QR codes vary in dimension from 21×21 (rows and columns) to 177×177. Every sq. in that grid represents a bit, with place, alignment, and error correction squares subtracted. Ignoring these subtractions, which means that QR codes can retailer between 441 bits to 31,329 bits (about 3.9 kB). So even the smallest QR code can symbolize a singular 256-bit encryption key. TheIoTProject engineers took benefit of that truth to construct a singular door lock system that depends on QR codes.
In follow, this method would work lots just like the RFID card scanners many individuals use to get into their workplaces. The issue with these methods is that the RFID card’s distinctive ID is static and that introduces a safety vulnerability. If a foul actor can clone a certified RFID card, they’ll unlock the door. This QR code system is totally different, as a result of it might generate a brand new momentary QR code for each use. Anytime somebody must unlock the door, they’d use an app or web site to generate the required QR code. These might require two-factor authentication for extra safety. After the consumer unlocks the door with a QR code or a set period of time passes, the system invalidates that QR code so it might’t be copied and utilized by a foul actor.
A legitimate QR code would symbolize an entry code encrypted as SHA256, making it almost inconceivable to brute pressure or reverse-engineer by cryptographic methods. A potential vulnerability is the transmission of the code from the server to the consumer’s app. However commonplace wi-fi encryption and the right IT practices would stop that and the restricted lifespan of a sound QR code would restrict the utility of such an assault.
To show this method, the crew put collectively a easy implementation consisting of a Raspberry Pi single-board laptop, a USB QR code scanner, and a relay module that might toggle an digital lock. That is an open supply system, so you possibly can discover the code and particulars on TheIoTProject GitHub web page.