CN111881438A - Method and device for carrying out biological feature recognition based on privacy protection and electronic equipment - Google Patents

Method and device for carrying out biological feature recognition based on privacy protection and electronic equipment Download PDF

Info

Publication number
CN111881438A
CN111881438A CN202010819209.6A CN202010819209A CN111881438A CN 111881438 A CN111881438 A CN 111881438A CN 202010819209 A CN202010819209 A CN 202010819209A CN 111881438 A CN111881438 A CN 111881438A
Authority
CN
China
Prior art keywords
matrix
features
encryption
biological characteristic
image
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010819209.6A
Other languages
Chinese (zh)
Other versions
CN111881438B (en
Inventor
曹佳炯
李亮
丁菁汀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202010819209.6A priority Critical patent/CN111881438B/en
Publication of CN111881438A publication Critical patent/CN111881438A/en
Application granted granted Critical
Publication of CN111881438B publication Critical patent/CN111881438B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/25Fusion techniques
    • G06F18/251Fusion techniques of input or preprocessed data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/44Secrecy systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/50Maintenance of biometric data or enrolment thereof
    • G06V40/53Measures to keep reference information secret, e.g. cancellable biometrics

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Accounting & Taxation (AREA)
  • Multimedia (AREA)
  • Data Mining & Analysis (AREA)
  • General Business, Economics & Management (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Finance (AREA)
  • Signal Processing (AREA)
  • Human Computer Interaction (AREA)
  • Medical Informatics (AREA)
  • Strategic Management (AREA)
  • Artificial Intelligence (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Biology (AREA)
  • Evolutionary Computation (AREA)
  • Collating Specific Patterns (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)

Abstract

According to the method, in response to the fact that the target device is determined to be selected as the main device in the target device group, multi-frame biological feature images collected by the collection end device in the target device group are obtained; jointly encrypting the multiple frames of biological characteristic images to obtain encrypted data fused with the multiple frames of biological characteristic images; and uploading the encrypted data to a server for biometric identification. Therefore, the risk of revealing the biological characteristic information is effectively reduced, and the safety of the biological characteristic information is improved.

Description

Method and device for carrying out biological feature recognition based on privacy protection and electronic equipment
Technical Field
One or more embodiments of the present disclosure relate to the technical field of biometric identification, and in particular, to a method, an apparatus, and an electronic device for biometric identification based on privacy protection.
Background
With the continuous development of internet technology, biometric identification technology is applied more and more widely, for example, biometric identification technology can be applied to online payment, equipment unlocking, access control and the like. However, in the application of biometric identification technology, especially when using public devices to perform remote biometric registration and identification, the biometric information of the user is easily stolen, which poses a great threat to the privacy security of the user. Therefore, protection of the biometric information becomes particularly important.
Disclosure of Invention
In order to solve one of the technical problems, one or more embodiments of the present specification provide a method, an apparatus, and an electronic device for biometric identification based on privacy protection.
According to a first aspect, a method for biometric feature recognition based on privacy protection is provided, which is applied to a target device, where the target device is any one of a plurality of acquisition-side devices in a target device group, and the method includes:
in response to the fact that the target equipment is determined to be selected as the main equipment in the target equipment group, acquiring multi-frame biological characteristic images acquired by acquisition end equipment in the target equipment group;
jointly encrypting the multiple frames of biological characteristic images to obtain encrypted data fused with the multiple frames of biological characteristic images;
and uploading the encrypted data to a server for biometric identification.
Optionally, the jointly encrypting the multiple frames of biometric images includes:
taking each frame of image in the multi-frame biological characteristic images as an array element to generate a target image array; the number of elements of the target image array is more than or equal to the number of frames of the biological characteristic image;
determining an encryption matrix, wherein the encryption matrix is a reversible matrix generated randomly;
and carrying out encryption operation on the target image array by using the encryption matrix to obtain an encrypted array as the encrypted data.
Optionally, the order of the encryption matrix is the same as the number of elements of the target image array;
the encrypting operation of the target image array by using the encryption matrix comprises the following steps:
and carrying out matrix multiplication operation on the encryption matrix and the target image array.
Optionally, the multiple acquisition end devices in the target device group communicate with each other through a local area network.
Optionally, the biometric image includes an image of any one or more of the following features:
human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
According to a second aspect, there is provided a method for biometric identification based on privacy protection, applied to a server, including:
selecting one acquisition end device from a plurality of acquisition end devices in the target device group as a main device;
sending indication information; so that the main device obtains a plurality of frames of biological characteristic images acquired by the acquisition terminal devices in the target device group;
receiving the encrypted data fused with the multi-frame biological characteristic images, which is obtained by jointly encrypting the multi-frame biological characteristic images by the main equipment;
and decrypting the encrypted data, and restoring to obtain the multi-frame biological characteristic image, wherein the multi-frame biological characteristic image is used for biological characteristic identification.
Optionally, the encrypted data is an encrypted array obtained by performing encryption operation on a target image array by using an encryption matrix by the master device; the encryption matrix is a reversible matrix generated randomly; each frame of image in the multi-frame biological characteristic image is an element of the target image array, and the number of the elements of the target image array is more than or equal to the number of frames of the biological characteristic image;
wherein the decrypting the encrypted data comprises:
determining a decryption matrix, wherein the decryption matrix is an inverse matrix of the encryption matrix;
and carrying out decryption operation on the encrypted array by using the decryption matrix.
Optionally, the order of the decryption matrix is the same as the number of elements of the encryption array;
the decrypting operation of the encrypted array by using the decrypting matrix comprises the following steps:
and carrying out matrix multiplication operation on the decryption matrix and the encryption array.
Optionally, a plurality of acquisition end devices in the target device group communicate through a local area network.
Optionally, the biometric image includes an image of any one or more of the following features:
human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
Optionally, the selecting one of the plurality of acquiring end devices in the target device group as a master device includes:
determining network state parameter values of a plurality of acquisition end devices in the target device group;
and determining one acquisition terminal device with the network state parameter value meeting the preset condition as a main device.
According to a third aspect, an apparatus for performing biometric identification based on privacy protection is provided, which is applied to a target device, where the target device is any one of a plurality of acquisition-side devices in a target device group, and the apparatus includes:
the acquisition module is used for responding to the fact that the target equipment is selected as the main equipment in the target equipment group, and acquiring multi-frame biological characteristic images acquired by acquisition end equipment in the target equipment group;
the encryption module is used for carrying out joint encryption on the multi-frame biological characteristic images to obtain encrypted data fused with the multi-frame biological characteristic images;
and the uploading module is used for uploading the encrypted data to a server so as to perform biological characteristic identification.
Optionally, the encryption module includes:
the generating submodule is used for taking each frame of image in the multi-frame biological characteristic images as an array element to generate a target image array; the number of elements of the target image array is more than or equal to the number of frames of the biological characteristic image;
the determining submodule is used for determining an encryption matrix, and the encryption matrix is a reversible matrix generated randomly;
and the encryption submodule is used for carrying out encryption operation on the target image array by using the encryption matrix to obtain an encrypted array as the encrypted data.
Optionally, the order of the encryption matrix is the same as the number of elements of the target image array;
the operator sub-module is configured to:
and carrying out matrix multiplication operation on the encryption matrix and the target image array.
Optionally, the multiple acquisition end devices in the target device group communicate with each other through a local area network.
Optionally, the biometric image includes an image of any one or more of the following features:
human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
According to a fourth aspect, there is provided an apparatus for biometric identification based on privacy protection, applied to a server, comprising:
the selection module is used for selecting one acquisition end device from a plurality of acquisition end devices in the target device group as a main device;
the sending module is used for sending the indication information; so that the main device obtains a plurality of frames of biological characteristic images acquired by the acquisition terminal devices in the target device group;
the receiving module is used for receiving the encrypted data fused with the multi-frame biological characteristic images, which are obtained by jointly encrypting the multi-frame biological characteristic images by the main equipment;
and the decryption module is used for decrypting the encrypted data and restoring to obtain the multi-frame biological characteristic image, and the multi-frame biological characteristic image is used for biological characteristic identification.
Optionally, the encrypted data is an encrypted array obtained by performing encryption operation on a target image array by using an encryption matrix by the master device; the encryption matrix is a reversible matrix generated randomly; each frame of image in the multi-frame biological characteristic image is an element of the target image array, and the number of the elements of the target image array is more than or equal to the number of frames of the biological characteristic image;
wherein the decryption module comprises:
the determining submodule is used for determining a decryption matrix, and the decryption matrix is an inverse matrix of the encryption matrix;
and the decryption submodule is used for carrying out decryption operation on the encrypted array by utilizing the decryption matrix.
Optionally, the order of the decryption matrix is the same as the number of elements of the encryption array;
the decryption submodule is configured to:
and carrying out matrix multiplication operation on the decryption matrix and the encryption array.
Optionally, a plurality of acquisition end devices in the target device group communicate through a local area network.
Optionally, the biometric image includes an image of any one or more of the following features:
human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
Optionally, the selecting module is configured to:
determining network state parameter values of a plurality of acquisition end devices in the target device group;
and determining one acquisition terminal device with the network state parameter value meeting the preset condition as a main device.
According to a fifth aspect, there is provided a computer readable storage medium, storing a computer program which, when executed by a processor, implements the method of any of the first and second aspects described above.
According to a sixth aspect, there is provided an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any of the first and second aspects when executing the program.
The technical scheme provided by the embodiment of the specification can have the following beneficial effects:
in the method and the device for biometric feature recognition based on privacy protection provided by the embodiments of the present specification, in response to a determination that a target device is selected as a master device in a target device group, multiple frames of biometric images acquired by an acquisition end device in the target device group are acquired, the multiple frames of biometric images are jointly encrypted, encrypted data fusing the multiple frames of biometric images are obtained, and the encrypted data are uploaded to a server for biometric feature recognition. The embodiment collects the biological characteristic images acquired by the plurality of acquisition end devices together, performs joint encryption, fuses the multi-frame biological characteristic images, and obtains encrypted data, so that the risk of leakage of the biological characteristic information is effectively reduced, and the safety of the biological characteristic information is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a diagram illustrating a scenario for biometric identification based on privacy protection according to an example embodiment;
FIG. 2 is a flow diagram illustrating a method for privacy protection based biometric identification according to an exemplary embodiment of the present description;
FIG. 3 is a flow diagram illustrating another method for privacy protection based biometric identification according to an example embodiment;
FIG. 4 is a flow diagram illustrating another method for privacy preserving-based biometric identification according to an example embodiment;
FIG. 5 is a flow diagram illustrating another method for privacy protection based biometric identification according to an example embodiment;
FIG. 6 is a block diagram illustrating an apparatus for privacy protection based biometric identification according to an example embodiment;
FIG. 7 is a block diagram of another privacy preserving based biometric identification apparatus according to an example embodiment shown in the present specification;
FIG. 8 is a block diagram of another privacy preserving based biometric identification apparatus according to an example embodiment shown in the present specification;
FIG. 9 is a block diagram of another privacy preserving based biometric identification apparatus according to an example embodiment shown in the present specification;
fig. 10 is a schematic structural diagram illustrating an electronic device according to an exemplary embodiment.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present specification. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the specification, as detailed in the appended claims.
The terminology used in the description herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this specification and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
Fig. 1 is a schematic diagram illustrating a scenario of biometric identification based on privacy protection according to an exemplary embodiment: in the scenario shown in fig. 1, the device group includes a device 1, a device 2, and a device 3, and images 1, 2, and 3 of the biometric feature are respectively acquired. The device 2 is selected as the master device, and the devices 1 and 3 transmit the acquired images 1 and 3 to the device 2, respectively. The device 2 jointly encrypts the image 1, the image 2 and the image 3 to obtain encrypted data fusing the image 1, the image 2 and the image 3, and transmits the encrypted data to the server. And after receiving the encrypted data, the server decrypts the encrypted data and restores the encrypted data to obtain the image 1, the image 2 and the image 3. Image 1, image 2 and image 3 may be used for biometric identification.
The embodiments provided in the present specification will be described in detail with reference to specific examples.
Fig. 2 is a flow chart illustrating a method for biometric identification based on privacy protection, which may be applied in a target device, according to an example embodiment, as shown in fig. 2. The target device is a collection terminal device, and the collection terminal device can be any terminal device capable of supporting biological feature collection. It will be appreciated by those skilled in the art that the terminal device may be a public biometric device including, but not limited to, devices such as a tablet computer, desktop computer, access control device, and electronic payment device, among others. The method comprises the following steps:
in step 201, in response to determining that the target device is selected as the master device in the target device group, acquiring multiple frames of biological characteristic images acquired by the acquisition end devices in the target device group.
In this embodiment, the acquisition end devices may be grouped in advance to obtain a plurality of device groups, where each device group includes a plurality of acquisition end devices. The grouping may be based on the location of the acquisition-side device, for example, a plurality of acquisition-side devices with nearby locations may be grouped into a group. The grouping may also be based on the network to which the acquisition side devices are connected, for example, a plurality of acquisition side devices connected to the same local area network may be grouped into one group. It can be understood that the acquisition end devices may be grouped in any reasonable manner, and the embodiments of the present specification do not limit the specific manner of grouping.
In this embodiment, the target device group is any one of a plurality of pre-divided device groups, and the target device group includes a plurality of acquisition-side devices. The target equipment is any acquisition end equipment in the target equipment group. The plurality of acquisition-side devices in the target device group and the server providing the biometric service can communicate with each other, and the plurality of acquisition-side devices in the target device group can communicate with each other.
In an embodiment, the server may select one acquisition end device from the target device group as a master device, and send a message carrying the selection result to the master device, or send a message carrying the selection result to each acquisition end device in the target device group. In another embodiment, a plurality of acquisition end devices in the target device group may also jointly determine which device is the master device according to a preset rule, or the plurality of acquisition end devices alternately serve as the master device.
When the target device is selected as the master device in the target device group, other acquiring device (acquiring device that has acquired but not uploaded the biometric image) in the target device group may transmit the acquired biometric image to the target device. Therefore, the multi-frame biometric image acquired by the target device may include a biometric image acquired by the target device itself and biometric images acquired by other multiple acquiring-side devices in the target device group (acquiring-side devices that have acquired the biometric image but have not uploaded the biometric image).
In this embodiment, a biometric acquisition device may be installed on each acquisition end device, for example, a camera, a recorder, a fingerprint acquirer, an electrocardiograph sensor, and the like may be installed. When the biological characteristics are registered or identified, the biological characteristic information can be acquired by a biological characteristic acquisition device on the acquisition terminal equipment, and a biological characteristic image can be obtained based on the acquired biological characteristic information. If the biological characteristics comprise characteristics in the form of images, the acquisition end equipment can directly acquire the acquired biological characteristic images. If the biometric feature includes a feature in a non-image form, the acquisition-side device may first acquire the acquired feature information, and then convert the acquired feature information into information in an image form as a biometric image.
In step 202, the multiple frames of biometric images are jointly encrypted, so as to obtain encrypted data fusing the multiple frames of biometric images.
In this embodiment, the multiple frames of biometric images may be jointly encrypted to obtain encrypted data fusing the multiple frames of biometric images. Wherein the encrypted data does not have a data portion individually corresponding to any one frame of the biometric image.
In one implementation, each frame of image in the multiple frames of biometric images may be used as an array element to generate a target image array, where the number of elements in the target image array is greater than or equal to the number of frames of the biometric images. Then, an encryption matrix is determined, which is a randomly generated invertible matrix. And finally, carrying out encryption operation on the target image array by using the encryption matrix.
In another implementation manner, the multiple frames of biological characteristic images may be spliced into an image matrix, and then, the pixel points of the spliced image matrix are scrambled according to a preset rule, so as to generate encrypted data.
It is to be understood that any other reasonable manner may also be used to jointly encrypt the multiple frames of biometric images, and the embodiment is not limited in the specific manner of this joint encryption.
In step 203, the encrypted data is uploaded to a server for biometric identification.
In this embodiment, after obtaining the encrypted data, the target device may upload the encrypted data to the server. The server can decrypt the encrypted data, restore the encrypted data to obtain the multi-frame biological characteristic image, and complete the registration or identification of the biological characteristics by using the multi-frame biological characteristic image.
In the method for biometric identification based on privacy protection provided in the above embodiment of the present specification, in response to determining that the target device is selected as the master device in the target device group, multiple frames of biometric images acquired by the acquisition end device in the target device group are acquired, the multiple frames of biometric images are jointly encrypted, encrypted data that fuses the multiple frames of biometric images is obtained, and the encrypted data is uploaded to the server for biometric identification. The embodiment collects the biological characteristic images acquired by the plurality of acquisition end devices together, performs joint encryption, fuses the multi-frame biological characteristic images, and obtains encrypted data, so that the risk of leakage of the biological characteristic information is effectively reduced, and the safety of the biological characteristic information is improved.
Fig. 3 is a flow chart illustrating another method for biometric identification based on privacy protection according to an exemplary embodiment, which describes a process of jointly encrypting multiple frames of biometric images, and the method can be applied to a target device, and includes the following steps:
in step 301, in response to determining that the target device is selected as the master device in the target device group, acquiring multiple frames of biometric images acquired by the acquisition end devices in the target device group.
In step 302, each frame of image in the multi-frame biometric images is taken as an array element, and a target image array is generated.
In this embodiment, each frame of image in the multi-frame biometric images may be used as an array element to generate the target image array. The number of elements of the target image array is more than or equal to the number of frames of the biological characteristic image. For example, if the biometric image has n frames, the number of elements in the target image array is greater than or equal to n. Therefore, the elements of the target image array except the biometric image may be any preset matrix, and the order of the matrix is the same as that of the biometric image.
For example, the order of the biometric image is m × n, and the number of frames of the biometric image is I1,I2,I3,I4,I5The generated target image array may then be { I }1,I2,I3,I4,I5Can also be { I }1,I2,I3,I4,I5And a }, where a is a matrix with an arbitrary order of m × n, and optionally, a may be a zero matrix.
In step 303, an encryption matrix is determined, which is a randomly generated invertible matrix.
In this embodiment, an encryption matrix may be determined, where the encryption matrix is a reversible matrix generated randomly, and the order of the encryption matrix is the same as the number of elements of the target image array. In one implementation, a reversible matrix may be randomly generated by the target device as the encryption matrix. In another implementation, a reversible matrix may also be randomly generated by the server as the encryption matrix. The server then transmits the generated encryption matrix to the target device. It is to be understood that the present embodiment is not limited to the specific manner of determining the encryption matrix.
In step 304, the encryption matrix is used to perform encryption operation on the target image array, and the encrypted array is obtained as encrypted data.
In this embodiment, since the order of the encryption matrix is the same as the number of elements of the target image array, the encryption matrix and the target image array may be subjected to matrix multiplication. For example, the multi-frame biometric images are respectively I1,I2,I3The target image array is I = { I = { (I)1,I2,I3A is a zero matrix, and an encryption matrix is B =
Figure DEST_PATH_IMAGE002
The encryption matrix B and the target image array I may be subjected to matrix multiplication to obtain an encryption array C = { I = { (I) }1,2I1+I2,3I1+2I2+I3,4I1+3I2+2I3+ A } as encrypted data. As can be seen, the encrypted data fuses a plurality of frames of biometric images.
In step 305, the encrypted data is uploaded to a server for biometric identification.
It should be noted that, for the same steps as in the embodiment of fig. 2, details are not repeated in the embodiment of fig. 3, and related contents may refer to the embodiment of fig. 2.
In the method for biometric feature identification based on privacy protection provided in the embodiments of the present specification, in response to determining that the target device is selected as the master device in the target device group, multiple frames of biometric images acquired by the acquisition end device in the target device group are acquired, each frame of image in the multiple frames of biometric images is taken as an array element, a target image array is generated, an encryption matrix is determined, the encryption matrix is a reversible matrix generated randomly, the encryption matrix is used to perform encryption operation on the target image array, the encryption array is obtained and taken as encrypted data, and the encrypted data is uploaded to the server. In the embodiment, each frame of image in the multiple frames of biological characteristic images is used as an array element to generate the target image array, and the reversible matrix is used for carrying out encryption operation on the target image array, so that the risk of leakage of biological characteristic information is further reduced, and the safety of the biological characteristic information is improved.
In some optional embodiments, the plurality of acquisition-side devices in the target device group communicate with each other through a local area network.
In this embodiment, multiple acquisition end devices in the target device group may access the same local area network and may communicate with each other through the same local area network. The local area network may be a wired communication link, a wireless communication link, an optical fiber cable, or the like, and the specific form of the local area network is not limited in this embodiment.
In the implementation, the plurality of acquisition end devices in the target device group are communicated with each other through the local area network, so that the way of leakage of the biological characteristic information is reduced, and the safety of the biological characteristic information is further improved.
In other alternative embodiments, the biometric image may include an image of any one or more of the following features: human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
Specifically, the biometric identification method according to the present embodiment may include, but is not limited to, face identification, eye identification, voiceprint identification, fingerprint identification, palm print identification, heartbeat identification, pulse identification, vein identification, human teeth bite mark identification, and multi-modal (i.e., multi-biometric feature fusion) identification. The biometric image is an image that needs to be acquired when biometric identification is performed. Therefore, when the biometric recognition mode is single-mode recognition, the biometric image may include an image of any one of the following features, and when the biometric recognition mode is multi-mode recognition, the biometric image may include an image of any of the following features: human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
Fig. 4 is a flow chart illustrating another method for biometric identification based on privacy protection, which may be applied in a server, according to an example embodiment, as shown in fig. 4. The server can be any identification end device capable of supporting biological feature identification. The method comprises the following steps:
in step 401, one acquisition end device is selected from a plurality of acquisition end devices in the target device group as a master device.
In this embodiment, the server may select one acquisition end device from the plurality of acquisition end devices in the target device group as the master device. In one implementation, the server may randomly select one acquisition end device from a plurality of acquisition end devices in the target device group as the master device.
In another implementation manner, the server may further determine a network state parameter value of each acquisition end device in the target device group, and determine an acquisition end device whose network state parameter value meets a preset condition as the master device. The network state parameter may be a network speed, a signal strength, or the like, and the specific selection aspect of the network state parameter is not limited in this embodiment. For example, the server may determine the network speed of each acquisition end device in the target device group, and determine the acquisition end device with the highest network speed as the master device. The server selects the main equipment based on the network state parameter value of the acquisition terminal equipment, so that the communication between the main equipment and the server is ensured to be smoother and more stable.
In step 402, indication information is sent so that the master device obtains multiple frames of biometric images acquired by the acquisition end devices in the target device group.
In this embodiment, the server may directly send the indication information to each acquisition end device in the target device group, where the indication information may carry the identification information of the master device. And any other plurality of acquisition end devices (acquisition end devices which are currently acquired but not uploaded with the biological characteristic images) except the main device in the target device group respond to the indication information and transmit the acquired biological characteristic images to the main device. The server can also send the indication information to any acquisition terminal device in the target device group, and the acquisition terminal device informs other acquisition terminal devices except the main device in the target device group to transmit the acquired biological characteristic image to the main device.
In step 403, the encrypted data fused with the multi-frame biometric images obtained by jointly encrypting the multi-frame biometric images by the master device is received.
In step 404, the encrypted data is decrypted and restored to obtain the multi-frame biometric image.
In this embodiment, the server receives encrypted data transmitted from the host device, where the encrypted data is data obtained by jointly encrypting the plurality of frames of biometric images by the host device and fusing the plurality of frames of biometric images. And then, decrypting the encrypted data, and restoring to obtain the multi-frame biological characteristic image.
In one implementation, the encrypted data is obtained by: and taking each frame of image in the multi-frame biological characteristic image as an array element to generate a target image array, wherein the number of the elements of the target image array is more than or equal to the number of frames of the biological characteristic image. Then, an encryption matrix is determined, which is a randomly generated invertible matrix. And finally, carrying out encryption operation on the target image array by using the encryption matrix to obtain an encrypted array as encrypted data. Decryption is performed by: and determining a decryption matrix, wherein the decryption matrix is the inverse matrix of the encryption matrix, and the decryption matrix is utilized to perform decryption operation on the encryption array.
In another implementation, the encrypted data is obtained by: splicing the multi-frame biological characteristic images into an image matrix, and then, scrambling the pixel points of the spliced image matrix according to a preset scrambling rule, thereby generating encrypted data. Decryption is performed by: and restoring the disordered image matrix according to a preset restoring rule to obtain the spliced image matrix. And splitting the spliced image matrix to obtain the multi-frame biological characteristic image.
In this embodiment, after the server decrypts the encrypted data and restores the encrypted data to obtain the multi-frame biometric image, the server may use the multi-frame biometric image to complete the registration or identification of the biometric feature.
In the method for biometric identification based on privacy protection provided in the above embodiment of the present specification, one acquisition end device is selected from the multiple acquisition end devices in the target device group as a master device, and the indication information is sent, so that the master device obtains multiple frames of biometric images acquired by the acquisition end devices in the target device group. And receiving the multi-frame biological characteristic image which is jointly encrypted by the main equipment to obtain encrypted data fused with the multi-frame biological characteristic image, decrypting the encrypted data, and restoring to obtain the multi-frame biological characteristic image which is used for biological characteristic identification. The embodiment collects the biological characteristic images acquired by the plurality of acquisition end devices together, performs joint encryption, fuses the multi-frame biological characteristic images, and obtains encrypted data, so that the risk of leakage of the biological characteristic information is effectively reduced, and the safety of the biological characteristic information is improved.
Fig. 5 is a flow chart illustrating another method for biometric identification based on privacy protection according to an exemplary embodiment, which describes the process of decrypting encrypted data in detail, and the method can be applied to a server, and includes the following steps:
in step 501, one acquisition end device is selected from a plurality of acquisition end devices in the target device group as a master device.
In step 502, the indication information is sent so that the master device obtains a plurality of frames of biometric images acquired by the acquisition end devices in the target device group.
In step 503, the main device performs joint encryption on the multiple frames of biometric images to obtain encrypted data fused with the multiple frames of biometric images, where the encrypted data is an encrypted array obtained by performing encryption operation on a target image array by using an encryption matrix.
In step 504, a decryption matrix is determined.
In this embodiment, the encrypted data is an encrypted array obtained by the master device performing an encryption operation on the target image array by using an encryption matrix, and the encryption matrix is a reversible matrix generated at random. Each frame of image in the multi-frame biological characteristic image is an element of a target image array, and the number of the elements of the target image array is more than or equal to the number of frames of the biological characteristic image. The decryption matrix is the inverse of the encryption matrix.
In one implementation, an encryption matrix may be randomly generated by the target device and an inverse of the encryption matrix may be obtained, and the target device transmits the inverse of the encryption matrix as a decryption matrix to the server. In another implementation, the server may also randomly generate an encryption matrix, and obtain an inverse matrix of the encryption matrix as the decryption matrix. It is to be understood that the embodiment is not limited to the specific manner of determining the decryption matrix.
In step 505, the decryption matrix is used to perform decryption operation on the encrypted array, and the multi-frame biometric image is obtained by restoration.
In this embodiment, the matrix multiplication operation may be performed on the decryption matrix and the encryption array, so as to restore the multi-frame biometric image.
For example, the multi-frame biometric images are respectively I1,I2,I3The target image array is I = { I = { (I)1,I2,I3A, and B = encryption matrix
Figure DEST_PATH_IMAGE003
Performing matrix multiplication operation on the encryption matrix B and the target image array I to obtain an encryption array C = { I = { (I) }1,2I1+I2,3I1+2I2+I3,4I1+3I2+2I3+ A, D = decryption matrix
Figure DEST_PATH_IMAGE004
. Performing matrix multiplication operation on the decryption matrix D and the encryption array C to obtain a target image array I = { I = { (I) }1,I2,I3And A, so as to restore and obtain the multi-frame biological characteristic image I1,I2,I3
It should be noted that, for the same steps as in the embodiments of fig. 2 to fig. 4, description is not repeated in the embodiment of fig. 5, and related contents may refer to the embodiments of fig. 2 to fig. 4.
In the method for biometric feature recognition based on privacy protection provided in the above embodiment of this specification, one acquisition end device is selected from multiple acquisition end devices in a target device group as a master device, and indication information is sent, so that the master device obtains multiple frames of biometric images acquired by the acquisition end devices in the target device group, and receives encrypted data obtained by jointly encrypting the multiple frames of biometric images by the master device, where the encrypted data is an encrypted array obtained by encrypting a target image array by the master device using an encryption matrix. And determining a decryption matrix, performing decryption operation on the encrypted array by using the decryption matrix, and restoring to obtain the multi-frame biological characteristic image. Because the encrypted data of the embodiment is the encrypted array obtained by performing the encryption operation on the target image array by using the encryption matrix, the reversible matrix of the encryption matrix can be used as the decryption matrix, and the decryption operation is performed on the encrypted array by using the decryption matrix, the risk of the leakage of the biological characteristic information is further reduced, and the security of the biological characteristic information is improved.
It should be noted that while in the above-described embodiments of fig. 2-5, the operations of the methods of the embodiments of this specification are described in a particular order, this does not require or imply that the operations must be performed in that particular order, or that all of the illustrated operations must be performed, to achieve desirable results. Rather, the steps depicted in the flowcharts may change the order of execution. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.
The following description is intended to illustrate aspects of one or more embodiments of the disclosure, as a whole, with reference to a single example application.
The application scenario may be: m, N, P, Q four payment devices which are installed in the business district A and support the face recognition payment are divided into a device group, the four payment devices are all communicated with a server supporting the face recognition payment, and the four payment devices can also be communicated with each other.
Specifically, the server may first obtain the network speed of the payment device M, N, P, Q, and select the payment device M with the highest network speed as the master device in the device group. And sends an indication to payment device M, N, P, Q indicating that M is the master.
There is a biometric image, I respectively, currently captured but not uploaded in payment device M, N, PM,IN,IP. And there is no biometric image currently captured but not uploaded in the payment device Q. The payment device N, P responds to the above-mentioned indication information to upload the biometric image I that is not uploadedNAnd IPTo the payment device M.
Payment device M based on biometric image IM,IN,IPGenerating an array { I }M,IN,IPAnd randomly generating a third-order reversible matrix L as an encryption matrix, obtaining an inverse matrix L 'of the L as a decryption matrix, and transmitting the decryption matrix L' to the server. The payment device M then combines the encryption matrix L with the array IM,IN,IPAnd carrying out matrix multiplication to obtain encrypted data, and transmitting the encrypted data to the server.
ServerReceiving the decryption matrix L 'and the encrypted data, performing matrix multiplication operation by using the decryption matrix L' and the encrypted data, and restoring to obtain an array { IM,IN,IPObtaining a biometric image I collected by the payment device M, N, PM,IN,IP. The server can utilize the biological characteristic image IM,IN,IPAnd carrying out biological feature identification to finish payment authentication.
Therefore, by applying the scheme, the biological characteristic images acquired by the plurality of acquisition end devices are collected together and are subjected to joint encryption, and the multi-frame biological characteristic images are fused to obtain encrypted data, so that the risk of leakage of the biological characteristic information is effectively reduced, and the safety of the biological characteristic information is improved.
In correspondence with the foregoing embodiments of the method for biometric identification based on privacy protection, the present specification also provides embodiments of an apparatus for biometric identification based on privacy protection.
As shown in fig. 6, fig. 6 is a block diagram of an apparatus for performing biometric identification based on privacy protection according to an exemplary embodiment, which is applied to a target device, where the target device is any one of a plurality of acquisition-side devices in a target device group, and the apparatus may include: an acquisition module 601, an encryption module 602, and an upload module 603.
The obtaining module 601 is configured to obtain multiple frames of biometric images collected by a collection end device in the target device group in response to determining that the target device is selected as a master device in the target device group.
The encryption module 602 is configured to perform joint encryption on multiple frames of biometric images to obtain encrypted data fused with the multiple frames of biometric images.
An uploading module 603, configured to upload the encrypted data to a server for biometric identification.
As shown in fig. 7, fig. 7 is a block diagram of another apparatus for biometric identification according to an exemplary embodiment, where on the basis of the foregoing embodiment shown in fig. 6, the encryption module 602 may include: a generation sub-module 701, a determination sub-module 702 and an encryption sub-module 703.
The generating sub-module 701 is configured to use each frame of image in the multiple frames of biometric images as an array element to generate a target image array, where the number of elements in the target image array is greater than or equal to the number of frames of the biometric images.
A determining submodule 702 is configured to determine an encryption matrix, where the encryption matrix is a reversible matrix generated randomly.
The encryption sub-module 703 is configured to perform an encryption operation on the target image array by using the encryption matrix, and obtain an encrypted array as the encrypted data.
In some alternative embodiments, the encryption matrix has the same order as the number of elements of the target image array. The encryption sub-module 703 is configured for: and carrying out matrix multiplication operation on the encryption matrix and the target image array.
In other optional embodiments, the plurality of acquisition-side devices in the target device group communicate with each other through a local area network.
In further alternative embodiments, the biometric image may include an image of any one or more of the following features: human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
It should be understood that the above-mentioned apparatus may be preset in the terminal device, and may also be loaded into the terminal device by downloading or the like. The corresponding modules in the above-mentioned apparatus can cooperate with the modules in the terminal device to implement the scheme for biometric identification.
As shown in fig. 8, fig. 8 is a block diagram of another apparatus for performing biometric identification based on privacy protection according to an exemplary embodiment, applied to a server, where the apparatus may include: a selection module 801, a sending module 802, a receiving module 803 and a decryption module 804.
The selecting module 801 is configured to select one acquiring device from multiple acquiring devices in the target device group as a master device.
A sending module 802, configured to send indication information, so that the master device obtains multiple frames of biometric images acquired by the acquisition end device in the target device group.
The receiving module 803 is configured to receive encrypted data obtained by performing joint encryption on multiple frames of biometric images by the host device to merge the multiple frames of biometric images.
And the decryption module 804 is configured to decrypt the encrypted data, and restore the encrypted data to obtain a plurality of frames of biometric images, where the plurality of frames of biometric images are used for biometric identification.
As shown in fig. 9, fig. 9 is a block diagram of another apparatus for biometric identification according to an exemplary embodiment, where on the basis of the foregoing embodiment shown in fig. 8, the decryption module 804 may include: a determination sub-module 901 and a decryption sub-module 902.
The encrypted data is an encrypted array obtained by encrypting a target image array by using an encryption matrix through the main equipment, the encryption matrix is a reversible matrix generated randomly, each frame of image in the multi-frame biological characteristic image is an element of the target image array, and the number of the elements of the target image array is more than or equal to the number of frames of the biological characteristic image.
The determining submodule 901 is configured to determine a decryption matrix, where the decryption matrix is an inverse matrix of the encryption matrix;
and the decryption submodule 902 is configured to perform a decryption operation on the encrypted array by using the decryption matrix.
In some alternative embodiments, the order of the decryption matrix is the same as the number of elements of the encryption array. The decryption submodule 902 is configured to: and carrying out matrix multiplication operation on the decryption matrix and the encryption array.
In other optional embodiments, a plurality of acquisition-side devices in the target device group communicate via a local area network.
In further alternative embodiments, the biometric image may include an image of any one or more of the following features: human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
In other alternative embodiments, the selection module 801 is configured to: determining network state parameter values of a plurality of acquisition end devices in the target device group, and determining one acquisition end device with the network state parameter value meeting a preset condition as a main device.
It should be understood that the above-mentioned device may be preset in the server, and may also be loaded into the server by downloading or the like. The corresponding modules in the device can be matched with the modules in the server to realize a scheme of biological feature identification based on privacy protection.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of one or more embodiments of the present specification. One of ordinary skill in the art can understand and implement it without inventive effort.
One or more embodiments of the present specification further provide a computer-readable storage medium storing a computer program, where the computer program is operable to execute the method for biometric identification based on privacy protection provided in any one of the embodiments of fig. 2 to 5.
Corresponding to the above-described method for biometric identification based on privacy protection, one or more embodiments of the present specification also propose a schematic block diagram of an electronic device according to an exemplary embodiment of the present specification shown in fig. 10. Referring to fig. 10, at the hardware level, the electronic device includes a processor, an internal bus, a network interface, a memory, and a non-volatile memory, but may also include hardware required for other services. The processor reads a corresponding computer program from the nonvolatile memory into the memory and then runs the computer program, and the device for carrying out the biological feature recognition based on the privacy protection is formed on a logic level. Of course, besides software implementation, the one or more embodiments in this specification do not exclude other implementations, such as logic devices or combinations of software and hardware, and so on, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or logic devices.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.

Claims (24)

1. A method for carrying out biological feature recognition based on privacy protection is applied to target equipment, wherein the target equipment is any one acquisition end equipment in a plurality of acquisition end equipment in a target equipment group, and the method comprises the following steps:
in response to the fact that the target equipment is determined to be selected as the main equipment in the target equipment group, acquiring multi-frame biological characteristic images acquired by acquisition end equipment in the target equipment group;
jointly encrypting the multiple frames of biological characteristic images to obtain encrypted data fused with the multiple frames of biological characteristic images;
and uploading the encrypted data to a server for biometric identification.
2. The method of claim 1, wherein the jointly encrypting the plurality of frames of biometric images comprises:
taking each frame of image in the multi-frame biological characteristic images as an array element to generate a target image array; the number of elements of the target image array is more than or equal to the number of frames of the biological characteristic image;
determining an encryption matrix, wherein the encryption matrix is a reversible matrix generated randomly;
and carrying out encryption operation on the target image array by using the encryption matrix to obtain an encrypted array as the encrypted data.
3. The method of claim 2, wherein the encryption matrix has the same order as the number of elements of the target image array;
the encrypting operation of the target image array by using the encryption matrix comprises the following steps:
and carrying out matrix multiplication operation on the encryption matrix and the target image array.
4. The method of claim 1, wherein the plurality of acquisition-side devices in the target device group communicate with each other over a local area network.
5. The method of any of claims 1-4, wherein the biometric image comprises an image of any one or more of the following features:
human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
6. A method for biometric identification based on privacy protection is applied to a server, and comprises the following steps:
selecting one acquisition end device from a plurality of acquisition end devices in the target device group as a main device;
sending indication information; so that the main device obtains a plurality of frames of biological characteristic images acquired by the acquisition terminal devices in the target device group;
receiving the encrypted data fused with the multi-frame biological characteristic images, which is obtained by jointly encrypting the multi-frame biological characteristic images by the main equipment;
and decrypting the encrypted data, and restoring to obtain the multi-frame biological characteristic image, wherein the multi-frame biological characteristic image is used for biological characteristic identification.
7. The method according to claim 6, wherein the encrypted data is an encrypted array obtained by the master device performing an encryption operation on a target image array by using an encryption matrix; the encryption matrix is a reversible matrix generated randomly; each frame of image in the multi-frame biological characteristic image is an element of the target image array, and the number of the elements of the target image array is more than or equal to the number of frames of the biological characteristic image;
wherein the decrypting the encrypted data comprises:
determining a decryption matrix, wherein the decryption matrix is an inverse matrix of the encryption matrix;
and carrying out decryption operation on the encrypted array by using the decryption matrix.
8. The method of claim 7, wherein the decryption matrix has the same order as the number of elements of the encryption array;
the decrypting operation of the encrypted array by using the decrypting matrix comprises the following steps:
and carrying out matrix multiplication operation on the decryption matrix and the encryption array.
9. The method of claim 6, wherein the plurality of acquisition-side devices in the target device group communicate via a local area network.
10. The method according to any one of claims 6-9, wherein the biometric image comprises an image of any one or more of the following features:
human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
11. The method of claim 6, wherein the selecting one of the plurality of acquisition-side devices in the target device group as a master device comprises:
determining network state parameter values of a plurality of acquisition end devices in the target device group;
and determining one acquisition terminal device with the network state parameter value meeting the preset condition as a main device.
12. An apparatus for biometric identification based on privacy protection, applied to a target device, the target device being any one of a plurality of acquisition-side devices in a target device group, the apparatus comprising:
the acquisition module is used for responding to the fact that the target equipment is selected as the main equipment in the target equipment group, and acquiring multi-frame biological characteristic images acquired by acquisition end equipment in the target equipment group;
the encryption module is used for carrying out joint encryption on the multi-frame biological characteristic images to obtain encrypted data fused with the multi-frame biological characteristic images;
and the uploading module is used for uploading the encrypted data to a server so as to perform biological characteristic identification.
13. The apparatus of claim 12, wherein the encryption module comprises:
the generating submodule is used for taking each frame of image in the multi-frame biological characteristic images as an array element to generate a target image array; the number of elements of the target image array is more than or equal to the number of frames of the biological characteristic image;
the determining submodule is used for determining an encryption matrix, and the encryption matrix is a reversible matrix generated randomly;
and the encryption submodule is used for carrying out encryption operation on the target image array by using the encryption matrix to obtain an encrypted array as the encrypted data.
14. The apparatus of claim 13, wherein the encryption matrix has the same number of orders as the number of elements of the target image array;
the operator sub-module is configured to:
and carrying out matrix multiplication operation on the encryption matrix and the target image array.
15. The apparatus of claim 12, wherein the plurality of acquisition-side devices in the target device group communicate with each other over a local area network.
16. The apparatus of any of claims 12-5, wherein the biometric image comprises an image of any one or more of:
human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
17. An apparatus for biometric identification based on privacy protection, applied to a server, the apparatus comprising:
the selection module is used for selecting one acquisition end device from a plurality of acquisition end devices in the target device group as a main device;
the sending module is used for sending the indication information; so that the main device obtains a plurality of frames of biological characteristic images acquired by the acquisition terminal devices in the target device group;
the receiving module is used for receiving the encrypted data fused with the multi-frame biological characteristic images, which are obtained by jointly encrypting the multi-frame biological characteristic images by the main equipment;
and the decryption module is used for decrypting the encrypted data and restoring to obtain the multi-frame biological characteristic image, and the multi-frame biological characteristic image is used for biological characteristic identification.
18. The apparatus according to claim 17, wherein the encrypted data is an encrypted array obtained by the master device performing an encryption operation on a target image array by using an encryption matrix; the encryption matrix is a reversible matrix generated randomly; each frame of image in the multi-frame biological characteristic image is an element of the target image array, and the number of the elements of the target image array is more than or equal to the number of frames of the biological characteristic image;
wherein the decryption module comprises:
the determining submodule is used for determining a decryption matrix, and the decryption matrix is an inverse matrix of the encryption matrix;
and the decryption submodule is used for carrying out decryption operation on the encrypted array by utilizing the decryption matrix.
19. The apparatus of claim 18, wherein the decryption matrix has a same number of orders as the number of elements of the encryption array;
the decryption submodule is configured to:
and carrying out matrix multiplication operation on the decryption matrix and the encryption array.
20. The apparatus of claim 17, wherein the plurality of acquisition-side devices in the target device group communicate via a local area network.
21. The apparatus of any one of claims 17-20, wherein the biometric image comprises an image of any one or more of:
human face features, eye features, voiceprint features, fingerprint features, palm print features, heartbeat features, pulse features, vein features, and human tooth bite mark features.
22. The apparatus of claim 17, wherein the selection module is configured to:
determining network state parameter values of a plurality of acquisition end devices in the target device group;
and determining one acquisition terminal device with the network state parameter value meeting the preset condition as a main device.
23. A computer-readable storage medium, which stores a computer program which, when executed by a processor, implements the method of any of claims 1-11 above.
24. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any of the preceding claims 1-11 when executing the program.
CN202010819209.6A 2020-08-14 2020-08-14 Method and device for carrying out biological feature recognition based on privacy protection and electronic equipment Active CN111881438B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010819209.6A CN111881438B (en) 2020-08-14 2020-08-14 Method and device for carrying out biological feature recognition based on privacy protection and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010819209.6A CN111881438B (en) 2020-08-14 2020-08-14 Method and device for carrying out biological feature recognition based on privacy protection and electronic equipment

Publications (2)

Publication Number Publication Date
CN111881438A true CN111881438A (en) 2020-11-03
CN111881438B CN111881438B (en) 2024-02-02

Family

ID=73202745

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010819209.6A Active CN111881438B (en) 2020-08-14 2020-08-14 Method and device for carrying out biological feature recognition based on privacy protection and electronic equipment

Country Status (1)

Country Link
CN (1) CN111881438B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113704827A (en) * 2021-09-17 2021-11-26 支付宝(杭州)信息技术有限公司 Privacy protection method and device in biological identification process

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101150402A (en) * 2007-11-01 2008-03-26 北京理工大学 A dual graph encryption method based on fraction rank Fourier conversion
CN102821277A (en) * 2012-07-20 2012-12-12 西安空间无线电技术研究所 Data compression method and data compression system based on image set
US20130128972A1 (en) * 2010-07-15 2013-05-23 Kabushiki Kaisha Toshiba Image encoding apparatus and image decoding apparatus
CN104766264A (en) * 2015-01-22 2015-07-08 西北工业大学 Partitioning double-layer self-adaptation diffusion image encryption method
WO2016040366A1 (en) * 2014-09-08 2016-03-17 Edifire LLC Methods and systems for multi-factor authentication in secure media-based conferencing
CN105809115A (en) * 2016-03-02 2016-07-27 上海师范大学 Binary channel multiple fingerprints optical encryption method
WO2017187332A1 (en) * 2016-04-27 2017-11-02 Vtip Sàrl Biometric authentication system based on the venous networks and unique non-falsifiable codes of tree structures and associated method
CN109492414A (en) * 2018-11-07 2019-03-19 上海师范大学 More image encryptions and authentication method based on biometric keys
CN110992256A (en) * 2019-12-17 2020-04-10 腾讯科技(深圳)有限公司 Image processing method, device, equipment and storage medium
CN111460488A (en) * 2020-04-30 2020-07-28 中国矿业大学 Multi-image rapid encryption method based on pre-storage and n-dimensional Arnold transformation

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101150402A (en) * 2007-11-01 2008-03-26 北京理工大学 A dual graph encryption method based on fraction rank Fourier conversion
US20130128972A1 (en) * 2010-07-15 2013-05-23 Kabushiki Kaisha Toshiba Image encoding apparatus and image decoding apparatus
CN102821277A (en) * 2012-07-20 2012-12-12 西安空间无线电技术研究所 Data compression method and data compression system based on image set
WO2016040366A1 (en) * 2014-09-08 2016-03-17 Edifire LLC Methods and systems for multi-factor authentication in secure media-based conferencing
CN104766264A (en) * 2015-01-22 2015-07-08 西北工业大学 Partitioning double-layer self-adaptation diffusion image encryption method
CN105809115A (en) * 2016-03-02 2016-07-27 上海师范大学 Binary channel multiple fingerprints optical encryption method
WO2017187332A1 (en) * 2016-04-27 2017-11-02 Vtip Sàrl Biometric authentication system based on the venous networks and unique non-falsifiable codes of tree structures and associated method
CN109492414A (en) * 2018-11-07 2019-03-19 上海师范大学 More image encryptions and authentication method based on biometric keys
CN110992256A (en) * 2019-12-17 2020-04-10 腾讯科技(深圳)有限公司 Image processing method, device, equipment and storage medium
CN111460488A (en) * 2020-04-30 2020-07-28 中国矿业大学 Multi-image rapid encryption method based on pre-storage and n-dimensional Arnold transformation

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
JUANRR: "矩阵在信息加密中的应用(密码学)" *
YA-RU LIANG;ZHI-YONG XIAO;: "Image Encryption Algorithm Based on Compressive Sensing and Fractional DCT via Polynomial Interpolation", no. 02 *
张学;孟祥锋;王玉荣;杨修伦;殷永凯;: "Multiple-image encryption by two-step phase-shifting interferometry and spatial multiplexing of smooth compressed signal", no. 07 *
张文全;周南润;: "基于非对称密码系统的多图像加密算法", no. 07 *
郭静: "基于指纹与虹膜特征级融合的加密模型研究", 中国优秀硕士学位论文全文数据库 信息科技辑, pages 3 *
韩水华;杨双远;: "一种基于矩阵变换的非对称图像加密算法", no. 05 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113704827A (en) * 2021-09-17 2021-11-26 支付宝(杭州)信息技术有限公司 Privacy protection method and device in biological identification process
CN113704827B (en) * 2021-09-17 2024-03-29 支付宝(杭州)信息技术有限公司 Privacy protection method and device in biological identification process

Also Published As

Publication number Publication date
CN111881438B (en) 2024-02-02

Similar Documents

Publication Publication Date Title
CN111738238B (en) Face recognition method and device
JP6814147B2 (en) Terminals, methods, non-volatile storage media
EP2905921B1 (en) Information processing program, information processing apparatus, and information processing method
CN110049016A (en) Data query method, apparatus, system, equipment and the storage medium of block chain
CN111741268B (en) Video transmission method, device, server, equipment and medium
US7840817B2 (en) Data processing apparatus and method
CN112422587B (en) Identity verification method and device, computer equipment and storage medium
CA3180722A1 (en) Privacy-preserving image distribution
CN114741708A (en) Model data processing method, device and equipment
CN110798433A (en) Verification code verification method and device
CN111881438A (en) Method and device for carrying out biological feature recognition based on privacy protection and electronic equipment
CN112801307B (en) Block chain-based federal learning method and device and computer equipment
US20200204355A1 (en) Method and device for transmitting personal data
CN113436008A (en) Loan purpose monitoring method and device, storage medium and electronic equipment
CN112860790A (en) Data management method, system and device
US20130262600A1 (en) Image processing apparatus
KR101831633B1 (en) Mutual authentication method based on visual cryptography and control method of device for mutual authentication based on visual cryptography
CN115225771B (en) Method and device for hiding reversible information of encrypted image and computer equipment
CN111769945A (en) Auction processing method based on block chain and block chain link point
CN109815715A (en) A kind of data ciphering method and relevant apparatus
CN114547684A (en) Method and device for protecting multi-party joint training tree model of private data
CN115022012A (en) Data transmission method, device, system, equipment and storage medium
CN109711207B (en) Data encryption method and device
CN112491840A (en) Information modification method and device, computer equipment and storage medium
JP4475576B2 (en) Network printing system, print data exchange method, and server computer program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40039791

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant