Summary of the invention
Embodiments of the present invention provide a kind of unlocked by fingerprint method and unlocked by fingerprint system.
A kind of unlocked by fingerprint method of embodiment of the present invention is used for unlocked by fingerprint system, the unlocked by fingerprint system packet
Server-side, client and secret key pair are included, the secret key pair includes private key and public key, and the private key is stored in the server-side,
The public key is stored in the client, the unlocked by fingerprint method the following steps are included:
Establish the communication link of the server-side Yu the client;
The client acquires fingerprint and requests fingerprint matching to the server-side;
After fingerprint matching success, the server-side adds the successful feedback information of fingerprint matching using the private key
It is close and the encrypted feedback information is sent to the client;With
The client is received after the feedback information using the public key decryptions and is unlocked.
The unlocked by fingerprint method of embodiment of the present invention, using the client of server-side unlock and server-side networking, therefore,
Above-mentioned unlocked by fingerprint method can unlock all clients with server-side networking.
In some embodiments, the unlocked by fingerprint method is comprising steps of the client is issued to the server-side
Registration request, the server-side responds the registration request and generates the key pair, and the public key is sent to the visitor
The storage of family end.In this way, key pair is used to that feedback information to be encrypted and decrypted, enhancement information safety.
In some embodiments, the communication link is Bluetooth link or NFC link.In this way, server-side and client
Communication is realized by Bluetooth link or NFC link.
In some embodiments, the server-side includes the first fingerprint sensor, first processor and first memory,
For first fingerprint sensor for acquiring the first finger print data, the first processor is used for will be at first finger print data
Reason becomes fingerprint template and stores the fingerprint template to the first memory.In this way, server-side storage is used for fingerprint
The fingerprint template matched.
In some embodiments, the first memory is TPM safety chip, and for storing the private key.In this way,
TPM safety chip has the function of that encrypting and decrypting, first memory can store private key and encrypted information to mention using private key
High security.
In some embodiments, the client includes the second fingerprint sensor and second processor, and described second refers to
Line sensor for acquire the second finger print data, the second processor be used for by second finger print data be treated as to
With fingerprint, Xiang Suoshu server-side transmits the fingerprint to be matched and requests fingerprint matching.In this way, client passes fingerprint to be matched
Server-side is transported to carry out fingerprint matching.
In some embodiments, the client includes second memory, and the second memory is the safe core of TPM
Piece, and for storing the public key.In this way, TPM safety chip has the function of that encrypting and decrypting, second memory can store public affairs
Key simultaneously decrypts to improve safety information using public key.
A kind of unlocked by fingerprint system of embodiment of the present invention, including server-side, client and secret key pair, the secret key pair
Including private key and public key, the private key is stored in the server-side, and the public key is stored in the client,
The server-side is for establishing and the communication link of the client;
The client is for acquiring fingerprint and requesting fingerprint matching to the server-side;
Fingerprint matching success after, the server-side be used for using the private key to the successful feedback information of fingerprint matching into
Row encrypts and the encrypted feedback information is sent to the client;With
The client is used for after receiving the feedback information using the public key decryptions and is unlocked.
The unlocked by fingerprint system of embodiment of the present invention, using the client of server-side unlock and server-side networking, therefore,
The all clients with server-side networking can be unlocked.
In some embodiments, the client is used to issue registration request to the server-side, and the server-side is used
In the response registration request and the key pair is generated, and the public key is sent to the client and is stored.In this way, key
To for feedback information to be encrypted and decrypted, enhancement information safety.
In some embodiments, the communication link is Bluetooth link or NFC link.In this way, server-side and client
Communication is realized by Bluetooth link or NFC link.
In some embodiments, the server-side includes the first fingerprint sensor, first processor and first memory,
For first fingerprint sensor for acquiring the first finger print data, the first processor is used for will be at first finger print data
Reason becomes fingerprint template and stores the fingerprint template to the first memory.In this way, server-side storage is used for fingerprint
The fingerprint template matched.
In some embodiments, the first memory is TPM safety chip, and for storing the private key.In this way,
TPM safety chip has the function of that encrypting and decrypting, first memory can store private key and encrypted information to mention using private key
High security.
In some embodiments, the client includes the second fingerprint sensor and second processor, and described second refers to
Line sensor for acquire the second finger print data, the second processor be used for by second finger print data be treated as to
With fingerprint, Xiang Suoshu server-side transmits the fingerprint to be matched and requests fingerprint matching.In this way, client passes fingerprint to be matched
Server-side is transported to carry out fingerprint matching.
In some embodiments, the client includes second memory, and the second memory is the safe core of TPM
Piece, and for storing the public key.In this way, TPM safety chip has the function of that encrypting and decrypting, second memory can store public affairs
Key simultaneously decrypts to improve safety information using public key.
Additional aspect and advantage of the invention will be set forth in part in the description, and will partially become from the following description
Obviously, or practice through the invention is recognized.
Specific embodiment
Embodiments of the present invention are described below in detail, the embodiment of the embodiment is shown in the accompanying drawings, wherein
Same or similar label indicates same or similar element or element with the same or similar functions from beginning to end.Lead to below
It crosses the embodiment being described with reference to the drawings to be exemplary, for explaining only the invention, and should not be understood as to limit of the invention
System.
Fig. 1 and Fig. 2 are please referred to, the unlocked by fingerprint method of embodiment of the present invention is used for unlocked by fingerprint system 100.Fingerprint
System for unlocking 100 includes server-side 10, client 20 and secret key pair.Secret key pair includes private key and public key.Private key is stored in service
In end 10, public key is stored in client 20.Unlocked by fingerprint method the following steps are included:
S12: the communication link of server-side 10 Yu client 20 is established;
S14: client 20 acquires fingerprint and requests fingerprint matching to server-side 10;
S16: after fingerprint matching success, server-side 10 encrypts the successful feedback information of fingerprint matching using private key
And encrypted feedback information is sent to client 20;With
S18: client 20 is received after feedback information using public key decryptions and is unlocked.
Referring to Fig. 2, the unlocked by fingerprint system 100 of embodiment of the present invention includes server-side 10, client 20 and code key
It is right.Server-side 10 is for establishing and the communication link of client 20.Client 20 is for acquiring fingerprint and requesting to server-side 10
Fingerprint matching.After fingerprint matching success, server-side 10 is for adding the successful feedback information of fingerprint matching using private key
It is close and encrypted feedback information is sent to client 20.Client 20 for utilizing public key solution upon reception of the feedback information
It is close and be unlocked.
In other words, step S12, step S14, step S16 and step S18 can be by the fingerprint solutions of embodiment of the present invention
Lock system 100 is realized.
The unlocked by fingerprint method and unlocked by fingerprint system 100 of embodiment of the present invention utilize server-side (end Server) 10
Therefore the client 20 (end Client) that unlock is networked with server-side 10 can unlock all clients to network with server-side 10
End 20.
It is appreciated that server-side 10 is configured with unlocked by fingerprint APP, the client networked for realizing unlock with server-side 10
20.Client 20 needs to be added the white list of server-side 10 by registration, and server-side 10 can unlock multiple and different clients
20.Server-side 10 can be mobile phone, tablet computer, laptop, wearable device (such as smartwatch).Client 20 can
Think mobile phone, plate, fingerprint U disk, fingerprint gate lock and other fingerprint lock devices etc..
In some embodiments, unlocked by fingerprint method comprising steps of client 20 to server-side 10 issue registration request,
Server-side 10 responds registration request and generates key pair, and public key is sent to client 20 and is stored.
In some embodiments, client 20 is used to issue registration request to server-side 10.Server-side 10 is for responding
Registration request simultaneously generates key pair, and public key is sent to client 20 and is stored.
In this way, key pair is used to that feedback information to be encrypted and decrypted, enhancement information safety.
It is appreciated that server-side 10 prestores the fingerprint template of user, user utilizes server-side 10 to unlock client for the first time
When 20, client 20 issues registration request to server-side 10, and server-side 10 receives registration request and generates key pair.Secret key pair packet
Include private key and public key.Private key is stored in server-side 10, and public key is stored in client 20, and public key and private key are corresponding.Service
End 10, to 20 transmitting feedback information of client, encrypts feedback information using private key and public key is to feedback after fingerprint matching success
Information decryption, it is ensured that feedback information could be unlocked from specified server-side 10, client 20.
In some embodiments, communication link is Bluetooth link or NFC link.
In this way, server-side 10 is communicated with client 20 by Bluetooth link or NFC link realization.
It is appreciated that Bluetooth link and NFC (Near Field Communication, near-field communication) link are wireless
The communication technology.Server-side 10 and client 20 pass through Bluetooth link or NFC link transmits data, and the data transmitted use RSA
Encryption, safety are good.In one example, Bluetooth link is 4.0 link of bluetooth.
In some embodiments, server-side 10 includes the first fingerprint sensor 12, first processor 14 and the first storage
Device 16.First fingerprint sensor 12 is for acquiring the first finger print data.First processor 14 is used for the processing of the first finger print data
It stores as fingerprint template and by fingerprint template to first memory 16.
In this way, server-side 10 stores the fingerprint template for fingerprint matching.
It is appreciated that server-side 10 acquires the first finger print data, that is, legal or certification user by the first fingerprint sensor 12
Finger print data, the first finger print data is treated as fingerprint template and stores fingerprint template to first to deposit by first processor 14
Reservoir 16.Specifically, first processor 14 can be CPU (Central Processing Unit).
In some embodiments, first memory 16 is TPM safety chip, and for storing private key.
In this way, TPM (Trusted Platform Module) safety chip has the function of encrypting and decrypting, the first storage
Device 16 can store private key and be encrypted information to improve safety using private key.
In some embodiments, client 20 includes the second fingerprint sensor 22 and second processor 24.Second fingerprint
Sensor 22 is for acquiring the second finger print data.Second processor 24 is used to the second finger print data being treated as finger to be matched
Line transmits fingerprint to be matched to server-side 10 and requests fingerprint matching.
In this way, fingerprint to be matched is transmitted to server-side 10 to carry out fingerprint matching by client 20.
It is appreciated that acquiring the second fingerprint number by the second fingerprint sensor 22 when user needs to unlock client 20
According to the finger print data to be matched of i.e. user, the second finger print data is processed into fingerprint to be matched and is transmitted to clothes by second processor 24
Business end 10 carries out fingerprint matching.When fingerprint to be matched and fingerprint template successful match, be stored in the private key of server-side 10 to
It is encrypted again with successful feedback information by encrypted transmission of feedback information to client 20, is stored in the public affairs of client 20
Feedback information is decrypted in key, and feedback information is from specified server-side 10, then client 20 can unlock.Specifically,
Second processor 24 can be MCU (Microcontroller Unit).
In addition, client 20 can trigger the request of fingerprint matching by key, APP or other methods to server-side 10.
In some embodiments, client 20 includes second memory 26.Second memory 26 is TPM safety chip,
And it is used for storage of public keys.
In this way, TPM (Trusted Platform Module) safety chip has the function of encrypting and decrypting, the second storage
Device 26 can store public key and be decrypted information to improve safety using public key.
In the description of embodiments of the present invention, term " first ", " second " are used for description purposes only, and cannot understand
For indication or suggestion relative importance or implicitly indicate the quantity of indicated technical characteristic.Define as a result, " first ",
The feature of " second " can explicitly or implicitly include one or more feature.In embodiments of the present invention
In description, the meaning of " plurality " is two or more, unless otherwise specifically defined.
In the description of embodiments of the present invention, it should be noted that unless otherwise clearly defined and limited, term
" installation ", " connected ", " connection " shall be understood in a broad sense, for example, it may be fixedly connected, may be a detachable connection or one
Connect to body;It can be mechanical connection, be also possible to be electrically connected or can mutually communicate;It can be directly connected, can also lead to
It crosses intermediary to be indirectly connected, can be the connection inside two elements or the interaction relationship of two elements.For ability
For the those of ordinary skill in domain, can understand as the case may be above-mentioned term in embodiments of the present invention specifically contain
Justice.
In the description of this specification, reference term " embodiment ", " some embodiments ", " schematically implementation
The description of mode ", " example ", specific examples or " some examples " etc. means the tool described in conjunction with the embodiment or example
Body characteristics, structure, material or feature are contained at least one embodiment or example of the invention.In the present specification,
Schematic expression of the above terms are not necessarily referring to identical embodiment or example.Moreover, the specific features of description, knot
Structure, material or feature can be combined in any suitable manner in any one or more embodiments or example.
Any process described otherwise above or method description are construed as in flow chart or herein, and expression includes
It is one or more for realizing specific logical function or process the step of executable instruction code module, segment or portion
Point, and the range of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discussed suitable
Sequence, including according to related function by it is basic simultaneously in the way of or in the opposite order, Lai Zhihang function, this should be of the invention
Embodiment person of ordinary skill in the field understood.
Expression or logic and/or step described otherwise above herein in flow charts, for example, being considered use
In the order list for the executable instruction for realizing logic function, may be embodied in any computer-readable medium, for
Instruction execution system, device or equipment (such as computer based system, including the system of processing module or other can be from instruction
Execute system, device or equipment instruction fetch and the system that executes instruction) use, or combine these instruction execution systems, device or
Equipment and use.For the purpose of this specification, " computer-readable medium " can be it is any may include, store, communicating, propagating or
Transfer program uses for instruction execution system, device or equipment or in conjunction with these instruction execution systems, device or equipment
Device.The more specific example (non-exhaustive list) of computer-readable medium include the following: there are one or more wirings
Electrical connection section (electronic device), portable computer diskette box (magnetic device), random access memory (RAM), read-only memory
(ROM), erasable edit read-only storage (EPROM or flash memory), fiber device and portable optic disk is read-only deposits
Reservoir (CDROM).In addition, computer-readable medium can even is that the paper that can print described program on it or other are suitable
Medium, because can then be edited, be interpreted or when necessary with it for example by carrying out optical scanner to paper or other media
His suitable method is handled electronically to obtain described program, is then stored in computer storage.
It should be appreciated that each section of embodiments of the present invention can be with hardware, software, firmware or their combination come real
It is existing.In the above-described embodiment, multiple steps or method can be with storages in memory and by suitable instruction execution system
The software or firmware of execution is realized.For example, if realized with hardware, in another embodiment, ability can be used
Any one of following technology or their combination well known to domain is realized: being had for realizing logic function to data-signal
The discrete logic of logic gates, the specific integrated circuit with suitable combinational logic gate circuit, programmable gate array
(PGA), field programmable gate array (FPGA) etc..
Those skilled in the art are understood that realize all or part of step that above-described embodiment method carries
It suddenly is that relevant hardware can be instructed to complete by program, the program can store in a kind of computer-readable storage medium
In matter, which when being executed, includes the steps that one or a combination set of embodiment of the method.
In addition, each functional unit in various embodiments of the present invention can integrate in a processing module, it can also
To be that each unit physically exists alone, can also be integrated in two or more units in a module.It is above-mentioned integrated
Module both can take the form of hardware realization, can also be realized in the form of software function module.The integrated module
If in the form of software function module realize and when sold or used as an independent product, also can store one calculating
In machine read/write memory medium.
Storage medium mentioned above can be read-only memory, disk or CD etc..
Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example
Property, it is not considered as limiting the invention, those skilled in the art within the scope of the invention can be to above-mentioned
Embodiment is changed, modifies, replacement and variant.