Albert did the encrypted QR code project back in summer and it was more of a product varification process: the companies generate the QR code and the users scan the QR code and get the result. This process is implemented with DES,RSA and a bit of Ceasar cryption. Then we decide to extend this program so that the users could upload files like photos, videos, etc... and share the secure QRcode to another user who logged in.
What it does
The users upload the files in the app and the app would generate a url link which directes to the cloud where the files are stored. After that,the link will be encrypted and a QR code picture is generated.according to the encrypted text. Then user can send the QRcode to another user. The receiver can scan the QR code on App and the decryption will be done and the url link which contains the info will be returned.
All the encrytption and the decryption are done by web server(should be) and the keys will be stored in the database. Since the time issue, we basically just store the keys in text book and run the code on our own laptop.
How I built it
we used flutter for the app and java for QRcode. For App, we used the flutter framework provided by google. We used a QR scanner API for use in the scanning portion of the app. All designed by Yassine. For QRcode, we are using google.zxing package for generating the bitmap of QRcode and reading the content of QRcode. This package is open sourced so it was easy to implement and modify. For encryption, we are using java.security and javax.crypto to implement DES and RSA.
These two packages can encrypt and decrypt the information using different type of encryption methods(DES,RSA,AES,MD5,SHA-1...) that the user input which is pre-coded into BASE64. It will also geneate the corresponding private/public key in a given length which will be stored into text book for later decryption.Besides, Ceasar cryption is eazy to find on the Internet.
Challenges we ran into
The most challenging stuff we faced is that we need to find a way to link the java and flutter. We found 4 ways to solve it (1.method channel 2.run java code on web server and return the result to the flutter 3.put everything into the jar file and run it with flutter 4.use xml file to specify buttons) But they are all FAILED, since we dont have much experience of android developing, we choose the developing platform which we are not familiar with.We were reaching out for help but nobody could help us.
Accomplishments that I'm proud of
The encryption way we are using is not only secure but also effect.The plaintext will first be encrypted by Ceasar encryption (shifting value is random between 100 and 999 )to avoid chosen plaintext attack.Then we chose DES to encrypt the plaintext and use RSA to encrypt the key of DES, since use RSA to encrypt the entire plaintext is pretty slow and use DES only is not safe. We also refactored the code to make it more flexible(more competible with GUI) and you can add icons in QRcode.
What I learned
We learned how to build android app, technology of QRcode and cryptography.