A Sensitive-Information Hiding Treatment in Quick-Response Codes Based on Error-Correcting Framework
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
International Journal of Network Security, Vol.23, No.1, PP.14-21, Jan. 2021 (DOI: 10.6633/IJNS.202101 23(1).03) 14
A Sensitive-Information Hiding Treatment in
Quick-Response Codes Based on
Error-Correcting Framework
Mingwu Zhang1,2 , Xiao Chen2 , Yong Ding1 , and Hua Shen2
(Corresponding author: Mingwu Zhang)
School of Computer Science and Information Security, Guilin University of Electronic Technology1
1 Jinji Rd, Qixing, Guilin, Guangxi 541004, China
School of Computer Science, Hubei University of Technology2
(Email: scauzhang@gmail.com)
(Received June 20, 2019; Revised and Accepted Dec. 10, 2019; First Online Feb. 1, 2020)
Abstract widely used in the practical application such as data input
interface [14], object tracking [10], mobile payment [12],
Quick Responding codes, namely QR codes, are widely and product marketing [2] etc. Even though the QR code
used in various communication applications and electronic is used extensively and has many desirable properties, it
transactions such as electronic payments and information still exists some security and privacy issues [7]. Because
integrations, since they provide excellent characteristics the QR code is transmitted over common channels and
such as large data capacity, widely coding domain, and the encoding and decoding algorithms are public, the en-
stronger error correction ability etc. However, as the QR coded and embedded message can be obtained by decod-
code is transmitted on public channel and can be scanned ing the QR code with a QR reader. If a sender tries to
by any QR reader, one can obtain the data from the en- employ two-dimensional codes to transmit private infor-
coded QR code. Simultaneously, the encoding and de- mation, i.e., paying account and password in QR code,
coding algorithms are public, the sensitive data such as will be revealed, abd thus there will lead to serious pri-
paying account and password will be revealed to the QR vacy leakage problems.
reader, which might incubate the risk of privacy leakage.
Generally, to protect the privacy of QR codes, the sen-
For solving this problem, this paper proposes a novel
sitive data can be stored in a back-end database, and the
approach to protect the private data in QR code. In our
end users can obtain this private data by accessing to
method, the secret information is embedded in the ran-
database linked with QR code URL [16, 18]. However,
dom position of a QR code matrix by utilizing an error-
the URL that links to back-end databases might attract
correcting mechanism, and only authorized user in posses-
intruders’ attention, which will lead to potential risks. In
sion of required keys will be able to retrieve and recover
previous works, most of the researches on QR codes usu-
this secret data embedded and hidden in the QR code.
ally introduce typical security mechanism such as image
The user without the secret key can only decode pub-
steganography and text encryption, however they ignore
lic information from the QR code. Although our hiding
the characteristics of the QR code and can not used in
scheme will decrease the rate of error-correctness of QR
QR coding environment explicitly.
decoding, we indicate that the analysis shows that scheme
is effect om practical applications. Compared with related Li et al. [8] devised a paper-based document and cre-
schemes, the proposed scheme provides higher security dentials protection scheme using authenticatable QR bar-
code. In 2012, Eldefrawy et al. [3] proposed a document
that is less likely to attract the attention of potential at-
tackers. authentication scheme that is based on public-key encryp-
tion in two-dimensional QR code, which focuses on the
Keywords: Data Hiding; Error-Correcting Code; Privacy
QR code authentication with a public encryption mecha-
Preservation; Quick Response Code
nism. However, public-key encryption methods not only
require heavy computational power but also attract the
1 Introduction attention of attackers, as the QR is encoded into a cipher
form. The digital watermarking schemes [4, 11, 13, 17],
Compared with traditional one-dimensional code, two- embedded a watermark into the high-frequency part of
dimensional QR code provides higher storage and error a QR image, can also protect the copyright of QR im-
correction capabilities, therefore, the QR code has been age, however because the pixels in QR codes are only theInternational Journal of Network Security, Vol.23, No.1, PP.14-21, Jan. 2021 (DOI: 10.6633/IJNS.202101 23(1).03) 15
blocks of white or black, which is inefficient for the digital
Table 1: Notations and symbols
watermarks.
Recently, several image hiding schemes that treat the Symbols Remark
QR code as a secret image and then embed the QR code P Public message
into the special domain of an image. Huang et al. [5] pro- M Secret data
posed a reversible data embedding approach for hiding a P~ Final codewords sequence of public mes-
QR code in special areas of an image. Wu et al. [15] de- sage
vised a data embedding method for an image using QR C~ Codewords sequence of encrypted secret
codes. However, embedding QR code into the domains message
of an image will reduce the quality of the image, and the C~∗ Final codewords sequence of encrypted se-
schemes in [5, 15] do not take advantage of the character- cret message
istics of encoding approach of QR Code itself. k Symmetric secret key
For the encoding of QR code in ISO standard kl Location secret key
ISO/IEC18004 [6], to avoid the error or damage of a QR ~
L The sequence of location information
code, it uses the error correction mechanism, i.e., Reed- P~∗ Codeword sequence of public message em-
Solomon code (RS code), to allow the data to be recovered bedded with secret message
even if its portions are damage. Lin et al. [9] proposed
a scheme for embedding secret data in a QR code, which
exploits the error correction redundancy property of QR
The rest of this paper is organized as follows. In Sec-
code. Later, Chow et al. [1] developed an efficient scheme,
tion 2, we provide some preliminaries and our security
namely covert QR code, for hiding a secret QR code into
requirements. We present our scheme in Section 3, and
a specific area of a public QR code and the only autho-
analyze and discuss the correctness and security in Sec-
rized user could retrieve the secret. However, the scheme
tion 4. The conclusion is drawn in Section 5.
proposed by Chow et al. [1] can extract codewords by ob-
taining the difference between covert QR code and the
original QR code, which means that if some part of the
covert QR is damaged, the embedded codewords can not
2 Preliminaries
be correctly extracted, whereby the hidden secret data
In this section, we first outline the structure and coding
can not be recovered.
process of the QR code according to the QR code bar
In this paper, we propose an efficient approach for em-
code symbology specification (ISO/IEC18004) [6] which
bedding a secret data into a QR code, in which the code-
promulgated by the international standard organization,
words of secret data are embedded into random positions
and then we briefly introduce RS error correction code.
of encoding matrix of public QR code by employing error
Finally, we describe the security model of the proposed
correction redundancy. In order to embed the sensitive
scheme.
data into the QR codes by encoding the sensitive data in
replace of the area of error-correct code. Our contribution
is described as follows. 2.1 Notations
1) We provide a novel approach to encode the private We denoted assigning the output of an algorithm A, which
data into secret data in replace of the area of error- takes x as input to z by A(x) → z. We list the notations
correct code. In the proposed scheme, the secret data and terms in this paper in Table 1.
and its Reed-Solomon error correction code are em-
bedded in the QR code together, which ensures that
the secret data can be decoded correctly even if it is 2.2 Encoding of QR codes
damaged or modified. Each QR code symbol is composed of nominal square
2) In the correction process of the QR reading, the ba- modules set out in a regular square array, which consists
sic computational unit is one byte, even destroying of a encoding region and a function patterns (namely,
or modifying any bit or bits within a given byte could finder pattern, separator pattern, timing pattern, and
produce the same effect on the error correction per- alignment pattern, respectively). Encoding region con-
formance. Thus, the processing unit of our scheme tains the symbol characters representing data, those rep-
needs only one byte, which can embed as much data resenting error correction codewords, the format informa-
as possible with a given error rate. tion and the version information, which will provide the
basis for decoding. On the contrary, the pattern cannot
3) In our scheme, the secret information codewords are be used for data encoding and the symbols are surrounded
embedded into the random positions of QR encoding by blank areas. Figure 1 illustrates the structure of a QR
matrix and also can be recovered secretly, in which Code with version 7.
it hardly attracts the extra attention of potential at- The QR code encoding process as shown in Figure 2 [6].
tackers. Data encoding includes converting data characters intoInternational Journal of Network Security, Vol.23, No.1, PP.14-21, Jan. 2021 (DOI: 10.6633/IJNS.202101 23(1).03) 16
Table 2: Error correction levels in QR code
Error correction level Recovery capacity % (ap-
prox.)
L (low) 7
M (medium) 15
Q (quality) 25
H (high) 30
error codeword is known and replacement error such that
Figure 1: Structure of QR code framework
the location of the error codeword is unknown. Infor-
mally, a rejection error is a symbol character that has not
bit streams and then split the resulting bit stream into 8- been scanned or can not be decoded.
bit codewords. The codeword sequence is divided into A replacement error is a symbol character that has
required blocks so that the error correction algorithm can been decoded incorrectly, for example, it changes a dark
be processed. Error correcting codewords are generated module (bit 1) into a light module (bit 0) or a light module
for each block, and the error correcting codewords are into a dark module, and the symbol characters are mis-
appended to the end of the data code sequence so that interpreted as superficially valid, but they are different
in case of damage of the codeword can still be identified codewords, which replacements error requires two error
correctly. The steps in Figure 2 are described in detail as correcting codewords to correct.
follows: Based on the feature of error correction code technol-
ogy, the error correction code redundancy of the QR code
1) Data analysis: Analyze the input data stream to can also be employed for data hiding. For example, we put
identify the variety of different characters to be en- the encoded sensitive data into the area of error correc-
coded. tion. The error correction levels of the QR code is related
to the embeddable capacity of secret data in a QR code.
2) Data encoding: Convert the data characters into a
The QR code standard offers four kinds of error correction
bit stream in accordance with the rules for the mode
levels that is shown in Table 2.
in force.
3) Error correction coding: Divide the codeword se-
quence into the required number of blocks to enable
2.4 The Model
the error correction algorithms to be processed. In order to clarify the security model, we use following
natations to indicate possible inputs and outputs of vari-
4) Structure final message: Interleave the data and
ous algorithm:
error correction codewords from each block as de-
scribed in and add remainder bits as necessary. Definition 1. (PQR Scheme, PQRS). A perfo-
5) Module placement in matrix : Place the codeword rated QR code scheme PQRS consists of the fol-
modules in the matrix together with the Finder Pat- lowing algorithms: PQRS = (Setup, QRC, QRD,
tern, Separators, Timing Pattern, and Alignment Enc, Dec, RLG, RS, Embed, Extract), whose functionali-
Patterns. ties are described as follows:
6) Data masking: Employ the masking patterns in turn • Setup(1λ ) → k: Taking a security parameter λ as
to the encoding region of the symbol, and then evalu- input, this algorithm returns a secret key k.
ate the results and select the pattern which optimizes
the dark/light module balance and minimizes the oc- • QRC(M ) → QRM : Taking a message M as input,
currence of undesirable patterns. this algorithm returns a QR code QRM for M .
7) Format and version information: Generate the for- • QRD(QRM ) → M : Taking a QR code QRM as in-
mat and applicable version information, and then put, this algorithm outputs a message M for QRM .
output the symbol finally.
~ This algorithm takes a plaintext M
• Enck (M ) → C:
and a secret key k as inputs, and outputs the corre-
2.3 Error Correction of QR Encode ~
sponding ciphertext bytes array C.
QR code adopts Reed-Solomon error control coding to de-
tect and correct errors while the QR is damaged, in which ~ → M : This algorithm takes a ciphertext
• Deck (C)
the error-correcting codewords can correct two types of ~ and a secret key k as inputs, and re-
bytes array C
errors, i.e., rejection error such that the location of the turns the corresponding plaintext M .International Journal of Network Security, Vol.23, No.1, PP.14-21, Jan. 2021 (DOI: 10.6633/IJNS.202101 23(1).03) 17
Figure 2: Encoding procedure
~ Using the key k and a bounded
• RLG(k, n, M ax) → L: ~ that is connected with the end of encrypted
of C
number M ax as input, this algorithm outputs an ar- ~ to obtain the final ci-
secret codeword sequence C
ray of pseudo-random numbers L.~ Note that the ar- ~∗
phertext of codeword C .
ray element is no more than M ax and n is the array’s
length. 3) Calling the key k of the seed of pseudo-random num-
ber generator to generate a random location sequence
~ →A
• RS(A) ~ ∗ : This algorithm takes an array of bytes ~ Afterward, C~∗ is embedded into the P~ according
L.
~
A as input, and returns its RS code A ~∗. to the location information provided by L~ in the unit
of codeword, and obtains a codeword sequence P~∗
• Embed(P, M, k) → P QR: This algorithm takes a embedded with secret data. After that, it place P~∗
public message P , a secret data M , and a secret key k codeword modules in the matrix together with the
as inputs, and generates a perforated QR code P QR. finder pattern, separators, timing pattern, respec-
• Extract(P QR, k) → M : This algorithm takes a per- tively, and adds the additional format and version
forated QR code P QR and a secret key k as inputs, information.
and outputs the secret data M . 4) Finally, it calls the encoding algorithm to create the
patched QR code.
Correctness. For a public QR code QRP ← QRC(P )
where P is a public message, and a perforated QR
code P QR ← Embed(P, M, k), the following condi-
tions should hold:
1) QRD(QRP ) = QRD(P QR) = P ;
2) Extract(P QR, k) = M .
Note that in the scheme, we employ a symmetric key en-
cryption scheme (Enc, Dec) under key k, which can be
separately deployed with any secure symmetric encryp-
tion algorithm such as AES. The security is described as: Figure 3: Overview of data-hiding procedure of the pro-
Let A be an adversary whose running time is polynomial. posed scheme
We say that the PQRS scheme is secure if there exists a
negligible function such that According to the error correction mechanism of QR
code, as long as the number of code words replaced is less
Pr[M ← A(P QR)] ≤ ε(λ). (1) than its error correction ability, the use of a standard QR
code reader to scan and decode PQR code will generate
public message P~ . On the other hand, for individuals
3 Our Scheme who have the secret key k, they only need to input PQR
In this section, we present a sensitive-data hiding scheme code and k in the secret extraction algorithm to extract
~∗ , and then correct and
that embeds the secret into a QR code. Figure 3 illus- the secret codeword sequence C
trates an overview of the proposed scheme, in which the decrypt it to obtain the secret data M .
encoding procedure is generally divided into four steps.
3.1 PQR Embedding Procedure
1) At first, it extracts the codewords sequence of public
message P~ in public QR code. The purpose of embedding procedure is to embed the en-
crypted secret codeword sequence C~∗ into the random po-
2) Then, it call the encryption algorithm to generate sitions associated with public codeword sequence P~ . The
the encrypted secret data codeword sequence C, ~ and PQR embedding algorithm is described in Algorithm 1.
then creates the error-correcting codeword sequence Using the secret key k to place the codeword modules inInternational Journal of Network Security, Vol.23, No.1, PP.14-21, Jan. 2021 (DOI: 10.6633/IJNS.202101 23(1).03) 18
the matrix, a standard QR code, i.e., P QR, is formed.
If we call the standard QR code reader to decode P QR,
only public message P can be achieved. However, for a
user who owns the symmetric secret key k, by calling the
extract algorithm he can obtain the secret data M from
P QR code.
We now take a version 5 and encoding level L as an
example: The QR code has 134 codewords including 26 Algorithm 1 Framework of PQR embedding/encoding
error-correcting codewords. And thus it can accept up to procedure.
13 replacement errors. Let
Require:
~
P = (p1 , p2 , · · · , p134 ), Public message P ;
Sensitive data M ;
C~∗ = (c1 , c2 , c3 , c∗1 , c∗2 ), Secret key k.
~ = (101, 8, 9, 68, 19).
L Ensure: QR code P QR that encode P and hide M .
1: Call the QR code standard algorithm to generate
Then, we have QR code of public message P and extract its data
codeword sequence P~ = (p1 , p2 , · · · , pn ), where pk
P~ = (p1 , · · · , p7 , c2 , c3 , p10 , · · · , p18 , c2 , p20 , · · · , p67 ,
∗ ∗
(1 ≥ k ≥ n) is an 8-bit binary sequence.
c∗1 , p69 , · · · , p100 , c1 , p102 , · · · , p134 ). 2: Compute the value of modifiable capacity N = bE/2c,
where E is the number of error correction codewords
in P~ .
3.2 PQR Extracting Procedure 3: Using key k to encrypt the secret data, Enck (M ) → C, ~
~
C = (c1 , c2 , · · · , ci ) is codeword sequence of encrypted
The PQR extraction algorithm is described in Algo-
rithm 2. secret data, ck (1 ≥ k ≥ i) is an 8-bit binary sequence.
4: Generate the RS code of C, ~ RS(C) ~ → C ~ ∗ , where
4 Analysis and Discussion C~∗ is final codewords sequence of encrypted secret,
C~∗ = (c1 , c2 , · · · , ci , c∗1 , c∗2 , · · · , c∗j ), (c∗1 , c∗2 , · · · , c∗j ) is
Table 3 lists the respective total number of codewords, ~ and c∗ (1 ≥ k ≥ j) is
error correction coding of C, k
number of error correction codewords, number of error
an 8-bit binary sequence. Note that (i + j) ≤ n, be-
correction blocks and the error correction code per block
cause the number of replaced codewords is less than
(c, k, r) for three standard versions of the QR code, where
the modifiable capcity.
c denotes the total of codewords, k is the number of data
5: Generate the location information with pseudo-
codewords and r indicates the error correction capacity. ~ = PRNG(kl , i + j, n),
random number generator L
For instance, an error correction code of version 5-M is
where kl = H(k), n is the the total number of P~ ,
represented as (67, 43, 12), which indicates that the error ~ = (l1 , l2 , · · · , li+j ), 1 ≥ lk ≥ n, (1 ≥ k ≥ i + j),
correction algorithm can correct less than 9 replacement L
errors in the block. Notice that, the higher error correc- lk 6∈ {l1 , l2 , · · · , lk−1 }.
tion capacity the higher version with more redundancy. 6: Embed the final codewords sequence of secret data C~∗
As shown in Table 3, it shows the embeddable capacity into the codewords sequence of public message P~ ac-
cording to the sequence of location information L, ~ in
of secret data under different QR versions and error cor- ∗ ∗ ∗
rection levels. other word, replace (c1 , c2 , · · · , ci , c1 , c2 , · · · , cj ) with
As shown in Section 3.2, since the number of mod- (pL1 , pL2 , · · · , pLi+j ) in P~ according to sequence, and
ified codewords is less than the error-correcting ability, obtain the codeword sequence of public message em-
decoding a PQR with a standard decoder can only obtain bedded with secret data P~∗ .
public information P . However, a key-holder could use a 7: Update the codeword sequence of public message em-
special QR code reader, equipped with Extract algorithm, bedded with secret data P~∗ in the QR’s matrix to
can restore the secret data M . That is, obtain the QR code (P QR) that contains the public
message P and secret data M .
QRD(QRP ) = QRD(P QR) = P 8: return P QR;
Extract(P QR, k) = M.
Suppose that an adversary can suspect the secret infor-
mation of the propose scheme. It is easily for an adversary
to obtain the encrypted codewords by comparing and dis-
tinguishing between the generated original QR codes and
the PQR code. The adversary can obtain the informa-
tion of the number of embedded codewords. However, theInternational Journal of Network Security, Vol.23, No.1, PP.14-21, Jan. 2021 (DOI: 10.6633/IJNS.202101 23(1).03) 19
Table 3: Embeddable capacity under different QR versions and error correction levels
version # of error correction # of error # of error error correction embeddable
codewords level correction correction code per block capacity
codewords blocks (c, k, r)
L 26 1 (134,108,13) 13
M 48 2 (67,43,12) 24
2 (33,15,9)
5 134 Q 72 36
2 (34,16,9)
2 (33,11,11)
H 88 44
2 (34,12,11)
L 40 2 (98,78,10) 20
M 72 4 (49,31,9) 36
2 (32,14,9)
7 196 Q 108 54
4 (33,15,9)
4 (39,13,13)
H 130 65
1 (40,14,13)
2 (86,68,9)
L 72 36
2 (87,69,9)
4 (69,43,13)
M 130 65
1 (70,44,13)
10 346
6 (43,19,12)
Q 192 96
2 (44,20,12)
6 (43,15,14)
H 224 112
2 (44,16,14)
adversary can not obtain the correct order of these code-
words and he cannot decrypt these codewords without
secret key k. We assume that the number of embedded
Algorithm 2 Framework of PQR extracting procedure. codewords to be n, then the length of the random bits
r-bit used in encrypting the codewords is 8n. Therefore,
Require:
the probability of the adversary A obtaining a correct
QR code contains public message P and P QR;
message can be computed by
The secret key, k.
Ensure: extracted secret data M .
1: Extract codeword sequence in P QR, and obtain P ~0 =
0 0 0 Pr[A succeed in outputting M ]
(p1 , p2 , ..., pn ).
2: Generate the location information with pseudo-
= Pr[A finds correct r-bit & codeword order]
~0 = PRNG(k 0 , i + j), 1 1
random number generator L l ≤ ·
0 0
where kl = H(k ), H(·) is a one way (hash) func- n! 28n
0 1
tion. Note that n is the total number of P~ , L ~0 = =
0 0 0 0 n! × 256n
(l1 , l2 , · · · , li+j ), 1 ≥ lk ≥ n, (1 ≥ k ≥ i + j),
0 0 0 0
lk 6∈ {l1 , l2 , · · · , lk−1 }.
3: Extract the codeword sequence corresponding to
0
the location information L ~0 in P~ 0 , where C~∗ =
0 0 0
(pl1 , pl2 , · · · , pli+j ). 5 Conclusion
0
4: Call the error-correcting algorithm to set C~∗ =
0 0 0
(pl1 , pl2 , · · · , pli+j ). To distinguish the original infor- This paper proposed a novel sensitive data hiding scheme
mation, we write the corrected codeword to denote as by embedding the sensitive information into a QR code, in
0 0 0
C~ 0 = (c1 , c2 , · · · , ci ). which it employs the technique of error correction mech-
5: Decrypt the codewords sequence to obtain the secret anism in QR encoding system to embed the secret code-
data: Deck (C~ 0 ) → M . word sequence into the random position of the QR en-
6: return M . coding matrix. When we used the two-dimensional QR
code reader to read the QR code, it can effective extract
the encoded public information. Simultaneously, an au-
thorized users who owned the secret key would be able to
obtain the secret information in the hidden QR code.International Journal of Network Security, Vol.23, No.1, PP.14-21, Jan. 2021 (DOI: 10.6633/IJNS.202101 23(1).03) 20
Acknowledgements Conference on Pattern Recognition, Informatics and
Mobile Engineering, pp. 251–257, 2013.
Supported by organization the National Natural Sci- [12] H. Ranavat, L. Chang, V. Kulkarni, J. Gao, and
ence Foundation of China (61672010, 61702168), the H. Mei, ”A 2D barcode-based mobile payment sys-
Hubei Provincial Department of Education Key Project tem,” in The Third International Conference on Mul-
(D20181402), the open research project of The Hubei timedia and Ubiquitous Engineering, pp. 320–329,
Key Laboratory of Intelligent Geo-Information Processing 2009.
(KLIGIP-2017A11), the Hubei University of Technology [13] M. Sun, J. Si, and S. Zhang, ”Research on embed-
Doctoral Startup Fund (BSQD14035). ding and extracting methods for digital watermarks
applied to QR code images,” New Zealand Journal
of Agricultural Research, vol. 50, no. 5, pp. 861–867,
References 2007.
[14] R. Villn, S. Voloshynovskiy, O. Koval, and T. Pun,
[1] Y. Chow, W. Susilo, and J. Baek, ”Covert QR codes: ”Multilevel 2D bar codes: Toward high-capacity stor-
How to hide in the crowd,” in International Confer- age modules for multimedia security and manage-
ence on Information Security Practice and Experi- ment,” IEEE Transactions on Information Forensics
ence, pp. 678–693, 2017. and Security, vol. 1, no. 4, pp. 405–420, 2006.
[2] M. Ebling and R. Cáceres, ”Bar codes everywhere [15] W. Wu, Z. Lin, and W. Wong, ”Application of
you look,” IEEE Pervasive Computing, vol. 9, no. 2, QR-code steganography using data embedding tech-
pp. 4–5, 2010. nique,” in Information Technology Convergence, pp.
[3] M. H. Eldefrawy, K. Alghathbar, and M. K. Khan, 597–605, 2013.
”Hardcopy document authentication based on public [16] M. Zhang, J. Huang, H. Shen, Z. Xia, and Y. Ding,
key encryption and 2D barcodes,” in International ”Consecutive leakage-resilient and updatable lossy
Symposium on Biometrics and Security Technologies, trapdoor functions and application in sensitive big-
pp. 77–81, 2012. data environments,” IEEE Access, vol. 6, pp. 43936–
[4] M. Gao and B. Sun, ”Blind watermark algorithm 43945, 2018.
based on QR barcode,” in Foundations of Intelligent [17] M. Zhang, Y. Yao, B. Li, and C. Tang, ”Accountable
Systems, pp. 457–462, 2011. mobile E-commerce scheme in intelligent cloud sys-
[5] H. Huang, F. Chang, and W. Fang, ”Reversible data tem transactions,” Journal of Ambient Intelligence
hiding with histogram-based difference expansion for and Humanized Computing, vol. 9, no. 6, pp. 1889–
QR code applications,” IEEE Transactions on Con- 1899, 2018.
sumer Electronics, vol. 57, no. 2, pp. 779–787, 2011. [18] M. Zhang, Y. Zhang, Y. Jiang, and J. Shen, ”Ob-
[6] ISO/IEC, ”Information technology automatic iden- fuscating eves algorithm and its application in fair
tification and data capture techniques QR code bar electronic transactions in public clouds,” IEEE Sys-
code symbology specification,” International Stan- tems Journal, vol. 13, no. 2, pp. 1478–1486, 2019.
dard, ISO/IEC, 18004, 2015. (https://www.iso.
org/standard/43655.html)
[7] P. Kieseberg, M. Leithner, M. Mulazzani, L. Munroe,
Biography
S. Schrittwieser, M. Sinha, and E. Weippl, ”QR code Mingwu Zhang is a Professor at School of Computer
security,” in Proceedings of the 8th International Sciences and Information Security, Guilin University of
Conference on Advances in Mobile Computing and Electronic Technology, China. He received his M.Sc.
Multimedia, pp. 430–435, 2010. in Computer Science and Engineering from Hubei
[8] C. M. Li, P. Hu, and W. C. Lau, ”Authpaper: Pro- Polytechnic University in 2000 and the Ph.D. degree in
tecting paper-based documents and credentials using South China Agric University in 2009, respectively. From
authenticated 2D barcodes,” in IEEE International August 2010 to August 2012, he has been a JSPS post-
Conference on Communications (ICC’15), pp. 7400– doctoral fellow at Institute of Mathematics for Industry
7406, 2015. in Kyushu University. From June 2015 to June 2016,
[9] P. Lin, Y. Chen, J. LU, and P. Chen, ”Secret hid- he is a senior visiting professor at School of Information
ing mechanism using QR barcode,” in International and Computing Science, University of Wollongong. His
Conference on Signal-Image Technology & Internet- research interests include cryptography technology for
Based Systems, pp. 22–25, 2013. network and data security, secure computation and
[10] N. Park, W. Lee, and W. Woo, ”Barcode-assisted privacy preservation.
planar object tracking method for mobile augmented
Xiao Chen is now a master student at the School
reality,” in International Symposium on Ubiquitous
of Computers, Hubei University of Technology. His
Virtual Reality, pp. 40–43, 2011.
research interest focuses on the security of electronic and
[11] G. Prabakaran, R. Bhavani, and M. Ramesh, ”A ro-
quick-responding barcode.
bust QR-code video watermarking scheme based on
SVD and DWT composite domain,” in International Yong Ding received the Ph.D. degree in cryptographyInternational Journal of Network Security, Vol.23, No.1, PP.14-21, Jan. 2021 (DOI: 10.6633/IJNS.202101 23(1).03) 21
from Xidian University, China. He is a Professor and the Hua Shen received the M.S. and Ph.D. degrees from
Director of the Guangxi Key Laboratory of Cryptography Wuhan University, Wuhan, China, in 2007 and 2014, re-
and Information Security. His main research interests spectively. She is currently an Associate Professor with
include cloud security, cryptography, and information the School of Computer Science, Hubei University of
security. Technology. Her research interests include privacy pre-
serving, information security, and cloud computing etc.You can also read
