CN111130794B - Identity verification method based on iris and private key certificate chain connection storage structure - Google Patents

Identity verification method based on iris and private key certificate chain connection storage structure Download PDF

Info

Publication number
CN111130794B
CN111130794B CN201911270600.9A CN201911270600A CN111130794B CN 111130794 B CN111130794 B CN 111130794B CN 201911270600 A CN201911270600 A CN 201911270600A CN 111130794 B CN111130794 B CN 111130794B
Authority
CN
China
Prior art keywords
iris
information block
template
certificate
image
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911270600.9A
Other languages
Chinese (zh)
Other versions
CN111130794A (en
Inventor
刘帅
刘元宁
朱晓冬
董立岩
崔靖威
张齐贤
吴祖慷
王超群
李昕龙
姜雪
朱琳
杨亚男
董霖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jilin University
Original Assignee
Jilin University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jilin University filed Critical Jilin University
Priority to CN201911270600.9A priority Critical patent/CN111130794B/en
Publication of CN111130794A publication Critical patent/CN111130794A/en
Application granted granted Critical
Publication of CN111130794B publication Critical patent/CN111130794B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/18Eye characteristics, e.g. of the iris
    • G06V40/193Preprocessing; Feature extraction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Signal Processing (AREA)
  • Biomedical Technology (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computational Linguistics (AREA)
  • Human Computer Interaction (AREA)
  • General Engineering & Computer Science (AREA)
  • Molecular Biology (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • Evolutionary Computation (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Ophthalmology & Optometry (AREA)
  • Computing Systems (AREA)
  • Multimedia (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Data Mining & Analysis (AREA)
  • Biophysics (AREA)
  • Artificial Intelligence (AREA)
  • Collating Specific Patterns (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)

Abstract

The invention discloses an identity verification method based on a connection storage structure of an iris and a private key certificate chain, which comprises the following steps: step one, collecting a gray level image; step two, normalizing the enhanced image; thirdly, template iris characteristic information is obtained; step four, counting template iris characteristic information; step five, making a private key certificate; step six, storing the information into a personal information block; step seven, constructing a complete record; step eight, making a complete record; step nine, outputting a number 0 to a tester; step ten, testing one iris gray level image; step eleven, testing the iris normalization enhanced image; step twelve, reading the template characteristic label; step thirteen, identity authentication is carried out; has the advantages that: even if the illegal user passes the certificate verification after stealing the certificate, the correct result cannot be obtained because the iris identification verification cannot be passed, so the risks that the personal information of the user is falsified and the illegal user invades are prevented through a double mechanism of the private key certificate and the iris identification.

Description

Identity verification method based on iris and private key certificate chain connection storage structure
Technical Field
The invention relates to an identity authentication method for strengthening information security storage, in particular to an identity authentication method based on a connection storage structure of an iris and a private key certificate chain.
Background
At present, the current information revolution is continuously developed, more automatic and intelligent technologies are beginning to be applied to daily life, the quality of life of human beings is improved, and meanwhile, human identity recognition becomes more and more important and more challenging work. The iris is a human body feature which is not easy to copy, and is favored by places with high confidentiality and high security, such as military bases, treasury and the like.
Because the iris has the characteristics of uniqueness and the like, once the characteristic data of the iris user is stolen, the iris user has high potential safety hazard. Currently, iris information security research is mainly performed on two aspects, namely, data are prevented from being modified, and an illegal user is prevented from stealing legal information and then invading the information. The main ideas are as follows: on one hand, the data modification behavior is prevented by a firewall, an encryption and decryption means and other security protection means; the other is in the situation that the occurrence of the stealing attack cannot be prevented, but the stealing attack behavior is meaningless through a series of methods, such as designing a stealing attack path modification protocol and the like. The ideas enhance the safety of iris information to a certain extent, but have certain defects.
First, once a firewall is breached or encryption and decryption means are stolen, the threat of data tampering can be caused. And the storage of the encryption and decryption means also needs extra space, and has certain hidden danger. And the third party authentication is needed in the modes of stealing the attack path modification protocol and the like, so that the reliability of the third party is questioned. Therefore, how to better prevent the data in the computer system from being modified or invaded by illegal users is a problem to be solved.
Disclosure of Invention
The invention mainly aims to solve the safety problems existing in the existing iris-based identity authentication method;
another object of the present invention is to design a method for enhancing the security of the identification process, which can prevent data from being rewritten and prevent illegal users from intruding, in the authentication based on multi-class iris identification;
the present invention provides an identity authentication method based on a storage structure of iris and private key certificate chain connection to solve the above problems.
The invention provides an identity authentication method based on a connection storage structure of an iris and a private key certificate chain, which comprises the following steps:
step one, randomly using a common iris acquisition instrument in the market to acquire 2000 template iris gray level images of template testers;
secondly, converting each template iris gray level image into a template iris normalization enhanced image with dimensions of 256 multiplied by 32 by the computer system through a Daugman rubber band method and a mode of equalizing a histogram;
thirdly, extracting template iris characteristic information of 2000 template iris normalization enhanced images by the computer system respectively;
fourthly, counting template iris characteristic information of 2000 template iris normalization enhanced images, wherein the serial number of jth number of a tiled layer in the ith image is Pi-j
Each number in the template feature label is calculated using equation 1:
Figure GDA0002698388730000021
wherein: u shapejIs the value of the jth number, U, in the template feature tagjJ and P in (1)i-jWherein j represents the same;
finally obtaining a template characteristic label consisting of 15 numbers;
the computer system stores the template characteristic label into the iris information block;
the computer system records the generation time of the iris information block and extracts the numerical value of time, minute and second, wherein; the value of time is H, the value of minutes is M, and the value of seconds is S.
Step five, the computer system makes a private key certificate, and obtains the verification information and the certificate verification information of the private key certificate by using a formula 2, wherein the formula 2 is as follows:
w1×H+w2×M+w3×S+w4=r1×H+r2×M+r3×S-r4 (2)
wherein: w is a1,w2,w3,w4,r1,r2,r3,r4Is an integer randomly generated by a random number generator in a computer system;
the computer system will w1,w2,w3,w4Writing the information as verification information into the private key certificate;
the computer system will r1,H,r2,M,r3,S,r4Storing the information as certificate checking information into a certificate checking information block;
the computer system issues the private key certificate to a template tester;
step six, the computer system records the personal information of the template testing personnel, wherein the personal information comprises two items which are respectively: personal name and gender, storing the personal information of the template tester into a personal information block;
connecting the certificate checking information block, the iris information block and the personal information block in sequence by the computer system, and constructing a complete record of the template testing personnel by the three; wherein the certificate check information block comprises an iris information block address value and certificate check information; the iris information block comprises an iris information block address value, a personal information block address value and a template characteristic label; the connection between the nodes is realized by pointing to the next node through the next in the previous node, namely pointing to the iris information block through the iris information block address value in the certificate check information block, and the personal information block address value in the iris information block points to the personal information block, so as to realize the chain connection of the certificate check information block, the iris information block and the personal information block;
step eight, repeating the step one to the step seven, and making complete records of all the template testers;
step nine, the tester uses the computer to read the verification information in the held private key certificate, matches the verification information with the certificate verification information in the certificate information block of the template tester in sequence until finding the matchable certificate information block for the first time, and if the matchable certificate information block is not found, outputs the matched certificate information block to the tester with the number 0;
step ten, a tester collects and tests one iris gray level image through the same iris collecting instrument as the step one;
step eleven, the computer system converts the gray level image of the tested iris into a normalized enhanced image of the tested iris with dimensions of 256 multiplied by 32 through a Daugman rubber band method and a mode of equalizing a histogram;
step twelve, the computer system extracts the test iris characteristic information of the test iris normalization enhanced image to obtain the test iris characteristics consisting of 15 numbers, finds the iris information block connected with the computer system through the matched certificate information block, and reads the template characteristic label;
step thirteen, the computer system performs identity verification through formula 3 and formula 4:
Figure GDA0002698388730000041
Figure GDA0002698388730000042
wherein: zvA symbolic parameter value representing a comparison of the vth test iris feature with the vth template iris feature tag;
fvrepresents the v-th test iris feature;
fv-biaorepresenting the v template iris feature label;
SF represents the similarity between the test iris and the template iris;
setting the judgment threshold value to be 0.85, if the value of SF is greater than 0.85, finding the personal information block connected with the iris information block through the corresponding iris information block, reading the personal information stored in the personal information block, and outputting the personal information to a tester;
if the value of SF is less than or equal to 0.85, a digital 0 is output to the tester.
The specific process of extracting the iris feature information of one iris image in the third step and the twelfth step is as follows:
inputting an iris normalization enhanced image into a first convolution layer, adopting 1 gradient Laplacian convolution kernel, converting the image into a 128 x 16 dimensional image in a first pooling layer through 2 x 2 maximum pooling after image convolution, and performing sparsification operation on the pooled image through a Softplus function in a first ReLU layer;
the Softplus function is shown in equation 5:
Softplus(x)=log(1+ex) (5)
wherein: softplus (x) is a result value, wherein x represents a pixel value of a single pixel point of the image of the first pooling layer;
gradient Laplacian convolution kernel:
1 1 1
1 -8 1
1 1 1
the result in the last ReLU layer is 1 processed image;
the second step, the second convolution layer adopts 3 convolution kernels, which are respectively: the method comprises the following steps of performing sparse operation on pooled images in a second pooling layer by using a Softplus function in the second ReLU layer, wherein the Softplus function is the same as that of the first ReLU layer;
horizontal Sobel convolution kernel:
Figure GDA0002698388730000051
Figure GDA0002698388730000061
vertical Sobel convolution kernel:
-1 -2 -1
0 0 0
1 2 1
the result in the final second ReLU layer is 3 processed images;
the third step, the third convolution layer adopts 5 convolution kernels, which are respectively: a gradient Laplacian convolution kernel, a horizontal Sobel convolution kernel, a vertical Sobel convolution kernel, a horizontal gradient convolution kernel and a vertical gradient convolution kernel; the gradient Laplacian convolution kernel is the same as the first convolution layer; the horizontal Sobel convolution kernel is the same as the second convolution layer; the vertical Sobel convolution kernel is the same as the second convolution layer, after convolution is carried out on 3 second ReLU images, 15 convolution images are formed, the images are converted into 32 x 4-dimensional images in the third pooling layer through 2 x 2 maximum pooling, and thinning operation is carried out on the pooled images in the third pooling layer through a Softplus function in the third ReLU layer, wherein the Softplus function is the same as that of the first ReLU layer;
horizontal gradient convolution kernel:
-1 0 1
-1 0 1
-1 0 1
vertical gradient convolution kernel:
-1 -1 -1
0 0 0
1 1 1
the result in the final third ReLU layer is 15 processed images;
inputting the image of the third pooling layer into an image processing layer, wherein the image processing layer aims at sharpening the edge of the image and enhancing the local image contrast, and 8 neighborhood convolution operators with 9 centers are adopted to perform convolution with the image;
8 neighborhood convolution operator centered at 9:
-1 -1 -1
-1 9 -1
-1 -1 -1
and converting the processed images into 16 × 2 dimensional images through 2 × 2 maximum pooling, wherein the number of the images is 15, reading average gray values of the 15 images, inputting the average gray values into a layering layer, and converting the images into digital data, wherein the result of the layering layer is 15 numbers, and the 15 numbers are the characteristic information of one iris image.
The invention has the beneficial effects that:
the identity authentication method based on the iris and private key certificate chain connection storage structure has the following beneficial effects;
the invention is inspired by a block chain storage structure to store the private key certificate and the iris characteristic information in a chain structure connection way, and the safety of identity identification is increased in a double insurance way;
firstly, the private key certificate is firstly verified, because the private key certificate is based on the generation time of the iris information block and takes an integer randomly generated by a random number generator in a computer system as verification information and certificate verification information of the private key certificate, because the generation time of the iris information block is different and the random number in the formula is obtained based on an unpredictable equation, the information of the private key certificate is unique and is not easy to be imitated, and a forged certificate cannot pass the certificate verification;
the template feature labels of the irises are obtained by statistical learning of 2000 templates of irises, because iris textures cannot be completely the same, completely same combinations cannot exist, and because the irises of the same type are similar in texture distribution, the information content of the same region is also similar, so the set template feature labels can be used as unique identification features of the irises;
because the certificate checking information block, the iris information block and the personal information block are in a chain connection storage structure which is sequentially connected, the iris information block and the personal information block cannot be directly read, data in the iris information block and the personal information block are difficult to directly modify, and the risk that the personal information of a user is tampered is effectively prevented;
even if the illegal user passes the certificate verification after stealing the certificate, the correct result cannot be obtained because the iris identification verification cannot be passed, so the risks that the personal information of the user is falsified and the illegal user invades are prevented through a double mechanism of the private key certificate and the iris identification.
Drawings
FIG. 1 is a schematic diagram of the overall operation of the method of the present invention.
FIG. 2 is a chain link memory structure diagram of a complete record for a template tester according to the present invention.
Detailed Description
Please refer to fig. 1 and fig. 2:
example 1:
the whole procedure, performed in the framework of claim 1, for 3 individuals (named a (sex: male), B (sex: female), C (sex: male), who had not previously made a complete record of a, B, C, and which tested the iris unchanged from the iris harvester apparatus of the template iris):
1) and (4) randomly using a common iris acquisition instrument in the market to acquire 2000 iris gray level images of the template A.
2) And the computer system converts each template iris gray level image of the A into a template iris normalized enhanced image with 256 multiplied by 32 dimensions by means of a Daugman rubber band method and a histogram equalization method.
3) And the computer system respectively extracts the template iris characteristic information of the 2000 template iris normalized enhanced images.
4) The computer system calculates the template iris characteristic information of 2000 template iris normalization enhanced images of A to obtain a template characteristic label of A consisting of 15 numbers, stores the template characteristic label of A into the iris information block of A, records the generation time of the iris information block of A and extracts the time, minute and second numerical value.
5) The computer system makes a private key certificate of A, stores the certificate verification information of A into the certificate verification information block of A, and issues the private key certificate of A to A.
6) The computer system records the personal information (A, male) of A and stores the personal information of A in the personal information block of A.
7) The computer system connects the certificate checking information block of A, the iris information block of A and the personal information block of A in sequence, and the three together construct a complete record of A. Wherein the certificate check information block comprises an iris information block address value and certificate check information; the iris information block comprises an iris information block address value, a personal information block address value and a template characteristic label; the connection between the nodes is realized by pointing to the next node through the next in the previous node, namely pointing to the iris information block through the iris information block address value in the certificate check information block, and the personal information block address value in the iris information block points to the personal information block, so as to realize the chain connection of the certificate check information block, the iris information block and the personal information block;
8) repeat 1) to 7), make a complete record of B and C.
9) And C, reading the verification information in the private key certificate held by C by using a computer, sequentially matching the verification information with the certificate verification information in the certificate information blocks of A, B and C, and finding out the certificate information block of C.
10) And C, acquiring and testing one iris gray level image through an iris acquisition instrument.
11) And the computer system converts the C test iris gray level image into a 256 multiplied by 32 dimensional test iris normalization enhanced image through a Daugman rubber band method and a histogram equalization mode.
12) And the computer system extracts the test iris feature information of the test iris normalization enhanced image C to obtain the test iris features of C consisting of 15 numbers, finds the iris information block of C connected with the computer system through the certificate information block of C, and reads the template feature label of C.
13) The computer system compares the template feature label of C with the test iris feature of C to obtain a similarity rate, wherein the similarity rate is 0.95, so that an output result is obtained: c, male.
Example 2:
the whole procedure, performed in the framework of claim 1, for 3 individuals (named D (gender: female), E (gender: female), F (gender: male), who had not previously made a complete record of D, E, F, and the iris harvester apparatus for testing the iris against the template iris was unchanged):
1) and (4) randomly using a common iris acquisition instrument in the market to acquire 2000 iris gray level images of the template D.
2) And the computer system converts each template iris gray level image of the D into a template iris normalized enhanced image with 256 multiplied by 32 dimensions by a Daugman rubber band method and a histogram equalization method.
3) And the computer system respectively extracts the template iris characteristic information of 2000 template iris normalized enhanced images of the D.
4) The computer system calculates the template iris characteristic information of 2000 template iris normalization enhancement images of D to obtain a template characteristic label of D consisting of 15 numbers, stores the template characteristic label of D into the iris information block of D, records the generation time of the iris information block of D and extracts the numerical value of time, minute and second.
5) The computer system makes the private key certificate of D, stores the certificate verification information of D into the certificate verification information block of D, and issues the private key certificate of D to D.
6) The computer system records the personal information (D, female) of D and stores the personal information of D in the personal information block of D.
7) And the computer system connects the certificate checking information block of the D, the iris information block of the D and the personal information block of the D in sequence, and the three together construct a complete record of the D.
8) Repeat 1) through 7), make a complete record of E and F.
9) And D, reading the verification information in the private key certificate held by the F by using a computer, sequentially matching the verification information with the certificate verification information in the certificate information blocks of the D, the E and the F, and finding the certificate information block of the F.
10) And D, acquiring and testing one iris gray level image through an iris acquisition instrument.
11) And the computer system converts the test iris gray level image of the D into a test iris normalized enhanced image with 256 multiplied by 32 dimensions by a Daugman rubber band method and a histogram equalization method.
12) And the computer system extracts the test iris feature information of the test iris normalization enhanced image of the D to obtain the test iris features of the D consisting of 15 numbers, finds the iris information block of the F connected with the test iris feature information block through the certificate information block of the F held by the D, and reads the template feature label of the F.
13) And (3) comparing the template characteristic label of the F with the test iris characteristic of the D by the computer system to obtain a similarity rate, wherein the similarity rate is 0.62, so that an output result is obtained: 0.
example 3:
the whole process of operation is carried out for 4 persons (named G, Q, T, M, complete records of G, Q, T made before, complete records of M not made) under the framework of claim 1:
1) m forges a private key certificate, a computer is used for reading verification information in the forged private key certificate, the verification information is sequentially matched with certificate verification information in the certificate information blocks of G, Q and T, and the certificate information block is not found, so that an output result is obtained: 0.
example 4:
the whole procedure, performed in the framework of claim 1, for 4 persons (named I (sex: female), J (sex: male), L (sex: male), K (sex: female), complete records of I, J, L made before, complete records of K not made, iris harvester equipment to test irises with template irises unchanged):
1) and (4) randomly using a common iris acquisition instrument in the market to acquire 2000 iris gray level images of the K template.
2) And the computer system converts each template iris gray level image of the K into a template iris normalized enhanced image with 256 multiplied by 32 dimensions by a Daugman rubber band method and a histogram equalization method.
3) The computer system extracts the template iris characteristic information of the 2000 template iris normalization enhanced images of K respectively.
4) The computer system systematically calculates the template iris characteristic information of 2000 template iris normalization enhancement images of K to obtain K template characteristic labels consisting of 15 numbers, stores the K template characteristic labels into the K iris information blocks, records the generation time of the K iris information blocks and extracts the time-minute-second numerical values.
5) The computer system makes a private key certificate of the K, stores the certificate verification information of the K into the certificate verification information block of the K, and issues the K private key certificate to the K.
6) The computer system records the personal information (K, female) of K, and stores the personal information of K in the personal information block of K.
7) The computer system connects the certificate checking information block of K, the iris information block of K and the personal information block of K in sequence, and the three together construct a complete record of K.
8) And the computer system connects the complete record of the K with the L, and the connection sequence of all the template testers is I, J, L and K.
9) And the K reads the verification information in the private key certificate held by the K by using a computer, and matches the verification information with the certificate verification information in the certificate information blocks of I, J, L and K in sequence to find out the certificate information block of the K.
10) And K, acquiring and testing one iris gray level image through an iris acquisition instrument.
11) And the computer system converts the K test iris gray level image into a 256 multiplied by 32 dimensional test iris normalization enhanced image through a Daugman rubber band method and a histogram equalization mode.
12) The computer system extracts the test iris feature information of the test iris normalization enhancement image of the K to obtain the test iris features of the K consisting of 15 numbers, finds the iris information block of the K connected with the computer system through the certificate information block of the K, and reads the template feature label of the K.
13) The computer system compares the template feature label of K with the test iris feature of K to obtain a similarity rate, wherein the similarity rate is 0.92, so that an output result is obtained: k, female.

Claims (2)

1. An identity authentication method based on a connection storage structure of an iris and a private key certificate chain is characterized in that: the method comprises the following steps:
step one, randomly using a common iris acquisition instrument in the market to acquire 2000 template iris gray level images of template testers;
secondly, converting each template iris gray level image into a template iris normalization enhanced image with dimensions of 256 multiplied by 32 by the computer system through a Daugman rubber band method and a mode of equalizing a histogram;
thirdly, extracting template iris characteristic information of 2000 template iris normalization enhanced images by the computer system respectively;
fourthly, counting template iris characteristic information of 2000 template iris normalization enhanced images, wherein the serial number of jth number of a tiled layer in the ith image is Pi-j
Each number in the template feature label is calculated using equation 1:
Figure FDA0002698388720000011
wherein: u shapejIs the value of the jth number, U, in the template feature tagjJ and P in (1)i-jWherein j represents the same;
finally obtaining a template characteristic label consisting of 15 numbers;
the computer system stores the template characteristic label into the iris information block;
the computer system records the generation time of the iris information block and extracts the numerical value of time, minute and second, wherein; the time value is H, the point value is M, and the second value is S;
step five, the computer system makes a private key certificate, and obtains the verification information and the certificate verification information of the private key certificate by using a formula 2, wherein the formula 2 is as follows:
w1×H+w2×M+w3×S+w4=r1×H+r2×M+r3×S-r4 (2)
wherein: w is a1,w2,w3,w4,r1,r2,r3,r4Is an integer randomly generated by a random number generator in a computer system;
the computer system will w1,w2,w3,w4Writing the information as verification information into the private key certificate;
the computer system will r1,H,r2,M,r3,S,r4Storing the information as certificate checking information into a certificate checking information block;
the computer system issues the private key certificate to a template tester;
step six, the computer system records the personal information of the template testing personnel, wherein the personal information comprises two items which are respectively: personal name and gender, storing the personal information of the template tester into a personal information block;
connecting the certificate checking information block, the iris information block and the personal information block in sequence by the computer system, and constructing a complete record of the template testing personnel by the three; wherein the certificate check information block comprises an iris information block address value and certificate check information; the iris information block comprises an iris information block address value, a personal information block address value and a template characteristic label; the connection between the nodes is realized by pointing to the next node through the next in the previous node, namely pointing to the iris information block through the iris information block address value in the certificate check information block, and the personal information block address value in the iris information block points to the personal information block, so as to realize the chain connection of the certificate check information block, the iris information block and the personal information block;
step eight, repeating the step one to the step seven, and making complete records of all the template testers;
step nine, the tester uses the computer to read the verification information in the held private key certificate, matches the verification information with the certificate verification information in the certificate information block of the template tester in sequence until finding the matchable certificate information block for the first time, and if the matchable certificate information block is not found, outputs the matched certificate information block to the tester with the number 0;
step ten, a tester collects and tests one iris gray level image through the same iris collecting instrument as the step one;
step eleven, the computer system converts the gray level image of the tested iris into a normalized enhanced image of the tested iris with dimensions of 256 multiplied by 32 through a Daugman rubber band method and a mode of equalizing a histogram;
step twelve, the computer system extracts the test iris characteristic information of the test iris normalization enhanced image to obtain the test iris characteristics consisting of 15 numbers, finds the iris information block connected with the computer system through the matched certificate information block, and reads the template characteristic label;
step thirteen, the computer system performs identity verification through formula 3 and formula 4:
Figure FDA0002698388720000031
Figure FDA0002698388720000032
wherein: zvA symbolic parameter value representing a comparison of the vth test iris feature with the vth template iris feature tag;
fvrepresents the v-th test iris feature;
fv-biaorepresenting the v template iris feature label;
SF represents the similarity between the test iris and the template iris;
setting the judgment threshold value to be 0.85, if the value of SF is greater than 0.85, finding the personal information block connected with the iris information block through the corresponding iris information block, reading the personal information stored in the personal information block, and outputting the personal information to a tester;
if the value of SF is less than or equal to 0.85, a digital 0 is output to the tester.
2. The identity authentication method based on the iris and private key certificate chain connection storage structure as claimed in claim 1, characterized in that: the specific process of extracting the iris feature information of one iris image in the third step and the twelfth step is as follows:
inputting an iris normalization enhanced image into a first convolution layer, adopting 1 gradient Laplacian convolution kernel, converting the image into a 128 x 16 dimensional image in a first pooling layer through 2 x 2 maximum pooling after image convolution, and performing sparsification operation on the pooled image through a Softplus function in a first ReLU layer;
gradient Laplacian convolution kernel:
1 1 1 1 -8 1 1 1 1
the Softplus function is shown in equation 5:
Softplus(x)=log(1+ex) (5)
wherein: softplus (x) is a result value, wherein x represents a pixel value of a single pixel point of the image of the first pooling layer;
the result in the last ReLU layer is 1 processed image;
the second step, the second convolution layer adopts 3 convolution kernels, which are respectively: the method comprises the following steps of performing sparse operation on pooled images in a second pooling layer by using a Softplus function in the second ReLU layer, wherein the Softplus function is the same as that of the first ReLU layer;
horizontal Sobel convolution kernel:
-1 0 1 -2 0 2 -1 0 1
vertical Sobel convolution kernel:
-1 -2 -1 0 0 0 1 2 1
the result in the final second ReLU layer is 3 processed images;
the third step, the third convolution layer adopts 5 convolution kernels, which are respectively: a gradient Laplacian convolution kernel, a horizontal Sobel convolution kernel, a vertical Sobel convolution kernel, a horizontal gradient convolution kernel and a vertical gradient convolution kernel; the gradient Laplacian convolution kernel is the same as the first convolution layer; the horizontal Sobel convolution kernel is the same as the second convolution layer; the vertical Sobel convolution kernel is the same as the second convolution layer, after convolution is carried out on 3 second ReLU images, 15 convolution images are formed, the images are converted into 32 x 4-dimensional images in the third pooling layer through 2 x 2 maximum pooling, and thinning operation is carried out on the pooled images in the third pooling layer through a Softplus function in the third ReLU layer, wherein the Softplus function is the same as that of the first ReLU layer;
horizontal gradient convolution kernel:
-1 0 1 -1 0 1 -1 0 1
vertical gradient convolution kernel:
-1 -1 -1 0 0 0 1 1 1
the result in the final third ReLU layer is 15 processed images;
inputting the image of the third pooling layer into an image processing layer, wherein the image processing layer aims at sharpening the edge of the image and enhancing the local image contrast, and 8 neighborhood convolution operators with 9 centers are adopted to perform convolution with the image;
8 neighborhood convolution operator centered at 9:
-1 -1 -1 -1 9 -1 -1 -1 -1
and converting the processed images into 16 × 2 dimensional images through 2 × 2 maximum pooling, wherein the number of the images is 15, reading average gray values of the 15 images, inputting the average gray values into a layering layer, and converting the images into digital data, wherein the result of the layering layer is 15 numbers, and the 15 numbers are the characteristic information of one iris image.
CN201911270600.9A 2019-12-12 2019-12-12 Identity verification method based on iris and private key certificate chain connection storage structure Active CN111130794B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911270600.9A CN111130794B (en) 2019-12-12 2019-12-12 Identity verification method based on iris and private key certificate chain connection storage structure

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911270600.9A CN111130794B (en) 2019-12-12 2019-12-12 Identity verification method based on iris and private key certificate chain connection storage structure

Publications (2)

Publication Number Publication Date
CN111130794A CN111130794A (en) 2020-05-08
CN111130794B true CN111130794B (en) 2020-11-24

Family

ID=70499387

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911270600.9A Active CN111130794B (en) 2019-12-12 2019-12-12 Identity verification method based on iris and private key certificate chain connection storage structure

Country Status (1)

Country Link
CN (1) CN111130794B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111832540B (en) * 2020-07-28 2021-01-15 吉林大学 Identity verification method based on unsteady-state iris video stream bionic neural network
CN112364840B (en) * 2020-12-09 2022-03-29 吉林大学 Identity confirmation method based on overall end-to-end unsteady iris cognitive recognition

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104239815A (en) * 2014-09-19 2014-12-24 西安凯虹电子科技有限公司 Electronic document encryption and decryption method and method based on iris identification
CN109347799A (en) * 2018-09-13 2019-02-15 深圳市图灵奇点智能科技有限公司 A kind of identity information management method and system based on block chain technology
CN110175444A (en) * 2019-05-28 2019-08-27 吉林无罔生物识别科技有限公司 Iris-encoding and verification method, system and computer readable storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7796784B2 (en) * 2002-11-07 2010-09-14 Panasonic Corporation Personal authentication method for certificating individual iris
CN103605961A (en) * 2013-11-20 2014-02-26 吉林大学 Fingerprint and iris integration identification device
CN103646199B (en) * 2013-12-26 2016-06-15 中国电子科技集团公司第三研究所 A kind of based on the auth method of nine grids password and facial image
CN104834849B (en) * 2015-04-14 2018-09-18 北京远鉴科技有限公司 Dual-factor identity authentication method and system based on Application on Voiceprint Recognition and recognition of face

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104239815A (en) * 2014-09-19 2014-12-24 西安凯虹电子科技有限公司 Electronic document encryption and decryption method and method based on iris identification
CN109347799A (en) * 2018-09-13 2019-02-15 深圳市图灵奇点智能科技有限公司 A kind of identity information management method and system based on block chain technology
CN110175444A (en) * 2019-05-28 2019-08-27 吉林无罔生物识别科技有限公司 Iris-encoding and verification method, system and computer readable storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
《MOOC 学习者身份认证模式的研究-基于双因子模糊认证和区块链技术》;李凤英、何屹峰、齐宇歆;《远程教育杂志》;20170712;全文 *

Also Published As

Publication number Publication date
CN111130794A (en) 2020-05-08

Similar Documents

Publication Publication Date Title
Wu et al. Mantra-net: Manipulation tracing network for detection and localization of image forgeries with anomalous features
Galbally et al. Iris image reconstruction from binary templates: An efficient probabilistic approach based on genetic algorithms
Pillai et al. Secure and robust iris recognition using random projections and sparse representations
US9710631B2 (en) Method for enrolling data in a base to protect said data
CN111130794B (en) Identity verification method based on iris and private key certificate chain connection storage structure
Nie et al. The use of least significant bit (LSB) and knight tour algorithm for image steganography of cover image
Geetha et al. Optimized image steganalysis through feature selection using MBEGA
Gupta et al. A survey of attacks on iris biometric systems
Agarwal et al. Iris sensor identification in multi-camera environment
CN114998080A (en) Face tamper-proof watermark generation method, tamper detection method and attribute detection method
Liu et al. Data protection in palmprint recognition via dynamic random invisible watermark embedding
Fernandes et al. Benford's law applied to digital forensic analysis
El-Naggar et al. Which dataset is this iris image from?
Biu et al. An enhanced iris recognition and authentication system using energy measure
Peng et al. Face morphing attack detection and attacker identification based on a watchlist
CN111046363B (en) Identity verification method based on iris feature alliance random matching voting mechanism
CN115914488A (en) Medical image identity confusion sharing method and system, terminal equipment and storage medium
Swaminathan et al. Security of feature extraction in image hashing
Tan et al. Privacy Protection for Medical Images Based on DenseNet and Coverless Steganography.
Gowri et al. Real time signature forgery detection using machine learning
Sethi et al. Video security against deepfakes and other forgeries
CN113705410A (en) Face image desensitization processing and verifying method and system
Bhatnagar et al. Biometric template security based on watermarking
CN112818150A (en) Picture content auditing method, device, equipment and medium
Yuan Identification of global histogram equalization by modeling gray-level cumulative distribution

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant