5

So I'm making an Android application, I need my application to be only able to scan my own generated QR codes, and I want to make sure that nobody else can generate fake ones.

The data isn't sensitive, it's very okay to be read by anyone, and even be in plaintext.

The problem comes is that, I need to verify the source of the QR code, I've been suggested to digitally sign it, thus, I have my private key, and I ship my application with a public key, and the application then uses the public key to check the QR code

Some of the things I don't get:

  • Am I encrypting the whole message using the private key? or I just generate some separate signature that sits next to me message?
  • As far as I know, with RSA, for example, everytime I encrypt a message, a new private and public key are generated, right? So how is the application going to verify/decrypt the message if the public key is constantly changing per QR code?

Simply said:

My QR code data are something like:

{"a": 1, "b": 2, "c": 3}

And I want my application to make sure that this data comes from an authorized source, and not generated by anyone else.

Community
  • 1
OverCoder
  • 273
  • 1
  • 3
  • 7

2 Answers2

15

I've been suggested to digitally sign it, thus, I have my private key, and I ship my application with a public key, and the application then uses the public key to check the QR code

As long as you can live with the requirements for RSA (signature size, computation), that sounds like an excellent idea.

Am I encrypting the whole message using the private key? or I just generate some separate signature that sits next to my message?

You're generating some separate signature that sits next to your message. That is, the RSA signature algorithm (which you run) takes the message (and the private key), and spits out a 'signature'. Then, the RSA verify algorithm (which runs on the phone) takes the message, the signature, and the RSA public key, and then outputs either "signature valid", or "invalid".

You would put into the QR code your message and the signature.

As far as I know, with RSA, for example, everytime I encrypt a message, a new private and public key are generated, right?

Nope. There are things known as 'one-time-signatures" where a public/private key can be used only once, but RSA isn't one of them. Instead, a single RSA private key can sign as many messages as you want.

poncho
  • 154,064
  • 12
  • 239
  • 382
4

To your questions:

  1. You are not encrypting anything. Signing something with RSA is basically the same algorithm as decryption but some things are different (see below).

  2. No. You can generate one keypair and then use it for encryption, decryption, signing and verification.

To help you with your task:

Getting this right is not easy. If you have no experience with it, get an expert to review your code. Otherwise, you will likely end up with more than one vulnerability in the QR scanning mechanism.

See this answer on how RSA signatures work. You should also use a cryptographic library instead of implementing anything your own (never roll your own crypto ;)). If you do that, you might as well use ECC signatures which are more state-of-the-art.

Community
  • 1
marstato
  • 518
  • 3
  • 14