Mutual authentications to parties with QR-code applications in mobile systems

Cheng Ta Huang, Yu Hong Zhang, Li Chiun Lin, Wei Jen Wang, Shiuh Jeng Wang

Research output: Contribution to journalArticlepeer-review

5 Scopus citations


User authentication over the Internet has long been an issue for Internet service providers and users. A good authentication protocol must provide high security and mutual authentication on both sides. In addition, it must balance security and usability, which has been shown in the literature to be a difficult problem. To solve this problem, we propose a novel mutual authentication protocol with high security and usability. The proposed protocol was developed for quick response code, a type of two-dimensional barcode that can be photographed and quickly decoded by smartphones. We implemented a prototype using the proposed mutual authentication protocol and demonstrated how the prototype improves usability in a mobile communication system. We also used the Gong–Needham–Yahalom logic with several well-known attack models to analyze the security of the proposed protocol, and we obtained satisfactory results. We expect that using the proposed protocol, Internet service providers will be able to provide a mutual authentication mechanism with high security and usability.

Original languageEnglish
Pages (from-to)525-540
Number of pages16
JournalInternational Journal of Information Security
Issue number5
StatePublished - 1 Oct 2017


  • Authentication
  • Gong–Needham–Yahalom logic
  • Mobile system
  • Mutual authentication
  • Quick response code


Dive into the research topics of 'Mutual authentications to parties with QR-code applications in mobile systems'. Together they form a unique fingerprint.

Cite this