CN112507313A - Fingerprint verification method, chip and intelligent door lock - Google Patents
Fingerprint verification method, chip and intelligent door lock Download PDFInfo
- Publication number
- CN112507313A CN112507313A CN202110005256.1A CN202110005256A CN112507313A CN 112507313 A CN112507313 A CN 112507313A CN 202110005256 A CN202110005256 A CN 202110005256A CN 112507313 A CN112507313 A CN 112507313A
- Authority
- CN
- China
- Prior art keywords
- fingerprint
- target
- data
- fingerprint data
- chip
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012795 verification Methods 0.000 title claims abstract description 65
- 238000000034 method Methods 0.000 title claims abstract description 54
- 230000008569 process Effects 0.000 abstract description 18
- 238000010586 diagram Methods 0.000 description 7
- 238000013479 data entry Methods 0.000 description 6
- 238000005192 partition Methods 0.000 description 5
- 230000009545 invasion Effects 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 3
- 238000000605 extraction Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00563—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys using personal physical data of the operator, e.g. finger prints, retinal images, voicepatterns
Abstract
The invention discloses a fingerprint verification method, a chip and an intelligent door lock, wherein the method is applied to the chip, the chip comprises a RISC-V core, and the method comprises the following steps: the RISC-V core acquires target fingerprint data; encrypting the target fingerprint data according to preset key information to obtain target encrypted data; receiving fingerprint data to be verified, and decrypting the target encrypted data to obtain target fingerprint data; and verifying the fingerprint to be verified according to the target fingerprint data. The fingerprint verification method of the embodiment of the invention is realized based on hardware, for example, the method is realized by adopting a RISC-V core of a chip, so that the processes of collecting, storing and verifying the fingerprint data are ensured not to be invaded by the outside, the potential leakage risk is reduced, and the safety of fingerprint verification is improved.
Description
Technical Field
The invention relates to the technical field of fingerprint identification, in particular to a fingerprint verification method, a chip and an intelligent door lock.
Background
Present intelligent lock, most have the fingerprint identification function, gather the fingerprint of user's input promptly, verify the fingerprint, verify the back, unblank automatically, make the lock have more intellectuality and science and technology nature, improve user and use experience.
When the fingerprint identification function is realized in the existing intelligent door lock, the fingerprint data is generally encrypted and stored by adopting a software mode. However, the software method cannot effectively prevent hackers from invading and cannot ensure that the personal information of the user is not leaked, so that the security of the intelligent door lock is low, and the personal and property security of the user is further influenced.
Disclosure of Invention
The present invention is directed to solving at least one of the problems of the prior art. Therefore, an object of the present invention is to provide a fingerprint verification method, which is implemented based on hardware, for example, by using a RISC-V (RISC-V instruction set) core of a chip, so as to ensure that the processes of collecting, storing and verifying fingerprint data are not invaded by the outside, reduce the potential leakage risk, and thus improve the security of fingerprint verification.
A second objective of the present invention is to provide a chip.
The third purpose of the invention is to provide an intelligent door lock.
In order to achieve the above object, a first embodiment of the present invention provides a fingerprint verification method applied to a chip, where the chip includes a RISC-V core, and the method includes: the RISC-V core acquires target fingerprint data; encrypting the target fingerprint data according to preset key information to obtain target encrypted data; receiving fingerprint data to be verified, and decrypting the target encrypted data to obtain the target fingerprint data; and verifying the fingerprint to be verified according to the target fingerprint data.
According to the fingerprint verification method provided by the embodiment of the invention, the target fingerprint data is acquired based on the RISC-V core, and is encrypted according to the preset key information to obtain the target encrypted data, wherein the acquisition of the target fingerprint data can only be controlled by a security system operated on the RISC-V core and cannot be monitored, so that the invasion of a hacker can be effectively prevented, and the security of fingerprint data entry is ensured; when receiving fingerprint data to be verified, the RISC-V decrypts the target encrypted data to obtain the target fingerprint data, so as to verify the fingerprint data to be verified, namely, the encryption and decryption processes of the target fingerprint data are controlled through the RISC-V, the target encrypted fingerprint data cannot be accessed from the outside, and the target fingerprint data is prevented from being tampered and controlled, so that the security of fingerprint verification is improved.
In some embodiments, the preset key information includes a device ID (Identity document) and a root key, which are stored in an OTP (One Time Programmable) register and uniquely correspond to the target device. The target fingerprint data is encrypted through the target device ID and the root key, the target device ID and the root key in the OTP register are written once during production and cannot be changed after being written, and the root key can be prevented from being tampered by the outside, so that the encryption safety of the target fingerprint data is ensured.
In some embodiments, after obtaining the target encrypted data, the method further includes: and storing the target encrypted data into a preset fingerprint database. The preset fingerprint database is encrypted, a user cannot directly access the target encrypted data, even if the target encrypted data is stolen from the outside, the corresponding root key is needed to decrypt the target encrypted data, but the root key of the target device cannot be acquired from the outside, and the target encrypted data is stored in the preset fingerprint database, so that the safety of the target fingerprint data is ensured.
In some embodiments, said decrypting said target encrypted data comprises: extracting the target encrypted data from the preset fingerprint database; and decrypting the target encrypted data according to the preset key information to obtain the target fingerprint data. The preset key information can not be obtained from the outside, namely the outside can not decrypt the target encrypted data, and the target encrypted data is decrypted through the fingerprint verification service unit of the RISC-V core, so that the safety of the decryption process is ensured.
In some embodiments, the verifying the fingerprint to be verified according to the target fingerprint data includes: and if the matching degree of the fingerprint data to be verified and the target fingerprint data is higher than a preset value, determining that the fingerprint to be verified passes verification. Thus, accurate fingerprint verification is achieved.
In some embodiments, the RISC-V core acquires target fingerprint data, including: controlling a fingerprint chip to acquire fingerprint data of a target user for multiple times; extracting fingerprint features in a plurality of fingerprint data; generating the target fingerprint data from the extracted plurality of fingerprint features. Therefore, the accuracy and the reliability of the target fingerprint data can be improved, and the accuracy of fingerprint verification can be improved.
In order to achieve the above object, a second embodiment of the present invention provides a chip, including a RISC-V core, the RISC-V core including: an acquisition unit configured to acquire target fingerprint data; the encryption unit is used for encrypting the target fingerprint data according to preset key information to obtain target encrypted data; the receiving and decrypting unit is used for decrypting the target encrypted data to obtain the target fingerprint data when receiving the fingerprint data to be verified; and the verification unit is used for verifying the fingerprint to be verified according to the target fingerprint data.
According to the chip provided by the embodiment of the invention, the acquisition unit is used for acquiring target fingerprint data, and the acquisition of the target fingerprint data can only be controlled by a safety system operated on a RISC-V core and cannot be monitored, so that hacker intrusion can be effectively prevented, and the security of fingerprint data entry is ensured; when receiving the fingerprint data to be verified, the receiving and decrypting unit decrypts the target encrypted data to obtain the target fingerprint data so as to verify the fingerprint data to be verified, namely, the encrypting, decrypting and verifying processes of the target fingerprint data are controlled by all the units, so that the verification of the fingerprint data to be verified is realized, the target fingerprint data are prevented from being tampered and controlled, and the security of fingerprint verification is improved.
In some embodiments, the preset key information includes a device ID and a root key stored in the OTP register and uniquely corresponding to the target device. The ID and the root key of the target equipment in the OTP register are written once during production and cannot be changed after being written, so that the root key can be prevented from being tampered by the outside, and the encryption security of target fingerprint data is ensured.
In some embodiments, the chip further comprises: and the storage unit is used for storing the target encrypted data into a preset fingerprint database. The preset fingerprint database is encrypted, a user cannot directly access the target encrypted data, even if the target encrypted data is stolen from the outside, the corresponding root key is needed to decrypt the target encrypted data, but the root key of the target device cannot be acquired from the outside, and the target encrypted data is stored in the preset fingerprint database, so that the safety of the target fingerprint data is ensured.
In some embodiments, the receiving and decrypting unit is specifically configured to: extracting the target encrypted data from the preset fingerprint database; and decrypting the target encrypted data according to the preset key information to obtain the target fingerprint data. The target encrypted data is decrypted through a fingerprint verification service unit of the RISC-V core, and the safety of the decryption process is ensured.
In some embodiments, the verification unit is specifically configured to: and when the matching degree of the fingerprint data to be verified and the target fingerprint data is higher than a preset value, determining that the fingerprint to be verified passes verification. Thus, accurate fingerprint verification is achieved.
In some embodiments, the obtaining unit is specifically configured to: controlling a fingerprint chip to acquire fingerprint data of a target user for multiple times; extracting fingerprint features in a plurality of fingerprint data; generating the target fingerprint data from the extracted plurality of fingerprint features.
In order to achieve the above object, an embodiment of a third aspect of the present invention provides an intelligent door lock, which includes the chip mentioned in the above embodiments.
According to the intelligent door lock disclosed by the embodiment of the invention, the fingerprint verification method disclosed by the embodiment is realized through the chip, namely the encryption and decryption processes of the target fingerprint data are controlled through RISC-V (reduced instruction set computer-V), the encrypted target fingerprint data cannot be accessed from the outside, and the target fingerprint data is prevented from being tampered and controlled, so that the security of fingerprint verification is improved.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is an architecture diagram of an application scenario of a fingerprint authentication method according to an embodiment of the present invention;
FIG. 2 is a flow diagram of a fingerprint authentication method according to one embodiment of the present invention;
FIG. 3 is a block diagram of a chip according to one embodiment of the invention;
fig. 4 is a block diagram of an intelligent door lock according to one embodiment of the present invention.
Detailed Description
Embodiments of the present invention will be described in detail below, the embodiments described with reference to the drawings being illustrative, and the embodiments of the present invention will be described in detail below.
In the embodiment, as shown in fig. 1, an architecture diagram of an application scenario of a fingerprint authentication method according to an embodiment of the present invention is shown. The fingerprint verification method can be applied to a chip, and the architecture of the chip is shown in fig. 1, for example. Specifically, as shown in fig. 1, the chip may include a RISC-V core, an ARM (Advanced RISC Machines) core, and a CAPU (Control Access Protection Unit) module. The ARM core runs a normal operating system and is responsible for storing privacy information of a user and running fingerprint application; the RISC-V core runs a safe operating system, controls the fingerprint chip and the OTP register, controls the encryption and decryption processes of the target fingerprint data, and the CAPU module is used for checking and controlling the access authority of the bus, limiting the access range of the equipment, limiting the RISC-V core to access the fingerprint chip and the OTP register, and ensuring the safety of the target fingerprint data.
In a specific embodiment, the chip can be applied to the intelligent door lock, for example, the chip is arranged in the intelligent door lock, the intelligent door lock performs fingerprint identification and verification on the input fingerprint through the chip, and the intelligent door lock is unlocked after the verification is passed, so that the safety and the reliability of the intelligent door lock are improved.
A fingerprint authentication method according to an embodiment of the first aspect of the invention is described below with reference to fig. 1 and 2. The fingerprint verification method is implemented on the basis of hardware, such as a chip, for example, a chip for fingerprint identification and verification. The chip includes, for example, a RISC-V core.
As shown in fig. 2, the fingerprint authentication method according to the embodiment of the present invention at least includes steps S1 to S4.
At step S1, the RISC-V core acquires target fingerprint data.
In an embodiment, as shown in fig. 1, the target fingerprint data is, for example, fingerprint data corresponding to a target user. For example, when the smart door lock is applied to a business, the target fingerprint data includes, for example, fingerprint data of all employees of the business or fingerprint data of a partially designated employee, or, when the smart door lock is applied to a family, the target fingerprint data includes, for example, fingerprint data of a portion or all members of the family, or fingerprint data of other authorized persons, such as relatives, friends, etc. When a user records fingerprint data, the RISC-V core is started, and the fingerprint data of a target user is acquired through a fingerprint chip or a fingerprint sensor, so that the target fingerprint data is recorded.
The acquisition of the target fingerprint data can be controlled by a safety system running on the RISC-V core, the CAPU module of the chip limits that the ARM core cannot access the target equipment and the ARM core cannot monitor the input of the user fingerprint data, and the safety of acquiring the target fingerprint data is ensured.
And step S2, encrypting the target fingerprint data according to the preset key information to obtain target encrypted data.
In the embodiment, in order to ensure the security of the target fingerprint data, the target fingerprint data needs to be encrypted according to the preset key information, and the preset key information is written once and cannot be changed when the target device is produced, so that the preset key information cannot be tampered, and the encryption security is high.
And step S3, receiving the fingerprint data to be verified, and decrypting the target encrypted data to obtain the target fingerprint data.
In an embodiment, the fingerprint data to be verified may be fingerprint data of an employee of a company or fingerprint data of a visitor of the company, for example, when the employee or the visitor needs to enter the company and needs to unlock the smart door lock, the employee or the visitor may input a fingerprint of the employee or the visitor through a fingerprint sensor of the smart door lock, that is, the fingerprint data to be verified, so as to verify the input fingerprint, and after the input fingerprint passes the verification, the smart door lock is unlocked.
Specifically, when the fingerprint sensor detects that a user inputs a fingerprint, the RISC-V core receives fingerprint data to be verified, and in order to determine whether the fingerprint data to be verified is target fingerprint data, that is, fingerprint data of an employee of a company, the fingerprint data to be verified needs to be compared with the target fingerprint data, and the target fingerprint data is encrypted and cannot be directly compared with the fingerprint data to be verified, so that the target encrypted data needs to be decrypted to obtain the target fingerprint data, and then step S4 is executed. Therefore, the confidentiality of the target fingerprint data is improved by encrypting and decrypting the target fingerprint data, and the security of the fingerprint verification process is improved.
And step S4, verifying the fingerprint to be verified according to the target fingerprint data.
In the embodiment, after the target fingerprint data is obtained through unlocking, the target fingerprint data is compared with the fingerprint data to be verified, if the fingerprint data to be verified is matched with the target fingerprint number, verification is successful, and the user corresponding to the fingerprint data to be verified is determined to be an authorized target user, such as an authorized employee in a company or an authorized family member in a family. And then, after the verification is passed, the intelligent door lock is unlocked. If the fingerprint data to be verified is not matched with the target fingerprint data, verification fails, the user corresponding to the fingerprint data to be verified is determined to be an unauthorized user, such as an unauthorized company visitor or an unauthorized family member in a family, and further, verification cannot pass and the intelligent door lock cannot be unlocked.
According to the fingerprint verification method provided by the embodiment of the invention, the target fingerprint data is acquired based on the RISC-V core, and is encrypted according to the preset key information to obtain the target encrypted data, wherein the acquisition of the target fingerprint data can only be controlled by a security system operated on the RISC-V core and cannot be monitored, so that the invasion of a hacker can be effectively prevented, and the security of fingerprint data entry is ensured; when receiving fingerprint data to be verified, the RISC-V decrypts the target encrypted data to obtain the target fingerprint data, so as to verify the fingerprint data to be verified, namely, the encryption and decryption processes of the target fingerprint data are controlled through the RISC-V, the target encrypted fingerprint data cannot be accessed from the outside, and the target fingerprint data is prevented from being tampered and controlled, so that the security of fingerprint verification is improved.
In some embodiments, as shown in fig. 1, the preset key information includes a device ID and a root key stored in the OTP register and uniquely corresponding to the target device. When the target fingerprint data is encrypted, the target device ID and the root key in the OTP register are read through the OTP driving unit, the target fingerprint data is encrypted through the target device ID and the root key, the device ID and the root key are written once and cannot be changed when the target device is produced, and therefore the device ID and the root key cannot be tampered by the outside world, and therefore the encryption safety of the target fingerprint data is guaranteed. The target device is an intelligent door lock installed in a certain company or a certain family.
In some embodiments, as shown in fig. 1, after the target encrypted data is obtained, the target encrypted data is stored in a preset fingerprint database, for example, a preset fingerprint database in an eMMC (Embedded multimedia Card). Specifically, the RISC-V core sends encrypted target encrypted data to the ARM core, the ARM core drives the eMMC and sends the target encrypted data to the eMMC, and after the eMMC is driven, the target encrypted data are stored in a preset fingerprint database. The preset fingerprint database is a specific encryption partition, the target encryption data are stored in the specific encryption partition, a user cannot directly access the specific encryption partition, and the storage safety of the target encryption data is guaranteed. Therefore, even if the target encrypted data is stolen by the outside, the corresponding root key is needed to decrypt the target encrypted data, but the root key of the target device cannot be acquired from the outside, namely cannot be decrypted, so that the security of the target fingerprint data is improved. And storing the target encrypted data into a preset fingerprint database, and facilitating extraction when decrypting the target encrypted data.
In some embodiments, when decrypting the target encrypted data, the target encrypted data is extracted from the preset fingerprint database, and the target encrypted data is decrypted according to the preset key information. Specifically, the fingerprint authentication service unit in the RISC-V core may read the device ID and the root key that are uniquely corresponding to the target device in the OTP register, and decrypt the target encrypted data using the read root key to obtain the target fingerprint data. The target encrypted data needs the device ID and the root key for decryption, the root key of the target device cannot be obtained from the outside, namely the target encrypted data cannot be decrypted from the outside, and the target encrypted data can only be decrypted by the root key read by the RISC-V core, so that the safety of the decryption process is ensured. In addition, it can be understood that the firmware running on the RISC-V core needs to be signed by using the private key of RSA-2048, and if the firmware is not signed by the private key, the firmware cannot be updated, and the possibility of tampering with the running of the RISC-V core is eliminated. The embodiment of the invention uses the public key solidified in the OTP register of the chip to decrypt, so that the firmware cannot be updated, thereby preventing the firmware from being tampered, and having higher safety.
In some embodiments, when the fingerprint to be verified is verified according to the target fingerprint data, matching the fingerprint data to be verified with the target fingerprint data, if the matching degree between the target fingerprint data and the fingerprint data to be verified is higher than a preset value, for example, the matching degree between the fingerprint data to be verified and the target fingerprint data of a certain employee of the company is higher than 95%, determining that the fingerprint data to be verified passes through, and indicating that the fingerprint data to be verified is the target fingerprint data of the employee. The fingerprint data to be verified and the target fingerprint data are matched, the matching degree of the fingerprint data to be verified and the target fingerprint data is determined, and accurate fingerprint verification is achieved.
In some embodiments, when the RISC-V core acquires the target fingerprint data, the fingerprint driving unit may control the fingerprint chip to acquire the fingerprint data of the target user for multiple times, for example, 10-20 times of acquisition, and extract the fingerprint features in the acquired multiple fingerprint data to obtain multiple fingerprint features; and generating target fingerprint data according to the extracted plurality of fingerprint features, thereby improving the accuracy and reliability of the target fingerprint data. The target fingerprint data is generated by collecting the fingerprint data of a target user such as a company employee for multiple times and extracting the fingerprint characteristics in the multiple fingerprint data, so that the problems of less fingerprint verification and collection times and verification failure are avoided, and the accuracy of the target fingerprint data is improved.
In a specific embodiment, the fingerprint verification method is applied to a chip, for example, which is applied to a smart door lock of a certain home. In this embodiment, the chip may execute the fingerprint authentication method according to any of the above embodiments of the present invention, so as to implement fingerprint authentication of a user who needs to enter the home by the intelligent door lock, thereby implementing intelligent unlocking.
In this embodiment, the process of performing fingerprint verification by using the fingerprint verification method for the smart door lock is summarized as follows: target fingerprint data is obtained through a RISC-V core of the chip, such as fingerprint data corresponding to part or all of the family members, namely, the fingerprint data of the family members is recorded in advance and is used as the target fingerprint data so as to provide reference for subsequent fingerprint verification. The input of the target fingerprint data is controlled by a safety system operated on a RISC-V core, cannot be monitored, can effectively prevent hackers from invading, and ensures the safety of the target fingerprint data. After the target fingerprint data is input, the target fingerprint data is encrypted according to preset key information, such as a device ID and a root key which are stored in an OTP register and only correspond to target equipment, so that target encrypted data is obtained, the device ID and the root key of the target equipment are written once and cannot be changed during production, the root key can be prevented from being tampered by the outside, and accordingly the encryption safety of the target fingerprint data is guaranteed. When a user (such as a certain member of the family) needs to enter the door, fingerprint data of the user, namely the fingerprint data to be verified, is input through a fingerprint sensor of the intelligent door lock, after the RISC-V core of the chip receives the fingerprint data to be verified, target encrypted data is decrypted through the equipment ID and the root key stored in the OTP register to obtain the pre-recorded target fingerprint data, the fingerprint data to be verified and the target fingerprint data are matched, if the matching is passed, the user is considered as the member of the family, the intelligent door lock is unlocked, and the user enters the door. If the matching is not passed, the user is not considered to be the family member, and is possibly an illegal user, and the intelligent door lock is not unlocked. When the target encrypted data is decrypted, the device ID and the root key stored in the OTP register cannot be acquired from the outside, and the target encrypted data can be decrypted only by the root key read by the RISC-V core, so that the security of the decryption process is ensured. The target encrypted data may be multiple and correspond to multiple members of the family one by one, so that when the fingerprint data to be verified is verified and is matched with one of the multiple target fingerprint data, the fingerprint data to be verified is judged to be verified to be passed.
According to the fingerprint verification method provided by the embodiment of the invention, the target fingerprint data is acquired based on the RISC-V core, and is encrypted according to the preset key information to obtain the target encrypted data, wherein the acquisition of the target fingerprint data can only be controlled by a security system operated on the RISC-V core and cannot be monitored, so that the invasion of a hacker can be effectively prevented, and the security of fingerprint data entry is ensured; when receiving fingerprint data to be verified, the RISC-V decrypts the target encrypted data to obtain the target fingerprint data, so as to verify the fingerprint data to be verified, namely, the encryption and decryption processes of the target fingerprint data are controlled through the RISC-V, the target encrypted fingerprint data cannot be accessed from the outside, and the target fingerprint data is prevented from being tampered and controlled, so that the security of fingerprint verification is improved.
A chip according to an embodiment of the second aspect of the present invention is described below with reference to the drawings.
Fig. 3 is a block diagram of a chip according to an embodiment of the present invention, and as shown in fig. 3, a chip 10 according to an embodiment of the present invention includes an obtaining unit 11, an encrypting unit 12, a receiving and decrypting unit 13, and an authenticating unit 14. The acquiring unit 11 is used for acquiring target fingerprint data; the encryption unit 12 is configured to encrypt the target fingerprint data according to preset key information to obtain target encrypted data; the receiving and decrypting unit 13 is used for decrypting the target encrypted data to obtain target fingerprint data when receiving the fingerprint data to be verified; the verification unit 14 is configured to verify the fingerprint to be verified according to the target fingerprint data.
According to the chip 10 of the embodiment of the invention, the acquisition unit 11 is used for acquiring target fingerprint data, and the acquisition of the target fingerprint data can only be controlled by a security system running on a RISC-V core and cannot be monitored, so that hacker intrusion can be effectively prevented, and the security of fingerprint data entry is ensured; when receiving the fingerprint data to be verified, the receiving and decrypting unit 13 decrypts the target encrypted data to obtain the target fingerprint data, so as to verify the fingerprint data to be verified, that is, the encrypting, decrypting and verifying processes of the target fingerprint data are controlled by each unit, so that the verification of the fingerprint data to be verified is realized, the target fingerprint data is prevented from being tampered and controlled, and the security of fingerprint verification is improved.
In some embodiments, the preset key information includes a device ID and a root key stored in the OTP register and uniquely corresponding to the target device. The target fingerprint data is encrypted through the ID of the target device and the root key, the ID of the device and the root key are written once and cannot be changed when the target device is produced, and the device can be prevented from being tampered by the outside, so that the encryption safety of the target fingerprint data is guaranteed.
In some embodiments, the chip 10 further includes a storage unit, configured to store the target encrypted data in a preset fingerprint database, and store the target encrypted data in the preset fingerprint database through the storage unit, where the preset fingerprint database is a specific encryption partition, and store the target encrypted data in the specific encryption partition, where a user cannot directly access the target encrypted data, so as to ensure the security of storing the target encrypted data. Therefore, even if the target encrypted data is stolen by the outside, the corresponding root key is needed to decrypt the target encrypted data, but the root key of the target device cannot be acquired from the outside, namely cannot be decrypted, so that the security of the target fingerprint data is improved. And storing the target encrypted data into a preset fingerprint database, and facilitating extraction when decrypting the target encrypted data.
In some embodiments, the receiving and decrypting unit 13 is specifically configured to extract the target encrypted data from a preset fingerprint database; and decrypting the target encrypted data according to the preset key information to obtain the target fingerprint data. The target encrypted data needs the device ID and the root key for decryption, the root key of the target device cannot be obtained from the outside, namely the target encrypted data cannot be decrypted from the outside, and the target encrypted data can only be decrypted by the root key read by the RISC-V core, so that the safety of the decryption process is ensured. In addition, it can be understood that the firmware running on the RISC-V core needs to be signed by using the private key of RSA-2048, and if the firmware is not signed by the private key, the firmware cannot be updated, and the possibility of tampering with the running of the RISC-V core is eliminated. The embodiment of the invention uses the public key solidified in the OTP register of the chip to decrypt, so that the firmware cannot be updated, thereby preventing the firmware from being tampered, and having higher safety.
In some embodiments, the verification unit 14 is specifically configured to, when the matching degree between the fingerprint data to be verified and the target fingerprint data is higher than a preset value, determine that the fingerprint data to be verified passes verification, which indicates that the fingerprint data to be verified is the target fingerprint data of the employee. The verification unit 14 matches the fingerprint data to be verified with the target fingerprint data, determines the matching degree of the fingerprint data and the target fingerprint data, and realizes accurate fingerprint verification.
In some embodiments, the obtaining unit 11 is specifically configured to control the fingerprint chip to collect fingerprint data of a target user for multiple times, for example, perform collection for 10 to 20 times, extract fingerprint features in the obtained multiple pieces of fingerprint data, and obtain multiple pieces of fingerprint features; and generating the target fingerprint data according to the extracted plurality of fingerprint features, thereby improving the accuracy and reliability of the target fingerprint data. The fingerprint data of the target user are collected for multiple times, and the fingerprint features in the fingerprint data are extracted to generate the target fingerprint data, so that the problems that the fingerprint verification collection times are few, the verification fails are solved, and the accuracy of the target fingerprint data is improved.
It should be noted that a specific implementation manner of the chip 10 according to the embodiment of the present invention is similar to a specific implementation manner of the fingerprint verification method according to any of the above embodiments of the present invention, and please refer to the description of the method part specifically, and details are not described here again in order to reduce redundancy.
According to the chip 10 of the embodiment of the invention, the acquisition unit 11 is used for acquiring target fingerprint data, and the acquisition of the target fingerprint data can only be controlled by a security system running on a RISC-V core and cannot be monitored, so that hacker intrusion can be effectively prevented, and the security of fingerprint data entry is ensured; when receiving the fingerprint data to be verified, the receiving and decrypting unit 13 decrypts the target encrypted data to obtain the target fingerprint data, so as to verify the fingerprint data to be verified, that is, the encrypting, decrypting and verifying processes of the target fingerprint data are controlled by each unit, so that the verification of the fingerprint data to be verified is realized, the target fingerprint data is prevented from being tampered and controlled, and the security of fingerprint verification is improved.
An intelligent door lock according to an embodiment of the third aspect of the present invention will be described with reference to the drawings.
Fig. 4 is a block diagram of an intelligent door lock according to an embodiment of the present invention, and as shown in fig. 4, an intelligent door lock 20 includes the chip 10 mentioned in the above embodiment.
According to the intelligent door lock 20 of the embodiment of the invention, the fingerprint verification method mentioned in the above embodiment is realized through the chip 10, namely, the encryption and decryption processes of the target fingerprint data are controlled through RISC-V check, the target encrypted fingerprint number cannot be accessed from the outside, and the target fingerprint data is ensured not to be tampered and controlled, so that the security of fingerprint verification is improved.
In addition, other structures and functions of the intelligent door lock according to the above-mentioned embodiment of the present invention are known to those skilled in the art, and are not described in detail for reducing redundancy.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an illustrative embodiment," "an example," "a specific example," or "some examples" or the like mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example.
While embodiments of the invention have been shown and described, it will be understood by those of ordinary skill in the art that: various changes, modifications, substitutions and alterations can be made to the embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the claims and their equivalents.
Claims (13)
1. A fingerprint authentication method applied to a chip, the chip including a RISC-V core, the method comprising:
the RISC-V core acquires target fingerprint data;
encrypting the target fingerprint data according to preset key information to obtain target encrypted data;
receiving fingerprint data to be verified, and decrypting the target encrypted data to obtain the target fingerprint data;
and verifying the fingerprint to be verified according to the target fingerprint data.
2. The fingerprint authentication method of claim 1, wherein the preset key information comprises a device ID and a root key stored in the OTP register and uniquely corresponding to the target device.
3. The fingerprint authentication method according to claim 1 or 2, further comprising, after obtaining the target encrypted data:
and storing the target encrypted data into a preset fingerprint database.
4. The fingerprint authentication method of claim 3, wherein the decrypting the target encrypted data comprises:
extracting the target encrypted data from the preset fingerprint database;
and decrypting the target encrypted data according to the preset key information to obtain the target fingerprint data.
5. The fingerprint verification method according to claim 1, wherein the verifying the fingerprint to be verified according to the target fingerprint data comprises:
and if the matching degree of the fingerprint data to be verified and the target fingerprint data is higher than a preset value, determining that the fingerprint to be verified passes verification.
6. The fingerprint authentication method of claim 1, wherein the RISC-V core obtains target fingerprint data, comprising:
controlling a fingerprint chip to acquire fingerprint data of a target user for multiple times;
extracting fingerprint features in a plurality of fingerprint data;
generating the target fingerprint data from the extracted plurality of fingerprint features.
7. A chip including a RISC-V core, said RISC-V core comprising:
an acquisition unit configured to acquire target fingerprint data;
the encryption unit is used for encrypting the target fingerprint data according to preset key information to obtain target encrypted data;
the receiving and decrypting unit is used for decrypting the target encrypted data to obtain the target fingerprint data when receiving the fingerprint data to be verified;
and the verification unit is used for verifying the fingerprint to be verified according to the target fingerprint data.
8. The chip of claim 7, wherein the preset key information comprises a device ID and a root key stored in an OTP register and uniquely corresponding to a target device.
9. The chip of claim 7 or 8, further comprising:
and the storage unit is used for storing the target encrypted data into a preset fingerprint database.
10. The chip of claim 9, wherein the receiving and decrypting unit is specifically configured to:
extracting the target encrypted data from the preset fingerprint database;
and decrypting the target encrypted data according to the preset key information to obtain the target fingerprint data.
11. The chip according to claim 7, wherein the verification unit is specifically configured to:
and when the matching degree of the fingerprint data to be verified and the target fingerprint data is higher than a preset value, determining that the fingerprint to be verified passes verification.
12. The chip according to claim 7, wherein the obtaining unit is specifically configured to:
controlling a fingerprint chip to acquire fingerprint data of a target user for multiple times;
extracting fingerprint features in a plurality of fingerprint data;
generating the target fingerprint data from the extracted plurality of fingerprint features.
13. An intelligent door lock, characterized in that it comprises a chip according to any one of claims 7 to 12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110005256.1A CN112507313A (en) | 2021-01-05 | 2021-01-05 | Fingerprint verification method, chip and intelligent door lock |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110005256.1A CN112507313A (en) | 2021-01-05 | 2021-01-05 | Fingerprint verification method, chip and intelligent door lock |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112507313A true CN112507313A (en) | 2021-03-16 |
Family
ID=74952248
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110005256.1A Pending CN112507313A (en) | 2021-01-05 | 2021-01-05 | Fingerprint verification method, chip and intelligent door lock |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112507313A (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109410406A (en) * | 2018-11-14 | 2019-03-01 | 北京华大智宝电子系统有限公司 | A kind of authorization method, device and system |
| CN111435396A (en) * | 2019-01-15 | 2020-07-21 | 量子芯云(北京)微电子科技有限公司 | Intelligent safety master control |
-
2021
- 2021-01-05 CN CN202110005256.1A patent/CN112507313A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109410406A (en) * | 2018-11-14 | 2019-03-01 | 北京华大智宝电子系统有限公司 | A kind of authorization method, device and system |
| CN111435396A (en) * | 2019-01-15 | 2020-07-21 | 量子芯云(北京)微电子科技有限公司 | Intelligent safety master control |
Non-Patent Citations (1)
| Title |
|---|
| 智东西: "如何看待开源指令集RISC-V", Retrieved from the Internet <URL:《https://www.zhihu.com/question/28368960/answer/788163810?from=singlemessage&utm_id=0》> * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2434462B1 (en) | Biometric key | |
| CN103886234B (en) | A kind of fail-safe computer based on encryption hard disk and data security control method thereof | |
| EP0924656B1 (en) | Personal identification FOB | |
| CN111768522B (en) | CTID-based intelligent door lock unlocking method and system | |
| CN105243314B (en) | A kind of security system and its application method based on USB key | |
| Breebaart et al. | Biometric template protection: The need for open standards | |
| CN103473844A (en) | Intelligent control method and intelligent control system for public rental housing | |
| CN103580872A (en) | System and method for generating and managing secret key | |
| US20100125734A1 (en) | Encrypted image with matryoshka structure and mutual agreement authentication system and method using the same | |
| US8151111B2 (en) | Processing device constituting an authentication system, authentication system, and the operation method thereof | |
| JP2005293490A (en) | Biometrics system | |
| CN112637172A (en) | Novel data security and confidentiality method | |
| CN1381787A (en) | Method and system for protecting hard disk of computer | |
| CN110766845A (en) | Identification method and device for power construction user information and computer equipment | |
| CN112507313A (en) | Fingerprint verification method, chip and intelligent door lock | |
| CN112446982A (en) | Method, device, computer readable medium and equipment for controlling intelligent lock | |
| CN112507355B (en) | Personal health data storage system based on block chain | |
| JPH05290149A (en) | System and device for fingerprint collation and certification | |
| CN101227281A (en) | Dynamic anti stealing information and identification authenticating method | |
| AU2006200187B2 (en) | Controlling access to an area | |
| CN117744097A (en) | Control device and method for system security access | |
| CN113421085B (en) | Smart card dynamic password authentication method and system | |
| CN111447424B (en) | Projection system with safety enhancement function | |
| CN117633911A (en) | Seal management method, device, computer equipment and medium | |
| Wu | Biometrics authentication system on open network and security analysis |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |