CN112995194A - Digital certificate authentication method based on iris recognition - Google Patents

Digital certificate authentication method based on iris recognition Download PDF

Info

Publication number
CN112995194A
CN112995194A CN202110285349.4A CN202110285349A CN112995194A CN 112995194 A CN112995194 A CN 112995194A CN 202110285349 A CN202110285349 A CN 202110285349A CN 112995194 A CN112995194 A CN 112995194A
Authority
CN
China
Prior art keywords
iris
digital certificate
digital
authentication process
iris recognition
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110285349.4A
Other languages
Chinese (zh)
Inventor
李晓坤
徐龙
刘清源
董潍赫
黄逸群
付文香
张心雨
陈伟良
赵瑞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Heilongjiang Hengxun Technology Co ltd
Original Assignee
Heilongjiang Hengxun Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Heilongjiang Hengxun Technology Co ltd filed Critical Heilongjiang Hengxun Technology Co ltd
Priority to CN202110285349.4A priority Critical patent/CN112995194A/en
Publication of CN112995194A publication Critical patent/CN112995194A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/18Eye characteristics, e.g. of the iris
    • G06V40/193Preprocessing; Feature extraction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/18Eye characteristics, e.g. of the iris
    • G06V40/197Matching; Classification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Multimedia (AREA)
  • General Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Ophthalmology & Optometry (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Human Computer Interaction (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Power Engineering (AREA)
  • Collating Specific Patterns (AREA)

Abstract

An iris identification-based digital certificate authentication method comprises the following steps: the system carries out image processing on the input iris to extract the iris characteristics, carries out iris matching, establishes the newly added iris in an iris library to carry out iris characteristic extraction and completes the process of iris recognition. The iris identification method comprises the following steps: iris recognition model, matching process of iris, and feature extraction of iris. The authentication process of the digital certificate is performed by asymmetric encryption. The method involved in the digital certificate authentication process includes the generation of a key pair, and the digital certificate signature authentication process of an information document.

Description

Digital certificate authentication method based on iris recognition
Technical Field
The invention relates to the field of data security, in particular to a digital certificate authentication method.
Background
Nowadays, technologies such as electronic commerce, internet banking and the like are mature day by day, and network security has become an important field of internet financial development. The perfect combination of iris recognition and the information security field is not realized in the prior art.
Aiming at the defects in the prior art, the invention realizes the application of iris recognition in the field of digital certificate authentication. A more secure and intelligent method of digital certificate authentication is provided. The method comprises the following steps: iris recognition model, matching process of iris, feature recognition of iris, generation of key pair, and digital certificate signature authentication process of information document. Therefore, the digital certificate authentication process is safer and has better interaction experience between people and the system.
Disclosure of Invention
An iris identification-based digital certificate authentication method comprises the following steps: firstly, carrying out image processing on the input iris by the system to extract iris characteristics, carrying out iris matching, establishing a newly added iris in an iris library to carry out iris characteristic extraction, and completing the process of iris recognition; the iris identification method comprises the following steps: iris recognition model, matching process of iris, and feature extraction of iris; the authentication process of the digital certificate is carried out through asymmetric encryption, and the method related to the authentication process of the digital certificate comprises the generation of a key pair and the signature authentication process of the digital certificate of an information document.
System passing formula
Figure 235213DEST_PATH_IMAGE001
Iris recognition is realized; by iris matching formula
Figure 414521DEST_PATH_IMAGE002
Completing the process of iris matching; system passing formula
Figure 814279DEST_PATH_IMAGE003
Completing the feature extraction of the iris, and randomly forming different prime numbers P and Q; and carrying out prime number detection and randomly generating a relatively prime integer e for relatively prime detection. The public key may be generated. Sender pass algorithm for information data
Figure 638841DEST_PATH_IMAGE004
Encrypting the digital abstract by using a public key, and calculating a hash value of the metadata document to obtain a digital signature; the digital abstract generates a unique digital signature through a private key with uniqueness and is used for carrying out authentication comparison on a digital certificate; the sender sends the digital certificate signature and the digital signature encrypted by the digital abstract, so that the receiver can perform digital certificate authentication after receiving the digital certificate signature and the digital abstract; the receiver decrypts the received digital signature through a public key to generate a digital abstract; the receiver decrypts the acquired digital abstract and the digital signature decrypted by the public key to generate the digital abstract; and the receiver compares the acquired digital abstract with the digital abstract acquired by the own party through decryption.
In the whole transmission process, the system carries out image processing on the input iris to extract the iris characteristics, carries out iris matching, establishes a newly added iris in an iris library to carry out iris characteristic extraction and completes the process of iris recognition; the iris identification method comprises the following steps: iris recognition model, matching process of iris, and feature extraction of iris; the private key of the receiver has uniqueness and confidentiality, so that the information cannot be decrypted even if other information sources intercept the information, and the information cannot be modified; after receiving the data document and the digital signature, the receiver calculates the HASH value of the received data document by using the HASH function, generates a digital abstract, decrypts the received digital signature by using a public key disclosed by the sender to obtain the digital abstract, compares the digital abstract with the digital abstract, and judges whether the digital abstract is the same or not, so that the public key adopted when the sender encrypts is taken as a corresponding secret key, and the authentication process based on the iris identification digital certificate can be completed.
Drawings
Fig. 1 illustrates a flowchart of a digital certificate authentication method based on iris recognition according to an exemplary embodiment of the present invention.
Detailed Description
An iris identification-based digital certificate authentication method comprises the following steps: firstly, carrying out image processing on the input iris by the system to extract iris characteristics, carrying out iris matching, establishing a newly added iris in an iris library to carry out iris characteristic extraction, and completing the process of iris recognition; the iris identification method comprises the following steps: iris recognition model, matching process of iris, and feature extraction of iris. Performing an authentication process of the digital certificate through asymmetric encryption; the method involved in the digital certificate authentication process includes the generation of a key pair, and the digital certificate signature authentication process of an information document.
In step S101, the input of the iris is realized through the image recognition module
Figure 98641DEST_PATH_IMAGE005
In step S102, the input iris is subjected to image processing by using the statistical iris recognition analysis algorithm of PCNN, and an iris library is created
Figure 765246DEST_PATH_IMAGE006
In step S103, the processed iris image is subjected to feature recognition, and iris feature extraction is performed in an iris library
Figure 968694DEST_PATH_IMAGE007
In step S104, the system passes the following formula
Figure 653622DEST_PATH_IMAGE008
Random to different prime numbers P and Q; performing prime number detection and randomly generating a relatively prime integer e for co-primeAnd detecting to generate the public key.
The sender of the information data passes through the algorithm in step S105
Figure 612220DEST_PATH_IMAGE004
And encrypting the digital digest by using a public key, and performing hash value calculation on the metadata document to obtain a digital signature.
In step S106, a unique digital signature is generated from the digital digest by a unique private key, and is used to compare the digital certificate for authentication.
In step S107, the transmitting side transmits the digital certificate signature and the digital signature obtained by encrypting the digital digest so that the receiving side can perform digital certificate authentication after receiving the digital certificate signature and the digital digest.
The receiving party decrypts the received digital signature by the public key to generate a digital digest in step S108.
The receiving party generates a digital digest by decrypting the acquired digital digest and the digital signature decrypted by the public key in step S109.
In step S110, the receiving party compares the acquired digital digest with the digital digest acquired by the own party through decryption.
In the whole transmission process, the system carries out image processing on the input iris to extract the iris characteristics, carries out iris matching, establishes a newly added iris in an iris library to carry out iris characteristic extraction and completes the process of iris recognition; the iris identification method comprises the following steps: the method comprises the steps of iris identification model, iris matching process, iris feature extraction, and authentication process of a digital certificate through asymmetric encryption, wherein the method related to the authentication process of the digital certificate comprises the steps of key pair generation and digital certificate signature authentication process of an information document; the private key of the receiver has uniqueness and confidentiality, so that the information cannot be decrypted even if other information sources intercept the information, and the information cannot be modified; after receiving the data document and the digital signature, the receiver calculates the HASH value of the received data document by using the HASH function, generates a digital abstract, decrypts the received digital signature by using a public key disclosed by the sender to obtain the digital abstract and compares the digital abstract with the digital abstract; comparing whether the digital digests are the same or not, so that the public key adopted by the sender in encryption can be indicated as a corresponding key; the authentication process based on the iris recognition digital certificate can be completed.

Claims (6)

1. A digital certificate authentication method based on iris recognition, the method comprising: iris recognition model, matching process of iris, feature extraction of iris, generation of key pair, and digital certificate signature authentication process of information document.
2. The method of claim 1, wherein the iris recognition satisfies the formula:
Figure DEST_PATH_IMAGE002
3. the method of claim 1, wherein the matching process of the iris satisfies the formula:
Figure DEST_PATH_IMAGE004
4. the method of claim 1, wherein the iris feature extraction satisfies the formula:
Figure DEST_PATH_IMAGE006
5. the method of claim 1, wherein the generation of the key pair should satisfy the formula:
Figure DEST_PATH_IMAGE008
6. the method of claim 1, wherein the digital certificate signature authentication process for the information document satisfies the formula:
Figure DEST_PATH_IMAGE010
CN202110285349.4A 2021-03-17 2021-03-17 Digital certificate authentication method based on iris recognition Pending CN112995194A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110285349.4A CN112995194A (en) 2021-03-17 2021-03-17 Digital certificate authentication method based on iris recognition

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110285349.4A CN112995194A (en) 2021-03-17 2021-03-17 Digital certificate authentication method based on iris recognition

Publications (1)

Publication Number Publication Date
CN112995194A true CN112995194A (en) 2021-06-18

Family

ID=76334248

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110285349.4A Pending CN112995194A (en) 2021-03-17 2021-03-17 Digital certificate authentication method based on iris recognition

Country Status (1)

Country Link
CN (1) CN112995194A (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1697365A (en) * 2005-03-04 2005-11-16 南京邮电学院 Secure transmission method oriented to mobile agent
CN101136046A (en) * 2006-08-28 2008-03-05 鸿富锦精密工业(深圳)有限公司 Electric signing verification system and method thereof
CN102769623A (en) * 2012-07-24 2012-11-07 北京华财理账顾问有限公司 Two-factor authentication method based on digital certificate and biological identification information
EP2738973A1 (en) * 2012-11-30 2014-06-04 Gemalto SA System and method for cryptography using multiplicative masking using simultaneous exponentiation techniques
US20160043870A1 (en) * 2014-06-10 2016-02-11 Qualcomm Incorporated Common modulus rsa key pairs for signature generation and encryption/decryption
CN105447405A (en) * 2015-11-09 2016-03-30 南京以太安全技术有限公司 Document encryption/decryption method and apparatus based on iris recognition and authentication
CN106301788A (en) * 2016-08-12 2017-01-04 武汉大学 A kind of group key management method supporting authenticating user identification
US20190044716A1 (en) * 2018-09-26 2019-02-07 Intel Corporation Encoding process for multiple rsa and ecc keys
CN110677243A (en) * 2019-09-18 2020-01-10 成都飞机工业(集团)有限责任公司 Construction method of proxy re-signature scheme supporting heterogeneous public key system
CN111831993A (en) * 2020-07-03 2020-10-27 吉林无罔生物识别科技有限公司 Method for protecting digital certificate by iris recognition technology

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1697365A (en) * 2005-03-04 2005-11-16 南京邮电学院 Secure transmission method oriented to mobile agent
CN101136046A (en) * 2006-08-28 2008-03-05 鸿富锦精密工业(深圳)有限公司 Electric signing verification system and method thereof
CN102769623A (en) * 2012-07-24 2012-11-07 北京华财理账顾问有限公司 Two-factor authentication method based on digital certificate and biological identification information
EP2738973A1 (en) * 2012-11-30 2014-06-04 Gemalto SA System and method for cryptography using multiplicative masking using simultaneous exponentiation techniques
US20160043870A1 (en) * 2014-06-10 2016-02-11 Qualcomm Incorporated Common modulus rsa key pairs for signature generation and encryption/decryption
CN105447405A (en) * 2015-11-09 2016-03-30 南京以太安全技术有限公司 Document encryption/decryption method and apparatus based on iris recognition and authentication
CN106301788A (en) * 2016-08-12 2017-01-04 武汉大学 A kind of group key management method supporting authenticating user identification
US20190044716A1 (en) * 2018-09-26 2019-02-07 Intel Corporation Encoding process for multiple rsa and ecc keys
CN110677243A (en) * 2019-09-18 2020-01-10 成都飞机工业(集团)有限责任公司 Construction method of proxy re-signature scheme supporting heterogeneous public key system
CN111831993A (en) * 2020-07-03 2020-10-27 吉林无罔生物识别科技有限公司 Method for protecting digital certificate by iris recognition technology

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
姜华; 赵洁: ""基于虹膜特征识别的远程身份认证系统"", 《计算机工程 》 *
金鑫; 聂仁灿; 周冬明: ""一种基于PCNN的改进型虹膜识别算法"", 《计算机科学》 *

Similar Documents

Publication Publication Date Title
US11652644B1 (en) Quantum-resistant double signature system
CN109067524B (en) Public and private key pair generation method and system
CN109257184B (en) Linkable ring signature method based on anonymous broadcast encryption
US20190081800A1 (en) System for issuing certificate based on blockchain network, and method for issuing certificate based on blockchain network by using same
KR101520617B1 (en) Method for encrypting message for keeping integrity of message and apparatus and Method for decrypting message for keeping integrity of message and apparatus
CN108173871B (en) Wireless network access authentication system and method based on radio frequency fingerprint and biological fingerprint
CN110048849B (en) Multi-layer protection session key negotiation method
US20100031051A1 (en) Protocol And Method For Client-Server Mutual Authentication Using Event-Based OTP
CN110932851B (en) PKI-based multi-party cooperative operation key protection method
US20070189528A1 (en) Wireless LAN transmitting and receiving apparatus and key distribution method
US11888832B2 (en) System and method to improve user authentication for enhanced security of cryptographically protected communication sessions
WO2016054905A1 (en) Method for processing data
CN112329519A (en) Safe online fingerprint matching method
CN113204760B (en) Method and system for establishing secure channel for software cryptographic module
CN108809936A (en) A kind of intelligent mobile terminal auth method and its realization system based on Hybrid Encryption algorithm
CN111539496A (en) Vehicle information two-dimensional code generation method, two-dimensional code license plate, authentication method and system
CN112738133A (en) RSA authentication method
CN109218251B (en) Anti-replay authentication method and system
CN102065092A (en) Method and system for authorizing digital signature of application program of set top box
CN114422135A (en) Verifiable accidental transmission method based on elliptic curve
CN107645500B (en) Broadcast data interaction method and device
CN117376002A (en) Biometric authentication method and authentication system
CN116800416A (en) Secure transmission method for cooperative encryption key
CN111049641A (en) Bidirectional authentication based image multiple secret transmission method, device and system
CN116069856A (en) Data integrity verification method and system based on blockchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20210618