CN107171791A - A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic - Google Patents

A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic Download PDF

Info

Publication number
CN107171791A
CN107171791A CN201710375004.1A CN201710375004A CN107171791A CN 107171791 A CN107171791 A CN 107171791A CN 201710375004 A CN201710375004 A CN 201710375004A CN 107171791 A CN107171791 A CN 107171791A
Authority
CN
China
Prior art keywords
data
encryption
biological attribute
attribute data
biological
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710375004.1A
Other languages
Chinese (zh)
Inventor
舒翔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Zhen Yuan biological data Co., Ltd.
Original Assignee
舒翔
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 舒翔 filed Critical 舒翔
Priority to CN201710375004.1A priority Critical patent/CN107171791A/en
Publication of CN107171791A publication Critical patent/CN107171791A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of data encryption/decryption method based on biological characteristic, it is related to biological attribute data processing technology field, including the biological attribute data of user is gathered during encryption, high entropy data is extracted from biological attribute data and is used as the first data;Time generation encryption times stamp during collection encryption, encryption key is generated by encryption times stamp jointly with the first data;One random data is encrypted to form ciphertext using AES and encryption key;The biological attribute data of user is gathered during decryption, high entropy data is extracted from biological attribute data as the second data using with the first data identical method of generation;Ciphertext and the encryption times stamp corresponding with ciphertext are read, decruption key is generated jointly using encryption times corresponding with ciphertext stamp and the second data;The ciphertext being stored in local or server is decrypted using corresponding decipherment algorithm and decruption key.The invention also discloses a kind of data encrypting and deciphering system based on biological characteristic.

Description

A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic
Technical field
The present invention relates to biological attribute data processing technology field, and in particular to a kind of data based on biological characteristic add solution Decryption method and encrypting and deciphering system.
Background technology
With the development of science and technology, the utilization of the storage medium such as computer, mobile phone, radio-frequency card is more and more extensive at present, wherein Store a large amount of different types and be related to the electronic document of high security information, these information will once be produced not by illegal stolen Appreciable loss, and current common practice is all that data are encrypted using various document security softwares.It is main at present Encryption system PGP, True Crypt wanted etc. is to employ multiple encryption algorithms to be used in mixed way to improve security, and These encryption systems have a significant defect, that is, if forget key, or key lose, then encrypted file without Method is normally decrypted and can not used as discarding data.
Importantly, current file ciphering technology only realizes encipherment protection in itself to data, and encryption text is not demarcated The identity of part user, that is to say, that once file is successfully decrypted in itself, anyone can access decrypted in theory File and data.
To solve the technical problem, Chinese patent CN200920212977.4 is carried out using biometric image to file Encryption, although the encryption key generated with the method, which avoids, forgets the problem of key or key are lost, but the method is generated Key there is the phase same sex, that is, the key that generation is encrypted to each file is identical;Meanwhile, equipment domestic demand is deposited Store up biological characteristic, and the key generated by comparing during encryption and decryption it is whether identical come complete decryption, there is personal identification characteristic According to the potential safety hazard of leakage, it is impossible to ensure the safety of data.
The content of the invention
For defect present in prior art, add it is an object of the invention to provide a kind of data based on biological characteristic Decryption method and encrypting and deciphering system, without biological attribute data is preserved, Information Security is high, and key changes at any time, be difficult by Crack.
To achieve the above objectives, the present invention is adopted the technical scheme that:A kind of data encrypting and deciphering side based on biological characteristic Method:
The biological attribute data of user is gathered during encryption and the biological attribute data of collection is handled, from biological characteristic Extracting data high entropy data is used as the first data;Collection encryption when time generation encryption times stamp, by encryption times stamp with First data generate encryption key jointly;One random data is encrypted to form ciphertext using AES and encryption key And ciphertext and the encryption times generated used in the encryption key are stabbed into corresponding together be stored in local or server; The biological attribute data of user is gathered during decryption and the biological attribute data of collection is handled, using with generating the first data Identical method extracts high entropy data as the second data from biological attribute data;Read ciphertext and corresponding with ciphertext described Encryption times are stabbed, and corresponding with ciphertext the encryption times stamp and the second number are used using with generation encryption key identical method According to common generation decruption key;The corresponding decipherment algorithm of AES used and decruption key are to being stored in during using encryption Ciphertext in local or server is decrypted.
On the basis of above-mentioned technical proposal, the biological attribute data of user is gathered during encryption includes one kind of collection user Biological attribute data or a variety of biological attribute datas for gathering user;If gathering a kind of biological attribute data of user during encryption, Directly the biological attribute data of collection is handled, a high entropy data is extracted from biological attribute data as the first number According to;If gathering a variety of biological attribute datas of user during encryption, high entropy data is extracted respectively from every kind of biological attribute data, and First data are regard the high entropy data fusion of extraction as by cascade or XOR algorithm.
On the basis of above-mentioned technical proposal, collection is used when the biological attribute data quantity of user is gathered during decryption with encryption The biological attribute data quantity at family is consistent;If a kind of biological attribute data of user is gathered during decryption, directly to collection Biological attribute data is handled, and a high entropy data is extracted from biological attribute data and is used as the second data;If being adopted during decryption Collect a variety of biological attribute datas of user, generated using with the first data identical method of generation using a variety of biological attribute datas Second data.
On the basis of above-mentioned technical proposal, encryption times are stabbed and first using XOR or interpolation arithmetic during encryption Data generate encryption key jointly, during decryption using with generation encryption key identical method by the encryption times of ciphertext stamp and the Two data generate decruption key jointly.
On the basis of above-mentioned technical proposal, comprise the following steps:S1, during encryption, at least one of collection user is biological Characteristic, generates the first biological attribute data BN={ b1,b2,...,bN, N is gathered by the biological attribute data of generation first Biological attribute data quantity;
S2, if N=1, is directly handled the first biological attribute data, and one is extracted from the first biological attribute data High entropy data is used as the first data;If N>1, extract two or more high entropy data respectively from the first biological attribute data, and lead to Cross cascade or XOR algorithm and regard the high entropy data fusion of extraction as the first data;
S3, time generation encryption times stamp during collection encryption, is stabbed encryption times using XOR or interpolation arithmetic Encryption key is generated jointly with first data;
S4, using AES and encryption key to one immediately data be encrypted to form ciphertext and by ciphertext and generation The encryption times used in the encryption key stab corresponding together be stored in local or server;
S5, during decryption, quantity identical biological attribute data when collection is with encryption generates the second biological attribute data B'N ={ b'1,b'2,...,b'N, the biological attribute data quantity that N is gathered by the biological attribute data of generation second;
S6, if N=1, is directly handled the second biological attribute data, and one is extracted from the second biological attribute data High entropy data is used as the second data;;If N>1, use the second biological attribute data using with the first data identical method of generation Generate the second data;
S7, reads ciphertext and the encryption times stamp corresponding with ciphertext, using with generating encryption key identical method Decruption key is generated jointly using the encryption times stamp corresponding with ciphertext and second data;
S8, during using with encryption the corresponding decipherment algorithm of used AES and decruption key to be stored in it is local or Ciphertext in server is decrypted.
On the basis of above-mentioned technical proposal, the biological attribute data includes finger print information, iris information, face letter Breath, refers to a kind of, a variety of or many in venous information, palmprint information, vena metacarpea information, sclera information, gait information, voiceprint Plant the combination formed.
A kind of data encrypting and deciphering system based on biological characteristic of the disclosed of the present invention, including:
Physical characteristics collecting module, encryption times stamp generation module, key production module, encrypting module, deciphering module and Memory module;
The physical characteristics collecting module is used to gather biological attribute data and is sent to key production module;
Time generation encryption times stamp when encryption times stamp generation module is used to gather encryption and by the encryption Timestamp is sent to the key production module and the encrypting module;
The key production module is used to extract high entropy data as first from the biological attribute data gathered when encrypting Data, by the first data and the common generation encryption key of encryption times stamp;In the biological attribute data gathered during from decryption High entropy data is extracted as the second data, ciphertext and the encryption times corresponding with ciphertext are read from the memory module Stamp, by the second data and the common generation decruption key of encryption times stamp;
The encrypting module is used to a random data is encrypted generation ciphertext and will be close using the encryption key Text and the encryption times generated used in the encryption key stab corresponding preservation together in a storage module;
The deciphering module is used to the ciphertext stored in memory module is decrypted using decruption key;
The memory module is used to store ciphertext and the encryption times stamp corresponding with ciphertext.
On the basis of above-mentioned technical proposal, the key production module is used for a kind of biological characteristic that will be gathered when encrypting Data or a variety of biological attribute datas are used as the first data;It is directly right if gathering a kind of biological attribute data of user during encryption The biological attribute data of collection is handled, and a high entropy data is extracted from biological attribute data and is used as the first data;If plus A variety of biological attribute datas of user are gathered when close, two or more high entropy data is extracted respectively from a variety of biological characteristic numbers, and First data are regard the high entropy data fusion of extraction as by cascade or XOR algorithm;The biological characteristic number of user is gathered during decryption The biological attribute data quantity of collection user is consistent when data bulk is with encryption;If one kind of collection user is biological special during decryption Data are levied, directly the biological attribute data of collection is handled, a high entropy data conduct is extracted from biological attribute data Second data;If gathering a variety of biological attribute datas of user during decryption, used using with the first data identical method of generation A variety of biological attribute datas generate the second data.
On the basis of above-mentioned technical proposal, the key production module is used to use XOR or interpolation in encryption Encryption times stamp is generated encryption key by computing jointly with the first data;Used in decryption and generation encryption key identical side The encryption times stamp of ciphertext is generated decruption key by method jointly with the second data.
On the basis of above-mentioned technical proposal, the key production module includes biological characteristic processor, described biological special Levying processor is used to extract high entropy data as the first data from the biological attribute data gathered when encrypting;And from decryption when adopt High entropy data is extracted in the biological attribute data of collection and is used as the second data.
Compared with prior art, the advantage of the invention is that:
The present invention gathers the biological attribute data of user in encryption, and high entropy data conduct is extracted from biological attribute data First data;Encryption times stamp and the first data are generated encryption close by time generation encryption times stamp during collection encryption jointly Key;One random data is encrypted to form ciphertext using AES and encryption key;The biology of user is gathered during decryption Characteristic, high entropy data is extracted as the second number using with the first data identical method of generation from biological attribute data According to;Ciphertext and the encryption times stamp corresponding with ciphertext are read, encryption times corresponding with ciphertext stamp and the second data are used Common generation decruption key;The ciphertext being stored in local or server is entered using corresponding decipherment algorithm and decruption key Row decryption.What is stored using the present invention is ciphertext after biological attribute data is encrypted, and ciphertext is stolen, and does not result in use The loss of family biological attribute data, therefore the problems such as also privacy leakage, information security will not be caused to user;Meanwhile, generate close Encryption times stamp is added in key, key changes, is difficult to be cracked, improves Information Security at any time.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of the data encryption/decryption method based on biological characteristic in the embodiment of the present invention;
Fig. 2 is the structural representation of the data encrypting and deciphering system based on biological characteristic in the embodiment of the present invention.
Embodiment
The present invention is described in further detail below in conjunction with drawings and Examples.
Shown in Figure 1, the embodiment of the present invention provides a kind of data encryption/decryption method of the title based on biological characteristic:
The biological attribute data of user is gathered when A. encrypting and the biological attribute data of collection is handled, from biological spy Extracting data high entropy data is levied as the first data;
B. encryption times stamp and the first data are generated encryption close by time generation encryption times stamp during collection encryption jointly Key;
C. one random data is encrypted using AES and encryption key to form ciphertext and by ciphertext and generation The encryption times used in the encryption key stab corresponding together be stored in local or server;
D. decrypt when collection user biological attribute data and the biological attribute data of collection is handled, using with life High entropy data is extracted from biological attribute data as the second data into the first data identical method;
E. ciphertext and the encryption times stamp corresponding with ciphertext are read, is made using with generation encryption key identical method Decruption key is generated jointly with the encryption times stamp corresponding with ciphertext and the second data;
The corresponding decipherment algorithm of AES used and decruption key are to being stored in local or clothes when F. using encryption Ciphertext in business device is decrypted.
The present invention gathers the biological attribute data of user in encryption, and high entropy data conduct is extracted from biological attribute data First data;Encryption times stamp and the first data are generated encryption close by time generation encryption times stamp during collection encryption jointly Key;One random data is encrypted to form ciphertext using AES and encryption key;The biology of user is gathered during decryption Characteristic, high entropy data is extracted as the second number using with the first data identical method of generation from biological attribute data According to;Ciphertext and the encryption times stamp corresponding with ciphertext are read, encryption times corresponding with ciphertext stamp and the second data are used Common generation decruption key;The ciphertext being stored in local or server is entered using corresponding decipherment algorithm and decruption key Row decryption.Biological attribute data need not be preserved using the present invention, Information Security is high, be prevented effectively from personally identifiable information leakage; Meanwhile, key be change at any time be difficult be cracked.
Obtained if identical with user when decrypting during encryption, after decryption correctly in plain text;If encryption when and decryption When user it is identical, decryption after can not obtain correct plaintext.This method is widely portable to biological attribute data encryption and decryption, Apply also for performing biological attribute data certification.
The biological attribute data of user is gathered during encryption includes a kind of biological attribute data or the collection user of collection user A variety of biological attribute datas;If gathering a kind of biological attribute data of user, directly the biological characteristic number to collection during encryption According to being handled, a high entropy data is extracted from biological attribute data and is used as the first data;If collection user's is more during encryption Biological attribute data is planted, high entropy data is extracted respectively from every kind of biological attribute data, and will carry by cascade or XOR algorithm The high entropy data taken is merged as the first data.
The biological attribute data quantity of collection user is protected when the biological attribute data quantity of user is gathered during decryption with encryption Hold consistent;If gathering a kind of biological attribute data of user during decryption, directly the biological attribute data of collection is handled, from A high entropy data is extracted in biological attribute data and is used as the second data;If gathering a variety of biological characteristic numbers of user during decryption According to, using with generation the first data identical method using a variety of biological attribute datas generate the second data.
Encryption times stamp is generated with the first data by encryption key using XOR or interpolation arithmetic jointly during encryption, solved The encryption times stamp of ciphertext is generated into decruption key jointly with the second data using with generation encryption key identical method when close.
Comprise the following steps:
S1, during encryption, gathers at least one biological attribute data of user, generates the first biological attribute data BN={ b1, b2,...,bN, the number for the biological attribute data that N is gathered by the biological attribute data of generation first;
S2, if N=1, is directly handled the first biological attribute data, and one is extracted from the first biological attribute data High entropy data is used as the first data;If N>1, two or more high entropy data is extracted respectively from the first biological characteristic number, and is passed through Cascade or XOR algorithm regard the high entropy data fusion of extraction as the first data;
S3, time generation encryption times stamp during collection encryption, is stabbed encryption times using XOR or interpolation arithmetic Encryption key is generated jointly with the first data;
S4, using AES and encryption key to one immediately data be encrypted to form ciphertext and by ciphertext and generation Encryption times used in encryption key stab corresponding together be stored in local or server;
S5, during decryption, quantity identical biological attribute data when collection is with encryption generates the second data B'N={ b'1,b '2,...,b'N, the number for the biological attribute data that N is gathered by the data of generation second;
S6, if N=1, is directly handled the second biological attribute data, and one is extracted from the second biological attribute data High entropy data is used as the second data;;If N>1, use the second biological attribute data using with the first data identical method of generation Generate the second data;
S7, reads ciphertext and encryption times corresponding with ciphertext stamp, is used using with generation encryption key identical method Encryption times stamp corresponding with ciphertext and the second data generate decruption key jointly;
S8, during using with encryption the corresponding decipherment algorithm of used AES and decruption key to be stored in it is local or Ciphertext in server is decrypted.
Biological attribute data includes finger print information, and iris information, face information refers to venous information, palmprint information, vena metacarpea The combination of a kind of, a variety of or a variety of formation in information, sclera information, gait information, voiceprint
It is shown in Figure 2, the invention also discloses a kind of data encrypting and deciphering system based on biological characteristic, including:
Physical characteristics collecting module, encryption times stamp generation module, key production module, encrypting module, deciphering module and Memory module;
Physical characteristics collecting module is used to gather biological attribute data and is sent to key production module;
Time when encryption times stamp generation module is used to gather encryption generates encryption times stamp and stabs encryption times and sends out Give key production module and encrypting module;
Key production module is used to extract high entropy data as the first data from the biological attribute data gathered when encrypting, By the first data and the common generation encryption key of encryption times stamp;Extract high in the biological attribute data gathered during from decryption Entropy data read ciphertext and the encryption times corresponding with ciphertext stamp as the second data from the memory module, by the Two data and the common generation decruption key of encryption times stamp;
Encrypting module is used to a random data is encrypted generation ciphertext and by ciphertext and generation using encryption key Encryption times used in encryption key stab corresponding preservation together in a storage module;
Deciphering module is used to the ciphertext stored in memory module is decrypted using decruption key;
Memory module is used to store ciphertext and encryption times corresponding with ciphertext stamp.
When key production module is used to encrypt a kind of biological attribute data for gathering or a variety of biological attribute datas as First data;If gathering a kind of biological attribute data of user during encryption, directly the biological attribute data of collection is handled, A high entropy data is extracted from biological attribute data and is used as the first data;If gathering a variety of biological characteristic numbers of user during encryption According to extracting high entropy data respectively from every kind of biological characteristic number, and the high entropy data of extraction is merged by cascade or XOR algorithm It is used as the first data.The biological attribute data number of user is gathered when the biological attribute data quantity of user is gathered during decryption with encryption Amount is consistent;If decryption when gather user a kind of biological attribute data, directly to the biological attribute data of collection at Reason, one high entropy data of extraction is used as the second data from biological attribute data;If collection user's is a variety of biological special during decryption Data are levied, the second data are generated using a variety of biological attribute datas using with the first data identical method of generation.
Key production module is used to stab encryption times and the first data using XOR or interpolation arithmetic in encryption Common generation encryption key;Used in decryption and use encryption times corresponding with ciphertext with generation encryption key identical method Stamp and the second data generate decruption key jointly.
Key production module includes biological characteristic processor, and the biological characteristic processor is used for from the life gathered during encryption High entropy data is extracted in thing characteristic and is used as the first data;And extract high entropy number in the biological attribute data gathered during from decryption According to being used as the second data.
Memory module is in local or server.Physical characteristics collecting module is fingerprint capturer, iris capturing device, consolidated Film collector, face collector, refer to vein acquirer, vena metacarpea collector, vocal print collector, gait collector and brain wave and adopt One or more in storage.
If user when during encryption with decryption is identical, data immediately used during encryption are obtained after decryption;If plus User when when close with decryption is identical, and data immediately used during encryption can not be obtained after decryption.
The present invention is not limited to the above-described embodiments, for those skilled in the art, is not departing from On the premise of the principle of the invention, some improvements and modifications can also be made, these improvements and modifications are also considered as the protection of the present invention Within the scope of.The content not being described in detail in this specification belongs to prior art known to professional and technical personnel in the field.

Claims (10)

1. a kind of data encryption/decryption method based on biological characteristic, it is characterised in that:
The biological attribute data of user is gathered during encryption and the biological attribute data of collection is handled, from biological attribute data Middle extraction high entropy data is used as the first data;Time generation encryption times stamp during collection encryption, by encryption times stamp and first Data generate encryption key jointly;One random data is encrypted using AES and encryption key to form ciphertext and incite somebody to action Ciphertext and the encryption times generated used in the encryption key stab corresponding together be stored in local or server;Decryption When collection user biological attribute data and the biological attribute data of collection is handled, using with generation the first data it is identical Method high entropy data is extracted from biological attribute data as the second data;Read ciphertext and the encryption corresponding with ciphertext Timestamp, using common using the encryption times stamp corresponding with ciphertext and the second data with generation encryption key identical method With generation decruption key;The corresponding decipherment algorithm of AES used and decruption key are local to being stored in during using encryption Or the ciphertext in server is decrypted.
2. a kind of data encryption/decryption method based on biological characteristic as claimed in claim 1, it is characterised in that:Gathered during encryption The biological attribute data of user includes a kind of biological attribute data of collection user or gathers a variety of biological attribute datas of user; If gathering a kind of biological attribute data of user during encryption, directly the biological attribute data of collection is handled, from biological spy One high entropy data of extracting data is levied as the first data;If a variety of biological attribute datas of user are gathered during encryption, from every Extract high entropy data in kind of biological attribute data respectively, and by cascade or XOR algorithm using the high entropy data fusion of extraction as First data.
3. a kind of data encryption/decryption method based on biological characteristic as claimed in claim 2, it is characterised in that:Gathered during decryption The biological attribute data quantity of collection user is consistent when the biological attribute data quantity of user is with encryption;If being gathered during decryption A kind of biological attribute data of user, is directly handled the biological attribute data of collection, is extracted from biological attribute data One high entropy data is used as the second data;If gathering a variety of biological attribute datas of user during decryption, counted using with generation first According to identical method the second data are generated using a variety of biological attribute datas.
4. a kind of data encryption/decryption method based on biological characteristic as claimed in claim 1, it is characterised in that:Used during encryption Encryption times stamp is generated encryption key by XOR or interpolation arithmetic jointly with the first data, is used and is encrypted with generation during decryption The encryption times stamp of ciphertext is generated decruption key by key identical method jointly with the second data.
5. a kind of data encryption/decryption method based on biological characteristic as claimed in claim 1, it is characterised in that including following step Suddenly:
S1, during encryption, gathers at least one biological attribute data of user, generates the first biological attribute data BN={ b1, b2,...,bN, the biological attribute data quantity that N is gathered by the biological attribute data of generation first;
S2, if N=1, is directly handled the first biological attribute data, and a high entropy is extracted from the first biological attribute data Data are used as the first data;If N>1, extract two or more high entropy data respectively from the first biological attribute data, and pass through level Connection or XOR algorithm regard the high entropy data fusion of extraction as the first data;
S3, time generation encryption times stamp during collection encryption, is stabbed encryption times and institute using XOR or interpolation arithmetic State the first data and generate encryption key jointly;
S4, using AES and encryption key to one immediately data be encrypted to form ciphertext and ciphertext and generation is described The encryption times used in encryption key stab corresponding together be stored in local or server;
S5, during decryption, quantity identical biological attribute data when collection is with encryption generates the second biological attribute data B'N= {b'1,b'2,...,b'N, the biological attribute data quantity that N is gathered by the biological attribute data of generation second;
S6, if N=1, is directly handled the second biological attribute data, and a high entropy is extracted from the second biological attribute data Data are used as the second data;;If N>1, generated using with the first data identical method of generation using the second biological attribute data Second data;
S7, reads ciphertext and the encryption times stamp corresponding with ciphertext, is used using with generation encryption key identical method The encryption times stamp corresponding with ciphertext and second data generate decruption key jointly;
S8, the corresponding decipherment algorithm of used AES and decruption key are to being stored in local or service during using with encryption Ciphertext in device is decrypted.
6. a kind of data encryption/decryption method based on biological characteristic as described in claim 1-5 any one, it is characterised in that: The biological attribute data includes finger print information, and iris information, face information refers to venous information, palmprint information, vena metacarpea letter The combination of a kind of, a variety of or a variety of formation in breath, sclera information, gait information, voiceprint.
7. a kind of data encrypting and deciphering system based on biological characteristic, it is characterised in that including:
Physical characteristics collecting module, encryption times stamp generation module, key production module, encrypting module, deciphering module and storage Module;
The physical characteristics collecting module is used to gather biological attribute data and is sent to key production module;
Time generation encryption times stamp when encryption times stamp generation module is used to gather encryption and by the encryption times Stamp is sent to the key production module and the encrypting module;
The key production module is used to extract high entropy data as the first data from the biological attribute data gathered when encrypting, By the first data and the common generation encryption key of encryption times stamp;Extract high in the biological attribute data gathered during from decryption Entropy data read ciphertext and the encryption times corresponding with ciphertext stamp as the second data from the memory module, by the Two data and the common generation decruption key of encryption times stamp;
The encrypting module be used to a random data being encrypted generation ciphertext using the encryption key and by ciphertext and Generate the encryption times used in the encryption key and stab corresponding preservation together in a storage module;
The deciphering module is used to the ciphertext stored in memory module is decrypted using decruption key;
The memory module is used to store ciphertext and the encryption times stamp corresponding with ciphertext.
8. a kind of data encrypting and deciphering system based on biological characteristic as claimed in claim 7, it is characterised in that:The key life It is used to regard a kind of biological attribute data or a variety of biological attribute datas that gather when encrypting as the first data into module;If encryption When gather user a kind of biological attribute data, directly the biological attribute data of collection is handled, from biological attribute data One high entropy data of middle extraction is used as the first data;If a variety of biological attribute datas of user are gathered during encryption, from a variety of biologies Extract two or more high entropy data in characteristic respectively, and by cascade or XOR algorithm using the high entropy data fusion of extraction as First data;The biological attribute data quantity of collection user is protected when the biological attribute data quantity of user is gathered during decryption with encryption Hold consistent;If gathering a kind of biological attribute data of user during decryption, directly the biological attribute data of collection is handled, from A high entropy data is extracted in biological attribute data and is used as the second data;If gathering a variety of biological characteristic numbers of user during decryption According to, using with generation the first data identical method using a variety of biological attribute datas generate the second data.
9. a kind of data encrypting and deciphering system based on biological characteristic as claimed in claim 7, it is characterised in that:The key life Be used to generate encryption times stamp and the first data jointly using XOR or interpolation arithmetic in encryption into module encrypt it is close Key;The encryption times stamp of ciphertext is generated into solution jointly with the second data using with generation encryption key identical method in decryption Key.
10. a kind of data encrypting and deciphering system based on biological characteristic as described in claim 7-9 any one, its feature exists In:The key production module includes biological characteristic processor, and the biological characteristic processor is used for from the life gathered during encryption High entropy data is extracted in thing characteristic and is used as the first data;And extract high entropy number in the biological attribute data gathered during from decryption According to being used as the second data.
CN201710375004.1A 2017-05-24 2017-05-24 A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic Pending CN107171791A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710375004.1A CN107171791A (en) 2017-05-24 2017-05-24 A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710375004.1A CN107171791A (en) 2017-05-24 2017-05-24 A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic

Publications (1)

Publication Number Publication Date
CN107171791A true CN107171791A (en) 2017-09-15

Family

ID=59821632

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710375004.1A Pending CN107171791A (en) 2017-05-24 2017-05-24 A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic

Country Status (1)

Country Link
CN (1) CN107171791A (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107819572A (en) * 2017-09-29 2018-03-20 北京比特大陆科技有限公司 Order transmission method, device and electronic equipment
CN108123801A (en) * 2017-12-29 2018-06-05 重庆小犀智能科技有限公司 A kind of block chain wallet uses audio encryption private key system and method
CN108596629A (en) * 2018-04-28 2018-09-28 深圳蓝贝科技有限公司 a kind of convenient payment system and method
CN108616516A (en) * 2018-04-03 2018-10-02 四川新网银行股份有限公司 A kind of third party's plaintext password method of calibration based on multiple encryption algorithms
CN109101830A (en) * 2018-09-03 2018-12-28 安徽太阳石科技有限公司 Real time data safety protecting method and system based on block chain
CN109410396A (en) * 2018-10-14 2019-03-01 浙江鸿利锁业有限公司 A kind of smart lock data encryption and transmission method and the leased equipment using it
CN110247770A (en) * 2019-07-05 2019-09-17 广东工业大学 A kind of key generation method of body area network, device, terminal, medium
CN110268407A (en) * 2017-11-29 2019-09-20 指纹卡有限公司 Two step centers of fingerprint match
CN110278174A (en) * 2018-03-13 2019-09-24 武汉真元生物数据有限公司 Generate the application and system of the method, data of the data comprising personal biological information
CN110392030A (en) * 2018-04-20 2019-10-29 武汉真元生物数据有限公司 A kind of authentication based on biological characteristic, method for processing business and system
CN110391898A (en) * 2018-04-20 2019-10-29 武汉真元生物数据有限公司 A kind of data managing method and system based on biological secret key
CN110650007A (en) * 2018-06-27 2020-01-03 厦门本能管家科技有限公司 Encryption method and system based on brain consciousness
CN111865561A (en) * 2020-06-28 2020-10-30 深圳市七星电气与智能化工程科技有限公司 Data encryption and decryption method and device and electronic equipment
CN114756848A (en) * 2022-06-15 2022-07-15 国网浙江省电力有限公司 Engineering digital audit data processing method based on basic data acquisition model
CN115412247A (en) * 2022-11-02 2022-11-29 中安云科科技发展(山东)有限公司 Random key synchronization method, platform, equipment and storage medium based on timestamp

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101485137A (en) * 2006-06-30 2009-07-15 皇家飞利浦电子股份有限公司 Method and apparatus for encrypting/decrypting data
CN102685110A (en) * 2012-04-17 2012-09-19 中国科学院计算技术研究所 Universal method and system for user registration authentication based on fingerprint characteristics
CN103067390A (en) * 2012-12-28 2013-04-24 青岛爱维互动信息技术有限公司 User registration authentication method and system based on facial features
CN104168112A (en) * 2014-07-07 2014-11-26 中国科学院信息工程研究所 Secret key generation method based on multi-modal biological characteristics
US20160094348A1 (en) * 2013-05-28 2016-03-31 Hitachi, Ltd. Biometric signature system, signature verification method, registration terminal, signature generation terminal, and signature verification device
CN105577680A (en) * 2016-01-18 2016-05-11 青岛海尔智能家电科技有限公司 Key generation method, encrypted data analyzing method, devices and key managing center
CN105635119A (en) * 2015-12-23 2016-06-01 百度在线网络技术(北京)有限公司 Anti-counterfeiting method and anti-counterfeiting device for communication content
CN105809070A (en) * 2016-03-14 2016-07-27 贵州大学 USB flash disk fingerprint authentication encryption method
US20160219046A1 (en) * 2012-08-30 2016-07-28 Identity Validation Products, Llc System and method for multi-modal biometric identity verification

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101485137A (en) * 2006-06-30 2009-07-15 皇家飞利浦电子股份有限公司 Method and apparatus for encrypting/decrypting data
CN102685110A (en) * 2012-04-17 2012-09-19 中国科学院计算技术研究所 Universal method and system for user registration authentication based on fingerprint characteristics
US20160219046A1 (en) * 2012-08-30 2016-07-28 Identity Validation Products, Llc System and method for multi-modal biometric identity verification
CN103067390A (en) * 2012-12-28 2013-04-24 青岛爱维互动信息技术有限公司 User registration authentication method and system based on facial features
US20160094348A1 (en) * 2013-05-28 2016-03-31 Hitachi, Ltd. Biometric signature system, signature verification method, registration terminal, signature generation terminal, and signature verification device
CN104168112A (en) * 2014-07-07 2014-11-26 中国科学院信息工程研究所 Secret key generation method based on multi-modal biological characteristics
CN105635119A (en) * 2015-12-23 2016-06-01 百度在线网络技术(北京)有限公司 Anti-counterfeiting method and anti-counterfeiting device for communication content
CN105577680A (en) * 2016-01-18 2016-05-11 青岛海尔智能家电科技有限公司 Key generation method, encrypted data analyzing method, devices and key managing center
CN105809070A (en) * 2016-03-14 2016-07-27 贵州大学 USB flash disk fingerprint authentication encryption method

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11196553B2 (en) 2017-09-29 2021-12-07 Bitmain Technologies Inc. Command transmission method and apparatus, electronic device
CN107819572A (en) * 2017-09-29 2018-03-20 北京比特大陆科技有限公司 Order transmission method, device and electronic equipment
CN110268407B (en) * 2017-11-29 2021-04-02 指纹卡有限公司 Two-step central matching of fingerprints
CN110268407A (en) * 2017-11-29 2019-09-20 指纹卡有限公司 Two step centers of fingerprint match
CN108123801A (en) * 2017-12-29 2018-06-05 重庆小犀智能科技有限公司 A kind of block chain wallet uses audio encryption private key system and method
CN110278174A (en) * 2018-03-13 2019-09-24 武汉真元生物数据有限公司 Generate the application and system of the method, data of the data comprising personal biological information
CN110278174B (en) * 2018-03-13 2021-12-14 武汉真元生物数据有限公司 Method and system for generating data, preventing data from being tampered, and verifying data owner
CN108616516A (en) * 2018-04-03 2018-10-02 四川新网银行股份有限公司 A kind of third party's plaintext password method of calibration based on multiple encryption algorithms
CN110391898A (en) * 2018-04-20 2019-10-29 武汉真元生物数据有限公司 A kind of data managing method and system based on biological secret key
CN110392030A (en) * 2018-04-20 2019-10-29 武汉真元生物数据有限公司 A kind of authentication based on biological characteristic, method for processing business and system
CN110392030B (en) * 2018-04-20 2021-12-14 武汉真元生物数据有限公司 Identity authentication and service processing method and system based on biological characteristics
CN108596629A (en) * 2018-04-28 2018-09-28 深圳蓝贝科技有限公司 a kind of convenient payment system and method
CN110650007B (en) * 2018-06-27 2022-11-25 本无链科技(深圳)有限公司 Encryption method and system based on brain consciousness
CN110650007A (en) * 2018-06-27 2020-01-03 厦门本能管家科技有限公司 Encryption method and system based on brain consciousness
CN109101830A (en) * 2018-09-03 2018-12-28 安徽太阳石科技有限公司 Real time data safety protecting method and system based on block chain
CN109410396B (en) * 2018-10-14 2021-01-01 浙江鸿利锁业有限公司 Intelligent lock data encryption transmission method and leasing equipment applying same
CN109410396A (en) * 2018-10-14 2019-03-01 浙江鸿利锁业有限公司 A kind of smart lock data encryption and transmission method and the leased equipment using it
CN110247770A (en) * 2019-07-05 2019-09-17 广东工业大学 A kind of key generation method of body area network, device, terminal, medium
CN111865561A (en) * 2020-06-28 2020-10-30 深圳市七星电气与智能化工程科技有限公司 Data encryption and decryption method and device and electronic equipment
CN111865561B (en) * 2020-06-28 2023-10-13 深圳市七星电气与智能化工程科技有限公司 Data encryption and decryption method and device and electronic equipment
CN114756848B (en) * 2022-06-15 2022-09-02 国网浙江省电力有限公司 Engineering digital audit data processing method based on basic data acquisition model
CN114756848A (en) * 2022-06-15 2022-07-15 国网浙江省电力有限公司 Engineering digital audit data processing method based on basic data acquisition model
CN115412247A (en) * 2022-11-02 2022-11-29 中安云科科技发展(山东)有限公司 Random key synchronization method, platform, equipment and storage medium based on timestamp

Similar Documents

Publication Publication Date Title
CN107171791A (en) A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic
Kakkad et al. Biometric authentication and image encryption for image security in cloud framework
US20170293913A1 (en) System and methods for validating and performing operations on homomorphically encrypted data
Gomez-Barrero et al. Privacy-preserving comparison of variable-length data with application to biometric template protection
CN107113170B (en) Biometric templates preservation, verification method and biometric devices, terminal
CN105429761A (en) Key generation method and device
Abd Razak et al. Data anonymization using pseudonym system to preserve data privacy
KR102224998B1 (en) Computer-implemented system and method for protecting sensitive data via data re-encryption
Castiglione et al. Biometrics in the cloud: challenges and research opportunities
CN207150607U (en) A kind of data encrypting and deciphering system based on biological characteristic
CN112948795B (en) Identity authentication method and device for protecting privacy
Wang et al. A privacy-preserving edge computation-based face verification system for user authentication
CN109829333A (en) A kind of key message guard method and system based on OpenID
CN105337742B (en) LFSR file encryption and decryption method based on facial image feature and GPS information
CN110287670A (en) A kind of biological information and identity information correlating method, system and equipment
CN107066868A (en) A kind of data guard method and device of identity-based certification
CN112380404B (en) Data filtering method, device and system
Sharma et al. A survey on biometric cryptosystems and their applications
Chithra et al. Pristine PixCaptcha as graphical password for secure eBanking using Gaussian elimination and cleaves algorithm
Sadhya et al. A critical survey of the security and privacy aspects of the Aadhaar framework
Vadrevu et al. A review on privacy preservation techniques in surveillance and health care data publication
CN105893819A (en) Improved fingerprint recognition method and system based on redundancy out-of-sequence ordering algorithm
CN106682531A (en) Method for confidential data encryption based on biological information authorization
David An Analytical Survey on Multi-Biometric Authentication System for Enhancing the Security Levels in Cloud Computing
JP5718757B2 (en) Image management apparatus, image management program, and image management method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20171123

Address after: 430000 room 19 of Qingshan District, Wuhan, Hubei province (No. 1540 of Peace Avenue), room 17-26, 2406-2410 and 2413 at the Yulong time center

Applicant after: Wuhan Zhen Yuan biological data Co., Ltd.

Address before: 430014 3 building, Jixiang Valley Villa District, 68 Jinqiao Boulevard, Jiang'an District, Hubei

Applicant before: Shu Xiang