Authenticating Data Transfer Using RSA-Generated QR Codes
##plugins.themes.bootstrap3.article.main##
Lack of security measures for cybersecurity threat is somewhat vulnerable and can even put one’s digital life at high risk of phishing attack which is so alarming nowadays. Perpetrators may even use fictitious personal information to infiltrate various institutions for their malicious acts. It is the aim of this paper to present a security measure for a safe data transfer by means of vaccination card. Vaccination information is one of the most commonly acquired pieces of data today. However, because most internet data collection processes lack encryption, personal data becomes very vulnerable to threats. As a result, the researchers presented a Centralized Covid-19 Record System, which illustrates secure data transfer via RSA-generated QR codes. A descriptive research design was employed in which a survey questionnaire together with secondary data sources and online tools i.e., RSA Express Encryption/Decryption Calculator and QR code generator were utilized as data instruments. Through a culmination of knowledge on asymmetric cryptography, RSA algorithm, QR codes, and web system development, answers to the founded research questions were unveiled. The web system’s architecture comprises several components and sub-components building its digital makeup. For the system development process, the most essential structural components are the web browser, web server, and database server. Through a message encryption/decryption feature that makes use of the RSA algorithm in generating a key pair, cryptography was implemented in the system. The essential mathematical parameters comprising such features are RSA encryption algorithm, RSA decryption algorithm, and Euler phi function. As for the system development environment, several hardware and software requirements that build and support the system’s end-to-end process were also specified. Upon the employment of those specifications, the system was able to offer several security features including the 15-digit account user IDs and QR code scanning for log-in, secured acquisition of public and private keys, and an admin verification process. Lastly, it was found that asymmetric cryptosystem provides a secured channel for data transfer due to the computational difficulty of factoring the large integers that constitute modulo . Upon the strategic culmination of the study’s framework, well-established system architecture, required system specifications, and security measures, the researchers were able to successfully develop VacciFied.net, a Centralized Covid-19 Record System involving authenticated data transfer process.
References
-
Atwady Y, Hammoudeh M. A Survey on Authentication Techniques for the Internet of Things. Proceedings of the International Conference on Future Networks and Distributed Systems. 2017.
Google Scholar
1
-
Chenchev I, Aleksieva-Petrova A, Petrov M. Authentication Mechanisms and Classification: A Literature Survey. Lecture Notes in Networks and Systems. 2021: 1051–1070.
Google Scholar
2
-
Derhab A., Belaoued M., Guerroumi M., & Khan F. A. Two-Factor Mutual Authentication Offloading for Mobile Cloud Computing. IEEE Access. 2020; 8: 28956–28969.
Google Scholar
3
-
Alhothaily A, Hu C, Alrawais A, Song T, Cheng X, Chen D. A Secure and Practical Authentication Scheme Using Personal Devices. IEEE Access. 2017; 5: 11677–11687.
Google Scholar
4
-
Ali G, Ally Dida M, Elikana Sam A. Two-Factor Authentication Scheme for Mobile Money: A Review of Threat Models and Countermeasures. Future Internet. 2020; 12(10); 160.
Google Scholar
5
-
Barker E, Barker WC. Recommendation for Key Management: Part 2 - Best Practices for Key Management Organizations. NIST Special Publication. 2019: 800–57.
Google Scholar
6
-
Purnomo AT, Gondokaryono YS, Kim CS. Mutual authentication in securing mobile payment system using encrypted QR code based on Public Key Infrastructure. 2016 6th International Conference on System Engineering and Technology (ICSET). 2016.
Google Scholar
7
-
Ali RF, Muneer A, Dominic PDD, Taib SM, Ghaleb EAA. Internet of Things (IoT) Security Challenges and Solutions: A Systematic Literature Review. Communications in Computer and Information Science. 2021: 128–154.
Google Scholar
8
-
Thirumalai C, Kar H. Memory efficient multi key (MEMK) generation scheme for secure transportation of sensitive data over cloud and IoT devices. 2017 Innovations in Power and Advanced Computing Technologies (i-PACT). 2017.
Google Scholar
9
-
Cerf VG. Self-authenticating identifiers. Communications of the ACM, 2018; 61(12): 5.
Google Scholar
10
-
Farrell, S, Wenning R, Bos B. STRINT Workshop - report/papers. W3.Org. [Internet] 2015. [cited 2022 May 5] Available from: https://www.w3.org/2014/strint/draft-iab-strint-report.html
Google Scholar
11
-
Wahsheh HAM. Secure and Usable QR Codes. Università Ca’Foscari Venezia [Internet] 2019. Available from : http://dspace.unive.it/bitstream/handle/10579/15022/956262-1208160.pdf?sequence=2.
Google Scholar
12
-
Focardi R, Luccio FL, Wahsheh HAM. Usable cryptographic QR codes. 2018 IEEE International Conference on Industrial Technology (ICIT). 2018.
Google Scholar
13
-
Robinson CP. The Key to Cryptography: The RSA Algorithm. BSU Honors Program Theses and Projects. [Internet] 2018. Available from: https://vc.bridgew.edu/honors_proj/268
Google Scholar
14
-
Nivetha A, Preethy Mary S, Santosh Kumar J. Modified RSA encryption algorithm using four keys. International Journal of Engineering Research & Technology (IJERT). 2015; 3(7): 1-5.
Google Scholar
15
-
Goyal K. Randomization of RSA and other main public-key cryptosystems. MSc Thesis. Masaryk University. 2018.
Google Scholar
16
-
Naresh K, Pillai PN. QR verification system using RSA algorithm. International Journal of Innovation and Scientific Research. 2014; 10(2): 433-437.
Google Scholar
17
-
Rawat V, Nath KDD, Shukla DN. QR code based cloud data protection using RSA algorithm. International Journal of Creative Research Thoughts (IJCRT). 2018; 6(2): 561-570.
Google Scholar
18
-
Ahamed S. Development of a secure QR code system for hiding personal confidential information. MSc Thesis. Bangladesh University of Engineering and Technology. 2018.
Google Scholar
19
-
Daddala B. Design and implementation of a customized encryption algorithm for authentication and secure communication between devices. MSc Thesis. University of Toledo. 2017.
Google Scholar
20
-
Kafle S. Securing Distributed Context Exchange Networks in Mobile Environments MSc Thesis. Mid Sweden University. 2013.
Google Scholar
21
-
Jathar C, Gurav S, Jamdaade K. A review on QR code analysis. International Journal of Application or Innovation in Engineering & Management (IJAIEM). 2019; 8(7): 1-6.
Google Scholar
22
-
Wahsheh HAM, Luccio FL. Security and privacy of QR code applications: A comprehensive study, general guidelines and solutions. Information. 2020; 11(4): 217.
Google Scholar
23
-
Umaria MM, Jethava G. Enhancing the data storage capacity in QR code using compression algorithm and achieving security and further data storage capacity improvement using multiplexing. 2015 International Conference on Computational Intelligence and Communication Networks (CICN). 2015.
Google Scholar
24
-
Dey S, Nath A. Confidential encrypted data hiding and retrieval using QR authentication system 2013 International Conference on Communication Systems and Network Technologies, Kolkata, India. 2013.
Google Scholar
25
-
Ahamed S, Mustafa HA. A secure QR code system for sharing personal confidential information International Conference on Computer, Communication, Chemical, Materials and Electronic Engineering (IC4ME2). 2019.
Google Scholar
26
-
Abed HN. Robust and secured image steganography using LSB and encryption with QR code. Journal of AL-Qadisiyah for Computer Science and Mathematics. 20179; (2): 1-9.
Google Scholar
27
-
Mittra P, Rakesh N. A desktop application of QR code for data security and authentication. 2016 International Conference on Inventive Computation Technologies (ICICT). 2016.
Google Scholar
28
-
Zhang J, Liu S, Pan J-S, Ji X. Digital certificate based security payment for QR code applications. Advances in Intelligent Systems and Computing. 2017.
Google Scholar
29
-
Masalha F, Hirzallah N. A students attendance system using QR code. International Journal of Advanced Computer Science and Applications. 2014; 5(3): 1-5.
Google Scholar
30
-
Quilala R, Sison AM, Medina R. QR code integrity verification based on modified SHA-1 algorithm. Indonesian Journal of Electrical Engineering and Informatics (IJEEI). 2018; 6(4): 385-392.
Google Scholar
31
-
Intila CA, Gerardo BD, Medina RP. Modified key generation in RSA algorithm. International Journal of Recent Technology and Engineering (IJRTE). 2019; 8(2): 1-5.
Google Scholar
32
-
Al Busafi S, Kumar B. Review and Analysis of Cryptography Techniques. 2020 9th International Conference System Modeling and Advancement in Research Trends (SMART). 2020.
Google Scholar
33
-
Barbay J. Review of understanding and applying cryptography and data security by Adam J. Elbirt. ACM SIGACT News. 2012; 43(1): 18–21.
Google Scholar
34
-
Blog F. Descriptive Research Designs: Types, Examples & Methods. Formplus. 2020.
Google Scholar
35
-
Brush K, Rosencrance L, Cobb M. Asymmetric cryptography (public key cryptography). SearchSecurity. [Internet] 2021 [cited 2022 June 13] Available from: https://www.techtarget.com/searchsecurity/definition/asymmetric-cryptography
Google Scholar
36
-
ClickSSL. Symmetric vs Asymmetric Encryption – Know the Difference. ClickSSL Blog - Information about SSL Certificates & Infosec. [Internet] 2022 Available from: https://www.clickssl.net/blog/symmetric-encryption-vs-asymmetric-encryption
Google Scholar
37
-
codeSTACKr. Visual Studio Code 2022 | Web Dev Setup | Top Extensions, Themes, Settings, Tips & Tricks [Video]. YouTube. [Internet] 2021 Available from: https://www.youtube.com/watch?v=fJEbVCrEMSE
Google Scholar
38
-
Combinations and Permutations. Mathsisfun.com. [Internet] 2017 Available from: https://www.mathsisfun.com/combinatorics/combinations-permutations.html
Google Scholar
39
-
Czereszko G. Decrypting the future: a mathematical review of error-correcting codes and cryptography. Ball State University Libraries. [Internet] 2018 Available from: https://cardinalscholar.bsu.edu/handle/123456789/201420
Google Scholar
40
-
Daniel B. Symmetric vs. Asymmetric Encryption: What’s the Difference? Trenton Systems, Inc. [Internet] 2021 Available from: https://www.trentonsystems.com/blog/symmetric-vs-asymmetric-encryption
Google Scholar
41
-
Development Environment: A Definitive Guide. Indeed Career Guide. [Internet] 2021 Available from: https://www.indeed.com/career-advice/career-development/development-environmen
Google Scholar
42
-
Development Environment. (n.d.). SUSE Defines. [Internet] Available from: https://www.suse.com/suse-defines/definition/development-environment/
Google Scholar
43
-
Hoffstein J, Pipher J, Silverman JH. An Introduction to Mathematical Cryptography. Springer Publishing. 2014.
Google Scholar
44
-
Isaiah A. How to add HTTPS to your website for free in 10 minutes, and why you need to do this now more than…. FreeCodeCamp.org. [Internet] 2018 Available from: https://www.freecodecamp.org/news/free-https-c051ca570324/
Google Scholar
45
-
Wright J. (2013, January 15). Learn PHP in 15 minutes [Video]. YouTube. https://www.youtube.com/watch?v=ZdP0KM49IVk
Google Scholar
46
-
Lake, J. What is RSA encryption and how does it work? Comparitech. [Internet] 2021 [cited 2022 June 13] Available from: from https://www.comparitech.com/blog/information-security/rsa-encryption/
Google Scholar
47
-
Loshin P. plaintext. SearchSecurity. [Internet] 2021 [cited 2022 June 13] Available from: https://www.techtarget.com/searchsecurity/definition/plaintext#:%7E:text=In%20cryptography%2C%20plaintext%20is%20usually,algorithms%20is%20not%20always%20plaintext.
Google Scholar
48
-
Marget A. Development and Test Environments: Understanding the Different Types of Environments. Unitrends. [Internet] 2021 Available from: https://www.unitrends.com/blog/development-test-environments
Google Scholar
49
-
Maxey M. A Modern Day Application of Euler’s Theorem: The RSA Cryptosystem. [Internet] 2021 Available from: https://www.gcsu.edu/sites/files/page-assets/node-808/attachments/maxey.pdf
Google Scholar
50
-
Mitali VK, Sharma A. A survey on various cryptography techniques. International Journal of Emerging Trends & Technology in Computer Science (IJETTCS). 2014; 3(4): 307–312.
Google Scholar
51
-
Montero C. Centralized Covid Vaccination Records System in PHP Free Source Code|Free Source Code Projects and Tutorials. Sourcecodester. [Internet] 2021 Available from: https://www.sourcecodester.com/php/14997/centralized-covid-vaccination-records-system-php-free-source-code.html
Google Scholar
52
-
Open Source Initiative. The Open Source Definition | Open Source Initiative. Opensource.org. [Internet] 2007 Available from: https://opensource.org/osd
Google Scholar
53
-
Otto, M. Bootstrap. Getbootstrap.com. [Internet] 2000 Available from: https://getbootstrap.com/
Google Scholar
54
-
Quick Programming. Simple signup and login system with PHP and Mysql database|Full Tutorial|How to & source code [Video]. YouTube. [Internet] 2020 Available from: https://www.youtube.com/watch?v=WYufSGgaCZ8
Google Scholar
55
-
Rastogi A. PHP a Scripting Language | General-purpose programming language. NewGenApps - DeepTech,FinTech,Blockchain, Cloud, Mobile, Analytics. [Internet] 2020 Available from: https://www.newgenapps.com/technology/php/
Google Scholar
56
-
Ricart JR. A Beginners’ Guide to Domain Names. Wix Blog. [Internet] 2021 Available from: https://www.wix.com/blog/2021/03/what-is-a-domain/
Google Scholar
57
-
Security, S. What is Asymmetric Encryption? Read Symmetric vs. Asymmetric Encryption Diversity. Savvy Security. [Internet] 2021 Available from: https://cheapsslsecurity.com/blog/what-is-asymmetric-encryption-understand-with-simple-examples/#:%7E:text=Asymmetric%20Encryption %20uses% 20two%20distinct,recipient%20can%20decrypt%20the%20message
Google Scholar
58
-
SourceCodester. Centralized Covid Vaccination Records System in PHP DEMO [Video]. YouTube. [Internet] 2021 Available from: https://www.youtube.com/watch?v=Mgj-zITzzcA
Google Scholar
59
-
Source Code PH. QR Code Based Centralized Covid Vaccination Records System in PHP and MySql [Internet] 2022 Available from: YouTube. https://www.youtube.com/watch?v=tyT_ZHFfaDY&t=10s
Google Scholar
60
-
The Economic Times. (n.d.). What is Ciphertext? Definition of Ciphertext, Ciphertext Meaning. [Internet] Available from: https://economictimes.indiatimes.com/definition/ciphertext
Google Scholar
61
-
Warrayat, A. Cryptography and RSA. Uga.edu. [Internet] 2012 Available from: http://jwilson.coe.uga.edu/EMAT6680Fa2012/Warrayat/EMAT%206690/Essay2/Essay2.html
Google Scholar
62
-
What is Asymmetric Encryption? Understand with Simple Examples. Savvy Security. [Internet] 2021 Available from: https://cheapsslsecurity.com/blog/what-is-asymmetric-encryption-understand-with-simple-examples/
Google Scholar
63
-
What is Web-Based Systems. (n.d.). IGI Global. [Internet] Available from: https://www.igi-global.com/dictionary/web-based-systems/32428
Google Scholar
64
-
Why RSA Encryption is secure - RSA Encryption. (n.d.). Sites.google.com. [Internet] Available from: https://sites.google.com/site/danzcosmos/why-rsa-encryption-is-secure
Google Scholar
65
Most read articles by the same author(s)
-
Rhonil Victor G. Gaylon,
Reyn A. Galapia,
Romie C. Mabborang,
Alvin G. Bansil,
A Proposed Optimization Algorithm for Solving CCTV Camera Placement , European Journal of Information Technologies and Computer Science: Vol. 2 No. 6 (2022)