Professional Documents
Culture Documents
Authentication of Printed Document
Authentication of Printed Document
Abstract—Implementation of information systems in the public advantage of the use of these documents. Some parties try to
service has an impact on increasing the use of digital documents. manipulate permit documents by changing the information
Digital documents replace function of printed documents because recorded in the document. This fraud can cause substantial
they are legally recognised. In reality, printed documents are still material and non-material losses for the country.
considered relevant because it is still considered necessary as
legitimate evidence; one example is the permit document. Permit There is much vulnerability to forgery documents
documents are essential because they are needed as because permit documents in the form of printed documents
administrative requirements. The importance of permit are straightforward to duplicate and change. Therefore
documents has resulted in many falsifications of these special techniques are needed to guarantee the authenticity of
documents. Therefore guaranteeing the authenticity of these a printed document so that it is not easy to fake. To
documents is needed. The use of Quick Response (QR) Code is overcome the threat of forgery and information changes in a
present as a guarantor of authenticity document because it is printed document, we can use the QR Code technique that
considered capable of being an effortless way to validate the can show that the document content is authentic.
authenticity of printed documents. Authentication of QR codes is
difficult to determine by using the human senses because they Many studies discuss related to the use of QR Code
cannot know the original and fake codes. This inability causes related to securing printed documents. In the study conducted
QR Code to be vulnerable to counterfeiting. To guarantee [1] where they made a scheme for reading the QR Code with
authenticity, a unique QR code that is easily validated is needed. the results of decoding so that the existing information is
This study creates a unique QR Code by utilising AES and SHA- challenging to know using an ordinary scanner. Another
256 that are difficult to produce by other people so that the case, [2] modified the QR Code using the code Two Level
authenticity of information about document content can be Quick Response (2LQR) to overcome the lack of a standard
guaranteed and easily validated. QR Code for coding capacity that is resistant to the printing
and scanning process. This QR Code consists of two, which
Keywords— authentication, printed document, validation, QR at the first level maintains the characteristics of a standard
code QR code so that a regular QR code scanner can still identify
it; and the second level increases the capacity and
I. INTRODUCTION characteristics of QR codes by replacing black modules with
Today, the use and ease of technology change our texture patterns. This texture can survive from degradation
paradigm for storing data in digital form other than in printed due to the printing and scanning process.
documents. In an era of fast internet connection and Cryptographic applications are also widely used in
increasingly sophisticated data storage technology, the improvisation of the manufacture of QR Code such as [3]
exchange of data or digital information has become which utilises Advance Enforcement Standard (AES)
increasingly fast and easy. This convenience causes the use encryption on digital legality systems and [4] uses a modified
of printed documents to be abandoned. SHA-1 algorithm in the manufacture of the QR Code. Print
In Indonesia, it has implemented an electronic-based document protection can use a combination of QR Code and
government system. The application is also increasingly invisible digital signature [5]. Whereas in other techniques
widespread, starting from internal needs and then developing by combining watermark and QR Code techniques [6] [7] by
towards public services. At present, the regions have inserting an image into the image QR Code.
implemented information systems to improve the quality of The vulnerability of a QR Code is duplication; this is
services to the public. One example is a one-stop integrated because the human sense of sight cannot distinguish between
service system. One-stop integrated services serve the people original and fake code. In general, scanning a QR Code
regarding the issuance of permit documents. Permission produces text that leads to the URL address of the database
documents include Building Construction Permit, Business to verify a document. This vulnerability can be used by other
Place Permit, Doctor's Practice License, Construction parties to direct to another URL address by creating a fake
Service Business License and Company Registration QR Code attached to the document so that it can easily
Certificate and other permit documents. The need for printed manipulate a document. To guarantee a QR Code from its
documents is still needed as valid evidence and is a condition authenticity, quickly validation of a unique QR code is
for completeness in administrative matters. needed.
The need for permit documents is considered very This study consists of several parts, i.e: Part 2 explains
important, so fraud often occurs by parties who want to take the theories with research. Part 3 describes the methods used
229
first stage is the authentication of documents in the form of Scheme Production of Image QR Code can be seen in Figure
doc or pdf files as input documents, which are then affixed 3.
with a QR Code. The second stage is the validation of the
authenticity of the document. The QR code attached to the Data Input :
Document Name, Owner Hashing QR Code
printed document is then scanned to get the results in the Name, Time Stamp, and
page number of document.
(SHA 256) Generator
form of text that matches the data entered in the first stage. Image
QR Code
Note
Encryption Unique Teks
Key Validation
Document Athentication (AES)
(Hexadecimal)
Authentication Document with
Start Document Document Using QR Code
QR Code Figure 3. Scheme Production of Image QR Code
Digital
Change to JSON
A. Document Authentication End Authentic Yes Validation Signature
Info
Form
Not No
Authentic
230
A. Document Authentication Implementation Notes : dr. ABDUL SYUKUR KUDDUS, Sp.B
The implementation of the scheme in Figure 2 can be seen in 7311101214057474
Figure 5. Dokter Spesialis Bedah
10-7-2019 (79 characters)
Code of Validation: 12345678 (8 characters)
Barcode Placement on the Last Page Lower Right
Angle.
The validation password encrypted using the AES
algorithm encoded in hexadecimal format. The value
obtained from encoding is "BDB06C937F52942849CC2
84220A857F4". After the data is complete, all data is
combined, including the time stamp and the number of pages
of the document. The number of characters entered is 163
Upload File Input Data Doc with QR Code characters.
The combined data is entered into the JavaScript Object
Figure 5. Results of document authentication implementation Notation (JSON) format. The JSON value encrypted with
The application display is made simple to determine SHA-256 and saves with base64 format. The string length of
which file is attached to the QR Code image, by pressing the the encoding is 334 strings with string values, i.e.
"upload file" button and then selecting the file on the screen. “NtaRpfbAwIVqCmdIU8FkaFtE/wecb+6tiAVgGPDyBq4A3n
After that, storage of documents come into sight on the 1/h8ADJ4BysUIar1+SV16idOSIcSeFCNUnbeVtc1kCWqaoB
screen. Then the selected document opens. In this study, VcLS4rWzzjOqertJjG1I6IO+/AqHV8mujOSjdG00NWKJKyV
using a licensing document that is a Doctor's Practice iYgOMmiDbun/lyWNv4jm3ohiVG2hSTQoqOMfVDBDZN7g
License (SIPD) as seen in Figure 6. This document is a 5lcLsrIR2HOLjsTNcyaFEF+2wbRmg1KzfaUc/sHrUACLYu
requirement that must be owned by a doctor in opening a 0hXRrz4w11kZAVI1sTpaUjbOULsg2ELpq2hlWdxiEn/XH4w
practice site. Information contained in this document 4wf2PX/jJX9YrLrjBIsiYq/D0YYvfhKuouqhcsU6pnzVFKCOi
includes: BzPMSD0GKypgnV0g==”. This value is converted into bits
1. Name of the doctor; which are then generated to form a QR code.
2. Place of birth date;
3. Address of residence; The unique text produced is "KYBAQOM". This text is
4. Registration Certificate Number (STR); composed of 7 characters from the string above, with the
5. Period of validity of STR; following character arrangements:
6. Number of Professional Organization Characters 1 and 2 are taken from the 10th and 9th
Recommendations (OP); strings in the back;
7. Location of Practice; Characters 3 and 4 are taken from the 7th and 8th
8. Specialisation Practices carried out; and strings in the front;
9. Period of validity of practice permits. Characters 5, 6 and 7 are taken from the 3 middle
strings.
This text and the QR code image is combined. Images
from QR codes have a depth of pixels per inch of 500 dpi,
the size of the image attached to the document is 150 x 150
pixels equivalent to the size of 1.65 x 165 inches. The results
of documents with image QR Code save in the form of pdf
files.
231
the QR Code using encryption techniques is robust against
counterfeiting.
The next experiment was measuring coding capacity
contained in QR code images with a varying number of text
entries. Measuring the QR Code capacity is done by making
four QR codes with different amounts of data input. The
results can be seen in table 2.
Table 2. Comparison of QR codes based on data input
V. CONCLUSION
Conclusions that can be drawn from this study include:
1. This security application utilises cryptographic
Fake QR Code Results of Scanning functions in the form of AES / CBC / 7 No padding
and SHA-256 hashing functions and uses a time
Figure 8. Scanning Results stamp for authentication of the data.
From the results of scanning the QR Code that has been 2. Methods Security of printed documents utilises
changed, we can find differences in the unique text on the cryptographic, authentication, and integrity aspects.
QR Code so that it can be stated that the document and QR
Code is fake. To be more convincing, you can validate the 3. The QR Code used is good enough in authenticating
Password Key; if the key used is different, it is inevitable a printed document but is limited to the information
that the document is not authentic. This method proves that provided.
232
4. Because the QR Code is straightforward to produce, [4] H. Keni, M. Earle, and M. Min, ‘Product authentication
the QR Generate methods and algorithms must not using hash chains and printed QR codes’, in 2017 14th
be published, the authentication implementation IEEE Annual Consumer Communications &
should be separate from the implementation of the Networking Conference (CCNC), Las Vegas, NV,
validation. USA, 2017, pp. 319–324.
5. The symmetric key management process is still [5] M. Warasart and P. Kuacharoen, ‘Paper-based
manual so that further development needs to be Document Authentication using Digital Signature and
done. QR Code’, Int. Conf. Comput. Eng. Technol. ICCET,
2012, vol. 4, p. 5, 2012.
REFERENCES [6] H. P. Nguyen, A. Delahaies, F. Restraint, D. H.
Nguyen, M. Pic, and F. Morain-Nicolier, ‘A
[1] H. Peng-Cheng, L. Yung-Hui, C. Chin-Chen, and L. watermarking technique to secure printed QR codes
Yanjun, ‘Efficient Scheme for Secret Hiding in QR using a statistical test’, presented at the Global
Code by Improving Exploiting Modification Direction’, Conference on Signal and Information Processing
KSII Trans. Internet Inf. Syst., vol. 12, no. 5, pp. 2348– (GlobalSIP), 2017, pp. 288–292.
2365, May 2018. [7] L. Li, R. Wang, and C. Chang, ‘A Digital Watermark
[2] I. Tkachenko, W. Puech, O. Strauss, C. Destruel, and Algorithm for QR Code’, Int. J. Intell. Inf. Process.,
J.- Gaudin, ‘Printed document authentication using vol. 2, no. 2, pp. 29–36, Jun. 2011.
two-level or code’, in 2016 IEEE International [8] Z. Gao, G. Zhai, and C. Hu, ‘The Invisible QR Code’,
Conference on Acoustics, Speech and Signal presented at the MM ’15 Proceedings of the 23rd ACM
Processing (ICASSP), 2016, pp. 2149–2153. international conference on Multimedia, Brisbane,
[3] Okfalisa, N. Yanti, W. A. D. Surya, A. Akhyar, and A. Australia., 2015, pp. 1047–1050.
A. Frica, ‘Implementation of Advanced Encryption [9] F. Patil and Auricle Technologies Pvt. Ltd., ‘QR Code
Standard (AES) and QR Code Algorithm on Digital Approach for Examination Process’, Int. J. Recent
Legalization System’, E3S Web Conf., vol. 73, p. Innov. Trends Comput. Commun., vol. 3, no. 2, pp.
13009, 2018. 633–636, 2015.
233