By Topic

IEEE Quick Preview
  • Abstract
An optically encoded QR code with a phase mask.



Information security with optical techniques has been widely investigated [1], [2], [3], [4], [5], [6], [7], [8], [9], [10], [11], [12], [13], [14], [15]. Many variations of random phase encoding for security and encryption have been proposed [16], [17], [18], [19], [20], [21], [22], [23], [24], [25], [26], [27], [28], [29], [30], [31], [32]. Optical techniques in security provide many advantages including the ability to secure data with multi dimensional keys such as wavelength [3], polarization [4], and placing the keys in the Fresnel domain [5]. Recently, photon-counting imaging has been integrated with the double-random-phase encryption for optical security [26]. The motivation for using photon-counting is that the integration of photon-counting imaging generates an additional layer of complexity that enhances the security of the system against an attacker. A photon-limited encrypted image is very sparse compared with a conventional encrypted data. When photon-counting is used, the decrypted data is not recognizable by visual inspection making it more robust to attacks due to the sparse photon counting data. In addition, photon-counting imaging follows the Poisson distribution which is a nonlinear transformation unlike the conventional double random phase encryption which is a linear encoding. The nonlinear transformation is advantageous in making the system more robust against attacks.

In this paper, we propose a novel method for optical security and tagging. In this approach, we encrypt the data using the full phase double-random-phase encryption with photon-counting [28], and then apply an iterative compression technique based on Huffman coding [33] to compress the photon counting encrypted image. The data can then be stored in an optically encoded Quick Response (QR) code [34], [35] and placed on the object to be authenticated. Commercial QR scanners built into Smartphones such as an iPhone or Android device [36] can be used to scan the QR code and capture the encrypted data. The encrypted data can then be decrypted and decompressed using the correct keys and dedicated algorithms to deal with the photon-counting nature of the data. Image recognition algorithms such as nonlinear correlation filters [37], [38], [39] can be used to verify the decrypted image against the primary image for authentication. In addition, the QR code is optically phase encoded with a pseudo-random key so that the QR code is more secure against unauthorized duplication of the optical tag. The optical phase mask is then verified using an examination of its speckle diffraction signature using statistical analysis.

The proposed method may be particularly useful for authentication of integrated circuits (ICs). It adds an additional layer of security against counterfeiting of the IC by removing printed information located on the IC and storing its encrypted version in an optically phase encoded binary image. Thus, the IC will not contain any printed information about the chip, making it difficult for an attacker to identify the IC.

The paper is arranged as follows: Section 2 briefly describes the full phase double-random-phase encryption with photon-counting (PC-DRPE) and the correlation algorithms for authentication. In Section 3, the proposed method of combining the iterative Huffman Coding method with the PC-DRPE to store data in an optically encoded QR code is examined along with optical experimental results, including optical encoding mask verification to demonstrate the proposed concept. Section 4 presents the conclusion.



The full phase double-random-phase encryption with photon-counting (PC-DRPE) can be used to encrypt the input image [28]. For convenience, one-dimensional notation will be used in explaining the encryption method. To implement the encryption scheme, let Formula$(x)$ and Formula$(\upsilon)$ denote the spatial and frequency domains, respectively. In addition, let Formula$f (x)$ be the primary input image and Formula$n (x)$ and Formula$b (\upsilon)$ be two random noises that are uniformly distributed over the interval {0, 1]. The encrypted image is generated by first phase encoding the input image yielding Formula$\exp [i\pi f (x)]$ and then multiplying the phase encoded image by the phase mask Formula$\exp [i2\pi n (x)]$. This product is then convolved with a phase mask, Formula$h(x)$, whose Fourier transform is Formula$\exp [i2\pi b (v)]$. The encrypted image is then Formula TeX Source $$\psi (x) = \left\{\exp \left[i\pi f (x) \right]\times \exp \left[i2 \pi n (x) \right]\right\} \ast h (x)\eqno{\hbox{(1)}}$$ where ∗ denotes convolution and × denotes multiplication.

Photon-counting imaging [26], [27], [28], [40] is then applied to the amplitude of the encrypted image, Formula$\vert \psi (x)\vert$, by limiting the number of photons arriving at each pixel. It has been shown that this process can be modeled as a Poisson distribution. Moreover, the fewer the number of photons, the sparser the scene becomes due to less photons arriving at a pixel. The number of photons arriving at pixel Formula$j$ can be modeled as: Formula TeX Source $$P (l_{j}; \lambda_{j}) = {[ \lambda_{j}]^{l_{j}}e^{- \lambda_{j}} \over l_{j}!},\quad \hbox{for}\ \lambda_{j}\ >\ 0, \quad l_{j} \in \{0, 1, 2, \ldots\}\eqno{\hbox{(2)}}$$ where Formula$l_{j}$ is the number of photons detected at pixel Formula$j$ and Formula$\lambda_{j}$ is the Poisson parameter defined as Formula$N_{p}x_{j}$, where Formula$N_{p}$ is the number of photons in the scene and Formula$x_{j}$ is the normalized irradiance at pixel Formula$j$ such that Formula$\sum_{j = 1}^{M} x_{j} = 1$ with Formula$M$ being the total number of pixels. Moreover, the normalized irradiance is defined as Formula$\vert \psi (x_{j})\vert/\sum_{j = 1}^{M} \vert \psi (x_{j})\vert$, where Formula$\vert \psi (x_{j})\vert$ is the amplitude information.

The full phase PC-DRPE encrypted image, Formula$\psi_{ph} (x)$, can then be decrypted. The Fourier transform of Formula$\psi_{ph} (x)$ is taken and multiplied by the complex conjugate of the phase mask used in the frequency domain, Formula$\exp [ - i2\pi b (\nu)]$. The Fourier transform is then taken once more. In the full phase PC-DRPE decryption process, the resulting product must be multiplied by the complex conjugate of the phase mask used in the spatial domain, Formula$\exp [ - i2\pi n (x)]$. The final decrypted image, Formula$f_{ph} (x)$, which is real and positive, is then found as [8], [28]: Formula TeX Source $$\left\vert f_{ph} (x) \right\vert = \left\vert Arg\left\{A\exp \left[i\pi f_{ph} (x) \right]\right\}/\pi \right\vert\eqno{\hbox{(3)}}$$ where Formula$A$ is the amplitude of the decrypted image, Formula$Arg$ is the argument function and Formula$\Vert$ is the modulus operator.

Rather than recover the decrypted image, a noise-like decrypted image is obtained which is difficult to visually authenticate. However, the decrypted can be authenticated using classification algorithms such as nonlinear-processors [37], [38], [39]. To authenticate the decrypted image [Eq. (3)], a number of image recognition techniques can be used. We have selected the Formula$k$th order nonlinear processor [38] for its simplicity and effectiveness in the experiments that we have presented. In this approach, the Fourier transforms of the decrypted image, Formula$f_{ph} (x)$, and the input image, Formula$f (x)$, are first taken. The processor is implemented by the following equation: Formula TeX Source $$c(x) = IFT\left\{\left\vert F_{f_{ph}}(v)F_{f}(v) \right\vert^{k}\exp \left[j\left(\phi_{f_{ph}}(v) - \phi_{f}(v) \right)\right]\right\}\eqno{\hbox{(4)}}$$ where Formula$IFT$ is the inverse Fourier transform, Formula$k$ is the strength of the applied nonlinearity and determines the performance features of the processor, and Formula$\phi (v)$ is the phase information.



The data encrypted using the full phase double-random-phase encryption with photon-counting needs to be compressed and inserted into an optically encoded QR code. Currently, it is not possible to insert an image into a QR code [See Appendix A for more information about QR codes] due to data size restrictions and the limited resolution of commercial Smartphones when scanning the QR code [41]. To overcome this limitation, an image is inserted into a QR code via a hyperlink: A user scans the QR code containing the hyperlink which automatically redirects the user to the image. We present an iterative Huffman coding method to compress an image so it can be stored in a QR code allowing a Smartphone to read the QR code.

In the iterative Huffman coding method, we begin by applying Huffman coding [33] on the photon-limited amplitude data, Formula$\vert \psi_{ph} (x)\vert$, for low Formula$N_{p}$ [Eq. (2)] by converting the image into a 1 dimensional array. Note that each pixel is an integer value due to the Poisson distribution being a discrete distribution. The first Huffman code compression reduces the image into a series of bits. The Huffman code can then be represented as a series of integers by first padding the Huffman code with zeros to ensure the code can be separated into groups of 8 bits. Each group can then be converted to an integer; this is advantageous since the QR code is character limited. For example, if a group of 10 pixels has corresponding values [0 1 1 0 0 2 1 4 2 1] in the image, the Huffman code is then a series of bits corresponding to the symbol 0, 1, 2, or 4. Suppose a group of 8 bits is 10110111, this can be rewritten as 183. Once there has been one iteration of Huffman coding, Huffman coding can be repeated since there will be repeated integers between 1 and 256 which ranges from 1 to 3 characters each. The described Huffman coding procedure can be repeated until there is a low number of characters present in the compressed data.

Once the QR code has been scanned, the data can be decompressed if both the dictionary and the length of the unpadded Huffman code, in bit form, associated with each Huffman iteration are known (allowing for the zero padding to be removed). Moreover, the data can then be successfully decrypted if the phase mask keys and phase information used in the full phase PC-DRPE are known.

Currently, the resolution of the iPhone camera cannot discern the details of the QR code if the QR code is too small; however, the QR code can be enlarged using the cameras built into Smartphones. The enlarged QR code can then be scanned using a QR reader revealing the compressed and encrypted data. Fig. 1(a) depicts a 449 × 641 pixel binary image and Fig. 1(b) depicts a 3.15 mm × 3.15 mm QR code, generated using the ZXing Project [42], and placed on a 14.5 mm × 52.1 mm IC chip. The QR Code is also shown next to a dime in Fig. 1(b). Fig. 2(a) shows an enlarged QR Code obtained from the QR code shown in Fig. 1(b) using the iPhone 4 camera. Fig. 2(b) depicts the scanned QR code which reveals the compressed and encrypted (for Formula$N_{p} = 500\ \hbox{or}\ 1.73e-3\ \hbox{photons/pixel}$) data using the iPhone SCAN application.

Figure 1
Fig. 1. (a) 449 × 641 pixel binary image. (b) 3.15 mm × 3.15 mm QR code storing the encrypted and compressed image shown in (a) placed on a 14.5 mm × 52.1 mm IC; an image of the QR code placed next to a dime is also depicted.
Figure 2
Fig. 2. (a) Enlarged QR code taken using the iPhone 4 camera; (b) scanned QR code depicting the encrypted and compressed data using the iPhone SCAN Application.

Once the data has been scanned, it can be decompressed and decrypted. Fig. 3(a) shows the decrypted input image at Formula$N_{p} = 500$. Note that it is impossible to visually authenticate the decrypted image. However, a nonlinear correlation filter [Eq. (4)] can be used to authenticate the primary image with the input image. Fig. 3(c) shows the output of the Formula$k$th order nonlinear filter normalized to 1 with Formula$k = 0.3$. A distinct peak is obtained indicating the filter recognizes the decrypted image as a true class object. Fig. 3(b) shows a 449 × 641 pixel false class image, Formula$g(x)$, that is used in the Formula$k$th order nonlinear filter to verify that it can distinguish between true and false class objects. Fig. 3(d) shows the output of the filter using Formula$g(x)$ which has a maximum peak of 0.330.

Figure 3
Fig. 3. (a) Decrypted image obtained from the full phase PC-DRPE using the image shown in (a) as the input image (true class object); (b) 449 × 641 pixel binary false class image; (c) output of the Formula$k$th order nonlinear filter between the true class decrypted image and the true class object with Formula$k = 0.3$ normalized to 1; (d) output of the Formula$k$th order nonlinear filter between the true class decrypted image and the false class object which has a maximum peak of 0.330 with Formula$k = 0.3$.

A vulnerability of the proposed technique is that the QR code can be replicated while preserving the information stored inside of the code. One way to circumvent this security issue is to optically encode the QR code. To do this, we pasted a phase mask on the QR code and used coherent optical imaging to verify whether the QR code has been copied. Fig. 4(a) shows a QR code generated using the ZXing Project [42] encoded with a random phase mask placed on the QR code. An advantage of a phase mask is that it is transparent, which allows the QR code located on the IC to be scanned. Note that Reed Solomon Error correction incorporated into the QR code design [34] can account for any minor physical anomalies in the QR code. Fig. 4(b) shows the enlarged QR code shown in Fig. 4(a) successfully scanned using the iPhone SCAN Application.

Figure 4
Fig. 4. (a) QR code encoded with a random phase mask placed on an IC and (b) scanned QR code shown in (a).

To verify that the correct phase mask is used, a laser source illuminates the QR code located on the IC chip which is covered by the phase mask. The mask used in the experiments is a piece of scotch tape. The light scatters off of the random phase mask and generates a speckle pattern which can be seen on a projection screen, as shown in Fig. 5. The intensity of the speckle pattern can be recorded using a camera. Each phase mask generates a unique speckle pattern. Thus, the QR code along with the correct phase mask must be used to verify the QR code. Fig. 6(a) shows an example of the speckle intensity pattern of the QR code without a phase mask illuminated by a HeNe laser. Fig. 6(b) depicts the speckle intensity pattern of the QR code shown in Fig. 4(a).

Figure 5
Fig. 5. Experimental set-up for verifying the phase encoded QR code speckle pattern.
Figure 6
Fig. 6. Speckle intensity patterns generated by (a) a QR code without a phase mask and (b) an optically encoded QR code with a phase mask.

We note that the speckle intensity pattern of each individual point on the QR code can be modeled as a negative exponential distribution. Thus, the recorded speckle intensity pattern can be modeled as a sum of independent negative exponential distributions which is a gamma distribution [40], [43], [44]: Formula TeX Source $$\Gamma \left(I; n_{o}, {n_{o} \over \langle I\rangle}\right) = \left({n_{o} \over \langle I\rangle}\right)^{n_{o}}{I^{n_{o} - 1}\exp \left(- In_{o}/\langle I\rangle\right) \over \Gamma (n_{o})}\eqno{\hbox{(5)}}$$ where Formula$\langle \ \rangle$ denotes the mean ensemble, Formula$I$ represents the speckle intensity pattern data points and Formula$n_{o}$ is the number of independent correlation cells (speckles) within the scanning aperture and chosen so that the variance of the approximate and exact distributions are equal: Formula$n_{o}= \langle I\rangle^{2}/\sigma_{b}^{2}$, where Formula$\sigma_{b}$ is the standard deviation of the intensity fluctuation relative to the mean intensity.

The likelihood ratio test [45] can be used for classification between a true and false class speckle intensity pattern. Let Formula$H_{o}$ be the null hypothesis representing the true class object and Formula$H_{1}$ be the alternative hypothesis representing the false class object. The log-likelihood function of Eq. (5) is Formula TeX Source $$\log \left[l(\theta)\right] = Nn_{o} \, \log \left({n_{o} \over \langle I\rangle}\right) + (n_{o} - 1)\sum_{j = 1}^{N} \log (I_{j}) - N\log \left[\Gamma (n_{o})\right] - {n_{o} \over \langle I\rangle}\sum_{j = 1}^{N} I_{j}\eqno{\hbox{(6)}}$$ where Formula$\theta$ represents the distribution parameters, Formula$(n_{o}, n_{o}/\langle I\rangle)$, and Formula$N$ is the total number of Formula$I_{j}$.

The log-likelihood ratio can be written as: Formula TeX Source $$\log\left[l(\theta_{o})\right]\ - \log\left[l(\theta_{1})\right]\ \matrix{H_{o}\cr \matrix{>\cr\noalign{\vskip-7pt}<}\cr H_{1}}0,\eqno{\hbox{(7)}}$$ where Formula$\theta_{o}$ and Formula$\theta_{1}$ represent the true and false class distribution parameters, respectively.

Using the likelihood ratio test [Eq. (7)], the true class parameters are obtained from Fig. 6(b) and calculated as Formula$n_{o}/\langle I\rangle = 18.08$ and Formula$n_{o} = 3.43$. Moreover, the false class parameters are obtained from Fig. 6(a) and calculated as Formula$n_{o}/\langle I\rangle = 31.85$ and Formula$n_{o} = 7.47$. Using a true class image, such as Fig. 6(b), a log-likelihood difference of 20,682 was calculated indicating that the test favors the true class and thus can potentially be used for phase mask authentication.



We propose an optical security method for object authentication using photon-counting encryption implemented with phase encoded QR codes. The experiments are presented to demonstrate authentication of integrated circuits (IC). A binary image containing information used to identify an IC is encrypted using the full phase double-random-phase encryption with photon-counting (PC-DRPE). The encrypted data is then compressed using an iterative Huffman coding technique and embedded in a QR code. Thus, information used to identify the IC does not need to be printed on the integrated circuit. Experimental results show that the encrypted and compressed data stored in the QR code can be read by a commercial Smartphone. The data can then be decompressed and decrypted; however, the decrypted image is noise-like making it difficult to visually authenticate the image. Using correlators, the decrypted image can be verified as the original binary image. In addition, an optical phase mask was used to encode the QR code and it was verified by examining the speckle signature of the mask using statistical analysis. By not requiring the QR scanning device to be connected to the World Wide Web, many security vulnerabilities can be avoided such as malware being installed on the QR scanner. Moreover, if the IC is intercepted by an attacker, it will be difficult to identify the IC. Future work may include various types of encryption and security strategies, storing various parts of encrypted and photon-limited data followed by compression in the QR code.


The QR code is a 2D barcode created by D. Wave [34], [35]. The advantage of a QR code is that it can be scanned regardless of scanning direction or if the QR code is damaged. Online QR Code generators can be used to generate QR codes including the level of error correction and version number [42]. The QR code itself is a binary image consisting of black squares known as modules placed on a white background, as shown in Fig. 7(a), where each module represents some information about the input text. The QR code can be read by a QR reader built into Smartphones [36] to retrieve the text. However, as the number of characters stored in the QR code increases, the size of the modules decreases. As a result, if too much information is stored in a QR code, as shown in Fig. 7(b), the module size will fall below the resolution limit of the camera used in Smartphones making it difficult for the QR reader to scan.

Figure 7
Fig. 7. (a) QR code with 10 characters and (b) QR code with over 400 characters.


This work was supported in part by the National Science Foundation under Award #CNS-1344271. Corresponding author: A. Markman (e-mail:


No Data Available


No Photo Available

A. Markman

No Bio Available
No Photo Available

B. Javidi

No Bio Available
No Photo Available

M. Tehranipoor

No Bio Available

Cited By

No Data Available





No Data Available
This paper appears in:
No Data Available
Issue Date:
No Data Available
On page(s):
No Data Available
INSPEC Accession Number:
Digital Object Identifier:
Date of Current Version:
No Data Available
Date of Original Publication:
No Data Available

Text Size