CN107171791A - A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic - Google Patents
A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic Download PDFInfo
- Publication number
- CN107171791A CN107171791A CN201710375004.1A CN201710375004A CN107171791A CN 107171791 A CN107171791 A CN 107171791A CN 201710375004 A CN201710375004 A CN 201710375004A CN 107171791 A CN107171791 A CN 107171791A
- Authority
- CN
- China
- Prior art keywords
- data
- encryption
- biological attribute
- attribute data
- biological
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of data encryption/decryption method based on biological characteristic, it is related to biological attribute data processing technology field, including the biological attribute data of user is gathered during encryption, high entropy data is extracted from biological attribute data and is used as the first data;Time generation encryption times stamp during collection encryption, encryption key is generated by encryption times stamp jointly with the first data;One random data is encrypted to form ciphertext using AES and encryption key;The biological attribute data of user is gathered during decryption, high entropy data is extracted from biological attribute data as the second data using with the first data identical method of generation;Ciphertext and the encryption times stamp corresponding with ciphertext are read, decruption key is generated jointly using encryption times corresponding with ciphertext stamp and the second data;The ciphertext being stored in local or server is decrypted using corresponding decipherment algorithm and decruption key.The invention also discloses a kind of data encrypting and deciphering system based on biological characteristic.
Description
Technical field
The present invention relates to biological attribute data processing technology field, and in particular to a kind of data based on biological characteristic add solution
Decryption method and encrypting and deciphering system.
Background technology
With the development of science and technology, the utilization of the storage medium such as computer, mobile phone, radio-frequency card is more and more extensive at present, wherein
Store a large amount of different types and be related to the electronic document of high security information, these information will once be produced not by illegal stolen
Appreciable loss, and current common practice is all that data are encrypted using various document security softwares.It is main at present
Encryption system PGP, True Crypt wanted etc. is to employ multiple encryption algorithms to be used in mixed way to improve security, and
These encryption systems have a significant defect, that is, if forget key, or key lose, then encrypted file without
Method is normally decrypted and can not used as discarding data.
Importantly, current file ciphering technology only realizes encipherment protection in itself to data, and encryption text is not demarcated
The identity of part user, that is to say, that once file is successfully decrypted in itself, anyone can access decrypted in theory
File and data.
To solve the technical problem, Chinese patent CN200920212977.4 is carried out using biometric image to file
Encryption, although the encryption key generated with the method, which avoids, forgets the problem of key or key are lost, but the method is generated
Key there is the phase same sex, that is, the key that generation is encrypted to each file is identical;Meanwhile, equipment domestic demand is deposited
Store up biological characteristic, and the key generated by comparing during encryption and decryption it is whether identical come complete decryption, there is personal identification characteristic
According to the potential safety hazard of leakage, it is impossible to ensure the safety of data.
The content of the invention
For defect present in prior art, add it is an object of the invention to provide a kind of data based on biological characteristic
Decryption method and encrypting and deciphering system, without biological attribute data is preserved, Information Security is high, and key changes at any time, be difficult by
Crack.
To achieve the above objectives, the present invention is adopted the technical scheme that:A kind of data encrypting and deciphering side based on biological characteristic
Method:
The biological attribute data of user is gathered during encryption and the biological attribute data of collection is handled, from biological characteristic
Extracting data high entropy data is used as the first data;Collection encryption when time generation encryption times stamp, by encryption times stamp with
First data generate encryption key jointly;One random data is encrypted to form ciphertext using AES and encryption key
And ciphertext and the encryption times generated used in the encryption key are stabbed into corresponding together be stored in local or server;
The biological attribute data of user is gathered during decryption and the biological attribute data of collection is handled, using with generating the first data
Identical method extracts high entropy data as the second data from biological attribute data;Read ciphertext and corresponding with ciphertext described
Encryption times are stabbed, and corresponding with ciphertext the encryption times stamp and the second number are used using with generation encryption key identical method
According to common generation decruption key;The corresponding decipherment algorithm of AES used and decruption key are to being stored in during using encryption
Ciphertext in local or server is decrypted.
On the basis of above-mentioned technical proposal, the biological attribute data of user is gathered during encryption includes one kind of collection user
Biological attribute data or a variety of biological attribute datas for gathering user;If gathering a kind of biological attribute data of user during encryption,
Directly the biological attribute data of collection is handled, a high entropy data is extracted from biological attribute data as the first number
According to;If gathering a variety of biological attribute datas of user during encryption, high entropy data is extracted respectively from every kind of biological attribute data, and
First data are regard the high entropy data fusion of extraction as by cascade or XOR algorithm.
On the basis of above-mentioned technical proposal, collection is used when the biological attribute data quantity of user is gathered during decryption with encryption
The biological attribute data quantity at family is consistent;If a kind of biological attribute data of user is gathered during decryption, directly to collection
Biological attribute data is handled, and a high entropy data is extracted from biological attribute data and is used as the second data;If being adopted during decryption
Collect a variety of biological attribute datas of user, generated using with the first data identical method of generation using a variety of biological attribute datas
Second data.
On the basis of above-mentioned technical proposal, encryption times are stabbed and first using XOR or interpolation arithmetic during encryption
Data generate encryption key jointly, during decryption using with generation encryption key identical method by the encryption times of ciphertext stamp and the
Two data generate decruption key jointly.
On the basis of above-mentioned technical proposal, comprise the following steps:S1, during encryption, at least one of collection user is biological
Characteristic, generates the first biological attribute data BN={ b1,b2,...,bN, N is gathered by the biological attribute data of generation first
Biological attribute data quantity;
S2, if N=1, is directly handled the first biological attribute data, and one is extracted from the first biological attribute data
High entropy data is used as the first data;If N>1, extract two or more high entropy data respectively from the first biological attribute data, and lead to
Cross cascade or XOR algorithm and regard the high entropy data fusion of extraction as the first data;
S3, time generation encryption times stamp during collection encryption, is stabbed encryption times using XOR or interpolation arithmetic
Encryption key is generated jointly with first data;
S4, using AES and encryption key to one immediately data be encrypted to form ciphertext and by ciphertext and generation
The encryption times used in the encryption key stab corresponding together be stored in local or server;
S5, during decryption, quantity identical biological attribute data when collection is with encryption generates the second biological attribute data B'N
={ b'1,b'2,...,b'N, the biological attribute data quantity that N is gathered by the biological attribute data of generation second;
S6, if N=1, is directly handled the second biological attribute data, and one is extracted from the second biological attribute data
High entropy data is used as the second data;;If N>1, use the second biological attribute data using with the first data identical method of generation
Generate the second data;
S7, reads ciphertext and the encryption times stamp corresponding with ciphertext, using with generating encryption key identical method
Decruption key is generated jointly using the encryption times stamp corresponding with ciphertext and second data;
S8, during using with encryption the corresponding decipherment algorithm of used AES and decruption key to be stored in it is local or
Ciphertext in server is decrypted.
On the basis of above-mentioned technical proposal, the biological attribute data includes finger print information, iris information, face letter
Breath, refers to a kind of, a variety of or many in venous information, palmprint information, vena metacarpea information, sclera information, gait information, voiceprint
Plant the combination formed.
A kind of data encrypting and deciphering system based on biological characteristic of the disclosed of the present invention, including:
Physical characteristics collecting module, encryption times stamp generation module, key production module, encrypting module, deciphering module and
Memory module;
The physical characteristics collecting module is used to gather biological attribute data and is sent to key production module;
Time generation encryption times stamp when encryption times stamp generation module is used to gather encryption and by the encryption
Timestamp is sent to the key production module and the encrypting module;
The key production module is used to extract high entropy data as first from the biological attribute data gathered when encrypting
Data, by the first data and the common generation encryption key of encryption times stamp;In the biological attribute data gathered during from decryption
High entropy data is extracted as the second data, ciphertext and the encryption times corresponding with ciphertext are read from the memory module
Stamp, by the second data and the common generation decruption key of encryption times stamp;
The encrypting module is used to a random data is encrypted generation ciphertext and will be close using the encryption key
Text and the encryption times generated used in the encryption key stab corresponding preservation together in a storage module;
The deciphering module is used to the ciphertext stored in memory module is decrypted using decruption key;
The memory module is used to store ciphertext and the encryption times stamp corresponding with ciphertext.
On the basis of above-mentioned technical proposal, the key production module is used for a kind of biological characteristic that will be gathered when encrypting
Data or a variety of biological attribute datas are used as the first data;It is directly right if gathering a kind of biological attribute data of user during encryption
The biological attribute data of collection is handled, and a high entropy data is extracted from biological attribute data and is used as the first data;If plus
A variety of biological attribute datas of user are gathered when close, two or more high entropy data is extracted respectively from a variety of biological characteristic numbers, and
First data are regard the high entropy data fusion of extraction as by cascade or XOR algorithm;The biological characteristic number of user is gathered during decryption
The biological attribute data quantity of collection user is consistent when data bulk is with encryption;If one kind of collection user is biological special during decryption
Data are levied, directly the biological attribute data of collection is handled, a high entropy data conduct is extracted from biological attribute data
Second data;If gathering a variety of biological attribute datas of user during decryption, used using with the first data identical method of generation
A variety of biological attribute datas generate the second data.
On the basis of above-mentioned technical proposal, the key production module is used to use XOR or interpolation in encryption
Encryption times stamp is generated encryption key by computing jointly with the first data;Used in decryption and generation encryption key identical side
The encryption times stamp of ciphertext is generated decruption key by method jointly with the second data.
On the basis of above-mentioned technical proposal, the key production module includes biological characteristic processor, described biological special
Levying processor is used to extract high entropy data as the first data from the biological attribute data gathered when encrypting;And from decryption when adopt
High entropy data is extracted in the biological attribute data of collection and is used as the second data.
Compared with prior art, the advantage of the invention is that:
The present invention gathers the biological attribute data of user in encryption, and high entropy data conduct is extracted from biological attribute data
First data;Encryption times stamp and the first data are generated encryption close by time generation encryption times stamp during collection encryption jointly
Key;One random data is encrypted to form ciphertext using AES and encryption key;The biology of user is gathered during decryption
Characteristic, high entropy data is extracted as the second number using with the first data identical method of generation from biological attribute data
According to;Ciphertext and the encryption times stamp corresponding with ciphertext are read, encryption times corresponding with ciphertext stamp and the second data are used
Common generation decruption key;The ciphertext being stored in local or server is entered using corresponding decipherment algorithm and decruption key
Row decryption.What is stored using the present invention is ciphertext after biological attribute data is encrypted, and ciphertext is stolen, and does not result in use
The loss of family biological attribute data, therefore the problems such as also privacy leakage, information security will not be caused to user;Meanwhile, generate close
Encryption times stamp is added in key, key changes, is difficult to be cracked, improves Information Security at any time.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of the data encryption/decryption method based on biological characteristic in the embodiment of the present invention;
Fig. 2 is the structural representation of the data encrypting and deciphering system based on biological characteristic in the embodiment of the present invention.
Embodiment
The present invention is described in further detail below in conjunction with drawings and Examples.
Shown in Figure 1, the embodiment of the present invention provides a kind of data encryption/decryption method of the title based on biological characteristic:
The biological attribute data of user is gathered when A. encrypting and the biological attribute data of collection is handled, from biological spy
Extracting data high entropy data is levied as the first data;
B. encryption times stamp and the first data are generated encryption close by time generation encryption times stamp during collection encryption jointly
Key;
C. one random data is encrypted using AES and encryption key to form ciphertext and by ciphertext and generation
The encryption times used in the encryption key stab corresponding together be stored in local or server;
D. decrypt when collection user biological attribute data and the biological attribute data of collection is handled, using with life
High entropy data is extracted from biological attribute data as the second data into the first data identical method;
E. ciphertext and the encryption times stamp corresponding with ciphertext are read, is made using with generation encryption key identical method
Decruption key is generated jointly with the encryption times stamp corresponding with ciphertext and the second data;
The corresponding decipherment algorithm of AES used and decruption key are to being stored in local or clothes when F. using encryption
Ciphertext in business device is decrypted.
The present invention gathers the biological attribute data of user in encryption, and high entropy data conduct is extracted from biological attribute data
First data;Encryption times stamp and the first data are generated encryption close by time generation encryption times stamp during collection encryption jointly
Key;One random data is encrypted to form ciphertext using AES and encryption key;The biology of user is gathered during decryption
Characteristic, high entropy data is extracted as the second number using with the first data identical method of generation from biological attribute data
According to;Ciphertext and the encryption times stamp corresponding with ciphertext are read, encryption times corresponding with ciphertext stamp and the second data are used
Common generation decruption key;The ciphertext being stored in local or server is entered using corresponding decipherment algorithm and decruption key
Row decryption.Biological attribute data need not be preserved using the present invention, Information Security is high, be prevented effectively from personally identifiable information leakage;
Meanwhile, key be change at any time be difficult be cracked.
Obtained if identical with user when decrypting during encryption, after decryption correctly in plain text;If encryption when and decryption
When user it is identical, decryption after can not obtain correct plaintext.This method is widely portable to biological attribute data encryption and decryption,
Apply also for performing biological attribute data certification.
The biological attribute data of user is gathered during encryption includes a kind of biological attribute data or the collection user of collection user
A variety of biological attribute datas;If gathering a kind of biological attribute data of user, directly the biological characteristic number to collection during encryption
According to being handled, a high entropy data is extracted from biological attribute data and is used as the first data;If collection user's is more during encryption
Biological attribute data is planted, high entropy data is extracted respectively from every kind of biological attribute data, and will carry by cascade or XOR algorithm
The high entropy data taken is merged as the first data.
The biological attribute data quantity of collection user is protected when the biological attribute data quantity of user is gathered during decryption with encryption
Hold consistent;If gathering a kind of biological attribute data of user during decryption, directly the biological attribute data of collection is handled, from
A high entropy data is extracted in biological attribute data and is used as the second data;If gathering a variety of biological characteristic numbers of user during decryption
According to, using with generation the first data identical method using a variety of biological attribute datas generate the second data.
Encryption times stamp is generated with the first data by encryption key using XOR or interpolation arithmetic jointly during encryption, solved
The encryption times stamp of ciphertext is generated into decruption key jointly with the second data using with generation encryption key identical method when close.
Comprise the following steps:
S1, during encryption, gathers at least one biological attribute data of user, generates the first biological attribute data BN={ b1,
b2,...,bN, the number for the biological attribute data that N is gathered by the biological attribute data of generation first;
S2, if N=1, is directly handled the first biological attribute data, and one is extracted from the first biological attribute data
High entropy data is used as the first data;If N>1, two or more high entropy data is extracted respectively from the first biological characteristic number, and is passed through
Cascade or XOR algorithm regard the high entropy data fusion of extraction as the first data;
S3, time generation encryption times stamp during collection encryption, is stabbed encryption times using XOR or interpolation arithmetic
Encryption key is generated jointly with the first data;
S4, using AES and encryption key to one immediately data be encrypted to form ciphertext and by ciphertext and generation
Encryption times used in encryption key stab corresponding together be stored in local or server;
S5, during decryption, quantity identical biological attribute data when collection is with encryption generates the second data B'N={ b'1,b
'2,...,b'N, the number for the biological attribute data that N is gathered by the data of generation second;
S6, if N=1, is directly handled the second biological attribute data, and one is extracted from the second biological attribute data
High entropy data is used as the second data;;If N>1, use the second biological attribute data using with the first data identical method of generation
Generate the second data;
S7, reads ciphertext and encryption times corresponding with ciphertext stamp, is used using with generation encryption key identical method
Encryption times stamp corresponding with ciphertext and the second data generate decruption key jointly;
S8, during using with encryption the corresponding decipherment algorithm of used AES and decruption key to be stored in it is local or
Ciphertext in server is decrypted.
Biological attribute data includes finger print information, and iris information, face information refers to venous information, palmprint information, vena metacarpea
The combination of a kind of, a variety of or a variety of formation in information, sclera information, gait information, voiceprint
It is shown in Figure 2, the invention also discloses a kind of data encrypting and deciphering system based on biological characteristic, including:
Physical characteristics collecting module, encryption times stamp generation module, key production module, encrypting module, deciphering module and
Memory module;
Physical characteristics collecting module is used to gather biological attribute data and is sent to key production module;
Time when encryption times stamp generation module is used to gather encryption generates encryption times stamp and stabs encryption times and sends out
Give key production module and encrypting module;
Key production module is used to extract high entropy data as the first data from the biological attribute data gathered when encrypting,
By the first data and the common generation encryption key of encryption times stamp;Extract high in the biological attribute data gathered during from decryption
Entropy data read ciphertext and the encryption times corresponding with ciphertext stamp as the second data from the memory module, by the
Two data and the common generation decruption key of encryption times stamp;
Encrypting module is used to a random data is encrypted generation ciphertext and by ciphertext and generation using encryption key
Encryption times used in encryption key stab corresponding preservation together in a storage module;
Deciphering module is used to the ciphertext stored in memory module is decrypted using decruption key;
Memory module is used to store ciphertext and encryption times corresponding with ciphertext stamp.
When key production module is used to encrypt a kind of biological attribute data for gathering or a variety of biological attribute datas as
First data;If gathering a kind of biological attribute data of user during encryption, directly the biological attribute data of collection is handled,
A high entropy data is extracted from biological attribute data and is used as the first data;If gathering a variety of biological characteristic numbers of user during encryption
According to extracting high entropy data respectively from every kind of biological characteristic number, and the high entropy data of extraction is merged by cascade or XOR algorithm
It is used as the first data.The biological attribute data number of user is gathered when the biological attribute data quantity of user is gathered during decryption with encryption
Amount is consistent;If decryption when gather user a kind of biological attribute data, directly to the biological attribute data of collection at
Reason, one high entropy data of extraction is used as the second data from biological attribute data;If collection user's is a variety of biological special during decryption
Data are levied, the second data are generated using a variety of biological attribute datas using with the first data identical method of generation.
Key production module is used to stab encryption times and the first data using XOR or interpolation arithmetic in encryption
Common generation encryption key;Used in decryption and use encryption times corresponding with ciphertext with generation encryption key identical method
Stamp and the second data generate decruption key jointly.
Key production module includes biological characteristic processor, and the biological characteristic processor is used for from the life gathered during encryption
High entropy data is extracted in thing characteristic and is used as the first data;And extract high entropy number in the biological attribute data gathered during from decryption
According to being used as the second data.
Memory module is in local or server.Physical characteristics collecting module is fingerprint capturer, iris capturing device, consolidated
Film collector, face collector, refer to vein acquirer, vena metacarpea collector, vocal print collector, gait collector and brain wave and adopt
One or more in storage.
If user when during encryption with decryption is identical, data immediately used during encryption are obtained after decryption;If plus
User when when close with decryption is identical, and data immediately used during encryption can not be obtained after decryption.
The present invention is not limited to the above-described embodiments, for those skilled in the art, is not departing from
On the premise of the principle of the invention, some improvements and modifications can also be made, these improvements and modifications are also considered as the protection of the present invention
Within the scope of.The content not being described in detail in this specification belongs to prior art known to professional and technical personnel in the field.
Claims (10)
1. a kind of data encryption/decryption method based on biological characteristic, it is characterised in that:
The biological attribute data of user is gathered during encryption and the biological attribute data of collection is handled, from biological attribute data
Middle extraction high entropy data is used as the first data;Time generation encryption times stamp during collection encryption, by encryption times stamp and first
Data generate encryption key jointly;One random data is encrypted using AES and encryption key to form ciphertext and incite somebody to action
Ciphertext and the encryption times generated used in the encryption key stab corresponding together be stored in local or server;Decryption
When collection user biological attribute data and the biological attribute data of collection is handled, using with generation the first data it is identical
Method high entropy data is extracted from biological attribute data as the second data;Read ciphertext and the encryption corresponding with ciphertext
Timestamp, using common using the encryption times stamp corresponding with ciphertext and the second data with generation encryption key identical method
With generation decruption key;The corresponding decipherment algorithm of AES used and decruption key are local to being stored in during using encryption
Or the ciphertext in server is decrypted.
2. a kind of data encryption/decryption method based on biological characteristic as claimed in claim 1, it is characterised in that:Gathered during encryption
The biological attribute data of user includes a kind of biological attribute data of collection user or gathers a variety of biological attribute datas of user;
If gathering a kind of biological attribute data of user during encryption, directly the biological attribute data of collection is handled, from biological spy
One high entropy data of extracting data is levied as the first data;If a variety of biological attribute datas of user are gathered during encryption, from every
Extract high entropy data in kind of biological attribute data respectively, and by cascade or XOR algorithm using the high entropy data fusion of extraction as
First data.
3. a kind of data encryption/decryption method based on biological characteristic as claimed in claim 2, it is characterised in that:Gathered during decryption
The biological attribute data quantity of collection user is consistent when the biological attribute data quantity of user is with encryption;If being gathered during decryption
A kind of biological attribute data of user, is directly handled the biological attribute data of collection, is extracted from biological attribute data
One high entropy data is used as the second data;If gathering a variety of biological attribute datas of user during decryption, counted using with generation first
According to identical method the second data are generated using a variety of biological attribute datas.
4. a kind of data encryption/decryption method based on biological characteristic as claimed in claim 1, it is characterised in that:Used during encryption
Encryption times stamp is generated encryption key by XOR or interpolation arithmetic jointly with the first data, is used and is encrypted with generation during decryption
The encryption times stamp of ciphertext is generated decruption key by key identical method jointly with the second data.
5. a kind of data encryption/decryption method based on biological characteristic as claimed in claim 1, it is characterised in that including following step
Suddenly:
S1, during encryption, gathers at least one biological attribute data of user, generates the first biological attribute data BN={ b1,
b2,...,bN, the biological attribute data quantity that N is gathered by the biological attribute data of generation first;
S2, if N=1, is directly handled the first biological attribute data, and a high entropy is extracted from the first biological attribute data
Data are used as the first data;If N>1, extract two or more high entropy data respectively from the first biological attribute data, and pass through level
Connection or XOR algorithm regard the high entropy data fusion of extraction as the first data;
S3, time generation encryption times stamp during collection encryption, is stabbed encryption times and institute using XOR or interpolation arithmetic
State the first data and generate encryption key jointly;
S4, using AES and encryption key to one immediately data be encrypted to form ciphertext and ciphertext and generation is described
The encryption times used in encryption key stab corresponding together be stored in local or server;
S5, during decryption, quantity identical biological attribute data when collection is with encryption generates the second biological attribute data B'N=
{b'1,b'2,...,b'N, the biological attribute data quantity that N is gathered by the biological attribute data of generation second;
S6, if N=1, is directly handled the second biological attribute data, and a high entropy is extracted from the second biological attribute data
Data are used as the second data;;If N>1, generated using with the first data identical method of generation using the second biological attribute data
Second data;
S7, reads ciphertext and the encryption times stamp corresponding with ciphertext, is used using with generation encryption key identical method
The encryption times stamp corresponding with ciphertext and second data generate decruption key jointly;
S8, the corresponding decipherment algorithm of used AES and decruption key are to being stored in local or service during using with encryption
Ciphertext in device is decrypted.
6. a kind of data encryption/decryption method based on biological characteristic as described in claim 1-5 any one, it is characterised in that:
The biological attribute data includes finger print information, and iris information, face information refers to venous information, palmprint information, vena metacarpea letter
The combination of a kind of, a variety of or a variety of formation in breath, sclera information, gait information, voiceprint.
7. a kind of data encrypting and deciphering system based on biological characteristic, it is characterised in that including:
Physical characteristics collecting module, encryption times stamp generation module, key production module, encrypting module, deciphering module and storage
Module;
The physical characteristics collecting module is used to gather biological attribute data and is sent to key production module;
Time generation encryption times stamp when encryption times stamp generation module is used to gather encryption and by the encryption times
Stamp is sent to the key production module and the encrypting module;
The key production module is used to extract high entropy data as the first data from the biological attribute data gathered when encrypting,
By the first data and the common generation encryption key of encryption times stamp;Extract high in the biological attribute data gathered during from decryption
Entropy data read ciphertext and the encryption times corresponding with ciphertext stamp as the second data from the memory module, by the
Two data and the common generation decruption key of encryption times stamp;
The encrypting module be used to a random data being encrypted generation ciphertext using the encryption key and by ciphertext and
Generate the encryption times used in the encryption key and stab corresponding preservation together in a storage module;
The deciphering module is used to the ciphertext stored in memory module is decrypted using decruption key;
The memory module is used to store ciphertext and the encryption times stamp corresponding with ciphertext.
8. a kind of data encrypting and deciphering system based on biological characteristic as claimed in claim 7, it is characterised in that:The key life
It is used to regard a kind of biological attribute data or a variety of biological attribute datas that gather when encrypting as the first data into module;If encryption
When gather user a kind of biological attribute data, directly the biological attribute data of collection is handled, from biological attribute data
One high entropy data of middle extraction is used as the first data;If a variety of biological attribute datas of user are gathered during encryption, from a variety of biologies
Extract two or more high entropy data in characteristic respectively, and by cascade or XOR algorithm using the high entropy data fusion of extraction as
First data;The biological attribute data quantity of collection user is protected when the biological attribute data quantity of user is gathered during decryption with encryption
Hold consistent;If gathering a kind of biological attribute data of user during decryption, directly the biological attribute data of collection is handled, from
A high entropy data is extracted in biological attribute data and is used as the second data;If gathering a variety of biological characteristic numbers of user during decryption
According to, using with generation the first data identical method using a variety of biological attribute datas generate the second data.
9. a kind of data encrypting and deciphering system based on biological characteristic as claimed in claim 7, it is characterised in that:The key life
Be used to generate encryption times stamp and the first data jointly using XOR or interpolation arithmetic in encryption into module encrypt it is close
Key;The encryption times stamp of ciphertext is generated into solution jointly with the second data using with generation encryption key identical method in decryption
Key.
10. a kind of data encrypting and deciphering system based on biological characteristic as described in claim 7-9 any one, its feature exists
In:The key production module includes biological characteristic processor, and the biological characteristic processor is used for from the life gathered during encryption
High entropy data is extracted in thing characteristic and is used as the first data;And extract high entropy number in the biological attribute data gathered during from decryption
According to being used as the second data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710375004.1A CN107171791A (en) | 2017-05-24 | 2017-05-24 | A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710375004.1A CN107171791A (en) | 2017-05-24 | 2017-05-24 | A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107171791A true CN107171791A (en) | 2017-09-15 |
Family
ID=59821632
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710375004.1A Pending CN107171791A (en) | 2017-05-24 | 2017-05-24 | A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107171791A (en) |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107819572A (en) * | 2017-09-29 | 2018-03-20 | 北京比特大陆科技有限公司 | Order transmission method, device and electronic equipment |
CN108123801A (en) * | 2017-12-29 | 2018-06-05 | 重庆小犀智能科技有限公司 | A kind of block chain wallet uses audio encryption private key system and method |
CN108596629A (en) * | 2018-04-28 | 2018-09-28 | 深圳蓝贝科技有限公司 | a kind of convenient payment system and method |
CN108616516A (en) * | 2018-04-03 | 2018-10-02 | 四川新网银行股份有限公司 | A kind of third party's plaintext password method of calibration based on multiple encryption algorithms |
CN109101830A (en) * | 2018-09-03 | 2018-12-28 | 安徽太阳石科技有限公司 | Real time data safety protecting method and system based on block chain |
CN109410396A (en) * | 2018-10-14 | 2019-03-01 | 浙江鸿利锁业有限公司 | A kind of smart lock data encryption and transmission method and the leased equipment using it |
CN110247770A (en) * | 2019-07-05 | 2019-09-17 | 广东工业大学 | A kind of key generation method of body area network, device, terminal, medium |
CN110268407A (en) * | 2017-11-29 | 2019-09-20 | 指纹卡有限公司 | Two step centers of fingerprint match |
CN110278174A (en) * | 2018-03-13 | 2019-09-24 | 武汉真元生物数据有限公司 | Generate the application and system of the method, data of the data comprising personal biological information |
CN110392030A (en) * | 2018-04-20 | 2019-10-29 | 武汉真元生物数据有限公司 | A kind of authentication based on biological characteristic, method for processing business and system |
CN110391898A (en) * | 2018-04-20 | 2019-10-29 | 武汉真元生物数据有限公司 | A kind of data managing method and system based on biological secret key |
CN110650007A (en) * | 2018-06-27 | 2020-01-03 | 厦门本能管家科技有限公司 | Encryption method and system based on brain consciousness |
CN111865561A (en) * | 2020-06-28 | 2020-10-30 | 深圳市七星电气与智能化工程科技有限公司 | Data encryption and decryption method and device and electronic equipment |
CN114756848A (en) * | 2022-06-15 | 2022-07-15 | 国网浙江省电力有限公司 | Engineering digital audit data processing method based on basic data acquisition model |
CN115412247A (en) * | 2022-11-02 | 2022-11-29 | 中安云科科技发展(山东)有限公司 | Random key synchronization method, platform, equipment and storage medium based on timestamp |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101485137A (en) * | 2006-06-30 | 2009-07-15 | 皇家飞利浦电子股份有限公司 | Method and apparatus for encrypting/decrypting data |
CN102685110A (en) * | 2012-04-17 | 2012-09-19 | 中国科学院计算技术研究所 | Universal method and system for user registration authentication based on fingerprint characteristics |
CN103067390A (en) * | 2012-12-28 | 2013-04-24 | 青岛爱维互动信息技术有限公司 | User registration authentication method and system based on facial features |
CN104168112A (en) * | 2014-07-07 | 2014-11-26 | 中国科学院信息工程研究所 | Secret key generation method based on multi-modal biological characteristics |
US20160094348A1 (en) * | 2013-05-28 | 2016-03-31 | Hitachi, Ltd. | Biometric signature system, signature verification method, registration terminal, signature generation terminal, and signature verification device |
CN105577680A (en) * | 2016-01-18 | 2016-05-11 | 青岛海尔智能家电科技有限公司 | Key generation method, encrypted data analyzing method, devices and key managing center |
CN105635119A (en) * | 2015-12-23 | 2016-06-01 | 百度在线网络技术(北京)有限公司 | Anti-counterfeiting method and anti-counterfeiting device for communication content |
CN105809070A (en) * | 2016-03-14 | 2016-07-27 | 贵州大学 | USB flash disk fingerprint authentication encryption method |
US20160219046A1 (en) * | 2012-08-30 | 2016-07-28 | Identity Validation Products, Llc | System and method for multi-modal biometric identity verification |
-
2017
- 2017-05-24 CN CN201710375004.1A patent/CN107171791A/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101485137A (en) * | 2006-06-30 | 2009-07-15 | 皇家飞利浦电子股份有限公司 | Method and apparatus for encrypting/decrypting data |
CN102685110A (en) * | 2012-04-17 | 2012-09-19 | 中国科学院计算技术研究所 | Universal method and system for user registration authentication based on fingerprint characteristics |
US20160219046A1 (en) * | 2012-08-30 | 2016-07-28 | Identity Validation Products, Llc | System and method for multi-modal biometric identity verification |
CN103067390A (en) * | 2012-12-28 | 2013-04-24 | 青岛爱维互动信息技术有限公司 | User registration authentication method and system based on facial features |
US20160094348A1 (en) * | 2013-05-28 | 2016-03-31 | Hitachi, Ltd. | Biometric signature system, signature verification method, registration terminal, signature generation terminal, and signature verification device |
CN104168112A (en) * | 2014-07-07 | 2014-11-26 | 中国科学院信息工程研究所 | Secret key generation method based on multi-modal biological characteristics |
CN105635119A (en) * | 2015-12-23 | 2016-06-01 | 百度在线网络技术(北京)有限公司 | Anti-counterfeiting method and anti-counterfeiting device for communication content |
CN105577680A (en) * | 2016-01-18 | 2016-05-11 | 青岛海尔智能家电科技有限公司 | Key generation method, encrypted data analyzing method, devices and key managing center |
CN105809070A (en) * | 2016-03-14 | 2016-07-27 | 贵州大学 | USB flash disk fingerprint authentication encryption method |
Cited By (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11196553B2 (en) | 2017-09-29 | 2021-12-07 | Bitmain Technologies Inc. | Command transmission method and apparatus, electronic device |
CN107819572A (en) * | 2017-09-29 | 2018-03-20 | 北京比特大陆科技有限公司 | Order transmission method, device and electronic equipment |
CN110268407B (en) * | 2017-11-29 | 2021-04-02 | 指纹卡有限公司 | Two-step central matching of fingerprints |
CN110268407A (en) * | 2017-11-29 | 2019-09-20 | 指纹卡有限公司 | Two step centers of fingerprint match |
CN108123801A (en) * | 2017-12-29 | 2018-06-05 | 重庆小犀智能科技有限公司 | A kind of block chain wallet uses audio encryption private key system and method |
CN110278174A (en) * | 2018-03-13 | 2019-09-24 | 武汉真元生物数据有限公司 | Generate the application and system of the method, data of the data comprising personal biological information |
CN110278174B (en) * | 2018-03-13 | 2021-12-14 | 武汉真元生物数据有限公司 | Method and system for generating data, preventing data from being tampered, and verifying data owner |
CN108616516A (en) * | 2018-04-03 | 2018-10-02 | 四川新网银行股份有限公司 | A kind of third party's plaintext password method of calibration based on multiple encryption algorithms |
CN110391898A (en) * | 2018-04-20 | 2019-10-29 | 武汉真元生物数据有限公司 | A kind of data managing method and system based on biological secret key |
CN110392030A (en) * | 2018-04-20 | 2019-10-29 | 武汉真元生物数据有限公司 | A kind of authentication based on biological characteristic, method for processing business and system |
CN110392030B (en) * | 2018-04-20 | 2021-12-14 | 武汉真元生物数据有限公司 | Identity authentication and service processing method and system based on biological characteristics |
CN108596629A (en) * | 2018-04-28 | 2018-09-28 | 深圳蓝贝科技有限公司 | a kind of convenient payment system and method |
CN110650007B (en) * | 2018-06-27 | 2022-11-25 | 本无链科技(深圳)有限公司 | Encryption method and system based on brain consciousness |
CN110650007A (en) * | 2018-06-27 | 2020-01-03 | 厦门本能管家科技有限公司 | Encryption method and system based on brain consciousness |
CN109101830A (en) * | 2018-09-03 | 2018-12-28 | 安徽太阳石科技有限公司 | Real time data safety protecting method and system based on block chain |
CN109410396B (en) * | 2018-10-14 | 2021-01-01 | 浙江鸿利锁业有限公司 | Intelligent lock data encryption transmission method and leasing equipment applying same |
CN109410396A (en) * | 2018-10-14 | 2019-03-01 | 浙江鸿利锁业有限公司 | A kind of smart lock data encryption and transmission method and the leased equipment using it |
CN110247770A (en) * | 2019-07-05 | 2019-09-17 | 广东工业大学 | A kind of key generation method of body area network, device, terminal, medium |
CN111865561A (en) * | 2020-06-28 | 2020-10-30 | 深圳市七星电气与智能化工程科技有限公司 | Data encryption and decryption method and device and electronic equipment |
CN111865561B (en) * | 2020-06-28 | 2023-10-13 | 深圳市七星电气与智能化工程科技有限公司 | Data encryption and decryption method and device and electronic equipment |
CN114756848B (en) * | 2022-06-15 | 2022-09-02 | 国网浙江省电力有限公司 | Engineering digital audit data processing method based on basic data acquisition model |
CN114756848A (en) * | 2022-06-15 | 2022-07-15 | 国网浙江省电力有限公司 | Engineering digital audit data processing method based on basic data acquisition model |
CN115412247A (en) * | 2022-11-02 | 2022-11-29 | 中安云科科技发展(山东)有限公司 | Random key synchronization method, platform, equipment and storage medium based on timestamp |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107171791A (en) | A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic | |
Kakkad et al. | Biometric authentication and image encryption for image security in cloud framework | |
US20170293913A1 (en) | System and methods for validating and performing operations on homomorphically encrypted data | |
Gomez-Barrero et al. | Privacy-preserving comparison of variable-length data with application to biometric template protection | |
CN107113170B (en) | Biometric templates preservation, verification method and biometric devices, terminal | |
CN105429761A (en) | Key generation method and device | |
Abd Razak et al. | Data anonymization using pseudonym system to preserve data privacy | |
KR102224998B1 (en) | Computer-implemented system and method for protecting sensitive data via data re-encryption | |
Castiglione et al. | Biometrics in the cloud: challenges and research opportunities | |
CN207150607U (en) | A kind of data encrypting and deciphering system based on biological characteristic | |
CN112948795B (en) | Identity authentication method and device for protecting privacy | |
Wang et al. | A privacy-preserving edge computation-based face verification system for user authentication | |
CN109829333A (en) | A kind of key message guard method and system based on OpenID | |
CN105337742B (en) | LFSR file encryption and decryption method based on facial image feature and GPS information | |
CN110287670A (en) | A kind of biological information and identity information correlating method, system and equipment | |
CN107066868A (en) | A kind of data guard method and device of identity-based certification | |
CN112380404B (en) | Data filtering method, device and system | |
Sharma et al. | A survey on biometric cryptosystems and their applications | |
Chithra et al. | Pristine PixCaptcha as graphical password for secure eBanking using Gaussian elimination and cleaves algorithm | |
Sadhya et al. | A critical survey of the security and privacy aspects of the Aadhaar framework | |
Vadrevu et al. | A review on privacy preservation techniques in surveillance and health care data publication | |
CN105893819A (en) | Improved fingerprint recognition method and system based on redundancy out-of-sequence ordering algorithm | |
CN106682531A (en) | Method for confidential data encryption based on biological information authorization | |
David | An Analytical Survey on Multi-Biometric Authentication System for Enhancing the Security Levels in Cloud Computing | |
JP5718757B2 (en) | Image management apparatus, image management program, and image management method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20171123 Address after: 430000 room 19 of Qingshan District, Wuhan, Hubei province (No. 1540 of Peace Avenue), room 17-26, 2406-2410 and 2413 at the Yulong time center Applicant after: Wuhan Zhen Yuan biological data Co., Ltd. Address before: 430014 3 building, Jixiang Valley Villa District, 68 Jinqiao Boulevard, Jiang'an District, Hubei Applicant before: Shu Xiang |