Cellular-Automated Protocol to Safeguard Confidentiality of QR Codes

Abstract

Cellular automata (CA) is a veritable tool that provides useful insights into the intricate composition of physical systems. By exploiting this as well as the ability of CA to utilise local interactions of individual CA cells to function as a receptable for information processing, we propose a CA-based security protocol (CASP) to safeguard the integrity of QR codes. First, undertaking an extensive and conscientious study of the composition of QR codes, we propose delineating an encrypt-able area ( $E_{\mathrm {A}}$ ) that excludes key areas needed to retain physical appearance and properties of an innocuous QR Code. Further, we adduce a zoning structure that demarcates the $E_{\mathrm {A}}$ into seven zones. Our analysis shows that careful adulteration of contents of at least two zones are enough to produce encrypted versions of the QR codes. Second, each zone is partitioned into $m$ tiles, each a $3\times 3$ sub-block and then local interactions emanating from the occupancy (or strength) of the tiles are used to determine the composition of first- and second-tier rulesets. Third, to steer the evolution of the QR Codes, we propose the use of zone and cell-wise dextral boundary conditions (DBC) that combine a troika of cells permeating contents of a tile at state $t$ to determine the left-most cell entry at state $t+1$ of its evolution. Further, we impose a pixel-wise constraint that ensures that each encrypted tile has a discordance that is no less than the in-built error correction tolerance of the code. This property guarantees adequate scrambling of the QR code to mitigate unauthorised access to it and the information it conceals. Meanwhile, considering the properties (balanced, linear and reversible) and nature of our rulesets, the proposed CASP protocol recovers QR codes that are seamlessly scannable as conduits leading authorized users to confidential information. We validated our protocol by implementing both the encryption and recovery procedures on different versions of QR Codes and our results suggest that, on average, modifications up to a minimum of 2 to 5% of any two zones of the delineated $E_{\mathrm {A}}$ were enough to securely encrypt Versions 2, 3, and 4 QR Codes that were reported in the experiments; thus, rendering them unscannable and the information they conceal inaccessible. Similarly, the recovery process yields an average 97% fidelity between the original and recovered QR Codes, which is enough to restore full functionality of the codes without need for any special hardware or add-ons. Moreover, rulesets employed in our protocol are profuse, dynamic and complex, which are key properties for CA-based cryptography. This demonstrates the efficacy of our protocol as a tool to to confine the transitory role of QR Codes to authorised users.