CN115776413A - Data transmission method and system based on iris encryption - Google Patents
Data transmission method and system based on iris encryption Download PDFInfo
- Publication number
- CN115776413A CN115776413A CN202310086504.9A CN202310086504A CN115776413A CN 115776413 A CN115776413 A CN 115776413A CN 202310086504 A CN202310086504 A CN 202310086504A CN 115776413 A CN115776413 A CN 115776413A
- Authority
- CN
- China
- Prior art keywords
- iris
- user
- data
- feature
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Collating Specific Patterns (AREA)
Abstract
The invention provides a data transmission method and a system based on iris encryption, which relate to the technical field of data transmission and comprise the following steps: the method comprises the steps that a first terminal encrypts data to be transmitted by means of iris characteristics of a first user to obtain first encrypted data; after the server acquires the first encrypted data, calling iris features of the first user stored in an iris feature library, and decrypting the first encrypted data by using the iris features of the first user to obtain data to be transmitted; the server calls the iris characteristics of the second user stored in the iris characteristic library, and encrypts data to be transmitted by using the iris characteristics of the second user to obtain second encrypted data; the second terminal is used for decrypting the second encrypted data by using the iris characteristics of the second user and the second target iris characteristics after the second encrypted data is obtained, so that the data to be transmitted is obtained, and the technical problem of poor transmission safety of the existing iris encryption transmission method is solved.
Description
Technical Field
The invention relates to the technical field of data transmission, in particular to a data transmission method and system based on iris encryption.
Background
With the rapid development of computer network technology, the network security problem is increasingly prominent, and the requirement of encryption technology in the data transmission process is more and more urgent. The traditional network transmission encryption algorithm mainly comprises a DES encryption algorithm and an AES encryption algorithm in a symmetric cryptosystem, an RSA encryption algorithm and an ECC encryption algorithm in an asymmetric cryptosystem and the like. The wiretapping, data tampering and the like between end to end are effectively solved. But there is no guarantee as to whether the end-received data is received by the person actually needed. Different encryption methods cannot be adopted for specific people, and whether encryption and decryption are complicated or not is judged; sometimes requiring the end person to remember a complex password or operation.
The prior art utilizes an iris encryption transmission mode to solve the problems, but the prior iris encryption transmission mode has the technical problem of poor transmission safety.
No effective solution has been proposed to the above problems.
Disclosure of Invention
In view of this, an object of the present invention is to provide a data transmission system based on iris encryption, so as to alleviate the technical problem of poor transmission security of the existing iris encryption transmission method.
In a first aspect, an embodiment of the present invention provides a data transmission system based on iris encryption, including: the device comprises a first terminal, a server and a second terminal, wherein the first terminal is used for encrypting data to be transmitted by a first user after acquiring the data to be transmitted input by the first user and iris characteristics of the first user, acquiring first encrypted data, and sending the first encrypted data and first ciphertext data constructed by first target iris characteristics to the server, wherein the first target iris characteristics are iris characteristics constructed based on the iris characteristics of the first user and first impurity characteristics; the server is used for calling the iris features of the first user stored in an iris feature library according to the user ID of the first user after the first ciphertext data is obtained, and decrypting the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted; the server is further used for calling the iris features of a second user stored in an iris feature library according to the user ID of the second user, encrypting the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and sending second ciphertext data constructed by the second encrypted data and second target iris features to the second terminal, wherein the second target iris features are iris features constructed based on the iris features of the second user and second impurity features; the second terminal is configured to acquire the iris feature of the second user after the second ciphertext data is acquired, and decrypt the second encrypted data by using the iris feature of the second user and the second target iris feature to obtain the data to be transmitted.
Further, the first terminal includes: the device comprises a data acquisition module, a first iris characteristic acquisition module, a first encryption module, a first data processing module and a first sending module, wherein the data acquisition module is used for acquiring to-be-transmitted data input by a first user; the first iris feature acquisition module is used for acquiring the iris features of the first user and carrying out normalization processing on the iris features of the first user to obtain normalized iris features of the first user; the first encryption module is used for carrying out redundancy processing on the normalized iris characteristics of the first user based on a first preset identification rate to obtain a first secret key, and encrypting the data to be transmitted by using the first secret key to obtain first encrypted data; the data processing module is used for constructing the first ciphertext data by using the first encrypted data and the first target iris characteristics; and the sending module is used for sending the first ciphertext data to the server.
Further, the server includes: the system comprises an iris feature library, a first decryption module, a second encryption module, a second data processing module and a second sending module, wherein the iris feature library is used for storing iris features of all users; the first decryption module is used for calling the iris features of the first user stored in the iris feature library according to the user ID of the first user; the first decryption module is further configured to extract feature points included in the first target iris feature, generate the first key using the first target feature points when a ratio between a first target feature point of the feature points included in the first target iris feature and a feature point of the iris feature of the first user is the first preset identification rate, decrypt the first encrypted data using the key, and obtain the data to be transmitted, where the first target feature point is a feature point of the feature points included in the first target iris feature, the feature point being the same as the feature point of the iris feature of the first user; the second encryption module is configured to perform redundancy processing on iris features of the second user based on a second preset identification rate to obtain a second key, and encrypt the data to be transmitted by using the second key to obtain second encrypted data; the second data processing module is used for constructing second ciphertext data by using the second encrypted data and second target iris characteristics; and the second sending module is used for sending the two ciphertext data to the second terminal.
Further, the second terminal includes: the second iris feature acquisition module is used for acquiring the iris features of the second user and carrying out normalization processing on the iris features of the second user to obtain normalized iris features of the second user; the second decryption module is configured to extract feature points included in the second target iris feature, generate the second key using the second target feature points when a ratio between second target feature points included in the second target iris feature and feature points in the normalized iris feature of the second user is the second preset identification rate, decrypt the second encrypted data using the second key, and obtain the data to be transmitted, where the second target feature points are feature points, among the feature points included in the second target iris feature, that are the same as the feature points in the normalized iris feature of the second user.
In a second aspect, an embodiment of the present invention further provides a data transmission method based on iris encryption, including: after a first terminal acquires data to be transmitted input by a first user and iris characteristics of the first user, encrypting the data to be transmitted by using the iris characteristics of the first user to obtain first encrypted data, and sending the first encrypted data and first ciphertext data constructed by first target iris characteristics to a server, wherein the first target iris characteristics are iris characteristics constructed based on the iris characteristics of the first user and first impurity characteristics; after the server acquires the first ciphertext data, calling the iris features of the first user stored in an iris feature library according to the user ID of the first user, and decrypting the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted; calling iris features of a second user stored in an iris feature library through the server according to the user ID of the second user, encrypting the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and sending second ciphertext data constructed by the second encrypted data and second target iris features to a second terminal, wherein the second target iris features are iris features constructed based on the iris features of the second user and second impurity features; after the second terminal acquires the second ciphertext data, acquiring iris features of the second user, and decrypting the second encrypted data by using the iris features of the second user and the second target iris features to obtain the data to be transmitted.
Further, after a first terminal acquires data to be transmitted input by a first user and iris features of the first user, the data to be transmitted is encrypted by using the iris features of the first user to obtain first encrypted data, and first ciphertext data constructed by the first encrypted data and first target iris features is sent to a server, and the method includes the steps of: normalizing the iris features of the first user to obtain normalized iris features of the first user; based on a first preset identification rate, carrying out redundancy processing on the iris characteristics of the normalized first user to obtain a first secret key, and encrypting the data to be transmitted by using the first secret key to obtain first encrypted data; constructing the first ciphertext data by using the first encrypted data and the first target iris characteristic; and sending the first ciphertext data to the server.
Further, after the server acquires the first ciphertext data, according to the user ID of the first user, invoking the iris feature of the first user stored in an iris feature library, and decrypting the first encrypted data by using the iris feature of the first user and the first target iris feature to obtain the data to be transmitted, including: calling the iris features of the first user stored in an iris feature library according to the user ID of the first user; extracting feature points included in the first target iris feature, generating the first key by using the first target feature points when the ratio of the first target feature points included in the first target iris feature to the feature points in the iris feature of the first user is the first preset identification rate, and decrypting the first encrypted data by using the key to obtain the data to be transmitted, wherein the first target feature points are the same feature points as the feature points in the iris feature of the first user in the feature points included in the first target iris feature.
Further, the server calls the iris features of the second user stored in an iris feature library according to the user ID of the second user, encrypts the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and sends the second encrypted data and second ciphertext data constructed by the second target iris features to the second terminal, including: based on a second preset identification rate, carrying out redundancy processing on the iris characteristics of the second user to obtain a second secret key, and encrypting the data to be transmitted by using the second secret key to obtain second encrypted data; constructing the second ciphertext data by using the second encrypted data and second target iris characteristics; and sending the two cipher text data to the second terminal.
Further, after the second terminal acquires the second ciphertext data, acquiring iris features of the second user, and decrypting the second encrypted data by using the iris features of the second user and the second target iris features to obtain the to-be-transmitted data, including: acquiring the iris characteristics of the second user, and carrying out normalization processing on the iris characteristics of the second user to obtain normalized iris characteristics of the second user; and extracting feature points contained in the second target iris feature, and when the ratio of the second target feature points contained in the second target iris feature to the feature points in the normalized iris feature of the second user is the second preset identification rate, generating the second key by using the second target feature points, and decrypting the second encrypted data by using the second key to obtain the data to be transmitted, wherein the second target feature points are the same feature points as the feature points in the normalized iris feature of the second user in the feature points contained in the second target iris feature.
In a third aspect, an embodiment of the present invention further provides an electronic device, which includes a memory and a processor, where the memory is used to store a program that supports the processor to execute the method in the first aspect, and the processor is configured to execute the program stored in the memory.
In a fourth aspect, an embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored.
In the embodiment of the invention, the first terminal is used for encrypting data to be transmitted by a first user by using iris features of the first user after acquiring the data to be transmitted input by the first user and the iris features of the first user to obtain first encrypted data, and sending the first encrypted data and first ciphertext data constructed by first target iris features to the server, wherein the first target iris features are iris features constructed based on the iris features of the first user and first impurity features; the server is used for calling the iris features of the first user stored in an iris feature library according to the user ID of the first user after the first ciphertext data is obtained, and decrypting the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted; the server is further used for calling the iris features of the second user stored in the iris feature library according to the user ID of the second user, encrypting the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and sending the second encrypted data and second ciphertext data constructed by second target iris features to the second terminal, wherein the second target iris features are iris features constructed based on the iris features of the second user and second impurity features; the second terminal is used for acquiring the iris characteristics of the second user after the second ciphertext data is acquired, decrypting the second encrypted data by using the iris characteristics of the second user and the second target iris characteristics to obtain the data to be transmitted, so that the aim of safely transmitting the data by using the iris characteristics is fulfilled, the problem that the existing iris encryption transmission method is poor in transmission safety is solved, and the technical effect of improving the transmission safety of the iris encryption transmission method is achieved.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a schematic diagram of a data transmission system based on iris encryption according to an embodiment of the present invention;
FIG. 2 is a diagram illustrating ciphertext data provided by an embodiment of the present invention;
FIG. 3 is a diagram illustrating iris features and keys provided in accordance with an embodiment of the present invention;
fig. 4 is a flowchart of a data transmission method based on iris encryption according to an embodiment of the present invention.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The first embodiment is as follows:
according to an embodiment of the present invention, an embodiment of a data transmission system based on iris encryption is provided, and fig. 1 is a schematic diagram of a data transmission system based on iris encryption according to an embodiment of the present invention, as shown in fig. 1, the data transmission system based on iris encryption includes: a first terminal 10, a server 20 and a second terminal 30.
The first terminal is used for encrypting the data to be transmitted by using the iris features of the first user after acquiring the data to be transmitted input by the first user and the iris features of the first user to obtain first encrypted data, and sending the first encrypted data and first ciphertext data constructed by the first target iris features to the server, wherein the first target iris features are iris features constructed based on the iris features of the first user and first impurity features;
the server is used for calling the iris features of the first user stored in an iris feature library according to the user ID of the first user after the first ciphertext data are obtained, and decrypting the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted;
the server is further used for calling the iris features of the second user stored in the iris feature library according to the user ID of the second user, encrypting the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and sending the second encrypted data and second ciphertext data constructed by second target iris features to the second terminal, wherein the second target iris features are iris features constructed based on the iris features of the second user and second impurity features;
the second terminal is configured to acquire the iris feature of the second user after the second ciphertext data is acquired, and decrypt the second encrypted data by using the iris feature of the second user and the second target iris feature to obtain the data to be transmitted.
In the embodiment of the invention, the first terminal is used for encrypting data to be transmitted by a first user by using iris features of the first user after acquiring the data to be transmitted input by the first user and the iris features of the first user to obtain first encrypted data, and sending the first encrypted data and first ciphertext data constructed by first target iris features to the server, wherein the first target iris features are iris features constructed based on the iris features of the first user and first impurity features; the server is used for calling the iris features of the first user stored in an iris feature library according to the user ID of the first user after the first ciphertext data are obtained, and decrypting the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted; the server is further used for calling the iris features of the second user stored in the iris feature library according to the user ID of the second user, encrypting the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and sending the second encrypted data and second ciphertext data constructed by second target iris features to the second terminal, wherein the second target iris features are iris features constructed based on the iris features of the second user and second impurity features; the second terminal is used for acquiring the iris characteristics of the second user after the second ciphertext data is acquired, decrypting the second encrypted data by using the iris characteristics of the second user and the second target iris characteristics to obtain the data to be transmitted, so that the aim of safely transmitting the data by using the iris characteristics is fulfilled, the problem that the existing iris encryption transmission method is poor in transmission safety is solved, and the technical effect of improving the transmission safety of the iris encryption transmission method is achieved.
In an embodiment of the present invention, the first terminal includes: the device comprises a data acquisition module, a first iris characteristic acquisition module, a first encryption module, a first data processing module and a first sending module.
The data acquisition module is used for acquiring the data to be transmitted input by the first user;
the first iris feature acquisition module is used for acquiring the iris features of the first user and normalizing the iris features of the first user to obtain normalized iris features of the first user;
the first encryption module is configured to perform redundancy processing on the normalized iris features of the first user based on a first preset identification rate to obtain a first key, and encrypt the data to be transmitted by using the first key to obtain first encrypted data;
the data processing module is used for constructing the first ciphertext data by using the first encrypted data and the first target iris characteristics;
and the sending module is used for sending the first ciphertext data to the server.
The server, comprising: the device comprises an iris feature library, a first decryption module, a second encryption module, a second data processing module and a second sending module.
The iris feature library is used for storing iris features of all users;
the first decryption module is used for calling the iris features of the first user stored in the iris feature library according to the user ID of the first user;
the first decryption module is further configured to extract feature points included in the first target iris feature, generate the first key using the first target feature points when a ratio between a first target feature point of the feature points included in the first target iris feature and a feature point of the iris feature of the first user is the first preset identification rate, decrypt the first encrypted data using the key, and obtain the data to be transmitted, where the first target feature point is a feature point of the feature points included in the first target iris feature, the feature point being the same as the feature point of the iris feature of the first user;
the second encryption module is configured to perform redundancy processing on iris features of the second user based on a second preset identification rate to obtain a second key, and encrypt the data to be transmitted by using the second key to obtain second encrypted data;
the second data processing module is used for constructing second ciphertext data by using the second encrypted data and second target iris characteristics;
and the second sending module is used for sending the two ciphertext data to the second terminal.
It should be noted that the first encryption module sets redundancy processing according to a first preset identification rate, and mainly aims to generate and determine a unique key according to the first preset identification rate, for example, when the normalized iris feature of the first user includes 10 feature points, and when the first preset identification rate is 70%, and when the feature points included in the first target iris feature extracted by the first decryption module include 7 target feature points, the first encryption module may determine the first key according to the 7 target feature points, and then decrypt the first encrypted data to obtain the data to be transmitted.
In addition, it should be noted that, the first encryption module generally encrypts the data to be transmitted by using a symmetric encryption algorithm such as AES-128, AES-192, or AES-256, so as to obtain the first encrypted data.
In the embodiment of the invention, the structure of the ciphertext data is shown in fig. 2, the relation between the iris characteristic and the key is shown in fig. 3, the higher the preset identification rate is, the less the key redundant data is, the more the adulterable characteristic is, and the higher the safety of data transmission is.
In an embodiment of the present invention, the second terminal includes: the second iris feature acquisition module and the second decryption module.
The second iris feature acquisition module is used for acquiring the iris features of the second user and carrying out normalization processing on the iris features of the second user to obtain normalized iris features of the second user;
the second decryption module is configured to extract feature points included in the second target iris feature, generate the second key using the second target feature points when a ratio between second target feature points included in the second target iris feature and feature points in the normalized iris feature of the second user is the second preset identification rate, decrypt the second encrypted data using the second key, and obtain the data to be transmitted, where the second target feature points are feature points, among the feature points included in the second target iris feature, that are the same as the feature points in the normalized iris feature of the second user.
In the embodiment of the invention, the process that the server performs iris encryption transmission on the data to be transmitted to the second terminal and the second terminal decrypts the data to obtain the data to be transmitted is similar to the process that the first terminal performs iris encryption transmission on the data to be transmitted to the server and the server decrypts the data to obtain the data to be transmitted, and therefore, the description is omitted.
In the embodiment of the invention, the data security processing method which can prevent important information from being intercepted and terminal equipment from being paid by transmitting data by using iris encryption ensures the security of the important information in the transmission process and the acquisition of the data by designated personnel; secondly, the secret key is portable and is not easy to forget or lose, and the application technology requirement is low and the trial is wide. And different encryption keys are set according to the receiving and transmitting parties of the information in the data transmission process. The data safety of the information in the transmission process and the data transmitted to the terminal is ensured. Only the true receiver can finish the decryption of the data through the iris information of the true receiver. The last step of data security is ensured.
Example two:
the embodiment of the invention also provides a data transmission method based on iris encryption, the data transmission system based on iris encryption provided by the embodiment of the invention is used for executing the data transmission method based on iris encryption, and the following is a specific introduction of the data transmission method based on iris encryption provided by the embodiment of the invention.
As shown in fig. 4, fig. 4 is a flowchart of the data transmission method based on iris encryption, and the data transmission method based on iris encryption includes:
step S102, after a first terminal acquires data to be transmitted input by a first user and iris characteristics of the first user, encrypting the data to be transmitted by utilizing the iris characteristics of the first user to obtain first encrypted data, and sending the first encrypted data and first ciphertext data constructed by first target iris characteristics to a server, wherein the first target iris characteristics are iris characteristics constructed based on the iris characteristics of the first user and first impurity characteristics;
step S104, after the server acquires the first ciphertext data, according to the user ID of the first user, calling the iris features of the first user stored in an iris feature library, and decrypting the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted;
step S106, calling the iris characteristics of a second user stored in an iris characteristic library through the server according to the user ID of the second user, encrypting the data to be transmitted by using the iris characteristics of the second user to obtain second encrypted data, and sending the second encrypted data and second ciphertext data constructed by second target iris characteristics to a second terminal, wherein the second target iris characteristics are iris characteristics constructed based on the iris characteristics of the second user and second impurity characteristics;
step S108, after the second terminal acquires the second ciphertext data, acquiring the iris characteristics of the second user, and decrypting the second encrypted data by using the iris characteristics of the second user and the second target iris characteristics to obtain the data to be transmitted.
In the embodiment of the invention, after a first terminal acquires data to be transmitted input by a first user and iris characteristics of the first user, the data to be transmitted is encrypted by using the iris characteristics of the first user to obtain first encrypted data, and first ciphertext data constructed by the first encrypted data and first target iris characteristics is sent to a server, wherein the first target iris characteristics are iris characteristics constructed based on the iris characteristics of the first user and first impurity characteristics; after the server acquires the first ciphertext data, calling the iris features of the first user stored in an iris feature library according to the user ID of the first user, and decrypting the first ciphertext data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted; calling, by the server, iris features of a second user stored in an iris feature library according to a user ID of the second user, encrypting the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and sending second encrypted data constructed by the second encrypted data and second target iris features to a second terminal, wherein the second target iris features are iris features constructed based on the iris features of the second user and second impurity features; after the second terminal acquires the second ciphertext data, the iris characteristics of the second user are acquired, the second encrypted data are decrypted by using the iris characteristics of the second user and the second target iris characteristics, the data to be transmitted are obtained, the aim of safely transmitting the data by using the iris characteristics is fulfilled, the problem that the existing iris encryption transmission method is poor in transmission safety is solved, and the technical effect of improving the transmission safety of the iris encryption transmission method is achieved.
Example three:
the embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program performs the steps of the method in the first embodiment.
In addition, in the description of the embodiments of the present invention, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
In the description of the present invention, it should be noted that the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc., indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience of description and simplicity of description, but do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. The above-described apparatus embodiments are merely illustrative, and for example, the division of the units into only one type of logical function may be implemented in other ways, and for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it should be understood by those skilled in the art that the following descriptions are only illustrative and not restrictive, and that the scope of the present invention is not limited to the above embodiments: those skilled in the art can still make modifications or changes to the embodiments described in the foregoing embodiments, or make equivalent substitutions for some features, within the scope of the disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the embodiments of the present invention, and they should be construed as being included therein. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A data transmission system based on iris encryption, comprising: a first terminal, a server and a second terminal, wherein,
the first terminal is used for encrypting the data to be transmitted by using the iris characteristics of the first user after acquiring the data to be transmitted input by the first user and the iris characteristics of the first user to obtain first encrypted data, and sending first ciphertext data constructed by the first encrypted data and first target iris characteristics to the server, wherein the first target iris characteristics are iris characteristics constructed based on the iris characteristics of the first user and first impurity characteristics;
the server is used for calling the iris features of the first user stored in an iris feature library according to the user ID of the first user after the first ciphertext data are obtained, and decrypting the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted;
the server is further used for calling the iris features of a second user stored in an iris feature library according to the user ID of the second user, encrypting the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and sending second ciphertext data constructed by the second encrypted data and second target iris features to the second terminal, wherein the second target iris features are iris features constructed based on the iris features of the second user and second impurity features;
the second terminal is configured to acquire the iris feature of the second user after the second ciphertext data is acquired, and decrypt the second encrypted data by using the iris feature of the second user and the second target iris feature to obtain the data to be transmitted.
2. The system of claim 1, wherein the first terminal comprises: a data acquisition module, a first iris characteristic acquisition module, a first encryption module, a first data processing module and a first sending module, wherein,
the data acquisition module is used for acquiring data to be transmitted input by the first user;
the first iris feature acquisition module is used for acquiring the iris features of the first user and carrying out normalization processing on the iris features of the first user to obtain normalized iris features of the first user;
the first encryption module is configured to perform redundancy processing on the normalized iris features of the first user based on a first preset identification rate to obtain a first key, and encrypt the data to be transmitted by using the first key to obtain first encrypted data;
the data processing module is used for constructing the first ciphertext data by using the first encrypted data and the first target iris characteristics;
and the sending module is used for sending the first ciphertext data to the server.
3. The system of claim 2, wherein the server comprises: an iris feature library, a first decryption module, a second encryption module, a second data processing module and a second sending module, wherein,
the iris feature library is used for storing iris features of all users;
the first decryption module is used for calling the iris features of the first user stored in the iris feature library according to the user ID of the first user;
the first decryption module is further configured to extract feature points included in the first target iris feature, generate the first key by using the first target feature point when a ratio between a first target feature point of the feature points included in the first target iris feature and the feature point of the iris feature of the first user is the first preset identification rate, decrypt the first encrypted data by using the key, and obtain the data to be transmitted, where the first target feature point is a feature point of the feature points included in the first target iris feature, the feature point being the same as the feature point of the iris feature of the first user;
the second encryption module is configured to perform redundancy processing on iris features of the second user based on a second preset identification rate to obtain a second key, and encrypt the data to be transmitted by using the second key to obtain second encrypted data;
the second data processing module is used for constructing second ciphertext data by utilizing the second encrypted data and second target iris characteristics;
and the second sending module is used for sending the two ciphertext data to the second terminal.
4. The system of claim 3, wherein the second terminal comprises: a second iris feature acquisition module and a second decryption module, wherein,
the second iris feature acquisition module is used for acquiring the iris features of the second user and normalizing the iris features of the second user to obtain normalized iris features of the second user;
the second decryption module is configured to extract feature points included in the second target iris feature, generate the second key using the second target feature points when a ratio between second target feature points included in the second target iris feature and feature points in the iris feature of the normalized second user is a second preset recognition rate, decrypt the second encrypted data using the second key, and obtain the data to be transmitted, where the second target feature points are feature points, among the feature points included in the second target iris feature, that are the same as the feature points in the iris feature of the normalized second user.
5. An iris encryption-based data transmission method applied to the iris encryption-based data transmission system of any one of claims 1 to 4, comprising:
after a first terminal acquires data to be transmitted input by a first user and iris characteristics of the first user, encrypting the data to be transmitted by using the iris characteristics of the first user to obtain first encrypted data, and sending first ciphertext data constructed by the first encrypted data and first target iris characteristics to a server, wherein the first target iris characteristics are iris characteristics constructed based on the iris characteristics of the first user and first impurity characteristics;
after the server acquires the first ciphertext data, calling the iris features of the first user stored in an iris feature library according to the user ID of the first user, and decrypting the first ciphertext data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted;
calling, by the server, iris features of a second user stored in an iris feature library according to a user ID of the second user, encrypting the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and sending second encrypted data constructed by the second encrypted data and second target iris features to a second terminal, wherein the second target iris features are iris features constructed based on the iris features of the second user and second impurity features;
and after the second terminal acquires the second ciphertext data, acquiring the iris characteristics of the second user, and decrypting the second encrypted data by using the iris characteristics of the second user and the second target iris characteristics to obtain the data to be transmitted.
6. The method according to claim 5, wherein after a first terminal obtains data to be transmitted input by a first user and iris features of the first user, the data to be transmitted is encrypted by using the iris features of the first user to obtain first encrypted data, and first ciphertext data constructed by the first encrypted data and first target iris features is sent to a server, and the method comprises the following steps:
normalizing the iris features of the first user to obtain normalized iris features of the first user;
based on a first preset identification rate, carrying out redundancy processing on the normalized iris characteristics of the first user to obtain a first secret key, and encrypting the data to be transmitted by using the first secret key to obtain first encrypted data;
constructing the first ciphertext data by using the first encrypted data and the first target iris characteristic;
and sending the first ciphertext data to the server.
7. The method according to claim 6, wherein after the server obtains the first ciphertext data, invoking the iris feature of the first user stored in an iris feature library according to the user ID of the first user, and decrypting the first encrypted data by using the iris feature of the first user and the first target iris feature to obtain the data to be transmitted, includes:
calling the iris features of the first user stored in an iris feature library according to the user ID of the first user;
extracting feature points included in the first target iris feature, generating a first key by using the first target feature points when the ratio of the first target feature points included in the first target iris feature to the feature points in the iris feature of the first user is the first preset identification rate, and decrypting the first encrypted data by using the key to obtain the data to be transmitted, wherein the first target feature points are the same feature points as the feature points in the iris feature of the first user in the feature points included in the first target iris feature.
8. The method according to claim 7, wherein the server calls iris features of a second user stored in an iris feature library according to a user ID of the second user, encrypts the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and sends second ciphertext data constructed by the second encrypted data and a second target iris feature to a second terminal, and the method includes:
based on a second preset identification rate, carrying out redundancy processing on the iris characteristics of the second user to obtain a second secret key, and encrypting the data to be transmitted by using the second secret key to obtain second encrypted data;
constructing the second ciphertext data by using the second encrypted data and a second target iris feature;
and sending the two cipher text data to the second terminal.
9. The method according to claim 8, wherein after the second terminal acquires the second ciphertext data, acquiring iris features of the second user, and decrypting the second encrypted data by using the iris features of the second user and the second target iris features to obtain the to-be-transmitted data, includes:
acquiring the iris characteristics of the second user, and carrying out normalization processing on the iris characteristics of the second user to obtain normalized iris characteristics of the second user;
and extracting feature points contained in the second target iris feature, and when the ratio of the second target feature points contained in the second target iris feature to the feature points in the normalized iris feature of the second user is the second preset identification rate, generating the second key by using the second target feature points, and decrypting the second encrypted data by using the second key to obtain the data to be transmitted, wherein the second target feature points are the same feature points as the feature points in the normalized iris feature of the second user in the feature points contained in the second target iris feature.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of the claims 5 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310086504.9A CN115776413B (en) | 2023-02-09 | 2023-02-09 | Iris encryption-based data transmission method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310086504.9A CN115776413B (en) | 2023-02-09 | 2023-02-09 | Iris encryption-based data transmission method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115776413A true CN115776413A (en) | 2023-03-10 |
| CN115776413B CN115776413B (en) | 2023-05-09 |
Family
ID=85393394
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310086504.9A Active CN115776413B (en) | 2023-02-09 | 2023-02-09 | Iris encryption-based data transmission method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115776413B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117336100A (en) * | 2023-11-27 | 2024-01-02 | 湖南湘科智慧科技有限公司 | Data processing method and device based on escort service multiparty flattened communication |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105447405A (en) * | 2015-11-09 | 2016-03-30 | 南京以太安全技术有限公司 | Document encryption/decryption method and apparatus based on iris recognition and authentication |
| CN105656870A (en) * | 2015-06-29 | 2016-06-08 | 宇龙计算机通信科技(深圳)有限公司 | Data transmission method, device and system |
| WO2016187892A1 (en) * | 2015-05-22 | 2016-12-01 | 宇龙计算机通信科技(深圳)有限公司 | Data transmission method and terminal |
| CN109087415A (en) * | 2018-07-17 | 2018-12-25 | 珠海格力电器股份有限公司 | A kind of method and apparatus of the data transmission based on cloud |
| CN110581847A (en) * | 2019-08-26 | 2019-12-17 | 杭州城市大数据运营有限公司 | Input foreknowledge system |
| CN114117463A (en) * | 2021-10-14 | 2022-03-01 | 深圳供电局有限公司 | Network information security protection method and system |
-
2023
- 2023-02-09 CN CN202310086504.9A patent/CN115776413B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016187892A1 (en) * | 2015-05-22 | 2016-12-01 | 宇龙计算机通信科技(深圳)有限公司 | Data transmission method and terminal |
| CN105656870A (en) * | 2015-06-29 | 2016-06-08 | 宇龙计算机通信科技(深圳)有限公司 | Data transmission method, device and system |
| CN105447405A (en) * | 2015-11-09 | 2016-03-30 | 南京以太安全技术有限公司 | Document encryption/decryption method and apparatus based on iris recognition and authentication |
| CN109087415A (en) * | 2018-07-17 | 2018-12-25 | 珠海格力电器股份有限公司 | A kind of method and apparatus of the data transmission based on cloud |
| CN110581847A (en) * | 2019-08-26 | 2019-12-17 | 杭州城市大数据运营有限公司 | Input foreknowledge system |
| CN114117463A (en) * | 2021-10-14 | 2022-03-01 | 深圳供电局有限公司 | Network information security protection method and system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117336100A (en) * | 2023-11-27 | 2024-01-02 | 湖南湘科智慧科技有限公司 | Data processing method and device based on escort service multiparty flattened communication |
| CN117336100B (en) * | 2023-11-27 | 2024-02-23 | 湖南湘科智慧科技有限公司 | Data processing method and device based on escort service multiparty flattened communication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115776413B (en) | 2023-05-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103124269B (en) | Based on the Bidirectional identity authentication method of dynamic password and biological characteristic under cloud environment | |
| US7020773B1 (en) | Strong mutual authentication of devices | |
| CN101789865B (en) | Dedicated server used for encryption and encryption method | |
| CN100464549C (en) | Method for realizing data safety storing business | |
| CN103458382B (en) | Hardware encryption transmission and storage method and system for mobile phone private short message | |
| CN109218825B (en) | Video encryption system | |
| CN111447414B (en) | Video monitoring system and method convenient to dispatch and monitor | |
| CN102082790B (en) | Method and device for encryption/decryption of digital signature | |
| CN106411926A (en) | Data encryption communication method and system | |
| CN107465665A (en) | A kind of file encryption-decryption method based on fingerprint identification technology | |
| CN112910843B (en) | Data transmission method, electronic device, server, mobile terminal and storage medium | |
| CN108401494B (en) | Method and system for transmitting data | |
| US20020018570A1 (en) | System and method for secure comparison of a common secret of communicating devices | |
| CN115776413B (en) | Iris encryption-based data transmission method and system | |
| CN114357418A (en) | Encryption authentication method, system, terminal device, server and storage medium | |
| US11463251B2 (en) | Method for secure management of secrets in a hierarchical multi-tenant environment | |
| KR20180082703A (en) | Key management method and apparatus for software authenticator | |
| CN106972928B (en) | Bastion machine private key management method, device and system | |
| CN215186781U (en) | Quantum computing resistant mobile communication system based on quantum secret communication network | |
| CN112367323B (en) | Text end-to-end encryption and decryption system and method of intelligent terminal | |
| CN112054905B (en) | Secure communication method and system of mobile terminal | |
| CN108352990B (en) | Method and system for transmitting data | |
| CN101242453A (en) | A transmission method and system for dual-audio multi-frequency signal | |
| CN107819751A (en) | A kind of safe automated log on management system | |
| JPH11239128A (en) | Information protection method for remote diagnosing system and its system device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |