CN110971755B - Double-factor identity authentication method based on PIN code and pressure code - Google Patents

Double-factor identity authentication method based on PIN code and pressure code Download PDF

Info

Publication number
CN110971755B
CN110971755B CN201911129744.2A CN201911129744A CN110971755B CN 110971755 B CN110971755 B CN 110971755B CN 201911129744 A CN201911129744 A CN 201911129744A CN 110971755 B CN110971755 B CN 110971755B
Authority
CN
China
Prior art keywords
pressure
code
pin
pin code
signal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911129744.2A
Other languages
Chinese (zh)
Other versions
CN110971755A (en
Inventor
王骞
林秀
周满
陈艳姣
丁旭阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan University WHU
Original Assignee
Wuhan University WHU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan University WHU filed Critical Wuhan University WHU
Priority to CN201911129744.2A priority Critical patent/CN110971755B/en
Publication of CN110971755A publication Critical patent/CN110971755A/en
Application granted granted Critical
Publication of CN110971755B publication Critical patent/CN110971755B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72448User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
    • H04M1/72463User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions to restrict the functionality of the device
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/66Substation equipment, e.g. for use by subscribers with means for preventing unauthorised or fraudulent calling
    • H04M1/667Preventing unauthorised calls from a telephone set
    • H04M1/67Preventing unauthorised calls from a telephone set by electronic means
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/66Substation equipment, e.g. for use by subscribers with means for preventing unauthorised or fraudulent calling
    • H04M1/667Preventing unauthorised calls from a telephone set
    • H04M1/67Preventing unauthorised calls from a telephone set by electronic means
    • H04M1/673Preventing unauthorised calls from a telephone set by electronic means the user being required to key in a code
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72403User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
    • H04M1/7243User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality with interactive means for internal management of messages

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Human Computer Interaction (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Telephone Function (AREA)

Abstract

The invention discloses a double-factor identity authentication method based on PIN codes and pressure codes, which comprises the following steps: simultaneously starting a loudspeaker and a microphone of the mobile device, playing the modulated signals by the loudspeaker, and simultaneously starting recording by the microphone; the user inputs the PIN code with n bits, when the input is finished, the loudspeaker stops playing, and the microphone stops recording; performing PIN code authentication; and then extracting the pressure code, and performing pressure code authentication again on the basis of PIN code authentication. The invention is a solution for resisting shoulder surfing attack with low cost, user friendliness and safety, the force applied on a screen is calculated by utilizing the structural sound propagation characteristic, and when a user inputs an n-bit PIN code, the pressure used when each number key is input is calculated so as to form an n-bit pressure code. The pressure code increases the permutation and combination number of the password in a pure PIN code mode, and the applied pressure is difficult to be estimated by an attacker through observation, so the shoulder surfing attack can be efficiently resisted.

Description

Double-factor identity authentication method based on PIN code and pressure code
Technical Field
The invention relates to the field of identity authentication, in particular to a double-factor identity authentication method based on PIN codes and pressure codes.
Background
With the progress of mobile technology, smart phones become an indispensable part of our daily lives. To protect the mobile device from illegal access, a PIN (Personal Identification Number) is the most commonly used authentication method. PIN codes are typically composed of four to eight digits and are widely used in many authentication scenarios for smartphones, such as finance, payment and unlocking. Typically, a user enters a PIN code by pressing a button corresponding to a number, and the user can be authenticated only when the entered number sequence matches the number sequence at the time of user registration. The traditional PIN code authentication system is convenient, quick and efficient, and is easy to attack by shoulder surfing because data needs to be input manually. When a legitimate user is entering a PIN code, an attacker can easily obtain the PIN code by direct observation or by means of a mirror or hidden miniature camera. In addition, since people often use repeated or consecutive numbers and personal information such as birthdays as passwords, the passwords of many users are easily guessed, which makes it easy for an attacker to break the passwords. The existing methods for shoulder surfing attack are divided into three categories: a dynamic graphical password, a fuzzy input system and a method of replacing a finger are used. Dynamic graphical passwords use some images to represent numbers to form passwords; fuzzy input systems change the input means to resist attacks, such as random mobile keyboards, however, these approaches increase the complexity of the system, reduce usability, while still allowing the attacker to perceive the password. A third method of performing authentication without using a finger, such as eye movement or biometric authentication, is to let the user's eyes follow a particular symbol on the screen as a password input, but these systems are currently less accurate and an attacker can still analyze the video to crack the system.
The invention aims to research and explore a method for identifying a real user and an attacker by using the propagation characteristic of ultrasonic waves in a solid, detecting pressure and further superposing a pressure code on a PIN code by using the propagation principle of acoustics.
Acoustic waves, which are mechanical waves capable of propagating in a medium through physical vibrations, are composed of repetitive compressional and rarefaction parts. When sound is played and received by the handset itself, there are typically three propagation paths. One way is through air, known as air propagation. The second approach is through the body of the handset, called structural propagation. In addition, sound waves may also reflect from the surroundings back to the microphone. Thus, the sound received by the microphone is a combination of airborne and structural propagation and ambient reflections. However, the times of arrival at the microphones via different paths are not the same. The speed of sound in solids is the fastest, the speed of sound in liquids or gases is the second, and ambient reflections are the slowest. Sound travels 100 times faster in solids than in air. Thus, based on the time difference, we can extract the portion of the signal that is acoustically propagated through the structure, and this portion of the signal reflects the change in pressure. Because when a finger touches the surface of the mobile phone that is playing audio, some of the signal propagating through the handset itself is reflected and some is absorbed by the finger. The degree of attenuation of a signal propagating through a solid varies if the finger applies different forces. Furthermore, the force exerted by the finger on the object will change the flexibility of the object, and the magnitude of the change will be influenced by the magnitude of the force and the location of the touch. The force applied also has a high correlation with the amplitude of the vibration. Thus, we can calculate the pressure by analyzing that part of the received signal that is solid borne sound, since pressure affects the propagation of the signal and the flexibility of the object to which the pressure is applied.
Disclosure of Invention
The invention aims to solve the technical problem of shoulder surfing attack during PIN code authentication in the prior art, and provides a double-factor identity authentication method based on a PIN code and a pressure code.
The technical scheme adopted by the invention for solving the technical problems is as follows:
the invention provides a double-factor identity authentication method based on PIN codes and pressure codes, which comprises the following steps:
step 1: simultaneously starting a loudspeaker and a microphone of the mobile equipment, playing the modulated signal A by the loudspeaker, and simultaneously starting recording by the microphone;
step 2: the user inputs the PIN code with n bits, when the input is finished, the loudspeaker stops playing, and the microphone stops recording;
and step 3: acquiring audio data S recorded by a microphone when a user inputs a PIN code, a PIN code value, start and stop time and a pressing position of each pressing;
and 4, step 4: performing PIN code authentication, entering step 5 if the authentication is passed, otherwise failing to authenticate;
and 5: preprocessing audio S, firstly passing the signal through a band-pass filter, then detecting a frame header of S, and intercepting a useful signal S';
step 6: calculating the correlation data of the signal A and the signal S';
and 7: extracting a change rate according to the correlation data;
and 8: fitting in advance to obtain a change rate-pressure function, and calculating a pressure sequence of each pressing time period by combining the finger pressing position obtained in the step 3 and the change rate obtained in the step 7;
and step 9: extracting a pressure code according to the pressure sequence;
step 10: and matching the pressure codes, if the matching is successful, the authentication is passed, and if the matching is not successful, the authentication is failed.
Further, the specific implementation method of step 1 of the present invention is:
before a user starts to input a PIN code, a mobile phone loudspeaker plays a modulated signal, and the signal comprises the following components: the method comprises the steps of adding a frame header with the duration of 100ms and used for alignment to a silent period with the duration of 100ms, adding the silent period with the duration of 100ms after the frame header is played, and then repeatedly playing a specially modulated chirp signal every 25ms, wherein the duration of the repeatedly played chirp signal is 25 ms.
Further, the specific implementation method of step 2 of the present invention is:
the user inputs the PIN code, the microphone records the audio in real time, the audio comprises signals of ultrasonic waves transmitted by the solid sound, the change condition of the signals reflects the change condition of the pressure used when the user inputs the PIN code, and after the user presses the last key, the microphone and the loudspeaker stop working at the same time.
Further, the specific implementation method of step 3 of the present invention is:
and recording the position of each pressing, the PIN code key value of the pressing and releasing time of the key pressing at the same time of recording.
Further, the specific implementation method of step 5 of the present invention is:
step 5.1: preprocessing audio recorded during user authentication, namely firstly, enabling an audio signal to pass through a band-pass filter to filter frequency components which are not in a frequency range of a playing signal;
step 5.2: performing frame header detection on the audio obtained in the step 5.1 according to the frequency composition and energy information of a frame header of the sending signal;
step 5.3: and according to the starting position of the detected frame header, skipping backwards for 200ms, and intercepting the following audio.
Further, the specific implementation method of step 6 of the present invention is:
and performing convolution operation on the transposition of a single chirp period of the sending signal and the receiving signal, and calculating correlation data s (k) of the two signals, wherein k is a data sample index.
Further, the specific implementation method of step 7 of the present invention is:
step 7.1: extracting a part which belongs to solid propagation according to the signal correlation data obtained in the step 6, wherein the solid propagation part represents the vibration condition of the sound wave which is propagated through the solid and is influenced by the pressure of the finger;
step 7.2: according to a 48000Hz sampling rate, a signal correlation number s (k) of 25ms is obtained into 1200 samples, firstly two peak points with the maximum of 1200 samples are found, wherein the first peak point represents a solid sound transmission part, and the second peak point represents a part which is transmitted through air;
step 7.3: taking 20 sample points before and after the first peak point, namely obtaining a sample corresponding to solid propagation;
step 7.4: calculating the average value of the 20 sample points to obtain the value of solid propagation corresponding to the chirp signal in the 25ms time;
step 7.5: executing step 7.3 and step 7.4 for each chirp period to obtain preprocessed correlation data c (k), wherein the sampling frequency of c (k) is reduced to 20 HZ;
step 7.6: and c, (k) carrying out normalization processing and ratio processing through an algorithm to obtain change data change _ r (k), wherein the sampling frequency is also 20 HZ.
Further, the specific implementation method of step 8 of the present invention is:
step 8.1: firstly, determining a coordinate axis of the mobile equipment, wherein the origin of the coordinate is the upper left corner of a screen of the mobile equipment, the X axis is parallel to the short edge of the screen, and the Y axis is parallel to the long edge of the screen;
step 8.2: obtaining the two-dimensional coordinate value (PIN _ x) of the press obtained in step 3i,PIN_yi) I is an index of the PIN code sequence;
step 8.3: and calculating a pressure sequence according to a function which is fitted in advance, wherein the function is as follows:
Figure GDA0002932347620000041
Ai=a1*dis_mi+b1*dis_si+c1*dis_li+d1
Bi=a2*dis_mi+b2*dis_si+c2*dis_li+d2
wherein a1, b1, c1, d1 and a2, b2, c2, d2 are pre-fitted values, dis _ mi,dis_si,dis_liAre respectively coordinate values (PIN _ x)i,PIN_yi) The distances to the microphone, the loudspeaker and the connecting line of the microphone and the loudspeaker, f (k) and the combined position information show the relation between the change rate change _ r (k) and the pressure value f (k), so that the f (k) sequence in 4 pressing time periods can be obtained.
Further, the specific implementation method of step 9 of the present invention is:
step 9.1: obtaining four sections of f (k) sequences obtained by calculation in the step 8;
step 9.2: taking the maximum value f _ max in each pressing time period as the pressure of the current pressing;
step 9.3: extracting a 4-bit pressure code according to the following rules:
Figure GDA0002932347620000051
further, the specific implementation method of step 10 of the present invention is:
and matching the pressure codes, if the matching is successful, the authentication is passed, and if the matching is not successful, the authentication is failed.
The invention has the following beneficial effects: the PIN code and pressure code-based two-factor identity authentication method utilizes the acoustic propagation principle, extracts the change rate of sound waves caused by pressure applied by a user, performs function fitting according to the pressing position, extracts the corresponding pressure value, and resists shoulder surfing attack based on the PIN code. Compared with the prior art, the invention has the beneficial effects that: the method has the advantages of no need of extra hardware, capability of resisting shoulder surfing, high authentication accuracy, strong system robustness, no need of extra operation of a user and good user experience.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a system block diagram of an embodiment of the invention.
Fig. 2 is a diagram of a modulated transmission signal of an embodiment of the present invention.
Fig. 3 is a function of extracting a rate of change according to a correlation of signals according to an embodiment of the present invention.
Fig. 4 is an explanatory diagram of fitting coefficients according to the pressed position according to the embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The method is mainly based on the sound propagation principle in the acoustic field, the pressure value is calculated by extracting the influence of the user on sound waves propagated through the mobile phone body when the user presses, the pressure code and the pressure code when the user registers are extracted to be matched, and the PIN code and pressure code-based two-factor identity authentication method is used. The invention can be used as a supplement of the existing PIN identity authentication method, and improves the safety and reliability of identity authentication.
The method provided by the invention can realize the process by using a computer software technology. Referring to fig. 1, the two-factor identity authentication method based on the PIN code and the pressure code provided by the invention comprises the following steps:
step 1, simultaneously starting a loudspeaker and a microphone of the mobile phone, playing the modulated signal A by the loudspeaker, and simultaneously starting recording by the microphone.
The specific implementation of the examples is illustrated below:
before the user inputs the PIN code, the speaker of the smart phone starts to play a previously modulated signal, the modulated signal is as shown in fig. 2, and it is important to select an appropriate playing signal for detecting the pressure. The signal used in the present invention is composed of a pilot signal and a plurality of repeated chirps. After a silence period of 100 milliseconds, there is a pilot signal to synchronize the received signal with the original signal. The pilot signal has a frequency in the range of 18kHZ to 22kHZ and a duration of 100ms, and we select a chirp signal as the carrier signal, using a 1200-sample linear chirp in which the first and last 300 samples are multiplied by a hamming window to eliminate audible noise due to frequency dips. The whole signal is sampled at a sampling rate of 48kHZ, and the frequency of the chirp signal is 18 kHZ-23999 HZ so as to meet the Nyquist sampling theorem. This frequency range ensures audio imperceptibility and user experience since most people cannot hear audio with frequencies in excess of 17 kHZ. Furthermore, since the signal-to-noise ratio (SNR) of the chirp signal is proportional to the frequency sweep and the signal length, the frequency setting can provide sufficient SNR for pressure estimation.
And 2, inputting the 4-digit PIN code by the user, stopping playing by the loudspeaker and stopping recording by the microphone when the input is finished.
The specific implementation of the examples is illustrated below:
the user presses the PIN code button in proper order, thereby exerts certain pressure when pressing and sets up own pressure code, for example the 4-digit PIN code that uses is 1234, and the pressure code of exerting is 2112, and pressure is divided into 3 grades, and 2 represent moderate dynamics, and 1 represents strong dynamics, and 3 represent light dynamics. After the user inputs the password, the mobile phone stops playing the loudspeaker and the microphone stops recording.
And step 3, obtaining audio data S and PIN code values when the user inputs the PIN code, and the start-stop time and position of each pressing.
The specific implementation of the examples is illustrated below:
when the user inputs the PIN code, the PIN code is setThe system automatically records the coordinate position (PIN _ x) of each key pressi,PIN_yi) The code value of the PIN code is 1234, and the start and stop time of each press PIN _ biAnd PIN _ ei. For example, the coordinate positions (PIN _ x) of 4 pressed points obtained by performing 4-bit PIN code authentication oncei,PIN_yi) And PIN _ b obtained by four pressesiAnd PIN _ eiAs shown in the table below, the location is in pixels and the time is in milliseconds.
(PIN_xi,PIN_yi) (270,1030) (619,1033) (857,1013) (290,1255)
PIN_bi 2124 2562 2927 3384
PIN_ei 2226 2619 2983 3430
And 4, carrying out PIN code authentication, entering the step 5 if the PIN code is passed, and otherwise, failing to authenticate.
The specific implementation process of the embodiment is as follows:
when the user registers, the PIN code is stored in the database, for example, 1234, if the password input by the user is 1234 now, the authentication is passed, otherwise, the authentication fails.
And 5, preprocessing the audio S, firstly passing the signal through a band-pass filter, then detecting the frame head of the S, and intercepting a useful signal S'.
The specific implementation process of the embodiment is as follows:
step 5.1: the recorded audio signal is first passed through a butterworth bandpass filter. According to shannon's theorem, the cut-off frequency should be less than half the sampling frequency. Thus, the low cutoff frequency of the band pass filter is 18kHZ and the high cutoff frequency is 23999 HZ. The step eliminates noise with frequency beyond 18-23999 HZ, and avoids interference on analysis of useful signals;
step 5.2: positioning the pilot frequency position of the audio frequency obtained in the step 5.1 according to the frequency pilot frequency range and the average energy of the frequency band, and synchronously sending and receiving signals;
step 5.3: after the start time of pilot acquisition, update PIN _ biAnd PIN _ eiAnd skipping backwards by 200ms according to the detected starting position of the frame header to obtain a following useful signal, and leaving a part only containing the repeated chirp signal.
E.g., 1513ms, the start time of the pilot signal, the updated PIN _ biAnd PIN _ eiComprises the following steps:
PIN_bi 411 849 1214 1671
PIN_ei 513 906 1270 1717
step 6: and calculating the correlation data of the A and the S'.
The specific implementation process of the embodiment is as follows:
convolving the transpose of a single chirp period of the transmitted signal with the received signal to calculate the correlation s (k) of the signal;
and 7, extracting the change rate according to the correlation data.
The specific implementation process of the embodiment is as follows:
step 7.1: for the signal correlation data s (k) obtained in step 6, according to the 48000HZ sampling rate, the chirp signal of 25ms obtains 1200 samples in total, and firstly two peak points with the maximum 1200 samples are found;
step 7.2: taking 20 sample points before and after the first peak point, namely obtaining a sample corresponding to solid propagation;
step 7.3: calculating the average value of the 20 sample points to obtain the corresponding solid propagation value of the 25ms chirp signal;
step 7.4: step 7.3 and step 7.4 are executed for each chirp period, and processed change rate data c (k) are obtained, and the frequency is reduced to 20 HZ;
step 7.5: the pressing time PIN _ b obtained according to step 3iAnd PIN _ eiAnd obtaining a sample index corresponding to the time. b, (j) and e (j) are sample indexes corresponding to the pressing and releasing time of each pressing action, and are calculated by the following formulas:
Figure GDA0002932347620000081
Figure GDA0002932347620000082
step 7.6: the signal reflected by the finger may also affect the correlation of the signal due to hardware limitations and other imperfections. In addition, when the signal frequency exceeds 20kHZ, the audio system performance of some handsets will degrade, resulting in less accurate correlation data. Therefore, c (k) is normalized next. The algorithm shown in fig. 4 is used to normalize the process rate of change. The algorithm mainly comprises the steps of carrying out equalization processing on c (k) before each compression, removing the maximum value and the minimum value of c (k) before the compression, calculating the average value after e (j-1) is more than or equal to k and less than or equal to b (j) -1, and replacing the data with the average value. The data obtained after such processing is change _ r (k).
And 8, calculating a pressure sequence of each pressing time period according to the finger pressing position obtained in the step 3, the previously fitted change rate-pressure function and the change rate obtained in the step 7.
The specific implementation process of the embodiment is as follows:
step 8.1: as shown in fig. 4, firstly, determining the coordinate axis of the mobile phone, where the origin of the coordinate is the upper left corner of the screen of the mobile phone, the X axis is parallel to the short side of the screen, and the Y axis is parallel to the long side of the screen;
step 8.2: obtaining the coordinate value (PIN _ x) of the press obtained in step 3i,PIN_yi);
Figure GDA0002932347620000091
Wherein:
Ai=a1*dis_mi+b1*dis_si+c1*dis_li+d1
Bi=a2*dis_mi+b2*dis_si+c2*dis_li+d2
wherein a1, b1, c1, d1 and a2, b2, c2, d2 are values fitted in advance, dis _ mi,dis_si,dis_liAre respectively coordinate values (PIN _ x)i,PIN_yi) Distances to the microphone, the speaker and the microphone-speaker connection;
for example, a three star note4 cell phone, the final fit data is:
Ai=-0.0199*dis_mi-0.0289*dis_si-0.0025*dis_li+61.1269,
Bi=-0.0103*dis_mi+0.0056*dis_si+0.0002*dis_li+23.5312
the position coordinates (Micro _ x, Micro _ y) and (Speaker _ x, Speaker _ y) of the microphone and the Speaker of the mobile phone, and the coordinate value of the press (PIN _ x, Speaker _ y) are knowni,PIN_yi) Then dis _ m, dis _ s and dis _ l can be calculated, and the formula is as follows:
Figure GDA0002932347620000092
Figure GDA0002932347620000093
Figure GDA0002932347620000094
C=(Micro_y-Speaker_y),D=(Speaker_x-Micro_x),
E=(Micro_x*Speaker_y-Micro_y*Speaker_x),
for different pressing time periods, the corresponding function is calculated according to the pressing position, and then the pressure is calculated, for example, four pressing time periods and four pressing positions are provided in the embodiment, four pairs of A and B can be calculated, four f (k) functions are obtained, and f (k) sequence of each time period is calculated.
And 9, extracting a pressure code according to the pressure sequence.
The specific implementation process of the embodiment is as follows:
step 9.1: obtaining four sections of f (k) sequences obtained by calculation in the step 8;
step 9.2: taking the maximum value f _ max in each pressing time period as the pressure of the current pressing, for example, the obtained pressure is 2N, 0.6N, 0.7N, 2.5N, and N is a unit Newton of force;
step 9.3: the 4-bit pressure code is extracted according to the following rule,
Figure GDA0002932347620000101
the pressure code corresponding to 2N, 0.6N, 0.7N, 2.5N is 2112;
step 10: and matching the pressure codes, if the matching is successful, the authentication is passed, and if the matching is not successful, the authentication is failed.
The specific implementation process of the embodiment is as follows:
for the same user, authentication is passed if and only if the pressure code is consistent with that at the time of registration. For example, if the pressure code at the time of registration is 2112, the pressure code at the time of authentication must also be 2112.
It will be understood that modifications and variations can be made by persons skilled in the art in light of the above teachings and all such modifications and variations are intended to be included within the scope of the invention as defined in the appended claims.

Claims (10)

1. A two-factor identity authentication method based on PIN codes and pressure codes is characterized by comprising the following steps:
step 1: simultaneously starting a loudspeaker and a microphone of the mobile equipment, playing the modulated signal A by the loudspeaker, and simultaneously starting recording by the microphone;
step 2: the user inputs the PIN code with n bits, when the input is finished, the loudspeaker stops playing, and the microphone stops recording;
and step 3: acquiring audio data S recorded by a microphone when a user inputs a PIN code, a PIN code value, start and stop time and a pressing position of each pressing;
and 4, step 4: performing PIN code authentication, entering step 5 if the authentication is passed, otherwise failing to authenticate;
and 5: preprocessing audio S, firstly passing the signal through a band-pass filter, then detecting a frame header of S, and intercepting a useful signal S';
step 6: calculating the correlation data of the signal A and the signal S';
and 7: extracting a change rate according to the correlation data;
and 8: fitting in advance to obtain a change rate-pressure function, and calculating a pressure sequence of each pressing time period by combining the finger pressing position obtained in the step 3 and the change rate obtained in the step 7;
and step 9: extracting a pressure code according to the pressure sequence;
step 10: and matching the pressure codes, if the matching is successful, the authentication is passed, and if the matching is not successful, the authentication is failed.
2. The PIN code and pressure code-based two-factor identity authentication method according to claim 1, wherein the specific implementation method of step 1 is as follows:
before a user starts to input a PIN code, a mobile phone loudspeaker plays a modulated signal, and the signal comprises the following components: the method comprises the steps of adding a frame header with the duration of 100ms and used for alignment to a silent period with the duration of 100ms, adding the silent period with the duration of 100ms after the frame header is played, and then repeatedly playing a specially modulated chirp signal every 25ms, wherein the duration of the repeatedly played chirp signal is 25 ms.
3. The PIN code and pressure code-based two-factor identity authentication method according to claim 1, wherein the specific implementation method of the step 2 is as follows:
the user inputs the PIN code, the microphone records the audio in real time, the audio comprises signals of ultrasonic waves transmitted by the solid sound, the change condition of the signals reflects the change condition of the pressure used when the user inputs the PIN code, and after the user presses the last key, the microphone and the loudspeaker stop working at the same time.
4. The PIN code and pressure code-based two-factor identity authentication method according to claim 1, wherein the specific implementation method of step 3 is as follows:
and recording the position of each pressing, the value of the pressed PIN code and the time of pressing and releasing the key while recording.
5. The PIN code and pressure code-based two-factor identity authentication method according to claim 1, wherein the specific implementation method of step 5 is as follows:
step 5.1: preprocessing audio recorded during user authentication, namely firstly, enabling an audio signal to pass through a band-pass filter to filter frequency components which are not in a frequency range of a playing signal;
step 5.2: performing frame header detection on the audio obtained in the step 5.1 according to the frequency composition and energy information of a frame header of the sending signal;
step 5.3: and according to the starting position of the detected frame header, skipping backwards for 200ms, and intercepting the following audio.
6. The PIN code and pressure code-based two-factor identity authentication method according to claim 1, wherein the specific implementation method of step 6 is as follows:
and performing convolution operation on the transposition of a single chirp period of the sending signal and the receiving signal, and calculating correlation data s (k) of the two signals, wherein k is a data sample index.
7. The PIN code and pressure code-based two-factor identity authentication method according to claim 1, wherein the step 7 is implemented by:
step 7.1: extracting a part which belongs to solid propagation according to the signal correlation data obtained in the step 6, wherein the solid propagation part represents the vibration condition of the sound wave which is propagated through the solid and is influenced by the pressure of the finger;
step 7.2: according to a 48000Hz sampling rate, a signal correlation number s (k) of 25ms is obtained into 1200 samples, firstly two peak points with the maximum of 1200 samples are found, wherein the first peak point represents a solid sound transmission part, and the second peak point represents a part which is transmitted through air;
step 7.3: taking 20 sample points before and after the first peak point, namely obtaining a sample corresponding to solid propagation;
step 7.4: calculating the average value of the 20 sample points to obtain the value of solid propagation corresponding to the chirp signal in the 25ms time;
step 7.5: executing step 7.3 and step 7.4 for each chirp period to obtain preprocessed correlation data c (k), wherein the sampling frequency of c (k) is reduced to 20 HZ;
step 7.6: and c, (k) carrying out normalization processing and ratio processing through an algorithm to obtain change data change _ r (k), wherein the sampling frequency is also 20 HZ.
8. The PIN code and pressure code-based two-factor identity authentication method according to claim 1, wherein the step 8 is implemented by:
step 8.1: firstly, determining a coordinate axis of the mobile equipment, wherein the origin of the coordinate is the upper left corner of a screen of the mobile equipment, the X axis is parallel to the short edge of the screen, and the Y axis is parallel to the long edge of the screen;
step 8.2: obtaining the two-dimensional coordinate value (PIN _ x) of the press obtained in step 3i,PIN_yi) I is an index of the PIN code sequence;
step 8.3: and calculating a pressure sequence according to a function which is fitted in advance, wherein the function is as follows:
Figure FDA0002932347610000031
Ai=a1*dis_mi+b1*dis_si+c1*dis_li+d1
Bi=a2*dis_mi+b2*dis_si+c2*dis_li+d2
wherein a1, b1, c1, d1 and a2, b2, c2, d2 are pre-fitted values, dis _ mi,dis_si,dis_liAre respectively coordinate values (PIN _ x)i,PIN_yi) Distances to the microphone, the speaker and a line connecting the microphone and the speaker, f (k) the combination position information represents a relationship between the change rate change _ r (k) and the pressure value f (k), and therefore, the relationship can be expressedAn f (k) sequence over 4 compression times was obtained.
9. The PIN code and pressure code-based two-factor identity authentication method according to claim 8, wherein the step 9 is implemented by:
step 9.1: obtaining four sections of f (k) sequences obtained by calculation in the step 8;
step 9.2: taking the maximum value f _ max in each pressing time period as the pressure of the current pressing;
step 9.3: extracting a 4-bit pressure code according to the following rules:
Figure FDA0002932347610000032
10. the PIN code and pressure code-based two-factor identity authentication method according to claim 1, wherein the step 10 is implemented by:
and matching the pressure codes, if the matching is successful, the authentication is passed, and if the matching is not successful, the authentication is failed.
CN201911129744.2A 2019-11-18 2019-11-18 Double-factor identity authentication method based on PIN code and pressure code Active CN110971755B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911129744.2A CN110971755B (en) 2019-11-18 2019-11-18 Double-factor identity authentication method based on PIN code and pressure code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911129744.2A CN110971755B (en) 2019-11-18 2019-11-18 Double-factor identity authentication method based on PIN code and pressure code

Publications (2)

Publication Number Publication Date
CN110971755A CN110971755A (en) 2020-04-07
CN110971755B true CN110971755B (en) 2021-04-20

Family

ID=70031108

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911129744.2A Active CN110971755B (en) 2019-11-18 2019-11-18 Double-factor identity authentication method based on PIN code and pressure code

Country Status (1)

Country Link
CN (1) CN110971755B (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101436935A (en) * 2008-12-10 2009-05-20 华中科技大学 PIN code verification method through fingerprint identification
JP5950165B2 (en) * 2011-07-12 2016-07-13 パナソニックIpマネジメント株式会社 Personal authentication device and personal authentication method
CN205297155U (en) * 2015-11-30 2016-06-08 惠州学院 Pressure perception type electronics protective apparatus
CN107068154A (en) * 2017-03-13 2017-08-18 平安科技(深圳)有限公司 The method and system of authentication based on Application on Voiceprint Recognition

Also Published As

Publication number Publication date
CN110971755A (en) 2020-04-07

Similar Documents

Publication Publication Date Title
CN101816135B (en) Ultrasound detectors
Yan et al. The feasibility of injecting inaudible voice commands to voice assistants
EP3412014B1 (en) Liveness determination based on sensor signals
US8874442B2 (en) Device, system, and method of liveness detection utilizing voice biometrics
US20120290297A1 (en) Speaker Liveness Detection
CN103391347B (en) A kind of method and device of automatic recording
CN110363120B (en) Intelligent terminal touch authentication method and system based on vibration signal
Wang et al. Ghosttalk: Interactive attack on smartphone voice system through power line
CN109711350B (en) Identity authentication method based on lip movement and voice fusion
Mahto et al. Ear acoustic biometrics using inaudible signals and its application to continuous user authentication
CN103684773A (en) Secret lock device, portable terminal and audio unlocking method based on portable terminal
CN113823293B (en) Speaker recognition method and system based on voice enhancement
WO2022052965A1 (en) Voice replay attack detection method, apparatus, medium, device and program product
Liu et al. Soundid: Securing mobile two-factor authentication via acoustic signals
CN106980836A (en) Auth method and device
CN110971755B (en) Double-factor identity authentication method based on PIN code and pressure code
WO2023124556A1 (en) Method and apparatus for recognizing mixed key sounds of multiple keyboards, device, and storage medium
Zarandy et al. Hey Alexa what did I just type? Decoding smartphone sounds with a voice assistant
Yaguchi et al. Replay attack detection using generalized cross-correlation of stereo signal
CN116110417A (en) Data enhancement method and device for ultrasonic voiceprint anti-counterfeiting
CN110211606A (en) A kind of Replay Attack detection method of voice authentication system
Zhang et al. A continuous liveness detection for voice authentication on smart devices
Phipps et al. Securing voice communications using audio steganography
Shi et al. Authentication of voice commands by leveraging vibrations in wearables
Zhang et al. Practical speech re-use prevention in voice-driven services

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant