Proceedings of 2024 International Conference on Cognitive Robotics and Intelligent Systems (ICC - ROBINS 2024)

IEEE Xplore Part Number: CFP24UD1-ART; ISBN: 979-8-3503-7274-8

Improving QR Code Security using Multiple

Encryption Layers
2024 International Conference on Cognitive Robotics and Intelligent Systems (ICC - ROBINS) | 979-8-3503-7274-8/24/$31.00 ©2024 IEEE | DOI: 10.1109/ICC-ROBINS60238.2024.10533884

S. Dhivyalakshmi Narayanan Dr. S. Prabhu E. Padma

PG Scholar, “Department of Computer Associate Professor, Department of Assistant Professor, Department of
Science and Engineering Computer Science and Engineering Computer Science and Engineering
Nandha Engineering College(Autonomous) Nandha Engineering College Nandha Engineering College
Erode, Tamil Nadu, India (Autonomous) (Autonomous)
[email protected] Erode, Tamil Nadu, India Erode, Tamil Nadu, India
[email protected] [email protected]

Abstract— Growing concerns about identity theft and privacy are
brought on by the increased sharing of digital information, which
leaves data open to quick changes while in transit. Digital data
must be protected from hackers. This study presents a novel
approach to improve QR code security and fight counterfeiting.
This technique strengthens QR code anti-counterfeit measures by
integrating the AES algorithm with Rubik's Cube Principle. The
Rubik's Cubic Principle is used to separate the RGB channels in
the QR code image. Following the encryption of these channels
using the Advanced Encryption Standard (AES) encryption key,
the encrypted image is combined with image steganography and is
subjected to linear feedback shift register (LFSR) processing. Test
results confirm the efficiency of the suggested plan, exhibiting
strong encryption and flawless covert abilities.
Keywords- QR code security, AES algorithm, Rubik’s Cube
Principle, image steganography, LFSR.
I. INTRODUCTION
The ease of mobile payments is just one of the many features
that mobile phones offer in this age of rapid technological
advancement. Due to its ease of use and speed in financial
transactions, this method has become increasingly popular [1].
Applications that take advantage of this technological shift are
emerging as internet payment solutions become more
widespread across industries and payment processes become
digital. Credit cards and NFC-based transactions are just two
examples of the many ways that online payments could evolve
in the future. However, as technology advances, so does the risk
of security breaches. Studies on Online Payment System
Implementations show how important safety is to both
businesses and consumers. The availability, confidentiality, and
integrity of the system are put at risk by payment transactions,
which are vulnerable to theft, fraud, and counterfeiting. Internet
payment systems need to give security measures top priority in
order to overcome these security issues. The ability of QR
codes, or two-dimensional barcode matrices, to quickly encode
and store large amounts of data makes them a practical solution
[1,2]. The speed and simplicity of QR codes make them useful
in important fields like healthcare, education, and finance [3,
4]. These 2D barcodes are advantageous because they can
easily be retrieved by QR code readers and have high
information density and robustness. They can also correct
errors. The speed at which QR codes are being adopted for
payments, security authorization, and other uses highlights their
effectiveness. Though QR code technology is open-source,
counterfeiting is possible, particularly when it comes to
merchant account representation. This can result in serious
financial losses and problems with payment security. Severe
risks can also arise from malicious links that hackers encode in
QR codes [6, 7].
II. LITERATURE SURVEY
The effective solution to enhance the security of digital data
is to use QR code-based security authentication for payments.
Secret-sharing is accomplished through VSS (Visual Secret
Sharing), which is also known as VC (Visual Cryptography)
[8]. Using this method, an original image is encoded into n
noise, like shadows or shares, so that no individual share will
display. Recovery of the original secret is only possible by
merging the qualifying shares [9]. When it comes to QR code
payment authentication, the fundamental idea is to use a (2; 2)
scheme of VSSQR. Two QR code shares, designated SC1 and
SC2, comprise the original secret binary image. Details about a
merchant are contained in both shares. While SC2 is kept on the
server and the merchant's desk, SC1 is shown on the wall or
desk of the merchant. With any mobile device, customers can
access the server by scanning both SC1 and SC2. Decoding the
information in SC1 and determining whether the stacking result
of SC1 and SC2 matches the secret image further confirms the
authenticity of SC1 [10] are the first few steps in the
preliminary authentication process. The drawback of this
technique is that when multiple shares are overlaid, the VSS
system can retrieve a hidden image without requiring complex
computations because it makes use of the Human Visual
System (HVS).
III. PROPOSED WORK
A. Rubik’s Cube Principle
• Foundation Establishment: The pixels in the image are
utilized as the basis for the Rubik's cube algorithm.
• Jumbling Process: This process is used to modify the
pixel's value and shift columns or rows by using modulo
2 to jumble the original image.
• XNOR Operation: The XNOR operation is applied for
even columns with Kr and even rows with Kc by
flipping the keys Kc and Kr.

979-8-3503-7274-8/24/$31.00 ©2024 IEEE 845

Authorized licensed use limited to: NATIONAL INSTITUTE OF TECHNOLOGY SILCHAR. Downloaded on May 31,2024 at 06:13:11 UTC from IEEE Xplore. Restrictions apply.
 Proceedings of 2024 International Conference on Cognitive Robotics and Intelligent Systems (ICC - ROBINS 2024)
IEEE Xplore Part Number: CFP24UD1-ART; ISBN: 979-8-3503-7274-8
• Row and Column Operations: The row operations are
executed using Kr and column operations are executed
using Kc.
• Decryption: This process id used to decrypt the
encrypted image by using a specific number of iterations
and keys.
• Component Identification: This identification process
has used the single-tone component as the foundation of
the Rubik's Cube method to process black-and-white or
grayscale images.
• Challenge Recognition: This recognition acknowledges
the challenge posed by RGB images, where each pixel
contains multiple tone components.
• Individual Application: Finally, the Rubik's cube
method is applied individually to each element of the
RGB image [11].
B. AES Algorithm
The AES algorithm encrypts the random key of the Rubik’s
cube principle, producing an encrypted random key. The
process is:
• Bytes Substitution: This process substitutes the bytes in
the block text based on predefined S-boxes to enhance
complexity.
• Move the rows: All the rows will be replaced except the
1st through a permutation step to introduce further
variation.
• Mix the columns: A Hill cipher approach is usedto mix
the columns by combining the blocks of columns to
increase complexity.
• Add the round key: This process XOR the message with
the corresponding round key in the final step to ensure
the secure encryption over multiple iterations.
[12,13,14].
Fig. 1. illustrates how the AES algorithm and the
Rubik’s cube principle function.
Fig. 1. Working of Rubik’s cube principle with AES (Advanced
Standard Encryption)
C. Image Steganography and Linear feedback shift register
• Steganography Initialization: The process is initialized
by concealing data within an image file, known as image
steganography.
• Image Terminology: The cover image will be defined as
the original image and the stego image as the result after
steganography [15].
979-8-3503-7274-8/24/$31.00 ©2024 IEEE
Authorized licensed use limited to: NATIONAL INSTITUTE OF TECHNOLOGY SILCHAR. Downloaded on May 31,2024 at 06:13:11 UTC from IEEE Xplore. Restrictions apply.
• Encryption Preparation: IN this process, a linear
feedback shift register (LFSR) is used to generate
random numbers for encryption and decryption.
• Initial Encryption: The encryption process is initialized
by loading a color image and use its initial values to
initialize LFSRs.
• Secondary Encryption: After initial step, the new
random numbers will be generated by modifying LFSR
initial values with specific numbers based on the image's
dimensions.
• Decryption Initialization: The decryption phase will be
initialized by loading the encrypted color image with the
same initial values.
• Decryption Process: This consecutive step supplement
LFSRs with specific numbers to recreate the same
random numbers used for column and row decryption.
[16,17].
Fig. 2. illustrates how the of Linear feedback shift
register and Image steganography function.
Fig. 2. Working of Linear feedback shift register and Image steganography
IV. METHODOLOGY
The following sections contain two modules:
• Encryption Module
• Decryption Module
A. Encryption Module
The process starts with a QR code image. The image is split
into red, green, and blue parts. Then, a random key encrypts
these parts using AES. These encrypted parts are combined into
one encrypted image. Next, this image is further encrypted with
the cover image and a linear feedback shift register. Finally, the
new encrypted image is hidden within the cover image, creating
a new image that hides the encrypted QR code. Fig. 3. shows
block diagram for encryption process.
Fig. 3. Block diagram
846
 Proceedings of 2024 International Conference on Cognitive Robotics and Intelligent Systems (ICC - ROBINS 2024)
IEEE Xplore Part Number: CFP24UD1-ART; ISBN: 979-8-3503-7274-8

B. Decryption Module C. Peak Signal-To-Noise Ratio

Decryption works in the opposite way of encryption. First, The ratio of an image's maximum potential power to the
the image is split to get the cover image and the new encrypted corrupting noise power that degrades the image's representation
image. Then, the new encrypted image is decrypted using the quality is called the PSNR (Peak Signal-To-Noise Ratio). An
cover image and XOR. Next, the decrypted picture is split into image must be compared to the best possible clean image with
three parts, each receiving the encrypted random key. Finally, the highest power to find out its PSNR. PSNR is defined as
the three decrypted parts are combined to rebuild the QR code follows (2):
image. (𝐿−1)2 𝐿−1
𝑃𝑆𝑁𝑅 = 10 log10 ( ) = 20 log10 ( ) (2)
𝑀𝑆𝐸 𝑅𝑀𝑆𝐸
V. RESULT Here, L is the number of maximal intensity levels that
can exist in an image, with 0 being the minimum intensity level
A. Histogram Analysis that is assumed. MSE (Mean Squared Error) & it is defined as
The main purpose of using histograms is to analyze the pixel (3):
distribution in an image and extract relevant information [18]. 𝑀𝑆𝐸 =
1
∑𝑚−1 ∑𝑛−1 2
(3)
𝑚𝑛 𝑖=0 𝑗=0 (𝑂(𝑖, 𝑗) − 𝐷(𝑖, 𝑗))
By minimizing pixel variations, this encryption technique
prevents attackers from obtaining personally identifiable where O signifies the original image's matrix data. D is the
information about the image. The histograms for the original degraded image's matrix data. The variables m and i denote the
QR code image and the encrypted QR image are shown in Fig. number of rows” of pixels and the row index, respectively, in
4. The histogram of an image displays the frequency of various the image. The variables n and j denote the number of pixels in
R, G, and B levels in the image relative to each other. For every each column and the image's corresponding column index,
R, G, and B level, pixel counts are plotted on the y-axis and respectively. The root mean square error is known as RMSE.
intensity values are plotted on the x-axis. The encrypted image's
standard histogram outcome makes it more difficult for
unauthorized parties to extract any information and makes it TABLE I. COMPARISON
more difficult for them to recreate the original image. QR code Encrypted NPCR PSNR
Image

99.6500 27.7860
VSS

Proposed 99.9058 27.9258

Multiple
Encryption

99.5946 27.6421
VSS

Proposed 99.8921 27.8861

Multiple
Fig. 4. Histogram of Original and Encrypted Image
Encryption

B. Number of Pixel Rate Change test
One of the statistical tests used to assess how resilient an
encrypted image is to statistical attacks is the NPCR ("Number
of Pixel Change Rate"). NPCR is used to quantify the rate of
change between the original and encrypted image pixels [18].
The mathematical formula (1) is used in the calculation of
NPCR values.
Σ𝑁 𝐷(𝑖,𝑗)
𝑁𝑃𝐶𝑅 = ∑𝑀 𝑖=1
𝑗=1
∗ 100 (1)
𝑀∗𝑁
M and N stand for the interferogram's width and height,
respectively, in the encrypted form. C1(i,j), the interferogram,
is encrypted before a pixel change.C2(i,j) is the encrypted
interferogram after a pixel change. D(i,j) is a bipolar network.
Table 1. shows the comparison of VSS and proposed
multiple encrypted image.
VI. CONCLUSION
The suggested method has shown increased efficiency and
effectiveness, as seen in the results obtained from experiments
with a group of images. These results allow for comparison with
other methods. Tests conducted show a high level of security
achieved by the multi-encryption algorithm, with a score
of 99.94%. This indicates its ability to resist different types of
attacks. Furthermore, the results suggest that attackers cannot
extract information about the original image data from the
resulting images.

979-8-3503-7274-8/24/$31.00 ©2024 IEEE 847

Authorized licensed use limited to: NATIONAL INSTITUTE OF TECHNOLOGY SILCHAR. Downloaded on May 31,2024 at 06:13:11 UTC from IEEE Xplore. Restrictions apply.
 Proceedings of 2024 International Conference on Cognitive Robotics and Intelligent Systems (ICC - ROBINS 2024)
IEEE Xplore Part Number: CFP24UD1-ART; ISBN: 979-8-3503-7274-8
REFERENCES
[1] P. De, K. Dey, V. Mankar, “An assessment of qr code as a user interface
enabler for mobile payment apps on smartphones”, IndiaHCI’15,
December 17-19, 2015.
[2] Ivan Jelic and Dina Vrkic, “QR codes in the library - Does anyone use
them?”,2013.
[3] S. Agrawal, "Impact of Error Filters on Shares in Halftone Visual
Cryptography", International Conference on Computer Science,
Engineering and Applications, 2012.
[4] Z. Zhou, G. R. Arce, and G. D. Crescenzo, "Halftone visual
cryptography", Image Processing, 2003 International Conference on
IEEE, I-521-4.vol.1, 2003.
[5] Kamal, Sawsan, Ameen, Basheer, “A New Method for Ciphering a
Message Using QR Code”, Computer Systems Science and Engineering,
2016.
[6] P. Kieseberg, M. Leithner, M. Mulazzani, et al., Qr code security,
Proceedings of the 8th International Conference on Advances in Mobile
Computing and Multimedia, 2010.
[7] Katharina Krombholz, Peter Fruhwirt, Peter Kieseberg, Ioannis Kapsalis,
Markus Huber, and Edgar Weippl, “QR code security: A survey of attacks
and challenges for usable security”, International Conference on Human
Aspects of Information Security, Privacy, and Trust, 2014.
[8] Z. Wang, G. R. Arce, and G. Di Crescenzo, “Halftone visual cryptography
via error diffusion”, IEEE Trans. Inf. Forensics Security, 4, 383–396,
2009.
[9] A. Beimel, “Secret-sharing schemes: A survey”, International Conference
on Coding and Cryptology, 2011.
979-8-3503-7274-8/24/$31.00 ©2024 IEEE
Authorized licensed use limited to: NATIONAL INSTITUTE OF TECHNOLOGY SILCHAR. Downloaded on May 31,2024 at 06:13:11 UTC from IEEE Xplore. Restrictions apply.
[10] SongWan, Guozheng Yang, Lanlan Qi, Longlong Li, Xuehu Yan_and
Yuliang Lu, “Multiple security anti-counterfeit applications to QR code
payment based on visual secret sharing and QR code”, Mathematical
Biosciences and Engineering Volume 16, Issue 6, 6367–6385.
[11] Srushti Gandhi, Taral Butani, Ravi Gor, “Image Encryption System using
Rubik’s Cube Algorithm”, IOSR Journal of Computer Engineering
(IOSR-JCE), Volume 24, Issue 4, Jul. –Aug. 2022.
[12] https://www.geeksforgeeks.org/advanced-encryption-standard-aes/
[13] https://www.geeksforgeeks.org/block-cipher-modes-of-operation/
[14] Ako Muhamad Abdullah, “Advanced Encryption Standard (AES)
Algorithm to Encrypt and Decrypt Data”, Cryptography and Network
Security, June 16, 2017.
[15] Nandhini Subramanian , Omar Elharrouss , Somaya Al-Maadeed, And
Ahmed Bouridane, “Image Steganography: A Review of the Recent
Advances”, IEEE Access, 2017.
[16] Krishnapriya P V, Smitha Suresh, “Image Security Using Linear
Feedback Shift Register”,International Journal of Innovative Science and
Research Technology, Volume 2, Issue 6, June – 2017.
[17] Salah T. Allawi, Dr.Jamila H. Al-A’meri , “Image yption Based on Linear
Feedback Shift Register Method”, Al-Sadeq International Conference on
Multidisciplinary in IT and Communication Science and Applications,
2016.
[18] Salah Taha Allawi, Nada Abdul Aziz Mustafa, “Image encryption based
on combined between linear feedback shift registers and 3D chaotic
maps”, Indonesian Journal of Electrical Engineering and Computer
Science, Vol. 30, No. 3, June 2023,
848