Most of the previous image encryption schemes overlook certifying the source of the encrypted images, thus the receiver may be misled by messages coming from unauthorized users or wrong sources. To simultaneously accomplish image encryption and source authentication of the encrypted images, an optical image authentication and encryption scheme is proposed by integrating computational ghost imaging (CGI) with quick response (QR) code. Firstly, the plaintext image is converted into a QR code and encrypted by a scrambling-diffusion structure. Then, the authentication image is enciphered by a CGI system and a diffusion structure. The intermediate resulting images are marked and embedded into the random matrices to withstand the differential attack. Moreover, the source of the encrypted images can be identified by the reconstructed authentication image and the nonlinear correlation coefficient (NCC) result. The authentication is considered successful if a sharp peak appears in the center of the NCC result. Numerical simulations show that the proposed scheme can not only withstand different attacks, but also avoid being misled by misinformation during the decryption process.