CN103607282B - A kind of identity fusion authentication method based on biological characteristic - Google Patents
A kind of identity fusion authentication method based on biological characteristic Download PDFInfo
- Publication number
- CN103607282B CN103607282B CN201310592436.XA CN201310592436A CN103607282B CN 103607282 B CN103607282 B CN 103607282B CN 201310592436 A CN201310592436 A CN 201310592436A CN 103607282 B CN103607282 B CN 103607282B
- Authority
- CN
- China
- Prior art keywords
- user
- private key
- biological
- biological characteristic
- public key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
A kind of the invention belongs to data communication and information security field, more particularly to identity fusion authentication method based on biological characteristic.A kind of problem that the present invention is present for prior art, there is provided identity fusion authentication method based on biological characteristic.Which need to retain a small amount of biological information, simplify the architecture of PKI, and private key not can be preserved, and increase the safety and reliability of system.The present invention is calculated the private key for user, and is calculated check value by physical characteristics collecting equipment, if consistent with the check value for retaining, passes through certification.Present invention application and information security field.
Description
Technical field
The invention belongs to data communication and information security field, more particularly to a kind of identity fusion based on biological characteristic is recognized
Card method.
Background technology
Information age, with developing rapidly for Networks and Communications technology and mankind's physics continuous with dummy activity space
Expand, how the identity of precise Identification user, protection information safety, it has also become a key issue that must be solved.Meanwhile, letter
Breath system proposes requirements at the higher level for the accuracy of user identity identification, safety and practicality.Traditional identification is such as
The methods such as password, cipher key carrier can not meet easy-to-use safety, easily forge and lose, it is necessary to seek safer reliable,
Identification new way easy to use.Then, biological identification technology arises at the historic moment, and becomes a kind of new identity recognizing technology.
Living things feature recognition has succinctly quick, safe and reliable, accurate, it is not necessary to remembers the password of complexity, is also not required to carry with key
The thing of spoon, smart card etc.Biological identification technology is intended that people itself, as everyone biological characteristic has and other
The different uniqueness of people and stability constant over a period to come, are difficult to forge and palm off, and this just directly determines this recognizes
Card mode is safer, more convenient.Additionally, biological identification technology is by means of the present computer technology, it is easy to realize safety, prison
Control, the integration of management system, automated management.Due to its wide application prospect, huge Social benefit and economic benefit,
Cause extensive concern and the great attention of various countries.The developed countries such as the U.S., Britain are in the strict employing of all aspects such as airport, entry and exit
Fingerprint technique, India also have been set up whole people's fingerprint database, for identity card system in.The living things feature recognition of China
Technology also achieves considerable progress, and the such as 2008 Beijing Olympic Games employs iris recognition technology, in daily life, also occurs
Carry living things feature recognition(Mainly fingerprint recognition)Mobile phone, mouse and keyboard, storage device etc..Have the whole world in view, biological
Feature identification technique is in the ascendant, not only government for national security consider and the work of a well-known writer input, all kinds of companies are to biological characteristic
The interest of technology of identification is also increasingly dense.
Biological identification technology(Biometric Identification Technology)Refer to and utilize human body biological characteristics
Carry out a kind of technology of identification.More specifically, biometrics identification technology be exactly by computer and optics, acoustics,
The high-tech means such as biosensor and biostatisticss' principle are intimately associated, special using the intrinsic physiological property of human body and behavior
Levy the identification that carries out personal identification.Each individuality have can uniquely measure or can automatic identification and checking physiological property
Or way of act, i.e. biological characteristic.It can be divided into physiological feature(Such as fingerprint, image surface, iris, palmmprint etc.)And behavior characteristicss
(Such as gait, sound, person's handwriting etc.).Living things feature recognition is exactly which to be entered according to unique biological characteristic between each individuality
Row identification and the certification of identity.Biological identification technology is sampled to biological characteristic, is extracted its unique feature and is changed into
Digital code, and these code combinations are formed feature templates further.When people carry out authentication with identifying system interaction,
Identifying system is obtained its feature and is compared with the feature templates in data base, to determine whether to mate, so as to determine to receive
Or refusal user accesses.
In current research with application, biometrics identification technology is applied primarily at computer vision, image
Reason and pattern recognition, computer audio, speech processes, multi-sensor technology, virtual reality, computer graphicss, visualization skill
Art, computer-aided design, intelligent robot sensory perceptual system etc..Traditional identity identifying method includes identity article(Such as
Certificate, atm card etc.)And identity(Such as username and password), but due to be main by foreign object, once stolen or forget,
Its identity is easy for being pretended to be by other people or replaces.Show according to related data, the damage for being caused due to certificate or password loss every year
Lose huge.
After the present invention is by user biological feature extraction, using distinctive coded system, biological information is encoded into
Based on the private key of elliptic curve cipher, the corresponding public key certificate of the private key for user is signed and issued, private key is simply taken in certification without retaining
Business device end retains the public key certificate.
During User logs in, after the certification such as input ID, password passes through, the user biological is gathered by biometric device
Feature, on local/physical characteristics collecting equipment calculates the private key for user, and calculates check value, if the school with reservation
Test value consistent, then certification passes through;Otherwise fail, return user's failure information.With the private key signature message, server end is according to this
The public key certificate of user(The ID bindings of the certificate and user)Sign test is carried out, when only sign test passes through, the User logs in just success;
The major advantage of the invention is that have system only retain a small amount of biological information, simplifies the system knot of PKI
Structure, private key not can be preserved, and increase the safety reliability of system.The bodies such as USB-KEY, IC-card are based purely on than traditional
For identity authentication method, with higher safety, motility and reliability, with anti-lost and Anti-theft function.
The invention adopts distinctive biometric coding techniques, with stronger safety and loss prevention function, Ke Yiguang
General apply in the application scenario stricter to authentication requirement, such as bank, military affairs, customs etc..
Content of the invention
The technical problem to be solved is:For the problem that prior art is present, there is provided a kind of based on biological special
The identity fusion authentication method that levies.Which need to retain a small amount of biological information, simplify the architecture of PKI, and private key can
Not to preserve, increase the safety reliability of system.The identity identifying methods such as USB-KEY, IC-card are based purely on than traditional
For, with higher safety, motility and reliability, with anti-lost and Anti-theft function.
The technical solution used in the present invention is as follows:
A kind of identity fusion authentication method based on biological characteristic includes:
Step 1:Biological characteristic is extracted, and gathers user biological characteristic information with biological characteristic extraction equipment;
Step 2:Biological information is encoded:According to user biological characteristic information, in conjunction with ID, password is used for, local/raw
Ellipse curve public key cipher algorithm private key operation is realized on thing collection apparatus equipment, obtains the private key of the user, in biological characteristic
The check value of 32 bytes for only needing to retain the private key on collecting device;
Step 3:Client public key certificate issuance:On physical characteristics collecting equipment, according to private key for user, calculate based on ellipse
The corresponding public key of circular curve cryptographic algorithm, signs and issues the public key certificate to server;
Step 4:User logs in:During User logs in, after input ID, password authentication pass through, by biometric device
The user biological feature is gathered, and the private key for user is calculated on physical characteristics collecting equipment, and calculates check value, if with
The check value of reservation is consistent, then certification passes through;Otherwise fail, return user's failure information;With the private key signature message, server
Hold the public key certificate according to the user(The ID bindings of the certificate and user)Sign test is carried out, when only sign test passes through, the user steps on
Record just success.
In the step 2, check value is realized using hash cryptographic algorithm or block cipher.
The private key for user is not preserved.
Algorithm of the hash cryptographic algorithm from 256 bits of output.
The hash algorithm detailed process is:
Step 11:Biological information is calculated first time cryptographic Hash, ID splicing is existedAfterwards, calculate most
Whole value is used as private key for user;
Step 2:On physical characteristics collecting equipment, according to private key for user, calculate based on elliptic curve cryptography
Corresponding public key, signs and issues the public key certificate to server;
Step 3:During User logs in, after input ID, password authentication pass through, the user is gathered by biometric device
Biological characteristic, calculates the private key for user on physical characteristics collecting equipment, and check value is calculated, if the school with reservation
Test value consistent, then certification passes through;Otherwise fail, return user's failure information.Step 4:With the private key signature message, server end
Public key certificate according to the user carries out sign test, when only sign test passes through, the User logs in just success, the wherein certificate and user
ID binding.
In sum, as a result of above-mentioned technical proposal, the invention has the beneficial effects as follows:
1)A small amount of biological information need to be retained only, the architecture of PKI is simplified, private key not can be preserved, be increased
The safety reliability of adding system.Than traditional be based purely on the identity identifying methods such as USB-KEY, IC-card for, with higher
Safety, motility and reliability, with anti-lost and Anti-theft function.
2)Distinctive biometric coding techniques, with stronger safety and loss prevention function, can be widely used in
Stricter application scenario, such as bank, military affairs, customs etc. are required to authentication.
Description of the drawings
Examples of the present invention will be described by way of reference to the accompanying drawings, wherein:
Fig. 1 is biometric identity fusion authentication method;
Fig. 2 is the identity fusion verification process based on biological characteristic.
Specific embodiment
All features disclosed in this specification, or disclosed all methods or during the step of, except mutually exclusive
Feature and/or step beyond, can combine by any way.
This specification(Including any accessory claim, summary and accompanying drawing)Disclosed in any feature, except non-specifically is chatted
State, can equivalent by other or with similar purpose alternative features replaced.I.e., unless specifically stated otherwise, each feature
It is an example in a series of equivalent or similar characteristics.
This place of biological characteristic extraction equipment is not specific to specific equipment, at present, general fingerprint identification device, recognition of face
Equipment, speech recognition apparatus and iris identification equipment etc. all can be within the scope of.
The present invention realizes that flow process is as follows:
A, biological characteristic are extracted:User biological feature is gathered with biological characteristic extraction equipment;
B, biological information coding:According to user biological characteristic information, in conjunction with ID, password etc., using peculiar calculation
Method, on local/physical characteristics collecting equipment realizes ellipse curve public key cipher algorithm private key operation, obtains the private of the user
Key, the check value of 32 bytes for only needing to retain the private key on local/physical characteristics collecting equipment, the check value can be with
Realized using hash cryptographic algorithm, block cipher;
C, client public key certificate issuance:On local/physical characteristics collecting equipment, according to private key for user, calculate and be based on
The corresponding public key of elliptic curve cryptography, signs and issues the public key certificate to server;
D, User logs in:During User logs in, after the certification such as input ID, password passes through, adopted by biometric device
Collect the user biological feature, the private key for user is calculated on local/physical characteristics collecting equipment, and calculate check value, such as
Fruit is consistent with the check value for retaining, then certification passes through;Otherwise fail, return user's failure information.With the private key signature message, take
Public key certificate of the business device end according to the user(The ID bindings of the certificate and user)Sign test is carried out, when only sign test passes through, the use
Family logs in just success.
The invention is not limited in aforesaid specific embodiment.The present invention is expanded to and any is disclosed in this manual
New feature or any new combination, and the arbitrary new method that discloses or the step of process or any new combination.
Claims (2)
1. a kind of identity fusion authentication method based on biological characteristic, it is characterised in that include:
Step 1:Biological characteristic is extracted, and gathers user biological characteristic information with biological characteristic extraction equipment;
Step 2:Biological information is encoded:According to user biological characteristic information, in conjunction with ID, password, local/biological special
Levy, obtain the private key of the user, in physical characteristics collecting
The check value of 32 bytes for only needing to retain the private key on equipment;
Step 3:Client public key certificate issuance:On physical characteristics collecting equipment, according to private key for user, calculate based on oval bent
The corresponding public key of line cryptographic algorithm, signs and issues the public key certificate to server;
Step 4:User logs in:During User logs in, after input ID, password authentication pass through, gathered by biometric device
The user biological feature, calculates the private key for user on physical characteristics collecting equipment, and calculates check value, if with reservation
Check value consistent, then certification passes through;Otherwise fail, return user's failure information;With the private key signature message, server end root
Sign test is carried out according to the public key certificate of the user, when only sign test passes through, the User logs in just success;
In the step 2, check value is realized using hash cryptographic algorithm or block cipher;
The hash cryptographic algorithm detailed process is:
Step 11:Biological information is calculated first time cryptographic Hash, ID splicing is existedAfterwards, calculate final
Value is used as private key for user;
Step 12:On physical characteristics collecting equipment, according to private key for user, corresponding to based on elliptic curve cryptography is calculated
Public key, signs and issues the public key certificate to server;
Step 13:During User logs in, after input ID, password authentication pass through, user's life is gathered by biometric device
Thing feature, calculates the private key for user on physical characteristics collecting equipment, and check value is calculated, if the verification with reservation
Value is consistent, then certification passes through;Otherwise fail, return user's failure information;
Step 14:With the private key signature message, server end carries out sign test according to the public key certificate of the user, and only sign test passes through
When, the ID bindings of the User logs in just success, the wherein certificate and user;
The private key for user is not preserved.
2. a kind of identity fusion authentication method based on biological characteristic according to claim 1, it is characterised in that described miscellaneous
Algorithm of the cryptographic algorithm that gathers from 256 bits of output.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310592436.XA CN103607282B (en) | 2013-11-22 | 2013-11-22 | A kind of identity fusion authentication method based on biological characteristic |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310592436.XA CN103607282B (en) | 2013-11-22 | 2013-11-22 | A kind of identity fusion authentication method based on biological characteristic |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103607282A CN103607282A (en) | 2014-02-26 |
| CN103607282B true CN103607282B (en) | 2017-03-15 |
Family
ID=50125483
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310592436.XA Active CN103607282B (en) | 2013-11-22 | 2013-11-22 | A kind of identity fusion authentication method based on biological characteristic |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103607282B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107196922A (en) * | 2017-05-03 | 2017-09-22 | 国民认证科技(北京)有限公司 | Identity identifying method, user equipment and server |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103841108B (en) | 2014-03-12 | 2018-04-27 | 北京天诚盛业科技有限公司 | The authentication method and system of user biological feature |
| CN104657649B (en) * | 2014-05-23 | 2018-02-23 | 北京集联网络技术有限公司 | A kind of token device of living things feature recognition start |
| CN104065487A (en) * | 2014-07-08 | 2014-09-24 | 华南理工大学 | Random secret value IBC identity authentication method based on digital fingerprint |
| KR101829266B1 (en) * | 2015-04-23 | 2018-03-29 | 최운호 | Authentication in ubiquitous environment |
| CN104767624B (en) * | 2015-04-23 | 2018-02-09 | 北京航空航天大学 | Remote authentication protocol method based on biological characteristic |
| CN106209730B (en) * | 2015-04-30 | 2020-03-10 | 华为技术有限公司 | Method and device for managing application identifier |
| CN106506168A (en) * | 2016-12-07 | 2017-03-15 | 北京信任度科技有限公司 | A kind of safe method based on biological characteristic long-distance identity-certifying |
| CN108737103B (en) * | 2018-03-27 | 2021-06-29 | 中国科学院数据与通信保护研究教育中心 | SM2 algorithm signature method applied to CS framework |
| CN108900309B (en) * | 2018-05-17 | 2020-08-18 | 北京岸思信息科技有限公司 | Authentication method and authentication system |
| CN109039643B (en) * | 2018-06-28 | 2019-10-11 | 中南民族大学 | A kind of sustainable method for authenticating user identity and system based on electromagnetic radiation |
| CN111353144A (en) * | 2018-12-24 | 2020-06-30 | 航天信息股份有限公司 | Identity authentication method and device |
| CN113055157B (en) * | 2019-12-27 | 2023-03-10 | 京东科技控股股份有限公司 | Biological characteristic verification method and device, storage medium and electronic equipment |
| CN111325814A (en) * | 2020-02-20 | 2020-06-23 | 成都卫士通信息产业股份有限公司 | Simulation handwriting fitting method, device, equipment and readable storage medium |
| CN114550316B (en) * | 2022-04-27 | 2022-08-05 | 广州商景网络科技有限公司 | One-stop credible biological characteristic data acquisition terminal equipment and acquisition and sharing method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1972189A (en) * | 2005-11-24 | 2007-05-30 | 株式会社日立制作所 | Biometrics authentication system |
| CN101479987A (en) * | 2006-06-27 | 2009-07-08 | 微软公司 | Biometric credential verification framework |
| CN101674181A (en) * | 2008-09-08 | 2010-03-17 | 郑建德 | User certification system using biological characteristic token |
-
2013
- 2013-11-22 CN CN201310592436.XA patent/CN103607282B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1972189A (en) * | 2005-11-24 | 2007-05-30 | 株式会社日立制作所 | Biometrics authentication system |
| CN101479987A (en) * | 2006-06-27 | 2009-07-08 | 微软公司 | Biometric credential verification framework |
| CN101674181A (en) * | 2008-09-08 | 2010-03-17 | 郑建德 | User certification system using biological characteristic token |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107196922A (en) * | 2017-05-03 | 2017-09-22 | 国民认证科技(北京)有限公司 | Identity identifying method, user equipment and server |
| CN107196922B (en) * | 2017-05-03 | 2020-08-04 | 国民认证科技(北京)有限公司 | Identity authentication method, user equipment and server |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103607282A (en) | 2014-02-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103607282B (en) | A kind of identity fusion authentication method based on biological characteristic | |
| CN102722696B (en) | Identity authentication method of identity card and holder based on multi-biological characteristics | |
| Wang et al. | Secure stochastic ECG signals based on Gaussian mixture model for $ e $-healthcare systems | |
| CN105187217A (en) | Dual-factor identity authentication method and apparatus thereof | |
| CN106709417A (en) | Multimodal biological recognition system and use method thereof | |
| CN103646203A (en) | Computer safety system with human body biological characteristic recognition | |
| CN103093133B (en) | Biological identity authentication method facing institute of electrical and electronic engineers (IEEE) 802.15.6 | |
| CN104123565A (en) | Identity card authentication and holder identity authentication method based on multimodal identification | |
| CN103279764A (en) | Real-name network authentication system based on face identification | |
| CN103646202A (en) | Fingerprint information coding encryption and application method | |
| CN107124283A (en) | A kind of physical characteristics collecting system and physical characteristics collecting method | |
| CN102750516B (en) | A kind of certificate false proof system of embedded bio characteristic sum barcode technology | |
| CN104007929A (en) | Gesture recognition based mobile terminal unlocking method and mobile terminal | |
| CN104009973B (en) | It is a kind of based on set polynomial transformation with reconcile details in fingerprint Information hiding and restoration methods | |
| CN108390884A (en) | A kind of identity identifying method and device | |
| CN103368736B (en) | Business information encryption, decryption method and device | |
| ES2911182T3 (en) | Biometric authentication system based on venous networks and unique and unfalsifiable encodings of branched structures and associated method | |
| CN103646236A (en) | Palm print information coding, encryption and application method | |
| Wu et al. | Fingerprint bio‐key generation based on a deep neural network | |
| JP5903257B2 (en) | Authentication system, registration device, and authentication device | |
| CN106503519A (en) | A kind of method of identification check | |
| CN111723595A (en) | Personnel identity identification method and system | |
| CN106790237A (en) | A kind of authentication device and method based on living things feature recognition | |
| CN203324988U (en) | Dual fingerprint and vein identification verification system | |
| WO2011113326A1 (en) | Person identity identification system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: No. 333, Yunhua Road, Chengdu hi tech Zone, China (Sichuan) pilot Free Trade Zone, Chengdu, Sichuan 610041 Patentee after: China Electronics Technology Network Security Technology Co.,Ltd. Address before: No. 333, Yunhua Road, high tech Zone, Chengdu, Sichuan 610041 Patentee before: CHENGDU WESTONE INFORMATION INDUSTRY Inc. |