CN109039643B - A kind of sustainable method for authenticating user identity and system based on electromagnetic radiation - Google Patents

A kind of sustainable method for authenticating user identity and system based on electromagnetic radiation Download PDF

Info

Publication number
CN109039643B
CN109039643B CN201810689741.3A CN201810689741A CN109039643B CN 109039643 B CN109039643 B CN 109039643B CN 201810689741 A CN201810689741 A CN 201810689741A CN 109039643 B CN109039643 B CN 109039643B
Authority
CN
China
Prior art keywords
user
authentication
svm classifier
classifier model
electromagnetic radiation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810689741.3A
Other languages
Chinese (zh)
Other versions
CN109039643A (en
Inventor
王俊
朱容波
孟博
王德军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
South Central Minzu University
Original Assignee
South Central University for Nationalities
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by South Central University for Nationalities filed Critical South Central University for Nationalities
Priority to CN201810689741.3A priority Critical patent/CN109039643B/en
Publication of CN109039643A publication Critical patent/CN109039643A/en
Application granted granted Critical
Publication of CN109039643B publication Critical patent/CN109039643B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques
    • G06F18/241Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
    • G06F18/2411Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches based on the proximity to a decision surface, e.g. support vector machines
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Abstract

The invention discloses a kind of sustainable method for authenticating user identity and system based on electromagnetic radiation, including two parts of svm classifier model training and sustainable authentication: the svm classifier model training, it mainly include according to the ELECTROMAGNETIC RADIATION SIGNATURE of each user's power supply adaptor, training svm classifier model simultaneously saves;The sustainable authentication, mainly the power supply adaptor ELECTROMAGNETIC RADIATION SIGNATURE current including the use of svm classifier model and user terminal, carries out sustainable authentication to user.Present invention combination elliptic curve cipher public key encryption and support vector machines technology have the advantages that accuracy is high, highly-safe and user experience is good by completing the sustainable certification of user identity using power supply adaptor ELECTROMAGNETIC RADIATION SIGNATURE.

Description

A kind of sustainable method for authenticating user identity and system based on electromagnetic radiation
Technical field
It is the invention belongs to network information security user identity authentication technical field, in particular to a kind of based on electromagnetic radiation Sustainable method for authenticating user identity and system.
Background technique
With the development of information age, the network information security not only needs to fire " people's war ", and even more science and technology is asked Topic.Either unauthorized access or corresponding safety measure, all show with the development of science and technology higher and higher science and technology according to Lai Xing.Among these, identity identifying technology has played the part of the role of ever more important in terms of the network information security.In January, 2018, the whole world Trusted identity solution leader HID Global discloses the main trend of identity identification technical field in 2018.And refer to Out, the awareness of safety of becoming increasingly popular with cloud computing, user increasingly improves, and user increasingly focuses on the identification body of interconnection It tests, it is that us is needed to solve the problems, such as that the certification of user's trusted identity how is completed under high Experience Degree.
Common identification authentication mode has static password authentication, dynamic password authentication, smart card authentication and biological identification etc.. Static password (Static Password, SP) certification refers to that the user name and password of logging in system by user is disposably to generate, It is always fixed and invariable in use process.User inputs the user name and password, and the user name and password is by network transmission to service Device, server extract the user name and password, are matched with the user name and password saved in system, check whether it is consistent, from And realize the authentication to user.For password identification, advantage is to authenticate identification simply, conveniently, but disadvantage is just It is to be easy to be hypothesized, is attacked, if dynamic password is not more resistant against brute force attack.Dynamic password (Dynamic Password, DP), using the mentality of designing of one-time password (One time password, OTP), it is added not during password generated Factor is determined, to improve the safety during user identity authentication.However, leading to dynamic mouth due to the presence of time drift Authenticated time mechanism step-out is enabled, and increases the synchronous complexity of maintenance event.In smart card authentication, smart card is by legitimate user It carries, smart card must be inserted into dedicated card reader and read information therein by when login, to verify the identity of user.So And there are smart card loss/replication attacks for smart card authentication, and the encryption and decryption computing capability of smart card is limited.
Biological identification is mainly that two factors in combination of the physiological characteristic of user and behavioural characteristic get up the identity of progress Verifying.Including face recognition technology, speech recognition technology, fingerprint identification technology etc..Wherein, fingerprint identification technology is presently the most Mature technology.However, existing biological authentication method is that disposable verifying logs in mostly, one only is verified when entering system Secondary, one-time authentication, plenary session is talked about period authorizations and is used, and there is illegal users to palm off the security risk that legitimate user uses system. When user authentication, how multiple authentication user identity, persistently authenticated in the entire session period, being that we are considerable asks Topic.
When user's operation PC (Personal Computer), the operation behavior of user will affect the mutually strain of cpu load Change, also will affect the corresponding change of PC power source adapter electromagnetic radiation.The electromagnetic radiation of power supply adaptor reflects conversely speaking, The behavioural characteristic of user, if being used for user identity authentication, exist be difficult to forge, user experience good (data collection and verifying Participated in without user), the advantages such as be difficult to steal.Therefore, the sustainable user identity authentication based on electromagnetic radiation is authentication The research in field opens new research direction.
Summary of the invention
The object of the present invention is to provide a kind of sustainable method for authenticating user identity and system based on electromagnetic radiation.
It is found through experiment that different operation behavior of the user in PC machine, will affect the corresponding change of cpu load, it also can shadow Ring the corresponding change of power supply adaptor electromagnetic radiation.That is, the electromagnetic radiation of power supply adaptor can reflect each user Behavioural characteristic, can be used for user identity authentication.Based on the discovery, present invention combination elliptic curve cipher (Elliptic Curve Cryptography, ECC) public key encryption and support vector machines (Support Vector Machine, SVM) technology, By collection, processing and the analysis to power supply adaptor ELECTROMAGNETIC RADIATION SIGNATURE, user identity finally is completed at certificate server end Sustainable certification.
The technical solution adopted in the present invention is as follows:
A kind of sustainable method for authenticating user identity based on electromagnetic radiation provided by the invention, including svm classifier model Trained and two parts of sustainable authentication:
The svm classifier model training, comprising:
(110) in user terminal, the ELECTROMAGNETIC RADIATION SIGNATURE of power supply adaptor is acquired, it is close using the elliptic curve of certificate server Code public key encrypts the frequency domain data of user identifier and ELECTROMAGNETIC RADIATION SIGNATURE, and encryption data is sent to certificate server;
(120) at certificate server end, encryption data is decrypted using elliptic curve cipher private key, by the frequency domain data of decryption Characteristic value as training sample, using a user identifier as a classification, according to the corresponding training sample of each user identifier Training svm classifier model;
The sustainable authentication, comprising:
(210) in user terminal, user identifier is hashed using hash function, obtains user identifier hashed value; Acquire the ELECTROMAGNETIC RADIATION SIGNATURE of power supply adaptor;User identifier is hashed using the elliptic curve cipher public key of certificate server Value, the frequency domain data of ELECTROMAGNETIC RADIATION SIGNATURE and the encryption of corresponding timestamp, encryption data are sent to certificate server;
(220) at certificate server end, decrypt encryption data using elliptic curve cipher private key, in conjunction with ciphertext data and SVM disaggregated model is authenticated;
The combination ciphertext data and svm classifier model are authenticated, specifically:
(221) classified using the frequency domain data that svm classifier model goes out current decryption, obtained according to svm classifier mould The matched user identifier of type institute;
(222) the matched user identifier of institute is hashed using with identical hash function in step (210), is obtained The matched user identifier hashed value of institute;
(223) judge the matched user identifier hashed value of user identifier hashed value and institute that current decryption goes out whether one It causes, if unanimously, authenticating successfully primary;
(224) step (221)~(223) are executed to the corresponding ciphertext data of each timestamp in chronological order, if default Period in, once certification number of success is more than or equal to given first threshold, then user authentication success;Otherwise, user recognizes Card failure;First threshold is empirical value;
(225) by user authentication result notice user terminal.
Further, the ELECTROMAGNETIC RADIATION SIGNATURE of power supply adaptor is acquired using electromagnetic induction coil, the electromagnetic radiation of acquisition Signal is transmitted to the processor of user terminal by cable.
Further, the characteristic value of frequency domain data is local binary patterns, gradient orientation histogram, the image of frequency domain data One of entropy, average ladder are a variety of.
It is further, described that svm classifier model is trained according to the corresponding training sample of each user identifier, specifically:
Construct training sample set (xi,yi), wherein i is training sample number, and i=1,2 ..., l, l are number of training; xiFor i-th of training sample, yi∈ { 1, -1 } is category label;
Svm classifier model training is carried out using multi-category support vector machines fitcecoc function.
Preferably, in step (224), if within a preset time period, once the number of the continuous authentification failure of user More than or equal to given second threshold, then user identity authentication fails, and second threshold is empirical value.
A kind of sustainable method for authenticating user identity based on electromagnetic radiation provided by the invention is used for certificate server End, including training two parts of svm classifier model and sustainable authentication;
The trained svm classifier model further comprises:
(310) encryption data for svm classifier model training that user terminal is sent is received, it is described to be used for svm classifier mould The encryption data of type training includes the user identifier and power supply after the elliptic curve cipher public key encryption using certificate server The frequency domain data of adapter ELECTROMAGNETIC RADIATION SIGNATURE;
(320) decryption of elliptic curve cipher private key is utilized to be used for the encryption data of svm classifier model training, by the frequency of decryption The characteristic value of numeric field data is as training sample, using a user identifier as a classification, according to the corresponding instruction of each user identifier Practice sample training svm classifier model;
The sustainable authentication further comprises:
(410) encryption data for authentication that user terminal is sent, the encryption number for authentication are received According to the user identifier hashed value after the elliptic curve cipher public key encryption including the use of certificate server, power supply adaptor electromagnetism The frequency domain data of radiation signal and corresponding timestamp;
(420) decryption of elliptic curve cipher private key is utilized to be used for the encryption data of authentication, in conjunction with ciphertext data and SVM Disaggregated model is authenticated;
The combination ciphertext data and svm classifier model are authenticated, specifically:
(421) classified using the frequency domain data that svm classifier model goes out current decryption, obtained according to svm classifier mould The matched user identifier of type institute;
(422) the matched user identifier of institute is hashed using hash function, obtains the matched user identifier of institute Hashed value;
(423) judge the matched user identifier hashed value of user identifier hashed value and institute that current decryption goes out whether one It causes, if unanimously, authenticating successfully primary;
(424) step (421)~(423) are executed to the corresponding ciphertext data of each timestamp in chronological order, if default Period in, once certification number of success is more than or equal to given first threshold, then user authentication success;Otherwise, user recognizes Card failure;First threshold is empirical value;
(425) by user authentication result notice user terminal.
Preferably, in step (424), if within a preset time period, once the number of the continuous authentification failure of user More than or equal to given second threshold, then user identity authentication fails, and second threshold is empirical value.
A kind of sustainable user identity authentication system based on electromagnetic radiation provided by the invention is used for certificate server End, including training svm classifier model module and sustainable authentication module;
The trained svm classifier model module further comprises:
First module, it is described to be used for for receiving the encryption data for svm classifier model training of user terminal transmission The encryption data of SVM disaggregated model training includes user's mark after the elliptic curve cipher public key encryption using certificate server Know the frequency domain data of symbol and power supply adaptor ELECTROMAGNETIC RADIATION SIGNATURE;
Second module will for utilizing the decryption of elliptic curve cipher private key to be used for the encryption data of svm classifier model training The characteristic value of the frequency domain data of decryption is as training sample, using a user identifier as a classification, according to each user identifier Corresponding training sample training svm classifier model;
The sustainable authentication module module further comprises:
Third module, it is described to be used for authentication for receiving the encryption data for authentication of user terminal transmission Encryption data include that user identifier hashed value after elliptic curve cipher public key encryption using certificate server, power supply are suitable The frequency domain data of orchestration ELECTROMAGNETIC RADIATION SIGNATURE and corresponding timestamp;
4th module, for utilizing the decryption of elliptic curve cipher private key to be used for the encryption data of authentication, in conjunction with decryption Data and svm classifier model are authenticated;
4th module further includes following submodule, for combining ciphertext data and svm classifier model to be authenticated:
First submodule, the frequency domain data for being gone out using svm classifier model to current decryption are classified, and basis is obtained The matched user identifier of SVM disaggregated model institute;
It is matched to obtain institute for hashing using hash function to the matched user identifier of institute for second submodule User identifier hashed value;
Third submodule, for judging that the matched user identifier of user identifier hashed value and institute that current decryption goes out dissipates Whether train value is consistent, if unanimously, authenticating successfully primary;
4th submodule, if being used within a preset time period, once certification number of success is more than or equal to given first Threshold value, then user authentication success;Otherwise, user authentication failure;First threshold is empirical value;
5th submodule is used to user authentication result notice user terminal.
Preferably, if the 4th submodule is also used within a preset time period, once time of the continuous authentification failure of user Number is more than or equal to given second threshold, then user identity authentication fails, and second threshold is empirical value.
Compared to the prior art, the invention has the advantages that and the utility model has the advantages that
(1) compared with common single authentication method, the present invention can within certain time continuous several times verifying user identity, Under the premise of guaranteeing to authenticate success rate, safety is higher.
(2) present invention needs persistently to authenticate using power supply adaptor ELECTROMAGNETIC RADIATION SIGNATURE to carry out user identity, electromagnetism spoke The collection and verifying for penetrating data are participated in without user, and user experience is good.
(3) electromagnetic radiation of power supply adaptor has many advantages, such as to be difficult to forge, steals and distort, more safety.
Detailed description of the invention
Fig. 1 is the flow diagram of the sustainable method for authenticating user identity of the present invention;
Fig. 2 is that success rate curve synoptic diagram is authenticated in embodiment.
Specific embodiment
In order to illustrate more clearly of the present invention and/or technical solution in the prior art, Detailed description of the invention sheet will be compareed below The specific embodiment of invention.It should be evident that drawings in the following description are only some embodiments of the invention, for this For the those of ordinary skill of field, without creative efforts, it can also be obtained according to these attached drawings others Attached drawing, and obtain other embodiments.
Below with reference to Fig. 1 offer, the present invention is based on the specific implementations of the sustainable method for authenticating user identity of electromagnetic radiation Process.
The realization of the sustainable method for authenticating user identity of the present invention includes two stages: user's registration stage and sustainable use The family authentication stage.
In the user's registration stage, ELECTROMAGNETIC RADIATION SIGNATURE of the certificate server end according to each user's power supply adaptor, training SVM Disaggregated model simultaneously saves.
The user's registration stage further comprises following sub-step:
S110 acquires the ELECTROMAGNETIC RADIATION SIGNATURE of power supply adaptor in user terminal, more specifically, electromagnetic radiation letter collected Number be magnetic field intensity signal;ELECTROMAGNETIC RADIATION SIGNATURE is converted into frequency domain, the frequency domain data of obtained ELECTROMAGNETIC RADIATION SIGNATURE from time domain It is denoted as datatrain;Utilize the elliptic curve cipher (Elliptic of certificate server (Authentication Server, AS) Curve Cryptography, ECC) public key ky is to user identifier IDiAnd datatrainEncryption, and encrypted encryption number According to Ky (IDi, datatrain) it is sent to certificate server.
In present embodiment, the ELECTROMAGNETIC RADIATION SIGNATURE of power supply adaptor is obtained using electromagnetic induction coil, specifically, One diameter 7cm, the electromagnetic induction coil that coiling circle number is 10 are placed in above power supply adaptor at 5cm~15cm, electromagnetic induction Coil can induction power supply adapter ELECTROMAGNETIC RADIATION SIGNATURE.The ELECTROMAGNETIC RADIATION SIGNATURE of electromagnetic induction coil acquisition passes through RS232 The processor that cable is transmitted to client carries out data processing, and client is specially computer.
In present embodiment, using Fast Fourier Transform (FFT) (Fast Fourier Transformation, FFT) ELECTROMAGNETIC RADIATION SIGNATURE is converted into frequency domain from time domain.
S120 receives the encryption data Ky (ID that user terminal sends in certificate server end, certificate serveri, datatrain), the ECC private key kx saved with itself decrypts the encryption data received, obtains ciphertext data kx [Ky (IDi, datatrain)], to obtain user identifier IDiWith the frequency domain data data of ELECTROMAGNETIC RADIATION SIGNATUREtrain
S130 is at certificate server end, and certificate server is according to each user identifier IDiCorresponding frequency domain data datatrain Training svm classifier model, and the svm classifier model trained (SVM model) is stored in background data base.
More specifically, it can choose frequency domain data datatrainLocal binary patterns (Local Binary Pattern, LBP), gradient orientation histogram (Histogram of Oriented Gradient, HOG), image entropy (Image Entropy, IE) and one of average gradient (Mean Gradient, MG) etc. or various features are as training sample, Lai Xunlian svm classifier Model.
SVM can be used to be multiple two classification by multi-class classification eases.In present embodiment, using the more of MATLAB Category support vector machines fitcecoc function trains svm classifier model, and training process is as follows:
Construct training sample set (xi,yi), wherein i is training sample number, and i=1,2 ..., l, l are number of training; xiFor i-th of training sample, i.e. user identifier IDiCorresponding frequency domain data datatrainCharacteristic value, this feature value be thing LBP, HOG, IE or the MG first selected;xi∈Rn, RnReal number space is tieed up for n;yi∈ { 1, -1 } is category label.
Building hyperplane equation is ω xi+ b=0, wherein ω is the method direction vector of hyperplane, and b is the inclined of hyperplane Shifting amount.Standard support vector classification determines ω and b by the solution formula as shown in following formula (1) and formula (2), i.e., with formula (1) for mesh Scalar functions, the optimal solution for solving ω and b so that formula (2) are constraint function:
s.t.yi(ω·xi+b)≥1-ξii>=0, i=1,2 ..., l (2)
In formula (1)~(2):
ξiFor the slack variable of i-th of training sample;
C is punishment parameter, and C is bigger to indicate bigger to the punishment of mistake classification.
ω and b optimal solution is solved by Lagrange multiplier method, available optimal decision function f (x) is as follows:;
In formula (3):
aiIndicate Lagrange coefficient;
Sign indicates sign function;
X indicates test sample.
When testing the test sample x of input, the generic of x, and the SVM that will be trained are determined by decision function Disaggregated model (SVM model) and corresponding user identifier IDiIt is stored in background data base.
In the sustainable user identity authentication stage, certificate server utilize registration phase storage svm classifier model, to Family carries out sustainable authentication.
The sustainable user identity authentication stage further comprises following sub-step:
S210 protects user identifier ID in user terminal, by hash functioni, to user identifier IDiIt signs, obtains Obtain hashed value Hash (IDi);Current ELECTROMAGNETIC RADIATION SIGNATURE to be tested is converted into frequency domain, obtained electromagnetic radiation letter from time domain Number frequency domain data be denoted as datatest, using the ECC public key ky of certificate server to the hashed value Hash of user identifier (IDi), frequency domain data datatestAnd corresponding time stamp TjEncryption, and encrypted encryption data Ky [Hash (IDi), datatest, Tj] it is sent to certificate server;J=1,2 ..., n, j indicate timestamp number, and n is timestamp sum.
In present embodiment, hash function uses SHA-256 function, and the time-frequency convert of ELECTROMAGNETIC RADIATION SIGNATURE is using fast Fast Fourier transformation (Fast Fourier Transformation, FFT).
S220 receives the encryption data Ky [Hash that user terminal sends in certificate server end, certificate server (IDi), datatest, Tj], the ECC private key kx saved with itself decrypts the encryption data received, obtains ciphertext data kx { Ky [Hash(IDi), datatest, Tj], obtain the hashed value Hash (ID of user identifieri), frequency domain data datatestAnd correspondence Time stamp Tj
S230 is authenticated in certificate server end, certificate server using svm classifier model, specifically:
Firstly, certificate server utilizes svm classifier model, received frequency domain data data is judgedtestClassification, described point Class, that is, frequency domain data datatestAccording to the matched user identifier of svm classifier model, which is denoted as SVM model(datatest).IDi
In this sub-step, by frequency domain data datatestTrained svm classifier model is inputted, that is, may indicate that output institute Matched user identifier.
Then, using hash function to this according to the matched user identifier SVM model of svm classifier model (datatest).IDiIt is hashed, obtains the matched user identifier hashed value Hash (SVM model (data of institutetest) .IDi), hash function used herein in present embodiment, is all made of with hash function used by step S210 SHA-256。
Finally, judging Hash (SVM model (datatest).IDi) and current decryption come out hashed value Hash (IDi) be It is no consistent, if unanimously, showing that subscriber authentication passes through, authenticate successfully primary;Otherwise, authentification failure is primary.
Certificate server is according to time stamp Tj, continuously judge that user stabs T in different timejUnder authentication result.If default Continuous time period in, once certification number of success is more than or equal to given first threshold C, the then sustainable authentication of user Success;Otherwise, the sustainable authentication failure of user.Meanwhile if in preset continuous time period, once user continuously recognizes The number of card failure is more than or equal to given second threshold CF, then the sustainable authentication failure of user.First threshold C and Two threshold value CFFor empirical value, really it is worth according to many experiments.After true value, can also constantly it be corrected in practical applications.
S240 certificate server end sends response message response to user terminal, and identity authentication result is notified user End.
Embodiment
In the present embodiment, the power supply of electromagnetic induction coil capture Intel core i7-2640M apple Pro notebook is utilized Adapter ELECTROMAGNETIC RADIATION SIGNATURE, the ELECTROMAGNETIC RADIATION SIGNATURE of acquisition is sent to notebook by cable and carries out time-frequency convert, by electromagnetism Radiation signal is converted to frequency-region signal from time domain, carries out data processing to ELECTROMAGNETIC RADIATION SIGNATURE using Matlab 2017b platform. The present embodiment includes four users A, B, C and D, selects the IE and MG of four user's power supply adaptor ELECTROMAGNETIC RADIATION SIGNATUREs as spy Value indicative, Lai Xunlian svm classifier model, and utilize the sustainable authentication of svm classifier model progress user.Authentication result is shown in figure 2, it can be seen from the figure that certification success rate is maintained at 90% or more in lasting 13740 seconds.
Sustainable user identity authentication based on electromagnetic radiation is carried out using the present invention, when certification, training sample data It collects and verifying is participated in without user, user experience is good, and training sample data are difficult to forge and steal, and safety is higher.It is logical Overtesting verifying, using the sustainable user identity authentication of the present invention, certification success rate is high.
Be described in above-described embodiment to illustrate the present invention, though text in be illustrated by specific term, not Can be limited the scope of protection of the present invention with this, be familiar with this technical field personage can understand spirit of the invention with it is right after principle It changes or modifies and reaches equivalent purpose, and this equivalent change and modification, should all be covered by scope of the claims institute circle Determine in scope.

Claims (9)

1. a kind of sustainable method for authenticating user identity based on electromagnetic radiation, it is characterized in that;
Including two parts of svm classifier model training and sustainable authentication:
The svm classifier model training, comprising:
(110) in user terminal, the ELECTROMAGNETIC RADIATION SIGNATURE of power supply adaptor is acquired, it is public using the elliptic curve cipher of certificate server Key encrypts the frequency domain data of user identifier and ELECTROMAGNETIC RADIATION SIGNATURE, and encryption data is sent to certificate server;
(120) at certificate server end, encryption data is decrypted using elliptic curve cipher private key, by the spy of the frequency domain data of decryption Value indicative is as training sample, using a user identifier as a classification, according to the corresponding training sample training of each user identifier Svm classifier model;
The sustainable authentication, comprising:
(210) in user terminal, user identifier is hashed using hash function, obtains user identifier hashed value;Acquisition The ELECTROMAGNETIC RADIATION SIGNATURE of power supply adaptor;Using certificate server elliptic curve cipher public key to user identifier hashed value, The frequency domain data of ELECTROMAGNETIC RADIATION SIGNATURE and the encryption of corresponding timestamp, encryption data are sent to certificate server;
(220) at certificate server end, encryption data is decrypted using elliptic curve cipher private key, in conjunction with ciphertext data and SVM points Class model is authenticated;
The combination ciphertext data and svm classifier model are authenticated, specifically:
(221) classified using the frequency domain data that svm classifier model goes out current decryption, obtained according to svm classifier model Matched user identifier;
(222) the matched user identifier of institute is hashed using with identical hash function in step (210), obtains institute The user identifier hashed value matched;
(223) judge user identifier hashed value that current decryption goes out and matched user identifier hashed value it is whether consistent, If consistent, authenticate successfully primary;
(224) step (221)~(223) are executed to the corresponding ciphertext data of each timestamp in chronological order, if when preset Between in section, once certification number of success is more than or equal to given first threshold, then user authentication success;Otherwise, user authentication loses It loses;First threshold is empirical value;
(225) by user authentication result notice user terminal.
2. the sustainable method for authenticating user identity based on electromagnetic radiation as described in claim 1, it is characterized in that:
The ELECTROMAGNETIC RADIATION SIGNATURE of power supply adaptor is acquired using electromagnetic induction coil, and the ELECTROMAGNETIC RADIATION SIGNATURE of acquisition passes through cable It is transmitted to the processor of user terminal.
3. the sustainable method for authenticating user identity based on electromagnetic radiation as described in claim 1, it is characterized in that:
The characteristic value of the frequency domain data is local binary patterns, gradient orientation histogram, image entropy, the average ladder of frequency domain data One of or it is a variety of.
4. the sustainable method for authenticating user identity based on electromagnetic radiation as described in claim 1, it is characterized in that:
It is described that svm classifier model is trained according to the corresponding training sample of each user identifier, specifically:
Construct training sample set (xi,yi), wherein i is training sample number, and i=1,2 ..., l, l are number of training;xiFor I-th of training sample, yi∈ { 1, -1 } is category label;
Svm classifier model training is carried out using multi-category support vector machines fitcecoc function.
5. the sustainable method for authenticating user identity based on electromagnetic radiation as described in claim 1, it is characterized in that:
In step (224), if within a preset time period, once the number of the continuous authentification failure of user be more than or equal to it is given Second threshold, then user identity authentication fails, and second threshold is empirical value.
6. a kind of sustainable method for authenticating user identity based on electromagnetic radiation is used for certificate server end, it is characterized in that:
Including training two parts of svm classifier model and sustainable authentication;
The trained svm classifier model further comprises:
(310) encryption data for svm classifier model training that user terminal is sent is received, it is described to be instructed for svm classifier model Experienced encryption data include using certificate server elliptic curve cipher public key encryption after user identifier and power adaptation The frequency domain data of device ELECTROMAGNETIC RADIATION SIGNATURE;
(320) decryption of elliptic curve cipher private key is utilized to be used for the encryption data of svm classifier model training, by the frequency domain number of decryption According to characteristic value as training sample, using a user identifier as a classification, according to the corresponding trained sample of each user identifier This training svm classifier model;The sustainable authentication further comprises:
(410) encryption data for authentication that user terminal is sent, the encrypted packet for authentication are received User identifier hashed value, power supply adaptor electromagnetic radiation after including the elliptic curve cipher public key encryption using certificate server The frequency domain data of signal and corresponding timestamp;
(420) decryption of elliptic curve cipher private key is utilized to be used for the encryption data of authentication, in conjunction with ciphertext data and svm classifier Model is authenticated;The combination ciphertext data and svm classifier model are authenticated, specifically:
(421) classified using the frequency domain data that svm classifier model goes out current decryption, obtained according to svm classifier model Matched user identifier;
(422) the matched user identifier of institute is hashed using hash function, obtains the matched user identifier hash of institute Value;
(423) judge user identifier hashed value that current decryption goes out and matched user identifier hashed value it is whether consistent, If consistent, authenticate successfully primary;
(424) step (421)~(423) are executed to the corresponding ciphertext data of each timestamp in chronological order, if when preset Between in section, once certification number of success is more than or equal to given first threshold, then user authentication success;Otherwise, user authentication loses It loses;First threshold is empirical value;
(425) by user authentication result notice user terminal.
7. the sustainable method for authenticating user identity based on electromagnetic radiation as claimed in claim 6, it is characterized in that:
In step (424), if within a preset time period, once the number of the continuous authentification failure of user be more than or equal to it is given Second threshold, then user identity authentication fails, and second threshold is empirical value.
8. a kind of sustainable user identity authentication system based on electromagnetic radiation is used for certificate server end, it is characterized in that:
Including training svm classifier model module and sustainable authentication module;
The trained svm classifier model module further comprises:
First module, it is described for SVM points for receiving the encryption data for svm classifier model training of user terminal transmission Class model training encryption data include using certificate server elliptic curve cipher public key encryption after user identifier and The frequency domain data of power supply adaptor ELECTROMAGNETIC RADIATION SIGNATURE;
Second module will decrypt for utilizing the decryption of elliptic curve cipher private key to be used for the encryption data of svm classifier model training Frequency domain data characteristic value as training sample, it is corresponding according to each user identifier using a user identifier as a classification Training sample training svm classifier model;
The sustainable authentication module module further comprises:
Third module, for receiving the encryption data for authentication of user terminal transmission, the adding for authentication Ciphertext data is including the use of the user identifier hashed value after the elliptic curve cipher public key encryption of certificate server, power supply adaptor The frequency domain data of ELECTROMAGNETIC RADIATION SIGNATURE and corresponding timestamp;
4th module, for utilizing the decryption of elliptic curve cipher private key to be used for the encryption data of authentication, in conjunction with ciphertext data It is authenticated with svm classifier model;
4th module further includes following submodule, for combining ciphertext data and svm classifier model to be authenticated:
First submodule, the frequency domain data for being gone out using svm classifier model to current decryption are classified, and are obtained according to SVM The matched user identifier of disaggregated model institute;
Second submodule obtains the matched user of institute for hashing using hash function to the matched user identifier of institute Identifier hash value;
Third submodule, for judging the matched user identifier hashed value of user identifier hashed value and institute of current decryption out It is whether consistent, if unanimously, authenticating successfully primary;
4th submodule, if being used within a preset time period, once certification number of success is more than or equal to given first threshold, Then user authentication success;Otherwise, user authentication failure;First threshold is empirical value;
5th submodule is used to user authentication result notice user terminal.
9. the sustainable user identity authentication system based on electromagnetic radiation as claimed in claim 8, it is characterized in that:
If the 4th submodule is also used within a preset time period, given once the number of the continuous authentification failure of user is more than or equal to Second threshold, then user identity authentication fail, second threshold is empirical value.
CN201810689741.3A 2018-06-28 2018-06-28 A kind of sustainable method for authenticating user identity and system based on electromagnetic radiation Active CN109039643B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810689741.3A CN109039643B (en) 2018-06-28 2018-06-28 A kind of sustainable method for authenticating user identity and system based on electromagnetic radiation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810689741.3A CN109039643B (en) 2018-06-28 2018-06-28 A kind of sustainable method for authenticating user identity and system based on electromagnetic radiation

Publications (2)

Publication Number Publication Date
CN109039643A CN109039643A (en) 2018-12-18
CN109039643B true CN109039643B (en) 2019-10-11

Family

ID=65520797

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810689741.3A Active CN109039643B (en) 2018-06-28 2018-06-28 A kind of sustainable method for authenticating user identity and system based on electromagnetic radiation

Country Status (1)

Country Link
CN (1) CN109039643B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109946538B (en) * 2019-03-14 2020-06-19 上海交通大学 Mobile equipment monitoring method and system based on magnetic induction signals
CN110084224B (en) * 2019-05-08 2022-08-05 电子科技大学 Cloud fingerprint security authentication system and method
CN112035818B (en) * 2020-09-23 2023-08-18 南京航空航天大学 Physical encryption radiation imaging-based identity authentication system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102664885A (en) * 2012-04-18 2012-09-12 南京邮电大学 Identity authentication method based on biological feature encryption and homomorphic algorithm
CN102812472A (en) * 2010-03-24 2012-12-05 独立行政法人产业技术综合研究所 Authentication processing method and device
CN103607282A (en) * 2013-11-22 2014-02-26 成都卫士通信息产业股份有限公司 Identity fusion authentication method based on biological characteristics
CN105184254A (en) * 2015-09-02 2015-12-23 深圳先进技术研究院 Identity authentication method and system
CN107810517A (en) * 2015-01-27 2018-03-16 量子基础有限公司 Improvement on the certification of physical entity

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8752200B2 (en) * 2011-07-12 2014-06-10 At&T Intellectual Property I, L.P. Devices, systems and methods for security using magnetic field based identification

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102812472A (en) * 2010-03-24 2012-12-05 独立行政法人产业技术综合研究所 Authentication processing method and device
CN102664885A (en) * 2012-04-18 2012-09-12 南京邮电大学 Identity authentication method based on biological feature encryption and homomorphic algorithm
CN103607282A (en) * 2013-11-22 2014-02-26 成都卫士通信息产业股份有限公司 Identity fusion authentication method based on biological characteristics
CN107810517A (en) * 2015-01-27 2018-03-16 量子基础有限公司 Improvement on the certification of physical entity
CN105184254A (en) * 2015-09-02 2015-12-23 深圳先进技术研究院 Identity authentication method and system

Also Published As

Publication number Publication date
CN109039643A (en) 2018-12-18

Similar Documents

Publication Publication Date Title
US8670562B2 (en) Generation and use of a biometric key
CN107209821B (en) Method and authentication method for being digitally signed to electronic document
Gunasinghe et al. PrivBioMTAuth: Privacy preserving biometrics-based and user centric protocol for user authentication from mobile phones
CN104579649B (en) Personal identification method and system
CN108989278A (en) Identification service system and method
CN108959933A (en) Risk analysis device and method for the certification based on risk
CN109039643B (en) A kind of sustainable method for authenticating user identity and system based on electromagnetic radiation
CN105164689B (en) Customer certification system and method
JP2008526078A (en) Method and apparatus for key generation and authentication approval
CN101420301A (en) Human face recognizing identity authentication system
Govindarajan et al. Secure privacy-preserving protocols for outsourcing continuous authentication of smartphone users with touch data
CN104158664A (en) Identity authentication method and system
CN108964920A (en) Authentication method, user terminal and non-face-to-face authentication service server
CN109547503A (en) Biological feather recognition method
Yip et al. Generation of replaceable cryptographic keys from dynamic handwritten signatures
CN108011720A (en) A kind of operating system security login method based on fingerprint recognition
Gupta et al. Digital Forensic Analysis of E-mails: A trusted E-mail Protocol
CN109886006A (en) A kind of information source checking method and device based on two dimensional code
WO2023004491A2 (en) Methods and systems for generating and validating uses of digital credentials and other documents
Deswarte et al. A Proposal for a Privacy-preserving National Identity Card.
WO2021145634A1 (en) Speaker authentication method
Gu et al. Toauth: Towards automatic near field authentication for smartphones
CN203243360U (en) Identity registration system
Durak et al. BioLocker: A practical biometric authentication mechanism based on 3D fingervein
CN110380861A (en) Digital authenticating and its encrypted transmission method, system and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant