Skip to main content
Book cover

International Symposium on Security in Computing and Communication

SSCC 2019: Security in Computing and Communications pp 26–40Cite as

Secure Authentication Using One Time Contextual QR Code

  • 490 Accesses

Part of the Communications in Computer and Information Science book series (CCIS,volume 1208)

Abstract

Traditional methods of authentication are subject to a wide variety of attacks. There is a high demand to deploy necessary mechanisms while authenticating a user to safeguard him/her and the system from the vulnerable attacks. In this paper, a novel one time Quick Response (QR) code based solution has been proposed to counter various types of security breach during the authentication process. The QR code will facilitate context-based authentication. Some information is stored within the QR code which changes for each authentication of the user. Using this information the user needs to derive a one-time password corresponding to his/her actual password. The proposed scheme can be well and easily adapted in various existing and new systems. The experiment and analysis shows that it is more efficient than the existing algorithms in countering security threats.

Keywords

  • Secure authentication
  • Contextual QR code
  • OTP
  • Secret information
  • Security attacks

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-981-15-4825-3_3
  • Chapter length: 15 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   69.99
Price excludes VAT (USA)
  • ISBN: 978-981-15-4825-3
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   89.99
Price excludes VAT (USA)
Learn about institutional subscriptions
Fig. 1.
Fig. 2.

References

  1. Shah, A.T., Parihar, V.R.: Overview and an approach for QR-code based messaging and file sharing on android platform in view of security. In: International Conference on Computing Methodologies and Communication (ICCMC), Erode, India. IEEE (2017)

    Google Scholar 

  2. Kayem, A.V.: Graphical passwords - a discussion. In: 30th International Conference on Advanced Information Networking and Applications Workshops (WAINA), Crans-Montana, Switzerland. IEEE (2016)

    Google Scholar 

  3. Malek, B., Orozco, M., Saddik, A.E.: Novel shoulder-surfing resistant haptic-based graphical password. In: Proceedings of the EuroHaptics 2006 Conference, Paris, France (2006)

    Google Scholar 

  4. Borkotoky, C., Galgate, S., Nimbekar, S.B.: Human computer interaction harnessing P300 potential brain waves for authentication of individuals. In: Proceedings of the 1st Bangalore Annual Compute Conference (COMPUTE 2008), Bangalore, India. ACM (2008)

    Google Scholar 

  5. Mulliner, C., Borgaonkar, R., Stewin, P., Seifert, J.-P.: SMS-based one-time passwords: attacks and defense. In: Rieck, K., Stewin, P., Seifert, J.-P. (eds.) DIMVA 2013. LNCS, vol. 7967, pp. 150–159. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39235-1_9

    CrossRef  Google Scholar 

  6. Conde-Lagoa, D., Costa-Montenegro, E., González-Castaño, F.J., Gil-Castiñeira, F.: Secure eTickets based on QR-codes with user-encrypted content. In: Digest of Technical Papers International Conference on Consumer Electronics (ICCE), Las Vegas, NV, USA. IEEE (2010)

    Google Scholar 

  7. Gupta, D.: A new approach of authentication in graphical systems using ASCII submission of values. In: 13th International Wireless Communications and Mobile Computing Conference (IWCMC), Valencia, Spain. IEEE (2017)

    Google Scholar 

  8. Shin, D.H., Jung, J., Chang, B.H.: The psychology behind QR codes: user experience perspective. Comput. Hum. Behav. 28(4), 1417–1426 (2012)

    CrossRef  Google Scholar 

  9. Shangfu, G., Jun, L., Yizhen, S.: Design and implementation of anti-screenshot virtual keyboard applied in online banking. In: International Conference on E-Business and E-Government (ICEE), Guangzhou, China, Guangzhou, China. IEEE (2010)

    Google Scholar 

  10. Brainard, J., et al.: Fourth-factor authentication: somebody you know. In: 13th ACM Conference on Computer and Communications Security, Virginia, USA. ACM (2006)

    Google Scholar 

  11. Xu, W., Tian, J., Cao, Y., Wang, S.: Challenge-response authentication using in-air handwriting style verification. IEEE Trans. Dependable Secure Comput. 17(1), 51–64 (2020)

    Google Scholar 

  12. Rouillard, J.: Contextual QR codes. In: Proceedings of the Third International Multi-Conference on Computing in the Global Information Technology (ICCGI 2008), Athens, Greece. IEEE (2008)

    Google Scholar 

  13. Bicakci, K., Baykal, N.: Infinite length hash chains and their applications. In: Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, Pittsburgh, USA. IEEE (2002)

    Google Scholar 

  14. Saranya, K., Reminaa, R.S., Subhitsha, S.: Modern applications of QR-code for security. In: 2nd IEEE International Conference on Engineering and Technology (ICETECH), Coimbatore, India. IEEE (2016)

    Google Scholar 

  15. Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)

    CrossRef  Google Scholar 

  16. Eldefrawy, M., et al.: Mobile one-time passwords: two-factor authentication using mobile phones. J. Secur. Commun. Netw. 5(5), 508–516 (2012)

    CrossRef  Google Scholar 

  17. Potey, M.M., Dhote, C.A., Sharma, D.H.: Secure authentication for data protection in cloud computing using color schemes. In: International Conference on Computational Systems and Information Systems for Sustainable Solutions (CSITSS), Bangalore, India. IEEE (2016)

    Google Scholar 

  18. Kumar, M., Garfinkel, T., Boneh, D., Winograd, T.: Reducing shoulder-surfing by using gaze based password entry. In: SOUPS 2007 - Proceedings of the 3rd Symposium on Usable Privacy and Security. ACM, Pittsburgh, Pennsylvania, USA (2007)

    Google Scholar 

  19. Haller, N.: The S/KEY one-time password system. In: ISOC Symposium on Network and Distributed System Security, San Diego, CA, USA (1994)

    Google Scholar 

  20. Malutan, R., Grosan, C.: Web authentication methods using single sign on method and virtual keyboard. In: Conference Grid, Cloud and High Performance Computing in Science (ROLCG), Cluj-Napoca, Romania. IEEE (2015)

    Google Scholar 

  21. Wiedenbeck, S., Waters, J, Sobrado, L, Birget, J.C.: Design and evaluation of a shoulder-surfing resistant graphical password scheme. In: Proceedings of Advanced Visual Interface (AVI 2006), Venezia, Italy. ACM (2006)

    Google Scholar 

  22. Suo, X., Zhu, Y, Owen, G.S.: Graphical passwords: a survey. In: Proceedings of the 21st Annual Computer Security Applications Conference, Tucson, AZ, USA. IEEE (2005)

    Google Scholar 

  23. Kao, Y.W., et al.: Physical access control based on QR code. In: International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery, Beijing, China. IEEE (2011)

    Google Scholar 

  24. Singh, M., Garg, D.: Choosing best hashing strategies and hash functions. In: International Advance Computing Conference, Patiala, India. IEEE (2009)

    Google Scholar 

Download references

Acknowledgement

This work is partially supported by the project entitled “QR code-based Multi-Factor Authentication Using Mobile OTP and Multi-dimensional Infinite Hash Chains” under RUSA 2.0 (Ref. No. R-11/668/19), Govt. of India.

Author information

Authors and Affiliations

  1. Jadavpur University, Kolkata, India

    Divyans Mahansaria & Uttam Kumar Roy

Authors
  1. Divyans Mahansaria
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Uttam Kumar Roy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Divyans Mahansaria .

Editor information

Editors and Affiliations

  1. Indian Institute of Information Technology and Management, Trivandrum, India

    Prof. Sabu M. Thampi

  2. University of Murcia, Espinardo, Murcia, Spain

    Gregorio Martinez Perez

  3. University of Queensland, Brisbane, QLD, Australia

    Ryan Ko

  4. Howard University, Washington, DC, USA

    Prof. Dr. Danda B. Rawat

Ethics declarations

All procedures performed in studies involving human participants were in accordance with the ethical standards. Informed consent was obtained from all individual participants included in the study.

Rights and permissions

Reprints and Permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Mahansaria, D., Roy, U.K. (2020). Secure Authentication Using One Time Contextual QR Code. In: Thampi, S., Martinez Perez, G., Ko, R., Rawat, D. (eds) Security in Computing and Communications. SSCC 2019. Communications in Computer and Information Science, vol 1208. Springer, Singapore. https://doi.org/10.1007/978-981-15-4825-3_3

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-4825-3_3

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-4824-6

  • Online ISBN: 978-981-15-4825-3

  • eBook Packages: Computer ScienceComputer Science (R0)