CN106411533A - On-line fingerprint authentication system and method based on bidirectional privacy protection - Google Patents

On-line fingerprint authentication system and method based on bidirectional privacy protection Download PDF

Info

Publication number
CN106411533A
CN106411533A CN201610987321.4A CN201610987321A CN106411533A CN 106411533 A CN106411533 A CN 106411533A CN 201610987321 A CN201610987321 A CN 201610987321A CN 106411533 A CN106411533 A CN 106411533A
Authority
CN
China
Prior art keywords
user
finger print
data
print identifying
fingerprint
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610987321.4A
Other languages
Chinese (zh)
Other versions
CN106411533B (en
Inventor
朱辉
魏晴
李晖
赵兴文
张亦文
温凯
王枫为
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shaanxi Songyuan Mingrui Information Technology Co ltd
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201610987321.4A priority Critical patent/CN106411533B/en
Publication of CN106411533A publication Critical patent/CN106411533A/en
Application granted granted Critical
Publication of CN106411533B publication Critical patent/CN106411533B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The invention discloses an on-line fingerprint authentication system and method based on bidirectional privacy protection. With the system and method, a problem that bidirectional privacy protection of fingerprint data of the user and fingerprint template data is not involved in the prior art can be solved. The system is composed of a trusted center (1), a fingerprint authentication server (2), and a user terminal (3). The trusted center (1) completes system initialization, provides registration and secret key distribution for a user terminal and the fingerprint authentication server, collects a user fingerprint as an authentication template, and gives authorization of the template to a legal fingerprint authentication server in a ciphertext mode; the fingerprint authentication server (2) provides an on-line encryption fingerprint authentication service with privacy protection and returns an authentication result to the user terminal; and the user terminal (3) sends an encrypted fingerprint authentication request to the fingerprint authentication server and decrypts the reply of the fingerprint authentication server to obtain an authentication result. According to the invention, bidirectional privacy protection of the user fingerprint data and the fingerprint template data is realized and a secure on-line fingerprint authentication service is provided.

Description

The online fingerprint identification system of two-way secret protection and method
Technical field
The invention belongs to field of information security technology is and in particular to a kind of online fingerprint identification system of secret protection and side Method, can be used for providing precise and high efficiency online finger print identifying service for user terminal, and realizes to user fingerprints data and fingerprint mould Effective secret protection of plate data.
Background technology
Development with biological identification technology and popularization, carry out authentication using biological identification technology and provide the user More convenient service.Traditional online fingerprint identification system is gathered by service provider and stores fingerprint matching mould Plate, when service provider needs user to provide fingerprint to carry out authentication, user terminal extracts user fingerprints and is sent to service Provider, the fingerprint template of service provider's contrast storage, is user terminal return authentication result.However, such system by In the secret protection being not directed to user fingerprints and fingerprint template so that the privacy of user fingerprints and these sensitive datas of fingerprint template Seriously threatened.
In order to solve the above problems, there has been proposed some solutions, wherein:
Patent " a kind of security fingerprint recognition methodss of intelligent terminal " (application number of University of Electronic Science and Technology CN201510179446.X application publication number CN104778393A) disclose a kind of security fingerprint recognition methodss of intelligent terminal, The method comprises the following steps:1. fingerprint register, extracts user fingerprints and encrypts storage;2. request transmission fingerprint data is close Key;3. receive fingerprint template data and decipher;4. carry out fingerprint matching operation.Although the method enables fingerprint template in transmission During secret protection, the method due to encryption fingerprint template data need be decrypted into after being sent to user terminal In plain text, then carry out matching operation, thus when attacker's certain user terminal that disguises oneself as sends certification request and will obtain this user's Fingerprint template data is it is impossible to realize effective secret protection of fingerprint template data.
Content of the invention
Present invention aim at being directed to above-mentioned the deficiencies in the prior art, proposing a kind of online fingerprint of two-way secret protection and recognizing Card system and method, to ensure, on the premise of normal offer finger print identifying service, to improve to user fingerprints data and fingerprint mould The secret protection of plate data.
For achieving the above object, the online fingerprint identification system of the two-way secret protection of the present invention, including:
Trusted party (1), for completion system initialization, is that user terminal and finger print identifying server provide registration and close Key distribute, simultaneously collection register user finger print data as certification template, and this template is licensed to ciphertext form legal Finger print identifying server;
Finger print identifying server (2), for providing the finger print identifying service of secret protection, by directly calculating in ciphertext Match parameter is judging whether fingerprint mates, and carries out bidirectional identity authentication when providing service and user terminal between;
User terminal (3), for sending the fingerprint encrypted as certification request to finger print identifying server, to finger print identifying The authentication result deciphering that server returns obtains Query Result, and carries out double and finger print identifying server between when receiving service To authentication.
For achieving the above object, the fingerprint verification method of the two-way secret protection of the present invention, comprises the following steps:
(1) systematic parameter initialization:
(1a) trusted party selects a security parameter l ∈ Z+
(1b) trusted party passes through to run the function Gen (κ) generating bilinear map group, obtains bilinear map parameterWherein q1,q2It is the first prime number and the second prime number that length is l bit respectively,It is that rank is The cyclic group of N, exponent number N=q1·q2,It isMaps Group, e () be bilinear map function, g is cyclic groupGeneration Unit, h is systematic parameter;
(1c) calculate data encryption and process private keyWith corresponding public key
(1d) trusted party randomly chooses SKTA∈Zq *As the private key of oneself,Represent non-in the group of integers that rank is q Null set, calculates and its private key SK according to the first g of generation simultaneouslyTACorresponding public key
(1e) trusted party selects symmetric encipherment algorithm E () of a safety and hash function H () of a safety;
(1f) trusted party chooses rational fingerprint matching marginal value Δd∈Zn *
(1g) trusted party preserves the private key of oneself<q1,SKTA>, open systematic parameter
(2) registration and key distribution:
(2a) finger print identifying server S, in registration, randomly chooses SKs∈Zn *As the private key of oneself, simultaneously according to life First g is become to calculate and its private key SKsCorresponding public keyAnd the public key PK by oneselfsSend with the relevant information of oneself To trusted party;
(2b) user terminal UiIn registration, randomly chooseAs the private key of oneself, simultaneously first according to generating G calculates and its private keyCorresponding public keyAnd by this public keyWith user profile be sent to credible in The heart, the n Wesy of trusted party extraction simultaneously family fingerprint template
(2c) trusted party chooses random number k ∈ Zn *For symmetric cryptographic key, with the data encryption generating in step (1c) The private key SB processing and public key PB constitutes parameter list<SB,PB,k>, and this parameter list is sent to the user succeeding in registration;
(2d) list to the user succeeding in registration and its public key for the trusted partyCarry out disclosure;
(3) fingerprint template encryption:
(3a) trusted party extracts user fingerprints and generates fingerprint template data and be encrypted storage;
(3b) trusted party is according to fingerprint matching marginal value Δd, hash function H () data encryption public key PB calculate comment Estimate reference value RDm=H (PBm), constitute assessment reference data setThis reference is commented Estimate data set RDS and be sent to all registered finger print identifying servers, wherein 0≤m≤Δd
(4) cryptographic fingerprint template mandate:
(4a) finger print identifying server S is obtaining user UiConstruct fingerprint template authorization requests after mandate, and send this and ask Ask to trusted party;
(4b) after trusted party receives the fingerprint template authorization requests of finger print identifying server, please to this fingerprint template mandate The legitimacy asked is verified, if being proved to be successful, execution step (4c), and otherwise abandon this communication bag;
(4c) trusted party is by this user encryption fingerprint templateReturn to finger print identifying server S;
(5) user terminal generates finger print identifying service request:
(5a) user terminal is encrypted to the user fingerprints of collection and obtains encrypting user fingerprints dataAnd user's signature Sigi
(5b) user terminal will encrypt user fingerprints dataUser profile Ui, time stamp T S3With user terminal signature SigiComposition finger print identifying service requestAnd this finger print identifying service request is sent to fingerprint recognizes Card server;
(6) finger print identifying server providing services:
(6a) finger print identifying server receives the finger print identifying service request of user terminal transmission Afterwards, the legitimacy of this finger print identifying service request is verified, if being proved to be successful, execution step (6b), otherwise return step Suddenly (5a);
(6b) finger print identifying server is according to encryption user fingerprints dataWith cryptographic fingerprint template dataCarry out close Literary composition calculates, and obtains matching result RS;
(6c) the (n+1)th dimension of finger print identifying server by utilizing asymmetric encryption function E () and encryption user fingerprints template data Data rq'y, matching result RS is encrypted and obtains encrypting matching resultBy this encryption matching result With time stamp T S4Collectively as the input of hash function H (), obtain Hash ValuePrivate key SK with oneselfS This Hash Value is signedConstruction authentication result list And this authentication result list is replied to user terminal;
(7) user terminal access authentication result:
(7a) user terminal receives the authentication result list of finger print identifying server replyIt Afterwards, the legitimacy of this authentication result list is verified, if being proved to be successful, execution step (7b), otherwise return to step (5a);
(7b) user terminal is using the (n+1)th dimension data rq' of encryption user fingerprints template datayRightSolved Close, obtain identity authentication result RS, if RS is true, finger print identifying success, otherwise, finger print identifying failure.
The present invention compared with prior art, has the advantage that:
1. achieve the secret protection of user fingerprints certification request data.
Finger print data before sending service request to finger print identifying server, first to oneself for the user terminal in the present invention It is encrypted so that the original fingerprint data of user terminal will not be obtained it is ensured that using by finger print identifying server and attacker The secret protection of family Terminal fingerprints data.
2. achieve the secret protection of finger print identifying template data.
In the present invention, trusted party is before licensing to finger print identifying server fingerprint template, due to first entering to fingerprint template Gone encryption so that fingerprint template data will not be obtained by finger print identifying server and attacker it is ensured that fingerprint template data Secret protection.
3. achieve the finger print identifying service of efficiently and accurately.
By finger print identifying server by completing to encryption user fingerprints data and cryptographic fingerprint template data in the present invention Matching primitives, and secret protection framework does not interfere with the degree of accuracy of fingerprint matching it is achieved that the finger print identifying service of efficiently and accurately.
Brief description
Fig. 1 is the system block diagram of the present invention;
Fig. 2 realizes general flow chart for the inventive method;
Fig. 3 is the sub-process figure of cryptographic fingerprint template mandate in the inventive method.
Specific embodiment
Below in conjunction with the accompanying drawings the present invention is described in further detail.
With reference to Fig. 1, the present invention includes this three big module of trusted party 1, finger print identifying server 2 and user terminal 3.Its In:Trusted party 1, for completion system initialization, is user terminal and the offer registration of finger print identifying server and key distribution, Gather the finger print data of register user as certification template simultaneously, and this template is licensed to legal finger print identifying with ciphertext form Server;Finger print identifying server 2, for providing the finger print identifying service of secret protection, by directly calculating in ciphertext Join parameter to judge whether fingerprint mates, and carry out bidirectional identity authentication when providing service and user terminal between;User is eventually End 3, for sending cryptographic fingerprint as certification request to finger print identifying server, the certification knot that finger print identifying server is returned Fruit deciphering obtains Query Result, and carries out bidirectional identity authentication when receiving service and finger print identifying server between.
Described trusted party 1, including:System initialization module 11, Registering modules 12, data encryption module 13, encryption Template authorization module 14 and the safe support module of trusted party 15.
This system initialization module 11, for initialization system, generates bilinear map group, obtains the public ginseng of system Number;
This Registering modules 12, for being user terminal and the offer registration of finger print identifying server, extracts the use succeeding in registration The fingerprint template at family, and distribute key to the user terminal succeeding in registration and finger print identifying server;
This data encryption module 13, the fingerprint template data for the user for extracting is encrypted;
This encrypted template authorization module 14, for Certificate Authority information, and for obtaining the finger print identifying service of user's mandate Device sends the cryptographic fingerprint matching template of corresponding user;
The safe support module of this trusted party 15, for for system initialization module 11, data encryption module 13, encryption mould Plate authorization module 14 provides required AES and hash algorithm.
Described finger print identifying server 2, including server authentication module 21, user registration module 22, data storage mould Block 23, the safe support module of service providing module 24 server 25.
This server authentication module 21, for generating oneself public private key pair in server registration, is carrying to user terminal For verifying to the signature of user terminal before service, after obtaining cryptographic fingerprint authentication result, it is signed;
This user registration module 22, is used for providing the user registration, and the fingerprint template mandate to the user terminal receiving Signature is verified, generates the fingerprint matching mould that corresponding fingerprint template authorization requests are sent to trusted party application for registration user Plate;
This data memory module 23, is derived from the cryptographic fingerprint template of trusted party for storage;
This service providing module 24, for according to the cryptographic fingerprint data in user's request, encryption fingerprint template and Carry out cryptogram computation in encryption user's request, and the finger print identifying obtaining result is encrypted, by cryptographic fingerprint authentication result and right Should sign and return to user terminal;
This server security support module 25, for providing for server authentication module 21, user registration module 22, service Module 24 provides required AES and hash algorithm.
Described user terminal 3, including user authentication module 31, service request module 32, data decryption module 33 and use The safe support module in family 34.
This user authentication module 31, generates the public private key pair of oneself for user terminal in registration, and generates fingerprint mould Plate authorized signature is sent to finger print identifying server, and the user service request generating is signed, and is receiving finger print identifying clothes After the reply of business device, the signature of finger print identifying server is verified;
This service request module 32, generating user service for user terminal according to the user fingerprints data encryption of collection please Ask, and user service request is sent to finger print identifying server with corresponding signature;
This data decryption module 33, for, after the cryptographic fingerprint authentication result receiving the transmission of finger print identifying server, leading to Cross user terminal and decryption oprerations are executed to cryptographic fingerprint authentication result;
This user security support module 34, for for user authentication module 31, service request module 32, data decryption module 33 provide required AES and hash algorithm.
With reference to Fig. 2, the fingerprint verification method of the two-way secret protection of the present invention, comprise the steps:
Step 1, systematic parameter initializes.
1.1) trusted party selects a security parameter l ∈ Z+
1.2) trusted party passes through to run the function Gen (κ) generating bilinear map group, obtains bilinear map parameterWherein q1,q2It is the first prime number and the second prime number that length is l bit respectively,It is that rank is The cyclic group of N, exponent number N=q1·q2,It isMaps Group, e () be bilinear map function, g is cyclic groupGeneration Unit, h is systematic parameter;
1.3) calculate data encryption and process private keyWith corresponding public key
1.4) trusted party randomly chooses SKTA∈Zq *As the private key of oneself,Represent non-in the group of integers that rank is q Null set, calculates and its private key SK according to the first g of generation simultaneouslyTACorresponding public key
1.5) trusted party selects symmetric encipherment algorithm E () of a safety and hash function H () of a safety;
1.6) trusted party chooses fingerprint matching marginal value Δd∈Zn *
1.7) trusted party preserves the private key of oneself<q1,SKTA>, open systematic parameter
Step 2, registration and key distribution.
2.1) finger print identifying server S, in registration, randomly chooses SKs∈Zn *As the private key of oneself, simultaneously according to life First g is become to calculate and its private key SKsCorresponding public keyAnd the public key PK by oneselfsSend with the relevant information of oneself To trusted party;
2.2) user terminal UiIn registration, randomly chooseAs the private key of oneself, simultaneously according to the first g of generation Calculate and its private keyCorresponding public keyAnd by this public keyIt is sent to trusted party with user profile, Trusted party extracts n Wesy family fingerprint template simultaneouslyWherein xjIt is user fingerprints template data Jth dimension data, 1≤j≤n;
2.3) trusted party chooses random number k ∈ Zn *For symmetric cryptographic key, the private key SB being processed with data encryption and public affairs Key PB constitutes parameter list<SB,PB,k>, and this parameter list is sent to the user succeeding in registration;
2.4) list of the open user succeeding in registration of trusted party and its public key
Step 3, fingerprint template is encrypted.
3.1) trusted party is according to the n Wesy family fingerprint template data extractedUsing right Claim encryption key k to obtain upsetting numerical value H (k) as the input of hash function H (), calculate and add the fingerprint template data upsetting (x'1,x'2,…,x'j,…,x'n), wherein x 'jIt is the jth dimension data adding the fingerprint template data upsetting, x 'j=xj+H (k);
3.2) trusted party chooses n random number r1,r2,…,rj,…,rn, wherein rj∈Zn *, 1≤j≤n, and according to life Become first g, systematic parameter h, add the fingerprint template data (x' upsetting1,x'2,…,x'j,…,x'n) data encryption public key PB, is calculated cryptographic fingerprint template dataAnd store, whereinIt is cryptographic fingerprint The jth dimension data of template data,fx'It is the (n+1)th dimension data of cryptographic fingerprint template data,
3.3) trusted party is according to fingerprint matching marginal value Δd, hash function H () data encryption public key PB calculate comment Estimate reference value RDm=H (PBm), constitute assessment reference data setThis assessment reference Whether data set will successful to judge coupling for the Hash Value that be used for searching for match parameter, and this reference assessment data set RDS is sent To all registered finger print identifying servers, wherein 0≤m≤Δd 2.
Step 4, cryptographic fingerprint template mandate.
With reference to Fig. 3, being implemented as follows of this step:
4.1) user terminal UiWhen finger print identifying server S is registered, by information U of oneselfi, time stamp T S1Altogether With the input as hash function H (), obtain user and authorize Hash Value H (Ui||TS1), and the private key with oneselfTo this use Family authorizes Hash Value to be signedComposition authorized user message listSend out Give finger print identifying server, to represent that user has agreed to for the cryptographic fingerprint template of oneself to license to finger print identifying server;
4.2) finger print identifying server first checks for user profile Ui, by time stamp T S1It is compared with current time T, if TS1Early than T and | T-TS1|≤NT, then execution step 4.3), otherwise, abandon this communication bag, wherein NTMaximum for system is led to Letter time delay;
4.3) finger print identifying server is by user profile UiWith time stamp T S1As the input of hash function H (), calculate miscellaneous Gather value H (Ui||TS1), and the public key according to this userUsing bilinear map function e (), judge equationWhether set up, if the equation is set up, it is legal to sign, execution step 4.4), no Then, abandon communication bag;
4.4) finger print identifying server is by information S of oneself, time stamp T S2Collectively as the input of hash function H (), obtain To user authorize Hash Value H (S | | TS2), and with the private key SKS of oneself, this Hash Value is signed Again with this Sig that signsSWith authorized user message listComposition template authorization requests information listIt is sent to trusted party, ask UiThe cryptographic fingerprint template of user;
4.5) trusted party receives the fingerprint template authorization requests of finger print identifying server, first looks at finger print identifying service Device S and authorized user UiInformation, confirm finger print identifying server S and authorized user UiWhether all register, then by timestamp TS2It is compared with current time T:If TS2Early than T, and | T-TS2|≤NT, then execution step 4.6), otherwise, abandon this and lead to Letter bag, wherein NTMaximum communication time delay for system;
4.6) trusted party is by user profile UiWith time stamp T S1As input, calculate hash function H (Ui||TS1), and Public key according to this userUsing bilinear map function e (), judge equation Whether set up, if equation is set up, user's signature is legal, execution step 4.7), otherwise abandon communication bag;
4.7) trusted party is by finger print identifying server info S and time stamp T S2As input calculate hash function H (S | | TS2), and the public key PK according to finger print identifying serverS, using bilinear map function e (), judge equation e (g, SigS)=e (PKS,H(S||TS2)) whether set up, if equation is set up, the legitimate verification success of this fingerprint template authorization requests, execute step Rapid 4.8), otherwise abandon this communication bag;
4.8) trusted party is by this user UiCryptographic fingerprint templateReturn to finger print identifying server S.
Step 5, user terminal generates finger print identifying service request.
5.1) user terminal obtains the n Wesy family finger print data of oneselfAfterwards, will be symmetrical Encryption key k obtains upset value H (k) as the input of hash function H (), calculates and adds the user fingerprints data (y' upsetting1, y'2,…,y'j..., y'n), wherein y'j=yj+ H (k), yjIt is the jth dimension data of user fingerprints data, y'jIt is to add to upset The jth dimension data of user fingerprints data;
5.2) user terminal is according to the public key PB of data processing and corresponding private key SB, and adds the finger print data arrow upset Amount (y'1,y'2,…,y'j,…,y'n), calculate encryption user fingerprints data WhereinIt is the jth dimension data of encryption user fingerprints data,rqy' be encryption user fingerprints data n-th+ 1 dimension data,
5.3) user terminal uses the public key PK of finger print identifying serverS, symmetric encipherment algorithm E () and encryption user fingerprints DataCalculate symmetric cryptography valueAnd by this symmetric cryptography valueWith user terminal information Ui, the time Stamp TS3Collectively as the input of hash function H (), calculate user's Hash Value
5.4) user terminal is with the private key of oneselfTo this user's Hash ValueSigned, that is,
5.5) user terminal encryption user fingerprints dataUser profile Ui, time stamp T S3With user terminal signature SigiComposition finger print identifying service requestAnd this finger print identifying service request is sent to fingerprint recognizes Card server.
Step 6, finger print identifying server providing services.
6.1) finger print identifying server receives the finger print identifying service request of user terminal transmission Afterwards, by time stamp T S3It is compared with current time T, if TS3Early than T, and | T-TS3|≤NT, then execution step 6.2), no Then, return to step 5.1), wherein NTMaximum communication time delay for system;
6.2) user terminal is by symmetric cryptography valueUser profile UiWith time stamp T S3Defeated as hash function H () Enter, calculate hash functionAnd the public key according to this user terminalUsing bilinear map function e (), judges equationWhether set up, if the equation is set up, this finger print identifying The legitimate verification success of service request, execution step 6.3), otherwise abandon this communication bag;
6.3) the private key SK of finger print identifying server by utilizing oneselfSDeciphering symmetric cryptography valueObtain encrypting user fingerprints Data
6.4) finger print identifying server is according to user profile UiSearch for corresponding user's in cryptographic fingerprint template database Cryptographic fingerprint template
6.5) finger print identifying server is according to encryption user fingerprints dataWith cryptographic fingerprint templateUsing bilinearity Mapping function e (), is directly calculated match parameter in ciphertext:
6.6) finger print identifying server is by match parameter MdAs the input of hash function H (), calculate Hash Value H (Md), And search for this Hash Value in reference to assessment data set RDS, if this Hash Value can be found, prove user fingerprints data and finger Stricture of vagina template matching, that is, matching result RS is true, otherwise, mismatches, and that is, matching result RS is false;
6.7) the (n+1)th dimension of finger print identifying server by utilizing asymmetric encryption function E () and encryption user fingerprints template data Data rq'y, matching result RS is encrypted and obtains encrypting matching resultBy this encryption matching resultWith time stamp T S4Collectively as the input of hash function H (), obtain Hash ValueUse again certainly Oneself private key SKSThis Hash Value is signedConstruction authentication result listAnd this authentication result list is replied to user terminal.
Step 7, user terminal access authentication result.
7.1) user terminal receives the authentication result list of finger print identifying server replyIt Afterwards, by time stamp T S4It is compared with current time T, if TS4Early than T, and | T-TS4|≤NT, then execution step 7.2), no Then, return to step 5.1), wherein NTMaximum communication time delay for system;
7.2) user terminal is by encrypted resultWith time stamp T S4As the input of hash function H (), calculate miscellaneous Gather valueAnd the public key PK according to finger print identifying serverS, using bilinear map function e (), sentence Disconnected equationWhether set up, if the equation is set up, authentication result list Legitimate verification success, execution step 7.3), otherwise abandon this communication bag;
7.3) user terminal is using the (n+1)th dimension data rq' of encryption user fingerprints template datayRightSolved Close, obtain identity authentication result RS, if RS is true, finger print identifying success, otherwise, finger print identifying failure.
Above description is only example of the present invention, do not constitute any limitation of the invention it is clear that for this For the professional in field, after having understood present invention and principle, all may be without departing substantially from the principle of the invention, structure In the case of, carry out various corrections and the change in form and details, but these corrections based on inventive concept and change are still Within the claims of the present invention.

Claims (10)

1. a kind of fingerprint identification system of two-way secret protection is it is characterised in that include:
Trusted party (1), for completion system initialization, is that user terminal and finger print identifying server provide registration and key to divide Send out, gather the finger print data of register user as certification template simultaneously, and this template is licensed to legal finger in the form of ciphertext Stricture of vagina certificate server;
Finger print identifying server (2), for providing the finger print identifying service of secret protection, by directly calculating coupling in ciphertext Parameter is judging whether fingerprint mates, and carries out bidirectional identity authentication when providing service and user terminal between;
User terminal (3), for sending cryptographic fingerprint as certification request to finger print identifying server, to finger print identifying server The authentication result deciphering returning obtains Query Result, and carries out bidirectional identification when receiving service and finger print identifying server between Certification.
2. system according to claim 1 is it is characterised in that trusted party (1) includes:
System initialization module (11), for initialization system, generates bilinear map group, obtains the common parameter of system;
Registering modules (12), for being user terminal and the offer registration of finger print identifying server, extract the user's succeeding in registration Fingerprint template, and distribute key to the user terminal succeeding in registration and finger print identifying server;
Data encryption module (13), the fingerprint template data for the user for extracting is encrypted;
Encrypted template authorization module (14), for Certificate Authority information, and sends out for obtaining the finger print identifying server of user's mandate Send the cryptographic fingerprint matching template of corresponding user;
The safe support module of trusted party (15), for for system initialization module (11), data encryption module (13), encryption mould Plate authorization module (14) provides required AES and hash algorithm.
3. system according to claim 1 is it is characterised in that finger print identifying server (2) includes:
Server authentication module (21), for generating oneself public private key pair in server registration, is providing clothes to user terminal Before business, the signature of user terminal is verified, after obtaining cryptographic fingerprint authentication result, it is signed;
User registration module (22), is used for providing the user registration, and the fingerprint template authorized signature to the user terminal receiving Verified, generated the fingerprint matching template that corresponding fingerprint template authorization requests are sent to trusted party application for registration user;
Data memory module (23), is derived from the cryptographic fingerprint template of trusted party for storage;
Service providing module (24), for according to the cryptographic fingerprint data in user's request, in fingerprint template and the encryption of encryption Cryptogram computation is carried out on user's request, and the finger print identifying obtaining result is encrypted, by cryptographic fingerprint authentication result and corresponding label Name returns to user terminal;
Server security support module (25), for providing for server authentication module (21), user registration module (22), service Module (24) provides required AES and hash algorithm.
4. system according to claim 1 is it is characterised in that user terminal (3) includes:
User authentication module (31), generates the public private key pair of oneself for user terminal in registration, and generates fingerprint template and award Right of approval name is sent to finger print identifying server, the user service request generating is signed, is receiving finger print identifying server Reply after the signature of finger print identifying server is verified;
Service request module (32), generates user service request for user terminal according to the user fingerprints data encryption of collection, And user service request is sent to finger print identifying server with corresponding signature;
Data decryption module (33), for receiving after the cryptographic fingerprint authentication result that finger print identifying server sends, user terminal Decryption oprerations are executed to cryptographic fingerprint authentication result;
User security support module (34), for for user authentication module (31), service request module (32), data decryption module (33) required AES and hash algorithm are provided.
5. a kind of fingerprint verification method of two-way secret protection, including:
(1) systematic parameter initialization:
(1a) trusted party selects a security parameter l ∈ Z+
(1b) trusted party passes through to run the function Gen (κ) generating bilinear map group, obtains bilinear map parameterWherein q1,q2It is the first prime number and the second prime number that length is l bit respectively,It is that rank is The cyclic group of N, exponent number N=q1·q2,It isMaps Group, e () be bilinear map function, g is cyclic groupGeneration Unit, h is systematic parameter;
(1c) calculate data encryption and process private keyWith corresponding public key
(1d) trusted party randomly chooses SKTA∈Zq *As the private key of oneself,Represent the non-null set in the group of integers that rank is q Close, calculated and its private key SK according to the first g of generation simultaneouslyTACorresponding public key
(1e) trusted party selects symmetric encipherment algorithm E () of a safety and hash function H () of a safety;
(1f) trusted party chooses rational fingerprint matching marginal value Δd∈Zn *
(1g) trusted party preserves the private key of oneself<q1,SKTA>, open systematic parameter
(2) registration and key distribution:
(2a) finger print identifying server S, in registration, randomly chooses SKs∈Zn *As the private key of oneself, simultaneously according to the first g of generation Calculate and its private key SKsCorresponding public keyAnd the public key PK by oneselfsBeing sent to the relevant information of oneself can Letter center;
(2b) user terminal UiIn registration, randomly chooseAs the private key of oneself, calculated according to the first g of generation simultaneously With its private keyCorresponding public keyAnd by this public keyIt is sent to trusted party with user profile, simultaneously Trusted party extracts n Wesy family fingerprint templateWherein xjIt is the of user fingerprints template data J dimension data, 1≤j≤n;
(2c) trusted party chooses random number k ∈ Zn *For symmetric cryptographic key, processed with the data encryption generating in step (1c) Private key SB and public key PB constitute parameter list<SB,PB,k>, and this parameter list is sent to the user succeeding in registration;
(2d) list to the user succeeding in registration and its public key for the trusted partyCarry out disclosure;
(3) fingerprint template encryption:
(3a) trusted party extracts user fingerprints and generates fingerprint template data and be encrypted storage;
(3b) trusted party is according to fingerprint matching marginal value Δd, hash function H () data encryption public key PB calculate assessment ginseng Examine value RDm=H (PBm), constitute assessment reference data setNumber is assessed in this reference It is sent to all registered finger print identifying servers, wherein 0≤m≤Δ according to collection RDSd 2
(4) cryptographic fingerprint template mandate:
(4a) finger print identifying server S is obtaining user UiConstruct fingerprint template authorization requests after mandate, and send this request to can Letter center;
(4b) after trusted party receives the fingerprint template authorization requests of finger print identifying server, to this fingerprint template authorization requests Legitimacy is verified, if being proved to be successful, execution step (4c), and otherwise abandon this communication bag;
(4c) trusted party is by this user encryption fingerprint templateReturn to finger print identifying server S;
(5) user terminal generates finger print identifying service request:
(5a) user terminal is encrypted to the user fingerprints of collection and obtains encrypting user fingerprints dataWith user's signature Sigi
(5b) user terminal will encrypt user fingerprints dataUser profile Ui, time stamp T S3With user terminal signature SigiGroup Become finger print identifying service requestAnd this finger print identifying service request is sent to finger print identifying service Device;
(6) finger print identifying server providing services:
(6a) finger print identifying server receives the finger print identifying service request of user terminal transmissionAfterwards, The legitimacy of this finger print identifying service request is verified, if being proved to be successful, execution step (6b), otherwise return to step (5a);
(6b) finger print identifying server is according to encryption user fingerprints dataWith cryptographic fingerprint template dataCarry out ciphertext meter Calculate, obtain matching result RS;
(6c) the (n+1)th dimension data of finger print identifying server by utilizing asymmetric encryption function E () and encryption user fingerprints template data rq'y, matching result RS is encrypted and obtains encrypting matching resultBy this encryption matching resultWith when Between stab TS4Collectively as the input of hash function H (), obtain Hash ValuePrivate key SK with oneselfSRight This Hash Value is signedConstruction authentication result list And this authentication result list is replied to user terminal;
(7) user terminal access authentication result:
(7a) user terminal receives the authentication result list of finger print identifying server replyAfterwards, The legitimacy of this authentication result list is verified, if being proved to be successful, execution step (7b), otherwise return to step (5a);
(7b) user terminal is using the (n+1)th dimension data rq' of encryption user fingerprints template datayRightIt is decrypted, obtain To identity authentication result RS, if RS is true, finger print identifying success, otherwise, finger print identifying failure.
6. in method according to claim 5, wherein step (3a), trusted party extracts user fingerprints and generates fingerprint template Data is simultaneously encrypted storage, carries out as follows:
(3a1) trusted party is according to the n Wesy family fingerprint template data extractedUsing symmetrical Encryption key k obtains upsetting numerical value H (k) as the input of hash function H (), calculates and adds the fingerprint template data upsetting (x'1,x'2,…,x'j,…,x'n), wherein x 'jIt is the jth dimension data adding the fingerprint template data upsetting, x 'j=xj+H (k);
(3a2) trusted party chooses n random number r1,r2,…,rj,…,rn∈Zn *, and according to generating first g, systematic parameter h, add The random fingerprint template data (x' of scrambling1,x'2,…,x'j,…,x'n) data encryption public key PB, be calculated cryptographic fingerprint Template dataWhereinIt is the jth dimension data of cryptographic fingerprint template data,fx'It is the (n+1)th dimension data of cryptographic fingerprint template data,
7. in method according to claim 5, wherein step (4a), fingerprint certificate server S is obtaining structure after user authorizes Make fingerprint template authorization requests, carry out as follows:
(4a1) as user terminal UiWhen finger print identifying server S is registered, by information U of oneselfi, time stamp T S1Altogether With the input as hash function H (), obtain user and authorize Hash Value H (Ui||TS1), and the private key with oneselfTo this use Family authorizes Hash Value to be signedAnd form authorized user message list It is sent to finger print identifying server;
(4a2) finger print identifying server first checks for user profile Ui, by time stamp T S1It is compared with current time T, if TS1 Early than T and | T-TS1|≤NTThen execute (4a3), otherwise, abandon this communication bag, wherein NTMaximum communication time delay for system;
(4a3) finger print identifying server is by user profile UiWith time stamp T S1As the input of hash function H (), calculate Hash Value H(Ui||TS1), and the public key according to this userUsing bilinear map function e (), judge equationWhether set up, if the equation is set up, it is legal to sign, execution step (4a4), no Then, abandon communication bag;
(4a4) finger print identifying server is by information S of oneself, time stamp T S2Collectively as the input of hash function H (), obtain User mandate Hash Value H (S | | TS2), and the private key SK with oneselfSThis Hash Value is signed With authorized user message listComposition template authorization requests information list It is sent to trusted party.
8. in method according to claim 5, wherein step (4b), the legitimacy of fingerprint template authorization requests is tested Card, is carried out as follows:
(4b1) trusted party receives the fingerprint template authorization requests of finger print identifying server, first looks at finger print identifying server S With authorized user UiInformation, then by time stamp T S2It is compared with current time T:If TS2Early than T, and | T-TS2|≤NT, then Execution (4b2), otherwise, abandons this communication bag, wherein NTMaximum communication time delay for system;
(4b2) trusted party is by user profile UiWith time stamp T S1As input, calculate hash function H (Ui||TS1), and according to The public key of this userUsing bilinear map function e (), judge equation Whether set up, if equation is set up, user's signature is legal, and execution step (4b3) otherwise abandons communication bag;
(4b3) trusted party is by finger print identifying server info S and time stamp T S2As input calculate hash function H (S | | TS2), and the public key PK according to finger print identifying serverS, using bilinear map function e (), judge equation e (g, SigS)=e (PKS,H(S||TS2)) whether set up, if equation is set up, the legitimate verification success of this fingerprint template authorization requests, execute step (4c), suddenly otherwise abandon this communication bag.
9. in method according to claim 5, wherein step (5a), user terminal is encrypted to the user fingerprints of collection, Carry out as follows:
(5a1) user terminal obtains the n Wesy family finger print data of oneselfSymmetric cryptography is close Key k obtains upsetting H (k) as the input of hash function H (), calculates and adds the user fingerprints data (y' upsetting1,y'2,…, y'j,…,y'n), wherein y'j=yj+ H (k), yjIt is the jth dimension data of user fingerprints data, y'jIt is to add the user upsetting to refer to The jth dimension data of stricture of vagina data;
(5a2) user terminal is according to the public key PB of data processing and corresponding private key SB, and adds the finger print data vector upset (y'1,y'2,…,y'j,…,y'n), calculate encryption user fingerprints data WhereinIt is the jth dimension data of encryption user fingerprints data,rqy'Be encryption user fingerprints data n-th+ 1 dimension data,
(5a3) user terminal uses the public key PK of finger print identifying serverS, symmetric encipherment algorithm E () and encryption user fingerprints number According toCalculate symmetric cryptography valueAnd by this symmetric cryptography valueWith user terminal information Ui, timestamp TS3Collectively as the input of hash function H (), calculate user's Hash Value
(5a4) user terminal is with the private key of oneselfTo this user's Hash ValueSigned, that is,
10. in method according to claim 5, wherein step (6b), fingerprint certificate server is according to encryption user fingerprints number Carry out cryptogram computation according to cryptographic fingerprint template data, obtain matching result, carry out as follows:
(6b1) the private key SK of finger print identifying server by utilizing oneselfSDeciphering symmetric cryptography valueObtain encrypting user fingerprints data
(6b2) finger print identifying server is according to user profile UiThe encryption of corresponding user is searched in cryptographic fingerprint template database Fingerprint template
(6b3) finger print identifying server is according to encryption user fingerprints dataWith cryptographic fingerprint templateReflected using bilinearity Penetrate function e (), be calculated match parameter
(6b4) finger print identifying server is by match parameter MdAs the input of hash function H (), calculate Hash Value H (Md), and Search for this Hash Value with reference in assessment data set RDS, if this Hash Value can be found, prove user fingerprints data and fingerprint mould Plate mates, and matching result RS is true, otherwise mismatches, and matching result RS is false.
CN201610987321.4A 2016-11-10 2016-11-10 The online fingerprint identification system and method for two-way secret protection Active CN106411533B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610987321.4A CN106411533B (en) 2016-11-10 2016-11-10 The online fingerprint identification system and method for two-way secret protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610987321.4A CN106411533B (en) 2016-11-10 2016-11-10 The online fingerprint identification system and method for two-way secret protection

Publications (2)

Publication Number Publication Date
CN106411533A true CN106411533A (en) 2017-02-15
CN106411533B CN106411533B (en) 2019-07-02

Family

ID=59230174

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610987321.4A Active CN106411533B (en) 2016-11-10 2016-11-10 The online fingerprint identification system and method for two-way secret protection

Country Status (1)

Country Link
CN (1) CN106411533B (en)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107947934A (en) * 2017-11-08 2018-04-20 中国银行股份有限公司 The fingerprint recognition Verification System and method of mobile terminal based on banking system
CN108566389A (en) * 2018-03-28 2018-09-21 中国工商银行股份有限公司 A kind of fingerprint identity validation method and device across application
CN108763895A (en) * 2018-04-28 2018-11-06 Oppo广东移动通信有限公司 Image processing method and device, electronic equipment, storage medium
CN108964920A (en) * 2017-05-26 2018-12-07 三星Sds株式会社 Authentication method, user terminal and non-face-to-face authentication service server
CN109410406A (en) * 2018-11-14 2019-03-01 北京华大智宝电子系统有限公司 A kind of authorization method, device and system
CN110035032A (en) * 2018-01-11 2019-07-19 南昌欧菲生物识别技术有限公司 Unlocked by fingerprint method and unlocked by fingerprint system
CN110084224A (en) * 2019-05-08 2019-08-02 电子科技大学 Finger print safety Verification System and method on a kind of cloud
CN111131145A (en) * 2019-11-08 2020-05-08 西安电子科技大学 Management query system and method for hiding communication key nodes
CN111131142A (en) * 2019-10-22 2020-05-08 北京握奇智能科技有限公司 Fingerprint authentication encryption system and method for multi-application system
CN111177676A (en) * 2018-11-12 2020-05-19 群光电子股份有限公司 Verification system, verification method, and non-transitory computer-readable recording medium
CN111682941A (en) * 2020-05-18 2020-09-18 上海瑾琛网络科技有限公司 Centralized identity management, distributed authentication and authorization method based on cryptography
CN112329519A (en) * 2020-09-21 2021-02-05 中国人民武装警察部队工程大学 Safe online fingerprint matching method
CN112347473A (en) * 2020-11-06 2021-02-09 济南大学 Machine learning security aggregation prediction method and system supporting bidirectional privacy protection
CN112534772A (en) * 2018-08-07 2021-03-19 微软技术许可有限责任公司 Encryption parameter selection
CN113114689A (en) * 2021-04-15 2021-07-13 南京邮电大学 Authentication method based on bilinear mapping and dot product protocol in intelligent medical treatment
CN113452671A (en) * 2021-05-10 2021-09-28 华东桐柏抽水蓄能发电有限责任公司 Terminal access authentication method based on equipment identity
CN113704728A (en) * 2021-07-19 2021-11-26 桂林电子科技大学 Fingerprint authentication method based on D-H key exchange and key sharing
CN114980096A (en) * 2022-03-18 2022-08-30 国网智能电网研究院有限公司 Sensing terminal security guarantee method, device, equipment and medium based on equipment fingerprint
CN117061240A (en) * 2023-10-11 2023-11-14 北京金睛云华科技有限公司 Verifiable fingerprint matching privacy protection method in cloud environment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101340285A (en) * 2007-07-05 2009-01-07 杭州中正生物认证技术有限公司 Method and system for identity authentication by finger print USBkey
CN102223235A (en) * 2011-06-23 2011-10-19 甘肃农业大学 Fingerprint characteristic template protecting method and identity authentication method in open network environment
CN102394896A (en) * 2011-12-13 2012-03-28 甘肃农业大学 Privacy-protection fingerprint authentication method and system based on token
CN104639315A (en) * 2013-11-10 2015-05-20 航天信息股份有限公司 Dual-authentication method and device based on identity passwords and fingerprint identification
CN105391554A (en) * 2015-11-09 2016-03-09 中国电子科技集团公司第三十研究所 Method and system for realizing fingerprint matching by using ciphertext

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101340285A (en) * 2007-07-05 2009-01-07 杭州中正生物认证技术有限公司 Method and system for identity authentication by finger print USBkey
CN102223235A (en) * 2011-06-23 2011-10-19 甘肃农业大学 Fingerprint characteristic template protecting method and identity authentication method in open network environment
CN102394896A (en) * 2011-12-13 2012-03-28 甘肃农业大学 Privacy-protection fingerprint authentication method and system based on token
CN104639315A (en) * 2013-11-10 2015-05-20 航天信息股份有限公司 Dual-authentication method and device based on identity passwords and fingerprint identification
CN105391554A (en) * 2015-11-09 2016-03-09 中国电子科技集团公司第三十研究所 Method and system for realizing fingerprint matching by using ciphertext

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108964920A (en) * 2017-05-26 2018-12-07 三星Sds株式会社 Authentication method, user terminal and non-face-to-face authentication service server
CN107947934A (en) * 2017-11-08 2018-04-20 中国银行股份有限公司 The fingerprint recognition Verification System and method of mobile terminal based on banking system
CN110035032A (en) * 2018-01-11 2019-07-19 南昌欧菲生物识别技术有限公司 Unlocked by fingerprint method and unlocked by fingerprint system
CN108566389A (en) * 2018-03-28 2018-09-21 中国工商银行股份有限公司 A kind of fingerprint identity validation method and device across application
CN108566389B (en) * 2018-03-28 2021-02-23 中国工商银行股份有限公司 Cross-application fingerprint identity authentication method and device
CN108763895A (en) * 2018-04-28 2018-11-06 Oppo广东移动通信有限公司 Image processing method and device, electronic equipment, storage medium
CN108763895B (en) * 2018-04-28 2021-03-30 Oppo广东移动通信有限公司 Image processing method and device, electronic equipment and storage medium
CN112534772A (en) * 2018-08-07 2021-03-19 微软技术许可有限责任公司 Encryption parameter selection
CN111177676A (en) * 2018-11-12 2020-05-19 群光电子股份有限公司 Verification system, verification method, and non-transitory computer-readable recording medium
CN109410406A (en) * 2018-11-14 2019-03-01 北京华大智宝电子系统有限公司 A kind of authorization method, device and system
CN110084224A (en) * 2019-05-08 2019-08-02 电子科技大学 Finger print safety Verification System and method on a kind of cloud
CN110084224B (en) * 2019-05-08 2022-08-05 电子科技大学 Cloud fingerprint security authentication system and method
CN111131142A (en) * 2019-10-22 2020-05-08 北京握奇智能科技有限公司 Fingerprint authentication encryption system and method for multi-application system
CN111131145A (en) * 2019-11-08 2020-05-08 西安电子科技大学 Management query system and method for hiding communication key nodes
CN111682941A (en) * 2020-05-18 2020-09-18 上海瑾琛网络科技有限公司 Centralized identity management, distributed authentication and authorization method based on cryptography
CN112329519A (en) * 2020-09-21 2021-02-05 中国人民武装警察部队工程大学 Safe online fingerprint matching method
CN112329519B (en) * 2020-09-21 2024-01-02 中国人民武装警察部队工程大学 Safe online fingerprint matching method
CN112347473A (en) * 2020-11-06 2021-02-09 济南大学 Machine learning security aggregation prediction method and system supporting bidirectional privacy protection
CN112347473B (en) * 2020-11-06 2022-07-26 济南大学 Machine learning security aggregation prediction method and system supporting bidirectional privacy protection
CN113114689A (en) * 2021-04-15 2021-07-13 南京邮电大学 Authentication method based on bilinear mapping and dot product protocol in intelligent medical treatment
CN113452671A (en) * 2021-05-10 2021-09-28 华东桐柏抽水蓄能发电有限责任公司 Terminal access authentication method based on equipment identity
CN113704728A (en) * 2021-07-19 2021-11-26 桂林电子科技大学 Fingerprint authentication method based on D-H key exchange and key sharing
CN113704728B (en) * 2021-07-19 2024-03-01 桂林电子科技大学 Fingerprint authentication method based on D-H key exchange and key sharing
CN114980096A (en) * 2022-03-18 2022-08-30 国网智能电网研究院有限公司 Sensing terminal security guarantee method, device, equipment and medium based on equipment fingerprint
CN117061240A (en) * 2023-10-11 2023-11-14 北京金睛云华科技有限公司 Verifiable fingerprint matching privacy protection method in cloud environment
CN117061240B (en) * 2023-10-11 2023-12-19 北京金睛云华科技有限公司 Verifiable fingerprint matching privacy protection method in cloud environment

Also Published As

Publication number Publication date
CN106411533B (en) 2019-07-02

Similar Documents

Publication Publication Date Title
CN106411533B (en) The online fingerprint identification system and method for two-way secret protection
CN109347878B (en) Decentralized data verification and data security transaction system and method
CN101300808B (en) Method and arrangement for secure autentication
CN107454079A (en) Lightweight device authentication and shared key machinery of consultation based on platform of internet of things
CN108092776A (en) A kind of authentication server and authentication token
JP2005223924A (en) Opinion registering application for universal pervasive transaction framework
CN101331706A (en) Secure threshold decryption protocol computation
MX2015002929A (en) Method and system for verifying an access request.
JP3362780B2 (en) Authentication method in communication system, center device, recording medium storing authentication program
EP2805298B1 (en) Methods and apparatus for reliable and privacy protecting identification of parties&#39; mutual friends and common interests
CN105207776A (en) Fingerprint authentication method and system
CN112329519A (en) Safe online fingerprint matching method
CN106096947A (en) Half off-line anonymous method of payment based on NFC
CN101124767A (en) Method and device for key generation and proving authenticity
CN101944216A (en) Two-factor online transaction safety authentication method and system
US20100005519A1 (en) System and method for authenticating one-time virtual secret information
CN109600296A (en) A kind of certificate chain instant communicating system and its application method
CN108809936A (en) A kind of intelligent mobile terminal auth method and its realization system based on Hybrid Encryption algorithm
CN110378135A (en) Intimacy protection system and method based on big data analysis and trust computing
CN103281180B (en) User is protected to access the bill generation method of privacy in a kind of network service
CN112215626A (en) Online taxi booking system and method supporting annular order verifiable
KR101856530B1 (en) Encryption system providing user cognition-based encryption protocol and method for processing on-line settlement, security apparatus and transaction approval server using thereof
CN108933659A (en) A kind of authentication system and verification method of smart grid
Itakura et al. Proposal on a multifactor biometric authentication method based on cryptosystem keys containing biometric signatures
CN114172696B (en) Terminal authentication method for cloud edge end cooperative dual authentication in electric power Internet of things

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220210

Address after: 710000 room 004, F2002, 20 / F, block 4-A, Xixian financial port, Fengdong new town energy gold trade zone, Xixian new area, Xi'an City, Shaanxi Province

Patentee after: Shaanxi Songyuan Mingrui Information Technology Co.,Ltd.

Address before: 710071 Taibai South Road, Yanta District, Xi'an, Shaanxi Province, No. 2

Patentee before: XIDIAN University