CN111147248A - Encrypted transmission method, device and system of face feature library and storage medium - Google Patents

Encrypted transmission method, device and system of face feature library and storage medium Download PDF

Info

Publication number
CN111147248A
CN111147248A CN201911181215.7A CN201911181215A CN111147248A CN 111147248 A CN111147248 A CN 111147248A CN 201911181215 A CN201911181215 A CN 201911181215A CN 111147248 A CN111147248 A CN 111147248A
Authority
CN
China
Prior art keywords
key
face feature
feature library
encrypted
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911181215.7A
Other languages
Chinese (zh)
Inventor
沙亚民
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Kuangshi Technology Co Ltd
Beijing Megvii Technology Co Ltd
Original Assignee
Beijing Kuangshi Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Kuangshi Technology Co Ltd filed Critical Beijing Kuangshi Technology Co Ltd
Priority to CN201911181215.7A priority Critical patent/CN111147248A/en
Publication of CN111147248A publication Critical patent/CN111147248A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Health & Medical Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The invention provides an encryption transmission method, device and system of a face feature library and a storage medium. The method comprises the following steps: generating an asymmetric key pair, and issuing a public key in the asymmetric key pair so that the server receives the public key; receiving an encrypted face feature library and an encrypted key sent by a server, wherein the encrypted face feature library is obtained by encrypting the face feature library by the server through a symmetric key generated by the server, and the encrypted key is obtained by encrypting the symmetric key by the server through a public key; and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain a symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication. The scheme of the invention can greatly improve the authenticity and the safety of the database data adopted in the face recognition, thereby improving the reliability of the face recognition result.

Description

Encrypted transmission method, device and system of face feature library and storage medium
Technical Field
The invention relates to the technical field of face recognition, in particular to an encryption transmission method, device and system of a face feature library and a storage medium.
Background
At present, face recognition system is more and more applied to the scene of authentication such as security protection, finance, if: the system comprises an unattended access control system, online social security handling and acquisition, remote medical security handling and the like. In these high security level application fields, it is first ensured that the data in the base library are all true and consistent with the actual situation. Although the characteristic value of the human face has the advantages of tamper resistance and forgery resistance, the transmission and storage of the human face characteristic are lack of protection. That is, the source of the facial features cannot be forged, but there is a risk that the facial features are falsified and forged in both transmission and storage. Therefore, a solution for the security of face feature transmission and storage is needed.
Disclosure of Invention
The present invention has been made to solve the above problems. According to an aspect of the present invention, an encryption transmission method for a face feature library is provided, which is applied to an encryption storage device, and the encryption transmission method includes: generating an asymmetric key pair, and issuing a public key in the asymmetric key pair so that a server receives the public key; receiving an encrypted face feature library and an encryption key sent by the server, wherein the encrypted face feature library is obtained by encrypting the face feature library by using a symmetric key generated by the server, and the encryption key is obtained by encrypting the symmetric key by using the public key by the server; and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
In one embodiment of the invention, the encrypted storage device is a hardware digital certificate carrier or a security module comprising a security chip and a chip operating system.
According to another aspect of the present invention, an encryption transmission method for a face feature library is provided, which is applied to a server, and the encryption transmission method includes: generating a symmetric key, and encrypting a face feature library based on the symmetric key to obtain an encrypted face feature library; receiving a public key in an asymmetric key pair issued by an encryption storage device, and encrypting the symmetric key based on the public key to obtain an encryption key; sending the encrypted face feature library and the encryption key to the encryption storage device, so that the encryption storage device: and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
In one embodiment of the invention, the encrypted storage device is a hardware digital certificate carrier or a security module comprising a security chip and a chip operating system.
According to another aspect of the present invention, there is provided an encryption transmission apparatus for a face feature library, which is applied to an encryption storage apparatus, the encryption transmission apparatus including: the key generation module is used for generating an asymmetric key pair and issuing a public key in the asymmetric key pair so that the server receives the public key; the receiving module is used for receiving an encrypted face feature library and an encrypted key which are sent by the server, wherein the encrypted face feature library is obtained by encrypting the face feature library by using a symmetric key generated by the server, and the encrypted key is obtained by encrypting the symmetric key by using the public key by the server; and the decryption module is used for decrypting the encrypted secret key by using a private key in the asymmetric secret key pair to obtain the symmetric secret key, and decrypting the encrypted face feature library by using the symmetric secret key to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
In one embodiment of the invention, the encrypted storage device is a hardware digital certificate carrier or a security module comprising a security chip and a chip operating system.
According to another aspect of the present invention, there is provided an encryption transmission apparatus for a face feature library, which is applied to a server, the encryption transmission apparatus including: a key generation module for generating a symmetric key; the receiving module is used for receiving a public key in an asymmetric key pair issued by the encryption storage device; the encryption module is used for encrypting the face feature library based on the symmetric key to obtain an encrypted face feature library and encrypting the symmetric key based on the public key to obtain an encrypted key; a sending module, configured to send the encrypted face feature library and the encryption key to the encryption storage device, so that the encryption storage device: and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
In one embodiment of the invention, the encrypted storage device is a hardware digital certificate carrier or a security module comprising a security chip and a chip operating system.
According to another aspect of the present invention, there is provided an encryption transmission system for a face feature library, the system including a memory and a processor, the memory having stored thereon a computer program executed by the processor, the computer program, when executed by the processor, executing the above encryption transmission method for the face feature library.
According to still another aspect of the present invention, a storage medium is provided, on which a computer program is stored, and the computer program executes the above-mentioned encrypted transmission method for the face feature library when running.
According to still another aspect of the present invention, there is provided a computer program, which is executed by a computer or a processor to execute the above-mentioned encryption transmission method for the face feature library, and is further used to implement each module in the above-mentioned encryption transmission apparatus for the face feature library.
According to the encrypted transmission method, the encrypted transmission device and the encrypted transmission system of the face feature library, the encrypted face feature library is transmitted to the encrypted storage device through the server, the encrypted storage device decrypts the encrypted face feature library to obtain the face feature library, the face comparison device reads the face feature library from the encrypted storage device during face recognition and compares the face feature library with the face features to be recognized, and therefore data safety of the face feature library in the transmission process can be greatly improved, authenticity and safety of data of the face feature library adopted in the face recognition are improved, and reliability of face recognition results is improved.
Drawings
The above and other objects, features and advantages of the present invention will become more apparent by describing in more detail embodiments of the present invention with reference to the attached drawings. The accompanying drawings are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings, like reference numbers generally represent like parts or steps.
Fig. 1 shows a schematic block diagram of an example electronic device for implementing the method, apparatus and system for encrypted transmission of a face feature library according to an embodiment of the present invention.
Fig. 2 shows a schematic flow chart of an encryption transmission method of a face feature library according to an embodiment of the present invention.
Fig. 3 shows a schematic flow chart of an encryption transmission method of a face feature library according to another embodiment of the present invention.
Fig. 4 shows a schematic block diagram of an encryption transmission device of a face feature library according to an embodiment of the present invention.
Fig. 5 is a schematic block diagram of an encryption transmission apparatus for a face feature library according to another embodiment of the present invention.
Fig. 6 shows a schematic block diagram of an encrypted transmission system of a face feature library according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, exemplary embodiments according to the present invention will be described in detail below with reference to the accompanying drawings. It is to be understood that the described embodiments are merely a subset of embodiments of the invention and not all embodiments of the invention, with the understanding that the invention is not limited to the example embodiments described herein. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the invention described herein without inventive step, shall fall within the scope of protection of the invention.
First, an example electronic device 100 for implementing the encrypted transmission method, apparatus, and system of the face feature library according to the embodiment of the present invention is described with reference to fig. 1.
As shown in FIG. 1, electronic device 100 includes one or more processors 102, one or more memories 104, an input device 106, and an output device 108, which are interconnected via a bus system 110 and/or other form of connection mechanism (not shown). It should be noted that the components and structure of the electronic device 100 shown in fig. 1 are exemplary only, and not limiting, and the electronic device may have other components and structures as desired.
The processor 102 may be a Central Processing Unit (CPU) or other form of processing unit having data processing capabilities and/or instruction execution capabilities, and may control other components in the electronic device 100 to perform desired functions.
The memory 104 may include one or more computer program products that may include various forms of computer-readable storage media, such as volatile memory and/or non-volatile memory. The volatile memory may include, for example, Random Access Memory (RAM), cache memory (cache), and/or the like. The non-volatile memory may include, for example, Read Only Memory (ROM), hard disk, flash memory, etc. On which one or more computer program instructions may be stored that may be executed by processor 102 to implement client-side functionality (implemented by the processor) and/or other desired functionality in embodiments of the invention described below. Various applications and various data, such as various data used and/or generated by the applications, may also be stored in the computer-readable storage medium.
The input device 106 may be a device used by a user to input instructions and may include one or more of a keyboard, a mouse, a microphone, a touch screen, and the like.
The output device 108 may output various information (e.g., images or sounds) to an external (e.g., user), and may include one or more of a display, a speaker, and the like.
Exemplary electronic devices for implementing the method, apparatus and system for encrypted transmission of a face feature library according to embodiments of the present invention may be implemented as terminals, such as smart phones, tablet computers, etc., or any electronic devices with computing capabilities.
Next, an encryption transmission method 200 of a face feature library according to an embodiment of the present invention will be described with reference to fig. 2, and the encryption transmission method 200 of the face feature library may be applied to an encryption storage device. As shown in fig. 2, the method 200 for encrypting and transmitting a face feature library may include the following steps:
in step S210, an asymmetric key pair is generated, and a public key in the asymmetric key pair is issued, so that the server receives the public key.
In step 220, an encrypted face feature library and an encryption key sent by the server are received, where the encrypted face feature library is obtained by encrypting a face feature library by the server using a symmetric key generated by the server, and the encryption key is obtained by encrypting the symmetric key by the server using the public key.
In step S230, the private key in the asymmetric key pair is used to decrypt the encrypted key to obtain the symmetric key, and the symmetric key is used to decrypt the encrypted face feature library to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
In the embodiment of the present invention, the encryption transmission method 200 of the face feature library is described in terms of an encryption storage device, the encryption storage device receives the encrypted secret key and the encrypted face feature library from the server, decrypts the secret key to obtain the secret key, and then decrypts the encrypted face feature library by using the secret key obtained by decryption, so as to obtain the face feature library for storage. The human face comparison device reads the human face feature library from the encryption storage device when the human face is identified, so that the authenticity and the safety of the database data adopted in the human face identification process can be greatly improved, and the reliability of the human face identification result is further improved.
In the embodiment of the invention, in order to improve the security of the data transmission process, the encryption storage device generates an asymmetric key pair, a public key in the asymmetric key pair is sent to the server, and the server encrypts a symmetric key adopted when the server encrypts a face feature library by using the public key, so that the obtained encryption key is transmitted to the encryption storage device. After receiving the encryption key, the encryption storage device decrypts the encryption key by using a private key in an asymmetric key pair generated by the encryption storage device, so that a symmetric key used when the server encrypts the face feature library is obtained. Based on the symmetric key, the encrypted storage device can decrypt the encrypted face feature library, so as to obtain the face feature library.
In the embodiment of the present invention, the above-mentioned encrypted storage device may be a hardware digital certificate carrier (usbkey), or may be a security module (SE) including a security chip and a chip operating system. The face feature library is stored by using the usbkey or the SE, so that the safety of face feature storage can be guaranteed. In other examples, the encryption storage device mentioned above may also be any other suitable higher security storage device to achieve security of the storage of the facial features.
Based on the above description, according to the encrypted transmission method of the face feature library of the embodiment of the present invention, the encrypted face feature library is transmitted to the encryption storage device via the server, the encryption storage device decrypts the encrypted face feature library to obtain the face feature library, and the face comparison device reads the face feature library from the encryption storage device during face recognition and compares the face feature library with the face features to be recognized, so that the data security of the face feature library during transmission can be greatly improved, thereby improving the authenticity and security of the data of the face feature library used in the face recognition, and further improving the reliability of the face recognition result.
The above describes exemplarily an encryption transmission method of a face feature library according to an embodiment of the present invention from the perspective of an encryption storage device. Illustratively, the method for encrypted transmission of the face feature library according to the embodiment of the present invention may be implemented in a device, an apparatus or a system having a memory and a processor.
The following describes an encryption transmission method of a face feature library according to an embodiment of the present invention from the perspective of a server. Fig. 3 shows an encryption transmission method 300 for a face feature library according to another embodiment of the present invention, and the encryption transmission method 300 for the face feature library can be applied to a server. As shown in fig. 3, the method 300 for encrypting and transmitting a face feature library may include the following steps:
in step 310, a symmetric key is generated, and an encrypted face feature library is obtained by encrypting a face feature library based on the symmetric key;
in step 320, receiving a public key in an asymmetric key pair issued by an encryption storage device, and encrypting the symmetric key based on the public key to obtain an encryption key;
in step 330, the encrypted face feature library and the encryption key are sent to the encryption storage device, so that the encryption storage device: and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
In the embodiment of the present invention, the encryption transmission method 300 for the face feature library is described in terms of a server, and the server encrypts the face feature library stored therein to obtain an encrypted face feature library and transmits the encrypted face feature library to an encryption storage device, and the encryption storage device obtains the face feature library by decryption. The human face comparison device reads the human face feature library from the encryption storage device when the human face is identified, so that the authenticity and the safety of the database data adopted in the human face identification process can be greatly improved, and the reliability of the human face identification result is further improved.
In the embodiment of the invention, in order to improve the security of the data transmission process, the encryption storage device generates an asymmetric key pair, a public key in the asymmetric key pair is sent to the server, and the server encrypts a symmetric key adopted when the server encrypts a face feature library by using the public key, so that the obtained encryption key is transmitted to the encryption storage device. After receiving the encryption key, the encryption storage device decrypts the encryption key by using a private key in an asymmetric key pair generated by the encryption storage device, so that a symmetric key used when the server encrypts the face feature library is obtained. Based on the symmetric key, the encrypted storage device can decrypt the encrypted face feature library, so as to obtain the face feature library.
In the embodiment of the present invention, the above-mentioned encrypted storage device may be a hardware digital certificate carrier (usbkey), or may be a security module (SE) including a security chip and a chip operating system. The face feature library is stored by using the usbkey or the SE, so that the safety of face feature storage can be guaranteed. In other examples, the encryption storage device mentioned above may also be any other suitable higher security storage device to achieve security of the storage of the facial features.
Based on the above description, according to the encrypted transmission method of the face feature library of the embodiment of the present invention, the encrypted face feature library is transmitted to the encryption storage device via the server, the encryption storage device decrypts the encrypted face feature library to obtain the face feature library, and the face comparison device reads the face feature library from the encryption storage device during face recognition and compares the face feature library with the face features to be recognized, so that the data security of the face feature library during transmission can be greatly improved, thereby improving the authenticity and security of the data of the face feature library used in the face recognition, and further improving the reliability of the face recognition result.
The above describes exemplarily an encryption transmission method of a face feature library according to an embodiment of the present invention from the perspective of a server. Illustratively, the method for encrypted transmission of the face feature library according to the embodiment of the present invention may be implemented in a device, an apparatus or a system having a memory and a processor.
The following describes an encryption transmission device for a face feature library provided by another aspect of the present invention. Fig. 4 shows a schematic block diagram of an encryption transmission apparatus 400 of a face feature library according to an embodiment of the present invention, and the encryption transmission apparatus 400 of the face feature library can be applied to/implemented as an encryption storage apparatus.
As shown in fig. 4, the encryption transmission apparatus 400 for a human face feature library according to an embodiment of the present invention includes a key generation module 410, a receiving module 420, and a decryption module 430. The key generation module 410 is configured to generate an asymmetric key pair, and issue a public key in the asymmetric key pair, so that the server receives the public key. The receiving module 420 is configured to receive an encrypted face feature library and an encryption key sent by the server, where the encrypted face feature library is obtained by encrypting a face feature library by using a symmetric key generated by the server, and the encryption key is obtained by encrypting the symmetric key by using the public key by the server. The decryption module 430 is configured to decrypt the encrypted key with a private key in the asymmetric key pair to obtain the symmetric key, and decrypt the encrypted face feature library with the symmetric key to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing identity authentication. The modules may respectively perform the steps/functions of the method 200 for encrypted transmission of a face feature library described above in connection with fig. 2.
In the embodiment of the present invention, the encryption transmission apparatus 400 may be a hardware digital certificate carrier (usbkey) or may be a security module (SE) including a security chip and a chip operating system. The face feature library is stored by using the usbkey or the SE, so that the safety of face feature storage can be guaranteed. In other examples, the encryption transmission device 400 may also be any other suitable higher-security storage device to realize security of the storage of the facial features.
According to the encryption transmission device of the face feature library, the encrypted face feature library is received from the server and is decrypted to obtain and store the face feature library, the face comparison device reads the face feature library from the encryption transmission device during face recognition and compares the face feature library with the face features to be recognized, and data safety of the face feature library in the transmission process can be greatly improved, so that authenticity and safety of data of the face feature library adopted in the face recognition are improved, and reliability of face recognition results is improved.
Fig. 5 shows a schematic block diagram of an encryption transmission apparatus 500 of a face feature library according to another embodiment of the present invention, and the encryption transmission apparatus 500 of the face feature library can be applied to/implemented as a server.
As shown in fig. 5, the encryption transmission apparatus 500 for a human face feature library according to an embodiment of the present invention includes a key generation module 510, a receiving module 520, an encryption module 530, and a sending module 540. Wherein the key generation module 510 is configured to generate a symmetric key. The receiving module 520 is configured to receive a public key in an asymmetric key pair issued by an encrypted storage device. The encryption module 530 is configured to encrypt a face feature library based on the symmetric key to obtain an encrypted face feature library, and encrypt the symmetric key based on the public key to obtain an encrypted key. The sending module 540 is configured to send the encrypted face feature library and the encryption key to the encryption storage device, so that the encryption storage device: and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication. The modules may respectively perform the steps/functions of the method 300 for encrypted transmission of a face feature library described above in connection with fig. 3.
In the embodiment of the present invention, the above-mentioned encrypted storage device may be a hardware digital certificate carrier (usbkey), or may be a security module (SE) including a security chip and a chip operating system. The face feature library is stored by using the usbkey or the SE, so that the safety of face feature storage can be guaranteed. In other examples, the encryption storage device mentioned above may also be any other suitable higher security storage device to achieve security of the storage of the facial features.
According to the encryption transmission device of the face feature library, the encrypted face feature library is transmitted to the encryption storage device, the encryption storage device decrypts the encrypted face feature library to obtain the face feature library, the face comparison device reads the face feature library from the encryption storage device during face recognition and compares the face feature library with the face features to be recognized, and data safety of the face feature library in the transmission process can be greatly improved, so that authenticity and safety of data of the face feature library adopted in the face recognition are improved, and reliability of face recognition results is improved.
Fig. 6 shows a schematic block diagram of an encrypted transmission system 600 of a face feature library according to an embodiment of the present invention. The encryption transmission system 600 for the face feature library comprises a memory 610 and a memory 620.
The memory 610 stores therein a program for implementing the corresponding steps in the encryption transmission method of the face feature library according to the embodiment of the present invention. The memory 620 is used for operating the program stored in the memory 610 to execute the corresponding steps of the encryption transmission method of the face feature library according to the embodiment of the present invention, and is used for implementing the corresponding modules in the encryption transmission device of the face feature library according to the embodiment of the present invention.
In one embodiment, the program, when executed by the memory 620, causes the encrypted transmission system 600 of the face feature library to perform the following steps: generating an asymmetric key pair, and issuing a public key in the asymmetric key pair so that a server receives the public key; receiving an encrypted face feature library and an encryption key sent by the server, wherein the encrypted face feature library is obtained by encrypting the face feature library by using a symmetric key generated by the server, and the encryption key is obtained by encrypting the symmetric key by using the public key by the server; and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
In one embodiment, the program, when executed by the memory 620, causes the encrypted transmission system 600 of the face feature library to perform the following steps: generating a symmetric key, and encrypting a face feature library based on the symmetric key to obtain an encrypted face feature library; receiving a public key in an asymmetric key pair issued by an encryption storage device, and encrypting the symmetric key based on the public key to obtain an encryption key; sending the encrypted face feature library and the encryption key to the encryption storage device, so that the encryption storage device: and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
In one embodiment, the encrypted storage device is a hardware digital certificate carrier or a security module comprising a security chip and a chip operating system.
Furthermore, according to an embodiment of the present invention, a storage medium is further provided, on which program instructions are stored, and when the program instructions are executed by a computer or a processor, the program instructions are used to execute corresponding steps of the encryption transmission method for the face feature library according to the embodiment of the present invention, and are used to implement corresponding modules in the encryption transmission device for the face feature library according to the embodiment of the present invention. The storage medium may include, for example, a memory card of a smart phone, a storage component of a tablet computer, a hard disk of a personal computer, a Read Only Memory (ROM), an Erasable Programmable Read Only Memory (EPROM), a portable compact disc read only memory (CD-ROM), a USB memory, or any combination of the above storage media. The computer-readable storage medium may be any combination of one or more computer-readable storage media.
In one embodiment, the computer program instructions, when executed by a computer, may implement the functional modules of the encryption transmission apparatus for a face feature library according to the embodiment of the present invention, and/or may execute the encryption transmission method for a face feature library according to the embodiment of the present invention.
In one embodiment, the computer program instructions, when executed by a computer or processor, cause the computer or processor to perform the steps of: generating an asymmetric key pair, and issuing a public key in the asymmetric key pair so that a server receives the public key; receiving an encrypted face feature library and an encryption key sent by the server, wherein the encrypted face feature library is obtained by encrypting the face feature library by using a symmetric key generated by the server, and the encryption key is obtained by encrypting the symmetric key by using the public key by the server; and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
In one embodiment, the computer program instructions, when executed by a computer or processor, cause the computer or processor to perform the steps of: generating a symmetric key, and encrypting a face feature library based on the symmetric key to obtain an encrypted face feature library; receiving a public key in an asymmetric key pair issued by an encryption storage device, and encrypting the symmetric key based on the public key to obtain an encryption key; sending the encrypted face feature library and the encryption key to the encryption storage device, so that the encryption storage device: and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
In one embodiment, the encrypted storage device is a hardware digital certificate carrier or a security module comprising a security chip and a chip operating system.
The modules in the encryption transmission apparatus of the face feature library according to the embodiment of the present invention may be implemented by a processor of an electronic device for encryption transmission of the face feature library according to the embodiment of the present invention running computer program instructions stored in a memory, or may be implemented when computer instructions stored in a computer-readable storage medium of a computer program product according to the embodiment of the present invention are run by a computer.
In addition, according to the embodiment of the present invention, a computer program is also provided, and the computer program may be stored on a storage medium in the cloud or in the local. When the computer program is executed by a computer or a processor, the computer program is used for executing the corresponding steps of the encryption transmission method of the face feature library according to the embodiment of the invention, and is used for realizing the corresponding modules in the encryption transmission device of the face feature library according to the embodiment of the invention.
Based on the above description, according to the encrypted transmission method, device and system of the face feature library of the embodiment of the present invention, the encrypted face feature library is transmitted to the encryption storage device via the server, the encryption storage device decrypts the encrypted face feature library to obtain the face feature library, and the face comparison device reads the face feature library from the encryption storage device during face recognition and compares the face feature library with the face features to be recognized, so that the data security of the face feature library during transmission can be greatly improved, thereby improving the authenticity and security of the data of the face feature library adopted in the face recognition, and further improving the reliability of the face recognition result.
Although the illustrative embodiments have been described herein with reference to the accompanying drawings, it is to be understood that the foregoing illustrative embodiments are merely exemplary and are not intended to limit the scope of the invention thereto. Various changes and modifications may be effected therein by one of ordinary skill in the pertinent art without departing from the scope or spirit of the present invention. All such changes and modifications are intended to be included within the scope of the present invention as set forth in the appended claims.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described device embodiments are merely illustrative, and for example, the division of the units is only one logical functional division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another device, or some features may be omitted, or not executed.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the invention and aiding in the understanding of one or more of the various inventive aspects. However, the method of the present invention should not be construed to reflect the intent: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
It will be understood by those skilled in the art that all of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where such features are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functionality of some of the modules according to embodiments of the present invention. The present invention may also be embodied as apparatus programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The above description is only for the specific embodiment of the present invention or the description thereof, and the protection scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and the changes or substitutions should be covered within the protection scope of the present invention. The protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. An encryption transmission method of a face feature library is applied to an encryption storage device, and is characterized in that the encryption transmission method comprises the following steps:
generating an asymmetric key pair, and issuing a public key in the asymmetric key pair so that a server receives the public key;
receiving an encrypted face feature library and an encryption key sent by the server, wherein the encrypted face feature library is obtained by encrypting the face feature library by using a symmetric key generated by the server, and the encryption key is obtained by encrypting the symmetric key by using the public key by the server;
and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
2. The encrypted transmission method according to claim 1, wherein the encrypted storage device is a hardware digital certificate carrier or a security module comprising a security chip and a chip operating system.
3. An encryption transmission method of a face feature library is applied to a server, and is characterized in that the encryption transmission method comprises the following steps:
generating a symmetric key, and encrypting a face feature library based on the symmetric key to obtain an encrypted face feature library;
receiving a public key in an asymmetric key pair issued by an encryption storage device, and encrypting the symmetric key based on the public key to obtain an encryption key;
sending the encrypted face feature library and the encryption key to the encryption storage device, so that the encryption storage device: and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
4. The encryption transmission method according to claim 3, wherein the encryption storage device is a hardware digital certificate carrier or a security module comprising a security chip and a chip operating system.
5. An encryption transmission device of a face feature library is applied to an encryption storage device, and is characterized by comprising:
the key generation module is used for generating an asymmetric key pair and issuing a public key in the asymmetric key pair so that the server receives the public key;
the receiving module is used for receiving an encrypted face feature library and an encrypted key which are sent by the server, wherein the encrypted face feature library is obtained by encrypting the face feature library by using a symmetric key generated by the server, and the encrypted key is obtained by encrypting the symmetric key by using the public key by the server;
and the decryption module is used for decrypting the encrypted secret key by using a private key in the asymmetric secret key pair to obtain the symmetric secret key, and decrypting the encrypted face feature library by using the symmetric secret key to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
6. The encryption transmission device of claim 5, wherein the encryption storage device is a hardware digital certificate carrier or a security module comprising a security chip and a chip operating system.
7. An encryption transmission device of a face feature library is applied to a server, and is characterized by comprising:
a key generation module for generating a symmetric key;
the receiving module is used for receiving a public key in an asymmetric key pair issued by the encryption storage device;
the encryption module is used for encrypting the face feature library based on the symmetric key to obtain an encrypted face feature library and encrypting the symmetric key based on the public key to obtain an encrypted key;
a sending module, configured to send the encrypted face feature library and the encryption key to the encryption storage device, so that the encryption storage device: and decrypting the encrypted key by using a private key in the asymmetric key pair to obtain the symmetric key, and decrypting the encrypted face feature library by using the symmetric key to obtain a face feature library, so that the face comparison device reads the face feature library from the encrypted storage device after passing the identity authentication.
8. The encryption transmission device of claim 7, wherein the encryption storage device is a hardware digital certificate carrier or a security module comprising a security chip and a chip operating system.
9. An encrypted transmission system for a face feature library, the system comprising a memory and a processor, the memory having stored thereon a computer program to be executed by the processor, the computer program, when executed by the processor, performing the encrypted transmission method for the face feature library according to any one of claims 1 to 4.
10. A storage medium, characterized in that the storage medium has stored thereon a computer program which, when executed, performs the method of encrypted transmission of a face feature library according to any one of claims 1-4.
CN201911181215.7A 2019-11-27 2019-11-27 Encrypted transmission method, device and system of face feature library and storage medium Pending CN111147248A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911181215.7A CN111147248A (en) 2019-11-27 2019-11-27 Encrypted transmission method, device and system of face feature library and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911181215.7A CN111147248A (en) 2019-11-27 2019-11-27 Encrypted transmission method, device and system of face feature library and storage medium

Publications (1)

Publication Number Publication Date
CN111147248A true CN111147248A (en) 2020-05-12

Family

ID=70517274

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911181215.7A Pending CN111147248A (en) 2019-11-27 2019-11-27 Encrypted transmission method, device and system of face feature library and storage medium

Country Status (1)

Country Link
CN (1) CN111147248A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111783594A (en) * 2020-06-23 2020-10-16 杭州海康威视数字技术股份有限公司 Alarm method and device and electronic equipment
CN112668020A (en) * 2020-12-24 2021-04-16 深圳前海微众银行股份有限公司 Feature interleaving method, device, readable storage medium and computer program product
CN113569794A (en) * 2021-08-06 2021-10-29 上海有个机器人有限公司 Face recognition method, face recognition device, face recognition medium and mobile equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015168685A1 (en) * 2014-05-02 2015-11-05 Mitter Navroop Method of providing end to end encryption with auditability
US20160072772A1 (en) * 2014-09-08 2016-03-10 Arturo Geigel Process for Secure Document Exchange
CN108090440A (en) * 2017-12-14 2018-05-29 中国铁道科学研究院电子计算技术研究所 A kind of authentication system towards railway transport of passengers
CN109191131A (en) * 2018-08-16 2019-01-11 沈阳微可信科技有限公司 A kind of safe face identification device based on trusted context and dual safety chips
CN110414200A (en) * 2019-04-08 2019-11-05 广州腾讯科技有限公司 Auth method, device, storage medium and computer equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015168685A1 (en) * 2014-05-02 2015-11-05 Mitter Navroop Method of providing end to end encryption with auditability
US20160072772A1 (en) * 2014-09-08 2016-03-10 Arturo Geigel Process for Secure Document Exchange
CN108090440A (en) * 2017-12-14 2018-05-29 中国铁道科学研究院电子计算技术研究所 A kind of authentication system towards railway transport of passengers
CN109191131A (en) * 2018-08-16 2019-01-11 沈阳微可信科技有限公司 A kind of safe face identification device based on trusted context and dual safety chips
CN110414200A (en) * 2019-04-08 2019-11-05 广州腾讯科技有限公司 Auth method, device, storage medium and computer equipment

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111783594A (en) * 2020-06-23 2020-10-16 杭州海康威视数字技术股份有限公司 Alarm method and device and electronic equipment
CN112668020A (en) * 2020-12-24 2021-04-16 深圳前海微众银行股份有限公司 Feature interleaving method, device, readable storage medium and computer program product
CN112668020B (en) * 2020-12-24 2024-09-03 深圳前海微众银行股份有限公司 Feature crossing method, device, readable storage medium, and computer program product
CN113569794A (en) * 2021-08-06 2021-10-29 上海有个机器人有限公司 Face recognition method, face recognition device, face recognition medium and mobile equipment
CN113569794B (en) * 2021-08-06 2024-08-20 上海有个机器人有限公司 Face recognition method, device, medium and mobile equipment

Similar Documents

Publication Publication Date Title
US11799668B2 (en) Electronic identification verification methods and systems with storage of certification records to a side chain
WO2021239104A1 (en) Blockchain-based service processing
US11288371B2 (en) Blockchain-based data processing method, apparatus, and device
US11258591B2 (en) Cryptographic key management based on identity information
KR20210041404A (en) Electronic device and method for blockchain address management thereof
JP2018507586A (en) Method and apparatus for securing mobile applications
KR20210009791A (en) Electronic authentication apparatus using block chain and a method thereof
CN110598433B (en) Block chain-based anti-fake information processing method and device
CN111147248A (en) Encrypted transmission method, device and system of face feature library and storage medium
TWI724684B (en) Method, system and device for performing cryptographic operations subject to identity verification
TWI728587B (en) Computer-implemented methods, systems, apparatus for securely performing cryptographic operations
CN116226289A (en) Electronic certificate management method, device, equipment and storage medium based on blockchain
JP2020521341A (en) Cryptographic key management based on identification information
US8904508B2 (en) System and method for real time secure image based key generation using partial polygons assembled into a master composite image
US20240129113A1 (en) Method for providing oracle service of blockchain network by using zero-knowledge proof and aggregator terminal using the same
KR101679183B1 (en) Server and method for electronic signature
USRE49968E1 (en) Electronic identification verification methods and systems with storage of certification records to a side chain
CN117201124A (en) Data encryption method, device, computer equipment and storage medium
WO2024100444A1 (en) System and method for anti-counterfeit authentication using a combination of non-fungible token and near-field communication
CN117201144A (en) Request processing method, device, equipment and storage medium based on artificial intelligence
CN117235785A (en) Privacy information management method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200512