Enhanced (n, n)-threshold QR code secret sharing scheme based on error correction mechanism

https://doi.org/10.1016/j.jisa.2020.102719Get rights and content

Abstract

In recent years, QR code is popular online and offline, and it is an ideal media for secret sharing. This paper utilizes the error correction capacity of QR code to propose an (n, n)-threshold secret sharing scheme for QR code. A secret QR code can be split and encoded into n cover QR codes. The generated marked QR codes still carry cover messages so that they will greatly reduce the suspicion of unauthorized people while transmitted in the public channel. The secret QR code can be easily reconstructed by using XOR operation when all the n authorized participants collaborate. Experimental results show that the proposed scheme is feasible and has high robustness. In addition, compared to the state-of-the-art work, the proposed scheme achieves a higher security.

Introduction

Secret sharing is a concept first introduced by Shamir [1] and Blakley [2]. It refers to cryptographic methods for holding a secret, splitting it into multiple shares, and distributing the shares among multiple participants. The secret can be reconstructed only when sufficient shares are combined. Take a typical (n, n)-threshold secret sharing for example, a secret would be encoded into n shares, which can be distributed among n authorized participants. Any individual share can not reveal any piece of secret message, so as any combinations of n − 1 shares. The secret can be successfully reconstructed only when all n participants cooperate. Hence, the secret sharing avoids the security issue caused by storing the secret in a single carrier, which can be damaged or lost. However, the meaningless shares in most secret sharing scheme often attract attentions from attackers. In order to reduce risk, many researchers [3], [4], [5], [6], [7], [8] studied the mechanism to encode secret into meaningful shares.

Quick Response (QR) code is a two-dimensional machine-readable optical label consisting of black and white modules. Because of its high capacity and fault tolerance, QR code is widely used in various fields, such as ID [9], food traceability [10,11], goods management [12], [13], [14], [15], advertisement [16,17], mobile payment [18,19], and so on. In view of its popularity in public channel, many scholars try to combine secret sharing and QR code to disguise shares as meaningful QR codes, in order to reduce the curiosity of irrelevant people.

According to the types of sharing media, QR code secret sharing schemes could be divided into three categories. The first one is sharing a message string. Chuang et al. [20] adapt Shamir's secret sharing concept to QR codes. The generated shares, treated as message codewords, would be embedded into QR codes. Secret message could be easily extracted by using Lagrange polynomial interpolation with enough QR codes. Obviously, the generated QR code is meaningless, which would attract unauthorized person's curious. To overcome this weakness, some researchers start to employ data hiding technology to ensure the generated marked QR code is still valid and meaningful. Huang et al. [21] exploit the fault tolerance characteristic of QR code to hide shares in the message codewords of cover QR code by using Sudoku magic matrix. Similarly, Lin [22] exploits the error correction capacity of QR code to embed shares in QR code by using wet paper coding [23]. Huang et al. [24] conceal shares in cover QR codes with the help of Latin square. To improve the security of shares, Chow et al. [25] use symmetric keys to encrypt shares before share concealing process.

The second category is sharing binary image based on visual secret sharing scheme (VSS) [26]. Wan et al. [27] exploit error correction mechanism inherent in QR code to propose a QR code secret sharing scheme to share a binary image. The secret image could be reconstructed with two ways. One is stacking all the shares, and the other is performing an XOR operation with all the shares. To enlarge the allowable maximal size of sharing image, Fu et al. [28] utilize a probabilistic sharing model to encode shares in the padding region of cover QR codes with high relative difference.

The last category is sharing a secret QR code. Chow et al. [29] present a QR code secret sharing scheme to distribute a secret QR code among n cover QR codes. The version and error correction level of cover QR code are same as those of secret QR code. The secret QR code could be correctly reconstructed by XORing all the marked QR codes. Because of its fault tolerance, secret QR code can still be successfully reconstructed even though n − 1 participants cooperate. Thus, it will cause security issue. To overcome the weakness of Chow et al.’s scheme, Cheng et al. [30] design a new secret share scheme by adding more constrains in the secret splitting strategy. However, the security flaw of their scheme still exists, which will be analyzed in detail in Section 2.3.

To enhance the security of Cheng et al.’s scheme, in this paper we propose a (n, n)-threshold QR code secret sharing scheme to share a secret QR code among n meaningful cover QR codes. A new secret sharing strategy is designed to improve the security of the proposed scheme. The secret QR code could not successfully be reconstructed if there are less than n marked QR codes combined. The proposed scheme ensures that the generated marked QR codes are still valid. The meaningful marked QR codes which carry cover messages would greatly reduce the curiosity of the attackers while delivering in the public channel. Experimental results show the feasibility and the robustness of the proposed scheme. Our contributions are as follows: compared to state-of-the-art schemes, the proposed scheme achieves much higher security.

The rest of this paper is organized as follows. Section 2 introduces the technology of QR code and analyzes the security flaw of two related works. Section 3 describes the main idea of the proposed scheme. Section 4 provides the experimental results and analysis to illustrate the feasibility of this work. Finally, Section 5 gives a conclusion and the future work.

Section snippets

Background

In this section we will briefly introduce the technology of QR code, summarize the implementation of related works, and point out the security defects in existing methods. Table 1 illustrates the denotation of some symbols used in our paper.

The proposed scheme

To overcome the weakness of Cheng et al.’s scheme, we propose a new (n, n)-threshold secret sharing scheme for QR code. A new generation rule was designed to assist the construction of matrix X. Then, based on matrix X, the secret sharing algorithm of the proposed scheme was designed to share a secret QR code among n cover QR codes with the same version and error correction level. Fig. 2 illustrates the flowchart of the secret sharing procedure of the proposed scheme.

Experimental results

Example 3: To evaluate the performance of the proposed scheme, we developed a program to implement the proposed QR code secret sharing scheme based on Python programming language. A (10, 10)-threshold secret sharing instance was performed based on the initial conditions of Example 1. Ten meaningful cover QR code with version 4-H are used to share a secret QR code. Fig. 3 lists all the cover QR codes and the secret QR code in Example 3.

In this example, we determine that g = 3 and w = 19 based on

Conclusion and future work

This paper exploits the error correction capacity of QR code to propose an (n, n)-threshold secret sharing scheme for QR code to enhance the security of previous works. Some experiments are done to evaluate the performance of the proposed scheme. Experimental results show that the proposed scheme is feasible, robust and highly secure. In the future, we plan to investigate the homomorphism of RS code with QR code to extend the access structure from (n, n) to (k, n).

CRediT authorship contribution statement

Peng-Cheng Huang: Methodology, Software, Data curation, Resources, Writing - original draft. Chin-Chen Chang: Conceptualization, Supervision, Project administration. Yung-Hui Li: Writing - review & editing, Formal analysis, Funding acquisition. Yanjun Liu: Visualization, Investigation, Validation.

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgment

This study was funded by Natural Science Foundation of Fujian Province (2018J01571), Science and Technology Program of Xiamen (3502Z20183057), open project of Key Laboratory of Fujian Universities for Virtual Reality and 3D Visualization (VRTV2019005), and Education and Scientific Research Project of Fujian Province (JT180436, JT180440 and JAT160357).

Peng-Cheng Huang is a lecture in Xiamen University of Technology. He received his BS degree from Xiamen University of Technology in 2007, the MS degree in Computer Architecture from the Fuzhou University in 2010. He is currently pursuing the Ph.D. degree from the Feng Chia University. His current research interests include multimedia security, image processing, Internet of thing.

References (31)

  • T. Li et al.

    To scan or not to scan: the question of consumer behavior and QR codes on food packages

    J Agric Resource Econ

    (2019)
  • E.W. Park et al.

    Development and evaluation of a quick response code–based nursing education program for operating and recovery room nurses

    Comput Inform Nurs

    (2019)
  • M.D. Barros

    Development of an educational tool in human anatomy with the use of QR codes

    FASEB J

    (2019)
  • N.D. Ramalingam et al.

    As simple as taking a picture—how use of QR codes improved evaluation response rates, documentation, and timeliness

    J Gen Internal Med

    (2020)
  • J.W. Kim

    Securely storing personal health data by using QR code

    Basic Clin Pharmacol Toxicol

    (2019)
  • Cited by (14)

    • QR Code Secret Sharing Algorithm Based on CRC

      2023, Proceedings - 2023 International Conference on Image Processing and Computer Vision, IPCV 2023
    • Publicly Verifiable Multi-stage Secret Sharing on General Access Structures

      2023, Journal of Frontiers of Computer Science and Technology
    View all citing articles on Scopus

    Peng-Cheng Huang is a lecture in Xiamen University of Technology. He received his BS degree from Xiamen University of Technology in 2007, the MS degree in Computer Architecture from the Fuzhou University in 2010. He is currently pursuing the Ph.D. degree from the Feng Chia University. His current research interests include multimedia security, image processing, Internet of thing.

    Chin-Chen Chang is a professor in Feng Chia University. He received the BS degree in Applied Mathematics in 1977 and the M.S. degree in Computer and Decision Sciences in 1979, both from the National Tsing Hua University, Taiwan. He received the Ph.D. degree in Computer Engineering in 1982 from the National Chiao Tung University, Taiwan. He is the author of more than 900 journal papers and has written 36 book chapters. His research interests include computer cryptography, data engineering, and image compression.

    Yung-Hui Li is an assistant professor in National Central University. He received his BS degree from National Taiwan University in 1995, the M.S. degree from University of Pennsylvania in 1998, and the Ph.D. degree from the Language Technology Institute, School of Computer Science, Carnegie Mellon University in 2010. He is the author of more than 30 conference and journal papers and has written five book chapters. His current research interests include image processing, machine learning, pattern recognition and biometric recognition.

    Yanjun Liu received her Ph.D. degree in 2010, in School of Computer Science and Technology from University of Science and Technology of China (USTC), Hefei, China. She has been an assistant professor serving in Anhui University in China since 2010. She currently serves as a senior research fellow in Feng Chia University in Taiwan. Her specialties include E-Business security and electronic imaging techniques.

    View full text