Applying AES Decryption on Personal Identification for QR Code Security System

• Main Authors: Ying-Neng Sun, 孫英能
• Other Authors: Chih-Hung Wu
• Format: Others
• Language: zh-TW
• Published: 2014
• Online Access: http://ndltd.ncl.edu.tw/handle/96069160407003886260

碩士 === 建國科技大學 === 電機工程系暨研究所 === 102 === People often used the personal identity documents to deal with official work or money-related matters because government institutions or banks needed their identity authentication. To enhance the security and convenience of identity recognition, the study adopted the ICCID code stored in the SIM card inside mobile phone to substitute for personal identity documents. The study developed the Android program to convert ICCID code into ciphertext by AES encryption, and then encoded the ciphertext to QR code. The QR code could replace the personal identity documents to avoid the personal identity documents being stolen to do illegal matters. Because the QR code could be produced any time by Android program on the personal mobile phone, it had better security and convenience compared with personal identity documents. The staff of government institutions or banks used webcam connected with the PC to photograph the QR code and then decode the QR code into ciphertext. The PC convert ciphertext into ICCID code by AES decryption and then search the database to process the identity authentication. The study proposed three security protections of personal identification. (1)The first security protection was QR code. People could not recognize the QR code by naked eye unless they photographed the QR code and then decode it. (2)The second security protection was to adopt key in the process of ICCID code encryption and decryption by AES algorithm. (3)To avoid the QR code is taken by others without agreement, so the study proposed a time-sensitive key as the third security protection. The key is combined user's password input on the side with time data, so it cannot be reused.