CN101626290A - Method for signature and confidentiality by fingerprints - Google Patents
Method for signature and confidentiality by fingerprints Download PDFInfo
- Publication number
- CN101626290A CN101626290A CN200810029326A CN200810029326A CN101626290A CN 101626290 A CN101626290 A CN 101626290A CN 200810029326 A CN200810029326 A CN 200810029326A CN 200810029326 A CN200810029326 A CN 200810029326A CN 101626290 A CN101626290 A CN 101626290A
- Authority
- CN
- China
- Prior art keywords
- fingerprint
- digital certificate
- signature
- digital
- pki
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a method for signature and confidentiality by fingerprints, and relates to the field of electronic information security. The method for the signature and the confidentiality by the fingerprints is a flow and a method realized by fingerprint verification and performing the verification based on the fingerprint identification technology and the PKI cryptographic technology. The method for the signature and the confidentiality by the fingerprint mainly comprises the following steps: 1, inserting a fingerprint device with a PKI digital certificate; 2, reading the digital certificate from the device through fingerprint login authentication; 3, checking the availability, the security and the authority of the digital certificate which selects a corresponding binding; 4, performing an HASH operation on electronic data content to obtain a digital abstract and then encrypting the abstract by utilizing a private key in the digital certificate to obtain a digital signature and a public key of the digital certificate; 5, signing the digital signature and the public key of the digital certificate in the electronic data content; 6, extracting the signature data and the public key of the digital certificate when performing the verification and decryption on the digital signature and the public key of the digital certificate, and decrypting the signature data with the public key to obtain the digital abstract; 7, making out the abstract for further comparison and verification; and 8, obtaining the authority by a user after the verification is successful.
Description
Technical field
The present invention relates to the electronic information security field.It provides a kind of method of using fingerprint signature and maintaining secrecy.
Background technology
Fingerprint recognition:
Just many alternative traditional " personal identification numbers " of conspicuous point of application of fingerprint identification technology, the insecurity of personal identification number is known by a lot of people, because the high security of personal identification number and mnemonic are conflicting.Utilize fingerprint identification technology to confirm that identity has then solved this problem well.
In addition, fingerprint identification technology also can be applicable to be used for managing easily personal information in the fields such as medical treatment, social security, confirms personal identification.Be applied in even among enterprise's routine attendance check.Current, the subject matter that fingerprint identification technology faces is exactly that reliability has much room for improvement.This is because computer when handling fingerprint, has only related to some finite information of fingerprint, and alignment algorithm is not accurate coupling, and its result can not guarantee that 100% is accurate.The important measurement sign of the application-specific of fingerprint recognition system is a discrimination.Mainly form, refuse to declare rate (FRR) and False Rate (FAR) by two parts.
Cryptography:
Cryptography (Cryptography) is derived from military requirement and develops, and its purpose is only limited to be avoided being monitored by the people or disturbing in communication process.In recent years along with the continuous progress of science and technology, be that the social every profession and trade of representative is all striding forward towards electronic automation direction with finance.Cryptography begins to be applied among the every field, is used to protect sensitive information and confirms both parties' identity.
Cryptographic high speed development is nearly 20 years thing, mainly has benefited from the high speed progress of computer technology.Early stage cryptography research only limits to the protection to information, and the technology limitation that is subject at that time can only be used such as simple method such as displacement method, displacement method.
Computer is introduced into after the cryptography research field as a kind of supercomputing instrument, has occurred more effective data ciphering method in succession, the most typical DES algorithm that surely belongs to.The full details of this algorithm all is disclosed, and its fail safe depends on that fully the privacy of key promptly needs only key and do not revealed, then can safe transmission with the data of DES algorithm for encryption.The DES algorithm has been started the precedent of public encryption algorithm details, and to the challenge of whole world proposition to its attack, this has significant impact on the cryptography development history.
The improvement of computing power is promoting the development of decryption technology equally, and the DES algorithm experiences the development in year surplus in the of 20, has been not enough to deal with day different advanced person's decryption technology.Therefore there are many cryptographic algorithm to arise at the historic moment, as IDEA algorithm and aes algorithm etc.But all these algorithms remain based on symmetrical encryption and decryption technology, compare not more innovation with DES.RSA Algorithm is the cryptographic algorithm of a kind of " open code system ".Compare with the DES scheduling algorithm, two different keys have been used in the encryption and decryption of RSA Algorithm, and one of them key can full disclosure.RSA Algorithm more is used in " authentication " field, and it is based upon the number that closes with big prime factor, and its factor decomposable process has on this fact of extremely huge computation complexity.In recent years to RSA Algorithm crack research still in continuous development, use the rsa encryption of short key can crack, but cracking of long key is still very difficult, so RSA Algorithm still extensive use at present with its high security.Breathe out assorted algorithm and provide auxiliary for RSA Algorithm, its purposes is to extract characteristic from the cleartext information of big data quantity, so that utilize RSA Algorithm to carry out " signature ".It is more to breathe out assorted algorithm kind, and commonly used have MD5, a SHA-1 algorithm.The part that studies show that out is in recent years breathed out assorted algorithm (as MD5) and can be calculated identical characteristic from different plaintexts, and therefore better what the assorted algorithm of research at present becomes a focus in the field of cryptography again.
Summary of the invention
1. the present invention is based on fingerprint identification technology and PKI cryptographic technique, by the flow process and the method for fingerprint authentication realization and checking.Its key step is:
1) user inserts the fingerprint instrument that the PKI digital certificate is housed on computers;
2) user is by the fingerprint login authentication of fingerprint instrument equipment, the digital certificate in the readout equipment;
3) user selects to use digital certificate, and system carries out availability to the digital certificate of selected corresponding binding, fail safe and scope check, if pass through, and the step below continuing;
4) after the checking of step 3) is passed through, electronic data content is carried out a HASH computing, obtain digital digest, use the private key in the digital certificate that summary is encrypted then, obtain digital signature and digital certificate PKI;
5) software systems log on digital signature and the digital certificate PKI that generates in the step 4) in electronic data content, finish ciphering process, simultaneously process are carried out log record;
When 6) digital signature and digital certificate PKI carried out the local verification deciphering, software systems were at first taken out signed data and digital certificate PKI from the electronic data content object; Use public-key then to the signed data deciphering, obtain digital digest;
7) use with step 4) in identical HASH algorithm computation go out summary and compare with summary in the step 7), if identical, then verify and pass through; Otherwise checking is not passed through, and electronic data content will not read;
8) after the digital certificate checking was passed through, the user can view electronic data content and other information.
2. a kind of method of using fingerprint signature and maintaining secrecy as claimed in claim 1, it is characterized in that: the user can be left the digital certificate chapter in the fingerprint instrument equipment in advance.
3. a kind of method of using fingerprint signature and maintaining secrecy as claimed in claim 1, it is characterized in that: the employed fingerprint instrument equipment of the method can be stored 10 customer digital certificates at most.
4. a kind of method of using fingerprint signature and maintaining secrecy as claimed in claim 1, it is characterized in that: the employed fingerprint instrument equipment of the method can be gathered 20 fingerprint templates at most, supports the multi-user to use.
Description of drawings
Figure is a kind of flow chart of the method for using fingerprint signature and maintaining secrecy.
Embodiment
System is by fingerprint instrument equipment (hardware) and be structured in top functional interface (software) and form.
1. hardware system mainly is divided into:
1. data security storage;
2. password support system;
3. the fingerprint electronic signature technology solidifies integrated.
2. software interface:
Provide proving program in public domain, by this proving program, can verify fingerprint, typing template etc.By the VC exploitation, carry out communication by it and USB flash disk firmware, and can carry out custom instruction.
Claims (4)
1. one kind is used fingerprint signature and secret method.The present invention is based on fingerprint identification technology and PKI cryptographic technique, by the flow process and the method for fingerprint authentication realization and checking.Its key step is:
1) user inserts the fingerprint instrument that the PKI digital certificate is housed on computers;
2) user is by the fingerprint login authentication of fingerprint instrument equipment, the digital certificate in the readout equipment;
3) user selects to use digital certificate, and system carries out availability to the digital certificate of selected corresponding binding, fail safe and scope check, if pass through, and the step below continuing;
4) after the checking of step 3) is passed through, electronic data content is carried out a HASH computing, obtain digital digest, use the private key in the digital certificate that summary is encrypted then, obtain digital signature and digital certificate PKI;
5) software systems log on digital signature and the digital certificate PKI that generates in the step 4) in electronic data content, finish ciphering process, simultaneously process are carried out log record;
When 6) digital signature and digital certificate PKI carried out the local verification deciphering, software systems were at first taken out signed data and digital certificate PKI from the electronic data content object; Use public-key then to the signed data deciphering, obtain digital digest;
7) use with step 4) in identical HASH algorithm computation go out summary and compare with summary in the step 7), if identical, then verify and pass through; Otherwise checking is not passed through, and electronic data content will not read;
8) after the digital certificate checking was passed through, the user can view electronic data content and other information.
2. a kind of method of using fingerprint signature and maintaining secrecy as claimed in claim 1, it is characterized in that: the user can be left the digital certificate chapter in the fingerprint instrument equipment in advance.
3. a kind of method of using fingerprint signature and maintaining secrecy as claimed in claim 1, it is characterized in that: the employed fingerprint instrument equipment of the method can be stored 10 customer digital certificates at most.
4. a kind of method of using fingerprint signature and maintaining secrecy as claimed in claim 1, it is characterized in that: the employed fingerprint instrument equipment of the method can be gathered 20 fingerprint templates at most, supports the multi-user to use.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810029326A CN101626290A (en) | 2008-07-09 | 2008-07-09 | Method for signature and confidentiality by fingerprints |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810029326A CN101626290A (en) | 2008-07-09 | 2008-07-09 | Method for signature and confidentiality by fingerprints |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101626290A true CN101626290A (en) | 2010-01-13 |
Family
ID=41521988
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810029326A Pending CN101626290A (en) | 2008-07-09 | 2008-07-09 | Method for signature and confidentiality by fingerprints |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101626290A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103488284A (en) * | 2013-08-17 | 2014-01-01 | 金硕澳门离岸商业服务有限公司 | Mobile device and data transmission method |
| CN104967612A (en) * | 2015-05-27 | 2015-10-07 | 李明 | Data encryption storage method, server and system |
| CN106506453A (en) * | 2016-10-09 | 2017-03-15 | 南京邮电大学 | Electric power big data transmission method and system based on Rapid matching and integrity detection |
| CN106599729A (en) * | 2016-12-09 | 2017-04-26 | 郑州云海信息技术有限公司 | Safety verification method and system for driving program |
| CN107344454A (en) * | 2017-07-27 | 2017-11-14 | 上海策赢网络科技有限公司 | Digital sealing generation method, service request and offer method and electronic equipment |
| CN116204931A (en) * | 2022-12-26 | 2023-06-02 | 重庆傲雄在线信息技术有限公司 | Method, equipment and medium for generating and signing-checking encryption digital signature based on original handwriting |
| CN116204931B (en) * | 2022-12-26 | 2024-05-10 | 重庆亲笔签数字科技有限公司 | Method, equipment and medium for generating and signing-checking encryption digital signature based on original handwriting |
-
2008
- 2008-07-09 CN CN200810029326A patent/CN101626290A/en active Pending
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103488284A (en) * | 2013-08-17 | 2014-01-01 | 金硕澳门离岸商业服务有限公司 | Mobile device and data transmission method |
| CN103488284B (en) * | 2013-08-17 | 2016-12-28 | 金硕澳门离岸商业服务有限公司 | mobile device and data transmission method |
| CN104967612A (en) * | 2015-05-27 | 2015-10-07 | 李明 | Data encryption storage method, server and system |
| CN106506453A (en) * | 2016-10-09 | 2017-03-15 | 南京邮电大学 | Electric power big data transmission method and system based on Rapid matching and integrity detection |
| CN106506453B (en) * | 2016-10-09 | 2020-10-09 | 南京邮电大学 | Power big data transmission method and system based on quick matching and integrity detection |
| CN106599729A (en) * | 2016-12-09 | 2017-04-26 | 郑州云海信息技术有限公司 | Safety verification method and system for driving program |
| CN107344454A (en) * | 2017-07-27 | 2017-11-14 | 上海策赢网络科技有限公司 | Digital sealing generation method, service request and offer method and electronic equipment |
| CN107344454B (en) * | 2017-07-27 | 2020-06-30 | 上海策赢网络科技有限公司 | Digital seal generation method, service request and providing method and electronic equipment |
| CN116204931A (en) * | 2022-12-26 | 2023-06-02 | 重庆傲雄在线信息技术有限公司 | Method, equipment and medium for generating and signing-checking encryption digital signature based on original handwriting |
| CN116204931B (en) * | 2022-12-26 | 2024-05-10 | 重庆亲笔签数字科技有限公司 | Method, equipment and medium for generating and signing-checking encryption digital signature based on original handwriting |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR100876003B1 (en) | User Authentication Method Using Biological Information | |
| CN101369889B (en) | Method for electronic endorsement of document | |
| EP3320646B1 (en) | Biometric security for cryptographic system | |
| CN111541713A (en) | Identity authentication method and device based on block chain and user signature | |
| CN102236607B (en) | Data security protection method and data security protection device | |
| WO2012050585A1 (en) | Authenticate a fingerprint image | |
| TW201223225A (en) | Method for personal identity authentication utilizing a personal cryptographic device | |
| CN106921489B (en) | Data encryption method and device | |
| CN101626290A (en) | Method for signature and confidentiality by fingerprints | |
| CN104881595B (en) | The self-help remote unlocking method managed based on PIN code | |
| TWI476629B (en) | Data security and security systems and methods | |
| CN103368736A (en) | Business information encryption and decryption method and device | |
| TWI336046B (en) | Processing equipment for authentication system, authentication system and operation method thereof | |
| CN104751042A (en) | Credibility detection method based on password hash and biometric feature recognition | |
| GB2386803A (en) | Protecting a digital certificate stored on a physical token using biometric authentication | |
| CN101547098B (en) | Method and system for security certification of public network data transmission | |
| JP2003134108A (en) | Electronic signature, apparatus and method for verifying electronic signature, program and recording medium | |
| Itakura et al. | Proposal on a multifactor biometric authentication method based on cryptosystem keys containing biometric signatures | |
| CN112507355B (en) | Personal health data storage system based on block chain | |
| CN115455497A (en) | Computer hard disk data encryption system and method | |
| CN106682531A (en) | Method for confidential data encryption based on biological information authorization | |
| CN105227562B (en) | The key business data transmission mediation device and its application method of identity-based verifying | |
| CN107070648A (en) | A kind of cryptographic key protection method and PKI system | |
| JP2006293473A (en) | Authentication system and authentication method, terminal device, and authentication device | |
| KR20100013486A (en) | Biometric authentication method, client and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| DD01 | Delivery of document by public notice |
Addressee: Zhu Zhenhuan Document name: Notification of Publication of the Application for Invention |
|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20100113 |