A barcode is a graphical image that stores data in special patterns of vertical spaced lines (linear or 1D barcode), or special patterns of vertical and horizontal squares (2D barcode). The encoded data can be retrieved using imaging devices such as barcode scanner machines and smartphones with specific reader applications. 2D barcodes are considered inexpensive tools in business marketing, and several companies are using them to facilitate the post sale follow-up procedure of their products. Many previous studies discussed the potential risks in using 2D barcodes, and proposed different security solutions against barcodes threats. In this paper, we present a comparative study of various attacks to 2D barcodes and of the available protection mechanisms. We highlight the limitations and weaknesses of these mechanisms, and explore their security capabilities. According to our analysis, although many of the available barcode security systems offer cryptographic solutions, they can still have weak points such as the adoption of insecure cryptographic mechanisms. In some cases, cryptographic solutions do not even provide enough detail to evaluate their effective security. We revise potential weaknesses and suggest remedies based on the recommendations from the European Union Agency for Network and Information Security (ENISA).
Security Threats and Solutions for Two-Dimensional Barcodes: A Comparative Study
FOCARDI, Riccardo;LUCCIO, Flaminia;WAHSHEH, HEIDER AHMAD MUTLEQ
2017-01-01
Abstract
A barcode is a graphical image that stores data in special patterns of vertical spaced lines (linear or 1D barcode), or special patterns of vertical and horizontal squares (2D barcode). The encoded data can be retrieved using imaging devices such as barcode scanner machines and smartphones with specific reader applications. 2D barcodes are considered inexpensive tools in business marketing, and several companies are using them to facilitate the post sale follow-up procedure of their products. Many previous studies discussed the potential risks in using 2D barcodes, and proposed different security solutions against barcodes threats. In this paper, we present a comparative study of various attacks to 2D barcodes and of the available protection mechanisms. We highlight the limitations and weaknesses of these mechanisms, and explore their security capabilities. According to our analysis, although many of the available barcode security systems offer cryptographic solutions, they can still have weak points such as the adoption of insecure cryptographic mechanisms. In some cases, cryptographic solutions do not even provide enough detail to evaluate their effective security. We revise potential weaknesses and suggest remedies based on the recommendations from the European Union Agency for Network and Information Security (ENISA).
| File | Dimensione | Formato | |
|---|---|---|---|
|
FocardiLuccioWahssheh.pdf
non disponibili
Tipologia:
Documento in Pre-print
Licenza:
Accesso chiuso-personale
Dimensione
132.83 kB
Formato
Adobe PDF
|
132.83 kB | Adobe PDF | Visualizza/Apri |
I documenti in ARCA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
