Ubic: Bridging the gap between digital cryptography and the physical world

Advances in computing technology increasingly blur the boundary between the digital domain and the physical world. Although the research community has developed a large number of cryptographic primitives and has demonstrated their usability in all-digital communication, many of them have not yet made their way into the real world due to usability aspects. We aim to make another step towards a tighter integration of digital cryptography into real world interactions. We describe Ubic, a framework that allows users to bridge the gap between digital cryptography and the physical world. Ubic relies on head-mounted displays, like Google Glass, resource-friendly computer vision techniques as well as mathematically sound cryptographic primitives to provide users with better security and privacy guarantees. The framework covers key cryptographic primitives, such as secure identification, document verification using a novel secure physical document format, as well as content hiding. To make a contribution of practical value, we focused on making Ubic as simple, easily deployable, and user friendly as possible.Comment: In ESORICS 2014, volume 8712 of Lecture Notes in Computer Science, pp. 56-75, Wroclaw, Poland, September 7-11, 2014. Springer, Berlin, German

Covert QR codes: How to hide in the crowd

This paper investigates a novel approach of distributing a hidden message via public channels. The proposed approach employs visual subterfuge to conceal secret information within a QR code. Using a QR code reader, any individual can decode the public information contained in the QR code. However, only authorized users who have the necessary credentials will be able to obtain the secret message, which is encoded in the form of a secret QR code. We call this a Covert QR (CQR) code scheme. To embed the secret information, this approach exploits the error correction mechanism inherent in the QR code structure. By using QR codes to conceal information, the proposed scheme has the advantage of reducing the likelihood of attracting the attention of potential adversaries. In addition, the information in QR codes can be scanned and decoded through the visual channel. As such, the secret information can be distributed on printed media and is not restricted to an electronic form

Printed document integrity verification using barcode

Printed documents are still relevant in our daily life and information in it must be protected from threats and attacks such as forgery, falsification or unauthorized modification. Such threats make the document lose its integrity and authenticity. There are several techniques that have been proposed and used to ensure authenticity and originality of printed documents. But some of the techniques are not suitable for public use due to its complexity, hard to obtain special materials to secure the document and expensive. This paper discuss several techniques for printed document security such as watermarking and barcode as well as the usability of two dimensional barcode in document authentication and data compression with the barcode. A conceptual solution that are simple and efficient to secure the integrity and document sender's authenticity is proposed that uses two dimensional barcode to carry integrity and authenticity information in the document. The information stored in the barcode contains digital signature that provides sender's authenticity and hash value that can ensure the integrity of the printed document

Secure digital documents using Steganography and QR Code

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University LondonWith the increasing use of the Internet several problems have arisen regarding the processing of electronic documents. These include content filtering, content retrieval/search. Moreover, document security has taken a centre stage including copyright protection, broadcast monitoring etc. There is an acute need of an effective tool which can find the identity, location and the time when the document was created so that it can be determined whether or not the contents of the document were tampered with after creation. Owing the sensitivity of the large amounts of data which is processed on a daily basis, verifying the authenticity and integrity of a document is more important now than it ever was. Unsurprisingly document authenticity verification has become the centre of attention in the world of research. Consequently, this research is concerned with creating a tool which deals with the above problem. This research proposes the use of a Quick Response Code as a message carrier for Text Key-print. The Text Key-print is a novel method which employs the basic element of the language (i.e. Characters of the alphabet) in order to achieve authenticity of electronic documents through the transformation of its physical structure into a logical structured relationship. The resultant dimensional matrix is then converted into a binary stream and encapsulated with a serial number or URL inside a Quick response Code (QR code) to form a digital fingerprint mark. For hiding a QR code, two image steganography techniques were developed based upon the spatial and the transform domains. In the spatial domain, three methods were proposed and implemented based on the least significant bit insertion technique and the use of pseudorandom number generator to scatter the message into a set of arbitrary pixels. These methods utilise the three colour channels in the images based on the RGB model based in order to embed one, two or three bits per the eight bit channel which results in three different hiding capacities. The second technique is an adaptive approach in transforming domain where a threshold value is calculated under a predefined location for embedding in order to identify the embedding strength of the embedding technique. The quality of the generated stego images was evaluated using both objective (PSNR) and Subjective (DSCQS) methods to ensure the reliability of our proposed methods. The experimental results revealed that PSNR is not a strong indicator of the perceived stego image quality, but not a bad interpreter also of the actual quality of stego images. Since the visual difference between the cover and the stego image must be absolutely imperceptible to the human visual system, it was logically convenient to ask human observers with different qualifications and experience in the field of image processing to evaluate the perceived quality of the cover and the stego image. Thus, the subjective responses were analysed using statistical measurements to describe the distribution of the scores given by the assessors. Thus, the proposed scheme presents an alternative approach to protect digital documents rather than the traditional techniques of digital signature and watermarking

Spamming the Internet of Things: A Possibility and its probable Solution

AbstractThe Internet of Things (IoT) enabled users to bring physical objects into the sphere of cyber world. This was made possible by different tagging technologies like NFC, RFID and 2D barcode which allowed physical objects to be identified and referred over the Internet. Due to less complexity and low development and deployment cost of 2D barcodes, they have become modus operandi for building an IoT system. This paper explores the possibility of spamming the Internet of Things. It tries to establish that web spammers can use 2D barcodes to flood the physical side of the IoT, trick users to see or reach unsolicited and unrelated content over the Internet and possibly destroy the legitimacy of correct content. Preliminary results from an experiment establishing the possibility of the problem are outlined. This paper also proposes the use of digital signatures (ECDSA) to address the problem of spamming the IoT. A prototype implementation of the solution and its experimental results are given in this paper

An Illustrative Review on Steganography Techniques Using QR Code Images

This review paper concentrates on the concept of QR code steganography and its de-noising filters. The goal of this review paper is to explore and analyze QR Code generation, QR code versions, Steganography techniques and Problems of QR code. In this paper, we present review on two challenges of the work i.e. first one is QR code steganography and its major problem noise, noise creates a problem to read the QR code, and reduce the readability of QR code. The literature review is done on QR code steganography technique and filters that basically reduce the noise of Image of QR code and as well as performance parameters PSNR and MSE. We have also discussed various Error correction levels of the QR code, steganography techniques and de-noising filters. Error Correction and noise removal from Cover image is challenging task and calculating the PSNR and MSE values for QR Code images with different image file format

2LQR Code for Private Message Sharing and Document Authentication

Quick response codes are machine readable optical label which was first created in the automated industry of Japan. Quick response codes are capable enough to store vital information in it by converting into various black and white patterns. QR codes have many applications especially in the field of message sharing and document authentication. We must lay our emphasis on the security and privacy of the QR code as there are chances of it getting into wrong hands. In this paper we have proposed a technique known as 2 level QR code which consists of two layers of security provided to the QR code. The first level is known as public level and the second level is known as private level. We will be using Reed Solomon algorithm. Our 2 level design is capable enough to supply ample security and privacy as way as personal message sharing and document authentication are involved. During this paper we've got studied numerous state of the art existing techniques of planning QR code at the side of their comparison with the our projected two level QR code technique. In this paper we've got studied numerous state of the art existing techniques of coming up with QR code in conjunction with their comparison with the our planned two level QR code technique

QR code based two-factor authentication to verify paper-based documents

Important paper-based documents Exposed to forgery such as: official certificates, birth, marriage, death certificates, selling and buying documents and other legal documents is more and more serious and sophisticated. With the purposes of fraud, appropriation of property, job application and assignment in order to swindle public authorities, this forgery has led to material loss, belief deterioration as well as social instability. There are many techniques has been proposed to overcome this issues such as: ink stamps, live signatures, documented the transaction in third party like the court or notary. In this paper, it’s proposed a feasible solution for forgery prevention for paper-based documents using cloud computing application. With the application of Quick Response bidirectional barcode and the usage of hash algorithm. The study aims at developing an electronic verification system for official and issued books (documents, endorsements, and other official books) to/from different sections of the Institute using QR technology

Quick response code secure: a cryptographically secure anti-phishing tool for QR code attacks.

The two-dimensional quick response (QR) codes can be misleading due to the difficulty in differentiating a genuine QR code from a malicious one. Since, the vulnerability is practically part of their design, scanning a malicious QR code can direct the user to cloned malicious sites resulting in revealing sensitive information. In order, to evaluate the vulnerabilities and propose subsequent countermeasures, we demonstrate this type of attack through a simulated experiment, where a malicious QR code directs a user to a phishing site. For our experiment, we cloned Google's web page providing access to their email service (Gmail). Since, the URL is masqueraded into the QR code the unsuspecting user who opens the URL is directed to the malicious site. Our results proved that hackers could easily leverage QR codes into phishing attack vectors targeted at smartphone users, even bypassing web browsers safe browsing feature. In addition, the second part of our paper presents adequate countermeasures and introduces QRCS (Quick Response Code Secure). QRCS is a universal efficient and effective solution focusing exclusively on the authenticity of the originator and consequently, the integrity of QR code by using digital signatures