google Scholar 

  12. DENSO WAVE: Face authentication SQRC. https://www.denso-wave.com/en/system/qr/product/facesqrc.html

  13. Espejel-Trujillo, A., Castillo Camacho, I., Nakano-Miyatake, M., Perez-Meana, H.: Identity document authentication based on VSS and QR codes. Procedia Technol. 3, 241–250 (2012). https://doi.org/10.1016/j.protcy.2012.03.026

    Article  Google Scholar 

  14. Goyal, V., Jain, A., Pandey, O., Sahai, A.: Bounded ciphertext policy attribute based encryption. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008. LNCS, vol. 5126, pp. 579–591. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70583-3_47

    Chapter  Google Scholar 

  15. ISO/IEC 18004:2015(E): Information technology – automatic identification and data capture techniques – QR code bar code symbology specification. Standard, International Organization for Standardization (2015)

    Google Scholar 

  16. Jaroszewski, P.: How to get good seats in the security theater? Hacking boarding passes for fun and profit, May 2016. https://www.defcon.org

  17. Khammarnia, M., Kassani, A., Eslahi, M.: The efficacy of patients’ wristband bar-code on prevention of medical errors. Appl. Clin. Inform. 6, 716–727 (2015). https://doi.org/10.4338/ACI-2015-06-R-0077

    Article  Google Scholar 

  18. Krombholz, K., Frühwirt, P., Kieseberg, P., Kapsalis, I., Huber, M., Weippl, E.: QR code security: a survey of attacks and challenges for usable security. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2014. LNCS, vol. 8533, pp. 79–90. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-07620-1_8

    Chapter  Google Scholar 

  19. Lai, J., Deng, R.H., Li, Y.: Fully secure cipertext-policy hiding CP-ABE. In: Bao, F., Weng, J. (eds.) ISPEC 2011. LNCS, vol. 6672, pp. 24–39. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21031-0_3

    Chapter  Google Scholar 

  20. Lin, P., Chen, Y., Lu, E.J., Chen, P.: Secret hiding mechanism using QR barcode. In: 2013 International Conference on Signal-Image Technology Internet-Based Systems, pp. 22–25 (2013). https://doi.org/10.1109/SITIS.2013.15

  21. Lin, P.-Y., Chen, Y.-H.: High payload secret hiding technology for QR codes. EURASIP J. Image Video Process. 2017(1), 1–8 (2017). https://doi.org/10.1186/s13640-016-0155-0

    Article  Google Scholar 

  22. Meruga, J., et al.: Multi-layered covert QR codes for increased capacity and security 37, 17–27 (2015). https://doi.org/10.1080/1206212X.2015.1061254

  23. Neurotechnology: Megamatcher SDK, November 2020. https://www.neurotechnology.com/megamatcher-algorithm-tests.html#tests_finger_face_iris

  24. Niceware International LLC: Patient Safety with Bar Code and RFID Labeling Identification. White paper, December 2006

    Google Scholar 

  25. Noppakaew, P., Khomkuth, S., Sriwilas, S.: Construction of multi-layered QR codes utilizing partitions of positive integers. J. Math. Comput. Sci. 18, 306–313 (2018). https://doi.org/10.22436/jmcs.018.03.06

    Article  MATH  Google Scholar 

  26. Qryptal: The simpler approach to secure and verify documents. https://www.qryptal.com/landingpages/signed-qr-code/

  27. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27

    Chapter  Google Scholar 

  28. Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979). https://doi.org/10.1145/359168.359176

    Article  MathSciNet  MATH  Google Scholar 

  29. SITA: Air Transport IT Insights 2019. SITA. https://www.sita.aero/resources/type/surveys-reports/air-transport-it-insights-2019

Download references

Acknowledgement

This research was supported by the ICT R&D program (No.2017-0-00545) and the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. 2019R1C1C1007118).

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Sungkyunkwan University, Suwon, South Korea

    Bonha Koo, Taegeun Moon & Hyoungshick Kim

Authors
  1. Bonha Koo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Taegeun Moon
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hyoungshick Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hyoungshick Kim .

Editor information

Editors and Affiliations

  1. San Jose State University, San Jose, CA, USA

    Younghee Park

  2. IBM Almaden Research Center, San Jose, CA, USA

    Divyesh Jadav

  3. San Jose State University, San Jose, CA, USA

    Thomas Austin

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Koo, B., Moon, T., Kim, H. (2021). MurQRI: Encrypted Multi-layer QR Codes for Electronic Identity Management. In: Park, Y., Jadav, D., Austin, T. (eds) Silicon Valley Cybersecurity Conference. SVCC 2020. Communications in Computer and Information Science, vol 1383. Springer, Cham. https://doi.org/10.1007/978-3-030-72725-3_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-72725-3_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-72724-6

  • Online ISBN: 978-3-030-72725-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation