Well, there’s not much they can do with the QR code. You can deactivate it as soon as you’ve made contact and established proof of identity with the recipient.
But, if it was really important, there are cryptographic key-exchange protocols you can do even over an insecure connection. The Diffie-Hellman key exchange is one of them. Using something like that, you can derive a shared secret key even if someone’s listening.
But personally, I would just break it into two parts, and send one by email and one with pastebin’s “burn-after-read” option.
Well, there’s not much they can do with the QR code. You can deactivate it as soon as you’ve made contact and established proof of identity with the recipient.
But, if it was really important, there are cryptographic key-exchange protocols you can do even over an insecure connection. The Diffie-Hellman key exchange is one of them. Using something like that, you can derive a shared secret key even if someone’s listening.
But personally, I would just break it into two parts, and send one by email and one with pastebin’s “burn-after-read” option.