CN113079017A - Fingerprint real-name authentication method and system for electronic signature - Google Patents
Fingerprint real-name authentication method and system for electronic signature Download PDFInfo
- Publication number
- CN113079017A CN113079017A CN202110309982.2A CN202110309982A CN113079017A CN 113079017 A CN113079017 A CN 113079017A CN 202110309982 A CN202110309982 A CN 202110309982A CN 113079017 A CN113079017 A CN 113079017A
- Authority
- CN
- China
- Prior art keywords
- data
- fingerprint
- mouse
- fingerprint data
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
The invention discloses a fingerprint real-name authentication method and a fingerprint real-name authentication system for electronic signatures, which are characterized by comprising the following steps: the method comprises the steps of collecting fingerprint data of a user in advance, and establishing authentication data according to the fingerprint data; storing the authentication data into a first data list; fingerprint data of a user on a mouse is collected, the fingerprint data collected on the mouse is compared with the first data list, and if the same fingerprint data exist, authentication data corresponding to the same fingerprint data are stored in a second data list; and collecting fingerprint data on the mouse in real time, comparing the fingerprint data collected in real time with the authentication data in the second data list, and continuously outputting an authentication result. The method and the system adopt three algorithms of SM1, SM2 and SM3, and can guarantee the privacy security of the user on the basis of meeting the supervision requirement.
Description
Technical Field
The invention relates to a fingerprint authentication method, in particular to a fingerprint real-name authentication method and a fingerprint real-name authentication system for electronic signature
Background
At present, a real-name authentication method mainly comprises four elements of a bank card and a face recognition technology, and at present, face recognition generally needs to use a mobile phone to call a third-party face recognition app, which is easily limited by mobile phone equipment and the app, for example, a user uses a non-smart phone, cannot use a camera and cannot install the third-party face recognition app, and the user uses the smart phone but does not install the third-party face recognition app or the third-party face recognition app is not registered, so that the face recognition mode is not convenient for the user.
In addition, the existing face recognition technology has the following problems: the expression of the face changes, and different shooting angles can cause different images to be generated and cannot be recognized; light intensity, such as outdoor midday sunlight or overexposure or underexposure caused by night, causing no recognition; facial obstructions such as glasses, beards, hair, etc. affect the recognition effect; changes in age affect identification.
In addition, the existing bank card four-element real-name authentication and face real-name authentication cannot achieve continuous authentication, and the authenticated data transmission has large delay and cannot achieve high real-time performance.
Disclosure of Invention
Another object of the present invention is to provide a method and system for authenticating a fingerprint real name of an electronic signature, which performs real name authentication using a fingerprint recognition technique and integrates a fingerprint recognition device into a mouse, thereby implementing fast real name authentication.
Another object of the present invention is to provide a method and system for authenticating a fingerprint real name of an electronic signature, which can improve the security of real name authentication by performing continuous authentication based on a fingerprint recognition technique.
Another object of the present invention is to provide a method and system for authenticating a fingerprint real name of an electronic signature, which perform encrypted transmission of authentication data through a conventional encryption algorithm, and improve security of transmission data while achieving high real-time response.
The invention also aims to provide a fingerprint real-name authentication method and a fingerprint real-name authentication system for electronic signature, which simultaneously adopt three algorithms of the national secret SM1, the SM2 and the SM3, and can ensure the privacy security of users on the basis of meeting the supervision requirements.
In order to achieve at least one of the objects, the present invention further provides a fingerprint real-name authentication method of an electronic signature, the method comprising the steps of:
the method comprises the steps of collecting fingerprint data of a user in advance, and establishing authentication data according to the fingerprint data;
storing the authentication data into a first data list;
fingerprint data of a user on a mouse is collected, the fingerprint data collected on the mouse is compared with the first data list, and if the same fingerprint data exist, authentication data corresponding to the same fingerprint data are stored in a second data list;
and collecting fingerprint data on the mouse in real time, comparing the fingerprint data collected in real time with the authentication data in the second data list, and continuously outputting an authentication result.
According to a preferred embodiment of the present invention, the authentication data establishing method comprises the following steps:
collecting fingerprint data, user information and mouse device information of a user, and sending a public key request to a backend server by a mouse;
the back-end server sends a first public key request to an identity authentication server, and the identity authentication server generates a first private key and a first public key and issues the first public key;
the mouse generates a first symmetric key, the fingerprint data is encrypted by adopting the first symmetric key, and user information and mouse equipment information are encrypted to generate a first ciphertext;
the first public key only encrypts the first symmetric key to generate a second ciphertext comprising user information and mouse equipment information;
and uploading the second ciphertext to an identity authentication server for decryption, and acquiring the decrypted fingerprint data, user information and mouse equipment information.
According to another preferred embodiment of the invention, the method for decrypting the second ciphertext comprises the following steps:
the identity authentication server acquires a second ciphertext and decrypts a first symmetric key encrypted in the second ciphertext by using a first private key;
and decrypting the encrypted fingerprint data, the user information and the mouse information by using the decrypted first symmetric key.
According to another preferred embodiment of the present invention, the decrypted fingerprint data, user information, and mouse device information are obtained, the fingerprint data, user information, and mouse device information are encrypted by using a digest algorithm to generate a third ciphertext, and the third ciphertext is stored in the first data list of the fingerprint information database.
According to another preferred embodiment of the invention, the method for identifying authentication data comprises:
the method comprises the steps of obtaining fingerprint data of a user on a mouse, generating a first symmetric key by the mouse, requesting an identity authentication server to obtain a second public key, generating a second private key and a second public key by the identity authentication server, issuing the second public key to the mouse, encrypting the fingerprint data, user information and mouse equipment information by the first symmetric key, encrypting the first symmetric key by the second public key to generate to-be-authenticated data comprising the encrypted first symmetric key, the user data and the mouse equipment information, decrypting the to-be-authenticated data by the identity authentication server, encrypting a message digest, comparing a result obtained after the message digest is encrypted with a third ciphertext in a first data list, and if the result is the same, successfully identifying the authentication data.
According to another preferred embodiment of the present invention, the first data list is stored in the fingerprint information database, and after the fingerprint data is successfully authenticated and identified, the third ciphertext corresponding to the fingerprint data is decrypted and restored by using the message algorithm, and the decrypted fingerprint data, the user information, and the mouse device information are stored in the second data list located in the back-end server for continuous authentication.
According to another preferred embodiment of the invention, the method of persistent authentication comprises:
acquiring fingerprint data, user information and mouse equipment information of a user on a mouse; and symmetrically encrypting the fingerprint data, the user information and the mouse equipment information by adopting the first symmetric key, comparing the symmetrically encrypted fingerprint data with the symmetrically encrypted fingerprint data in the second data list, if the same fingerprint data exists, continuously authenticating successfully, and otherwise, returning failure information.
According to another preferred embodiment of the invention, the method of persistent authentication further comprises: and sending the fingerprint data, the user information and the mouse equipment information encrypted by the first symmetric key to the back-end server, respectively decrypting the fingerprint data from the mouse and the fingerprint database by the back-end server by using the first symmetric key, if the same fingerprint data exists, continuously authenticating successfully, and otherwise, returning to fail.
In order to achieve at least one of the above objects, the present invention further provides an electronic signature fingerprint real-name authentication system, which employs the above electronic signature fingerprint real-name authentication method.
The invention further provides a computer readable storage medium, which stores and applies the fingerprint real-name authentication system of the electronic signature.
Drawings
FIG. 1 is a schematic flow chart of a method for authenticating a fingerprint real name of an electronic signature according to the present invention;
FIG. 2 is a schematic diagram showing a fingerprint data entry process in the fingerprint real-name authentication method for electronic signatures according to the present invention;
FIG. 3 is a schematic diagram showing a fingerprint data identification process in the fingerprint real-name authentication method of an electronic signature according to the present invention;
FIG. 4 is a schematic diagram showing a continuous flow of fingerprint data in a method for authenticating a real name of an electronic signature according to the present invention;
fig. 5 is a schematic diagram showing a mouse module in a fingerprint real-name authentication method for an electronic signature according to the present invention.
Detailed Description
The following description is presented to disclose the invention so as to enable any person skilled in the art to practice the invention. The preferred embodiments in the following description are given by way of example only, and other obvious variations will occur to those skilled in the art. The basic principles of the invention, as defined in the following description, may be applied to other embodiments, variations, modifications, equivalents, and other technical solutions without departing from the spirit and scope of the invention.
It will be understood by those skilled in the art that in the present disclosure, the terms "longitudinal," "lateral," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," and the like are used in an orientation or positional relationship indicated in the drawings for ease of description and simplicity of description, and do not indicate or imply that the referenced devices or components must be in a particular orientation, constructed and operated in a particular orientation, and thus the above terms are not to be construed as limiting the present invention.
It is understood that the terms "a" and "an" should be interpreted as meaning that a number of one element or element is one in one embodiment, while a number of other elements is one in another embodiment, and the terms "a" and "an" should not be interpreted as limiting the number.
Referring to fig. 1-5, the present invention discloses a fingerprint real-name authentication method and system for electronic signatures, wherein the system includes a mouse module, a back-end server, an identity authentication module, and a fingerprint information database. The mouse module is in communication connection with the back-end server, and the back-end server is in communication connection with the identity authentication module and the fingerprint information database respectively.
Referring to fig. 5, the mouse module includes a bio-radio frequency device, a motion sensor, a controller, a processor, a key and a roller, wherein the bio-radio frequency device sends a trace amount of radio frequency signals for detecting texture information of a finger layer and further extracting the texture information to generate fingerprint data. The motion sensor is arranged at the bottom of the mouse module and used for acquiring image information of the surface of the bottom of the mouse, when the mouse moves, the motion sensor can acquire relative displacement of the bottom of the mouse, the controller reads fingerprint data in the biological radio frequency device, a symmetric key is stored in the controller, a public key used for encryption can be acquired through the rear-end server, the processor is used for generating the symmetric key, the fingerprint data can be encrypted through the processor to generate a fingerprint data ciphertext, the symmetric key can be asymmetrically encrypted through the processor, and therefore data transmission safety can be effectively guaranteed through double-layer encryption.
The invention adopts 3 encryption modes to encrypt the fingerprint information, namely SM1, SM2 and SM3, and the SM1 is symmetric encryption, so the encryption and decryption are good and time-consuming, while the SM2 is asymmetric encryption, the encryption performance is better, the SM3 is a hash value generated by a message digest algorithm for encryption comparison, and the hash value is used for judging whether the data are consistent or not.
Specifically, the fingerprint real-name authentication method of the electronic signature comprises three stages of fingerprint data entry, fingerprint data authentication and fingerprint data continuous authentication, wherein the fingerprint data entry method comprises the following steps:
the method comprises the steps that fingerprint information needing to be input is obtained in advance, when a user puts a finger on a mouse module for the first time, a biological radio frequency device in the mouse module identifies fingerprint data and obtains the fingerprint data through a controller, the controller sends a first public key request to a back-end server after obtaining the fingerprint data, the back-end server sends the first public key request to an identity recognition server after receiving the first public key request, the identity recognition server generates a first pair of asymmetric encryption keys (SM2) after obtaining the first public key request, the first pair of asymmetric encryption keys comprise a first public key and a first private key, the first public key is issued to the back-end server, the back-end server continues to issue the first public key to the mouse module, and the mouse module obtains the first public key. Wherein the asymmetric encryption algorithm may be adopted including but not limited to: RSA algorithm, ECC (elliptic curve algorithm). The processor generates a first symmetric key (SM1) by using a symmetric encryption algorithm, wherein the symmetric encryption algorithm includes, but is not limited to, DES (data encryption standard algorithm), AES (advanced encryption algorithm), PBE (password verification based), RC5 (variable parameter block cipher algorithm), and stores the first symmetric key in the controller, and after the mouse module acquires fingerprint data, the controller further acquires user information and mouse device information, wherein the user information can be recorded manually or automatically by a computer terminal, for example, in a hospital, the identification device can upload the identity information of a patient to a computer terminal used by a doctor, and the computer terminal can store the user information in the controller of the mouse module used by the patient. The controller also stores the information of the mouse module device itself. The processor symmetrically encrypts the acquired fingerprint data, the user information and the mouse device information by using the stored first symmetric key to acquire a first ciphertext, reads a first public key in the controller, encrypts the first symmetric key by using the first public key to generate a second ciphertext comprising the asymmetrically encrypted first symmetric key, the symmetrically encrypted user information and the symmetrically encrypted mouse device information, and sends the second ciphertext to the back-end server through the mouse module and transmits the second ciphertext to the identity authentication server through the back-end server. The identity authentication server stores the first private key, so that the first private key can be used for decrypting the first symmetric key in the second ciphertext through the identity authentication server to obtain the decrypted first symmetric key, the decrypted first symmetric key is further used for decrypting the fingerprint data to obtain the decrypted real fingerprint data, the identity authentication server calculates the decrypted fingerprint data through a digest elimination algorithm to generate a message digest of the fingerprint data, a message digest including the fingerprint information, symmetrically encrypted user information and a third ciphertext of the symmetrically encrypted mouse device information are generated, and the third ciphertext is stored in a first data list of the fingerprint information database. The initial input work of the original authentication data such as the fingerprint data, the user information, the mouse equipment information and the like is completed through the steps.
In another preferred embodiment of the present invention, the identity authentication module may further analyze the authentication data such as the user information and the mouse device information using the decrypted first symmetric key, and store the analyzed message digests of the user information, the mouse device information, and the fingerprint information as a third ciphertext into the fingerprint database.
Further, after the initial authentication data entry process is completed, an authentication identification operation needs to be performed, which specifically includes the following steps:
the biological radio frequency device on the mouse module identifies fingerprint lines placed on a mouse and inputs the fingerprint lines into the controller after identification, the processor acquires identified fingerprint data, reads a first symmetric key stored in the controller, and symmetrically encrypts authentication data including but not limited to the fingerprint data, user information, equipment information and the like by using the first symmetric key. After the controller acquires fingerprint data, the controller sends a second public key request to the back-end server, the back-end server sends the second public key request to the identity authentication server, the identity authentication server generates a second pair of asymmetric keys, namely a second public key and a second private key, the identity authentication server sends the second public key to the back-end server, the back-end server sends the second public key to the controller in the mouse module, the processor reads the second public key and asymmetrically encrypts the first symmetric key by adopting the second public key, the asymmetrically encrypted first symmetric key, the symmetrically encrypted fingerprint data, user information and equipment information waiting authentication data are transmitted to the back-end server, and the back-end server further inputs the data to be authenticated to the identity authentication server for identity authentication, the identity authentication server stores the second private key, the second private key and the second public key are paired with each other, the second private key can be used for decrypting the asymmetrically encrypted first symmetric key, the decrypted first symmetric key is used for decrypting the fingerprint data to obtain decrypted fingerprint data, the identity authentication server further calculates the decrypted fingerprint data by adopting a message digest algorithm to obtain a message digest of the fingerprint data, the message digest is compared with the fingerprint data message digest stored in the first data list, if the same message digest exists, the first data list in the fingerprint information database has a corresponding fingerprint, the authentication identification is successful, the authentication data corresponding to the successfully matched fingerprint data is further stored in a second data list, wherein the second data list is arranged in the back-end server, for subsequent continuous authentication steps.
The step of persistent authentication comprises:
continuously acquiring authentication data, wherein the authentication data comprises but is not limited to fingerprint data, user information and mouse equipment information;
after the mouse module acquires the fingerprint data, the processor reads a first symmetric key stored in the controller, the processor calculates continuous authentication data of the fingerprint data, the user information and the mouse device information by adopting a symmetric encryption algorithm by adopting the first symmetric key, and transmits the symmetrically encrypted fingerprint data, the user information and the mouse device information to the symmetric encryption algorithm, in a preferred embodiment of the invention, the first symmetric key is already stored in the backend server in the initial authentication data entry, so that in the continuous authentication process, after the symmetrically encrypted fingerprint data, the user information and the mouse device information can be decrypted by the first symmetric key of the backend server after being decrypted by the identity authentication server, and the first symmetric key stored in the backend server can simultaneously analyze the symmetrically encrypted fingerprint data from the fingerprint information database, if the fingerprint data analyzed by the two methods are the same, outputting a successful result of continuous authentication, and if the fingerprint data analyzed by the two methods are different, returning authentication failure information.
In another preferred embodiment of the present invention, since the first symmetric key may analyze the authentication data such as the fingerprint data, the user information, and the mouse device information on the identity authentication server, and may store the analyzed data in the first data list and the second data list, the original plaintext data may be transmitted to the backend server for subsequent continuous authentication after the first authentication is successful, and the backend server may compare the fingerprint information by analyzing the encrypted fingerprint information from the mouse module using the first symmetric key. Of course, the present invention preferably stores the ciphertext information of the authentication data in the first data list and the second data list, so that the risk of data leakage can be effectively reduced. Meanwhile, the authentication efficiency is considered.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication section, and/or installed from a removable medium. The computer program, when executed by a Central Processing Unit (CPU), performs the above-described functions defined in the method of the present application. It should be noted that the computer readable medium mentioned above in the present application may be a computer readable signal medium or a computer readable storage medium or any combination of the two. The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wire segments, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless section, wire section, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
It will be understood by those skilled in the art that the embodiments of the present invention described above and illustrated in the drawings are given by way of example only and not by way of limitation, the objects of the invention having been fully and effectively achieved, the functional and structural principles of the present invention having been shown and described in the embodiments, and that various changes or modifications may be made in the embodiments of the present invention without departing from such principles.
Claims (10)
1. A fingerprint real-name authentication method of an electronic signature is characterized by comprising the following steps:
the method comprises the steps of collecting fingerprint data of a user in advance, and establishing authentication data according to the fingerprint data;
storing the authentication data into a first data list;
fingerprint data of a user on a mouse is collected, the fingerprint data collected on the mouse is compared with the first data list, and if the same fingerprint data exist, authentication data corresponding to the same fingerprint data are stored in a second data list;
and collecting fingerprint data on the mouse in real time, comparing the fingerprint data collected in real time with the authentication data in the second data list, and continuously outputting an authentication result.
2. The method for authenticating the real name of the fingerprint of the electronic signature as claimed in claim 1, wherein the authentication data establishing method comprises the steps of:
collecting fingerprint data, user information and mouse equipment information of a user, and sending a first public key request to a backend server by a mouse;
the back-end server sends a first public key request to an identity authentication server, and the identity authentication server generates a first private key and a first public key and issues the first public key;
the mouse generates a first symmetric key, the fingerprint data is encrypted by adopting the first symmetric key, and user information and mouse equipment information are encrypted to generate a first ciphertext;
the first public key only encrypts the first symmetric key to generate a second ciphertext comprising user information and mouse equipment information;
and uploading the second ciphertext to an identity authentication server for decryption, and acquiring the decrypted fingerprint data, user information and mouse equipment information.
3. The method for authenticating the real name of the fingerprint of the electronic signature as claimed in claim 2, wherein the method for decrypting the second ciphertext comprises the following steps:
the identity authentication server acquires a second ciphertext and decrypts a first symmetric key encrypted in the second ciphertext by using a first private key;
and decrypting the encrypted fingerprint data, the user information and the mouse information by using the decrypted first symmetric key.
4. The method for authenticating the fingerprint real name of the electronic signature as claimed in claim 3, wherein the decrypted fingerprint data, the user information and the mouse device information are obtained, the fingerprint data, the user information and the mouse device information are encrypted by adopting a digest algorithm to generate a third ciphertext, and the third ciphertext is stored in the first data list of the fingerprint information database.
5. The method for authenticating the real name of the fingerprint of the electronic signature as claimed in claim 4, wherein the method for identifying the authentication data comprises:
the method comprises the steps of obtaining fingerprint data of a user on a mouse, generating a first symmetric key by the mouse, requesting an identity authentication server to obtain a second public key, generating a second private key and a second public key by the identity authentication server, issuing the second public key to the mouse, encrypting the fingerprint data, user information and mouse equipment information by the first symmetric key, encrypting the first symmetric key by the second public key to generate to-be-authenticated data comprising the encrypted first symmetric key, the user data and the mouse equipment information, decrypting the to-be-authenticated data by the identity authentication server, encrypting a message digest, comparing a result obtained after the message digest is encrypted with a third ciphertext in a first data list, and if the result is the same, successfully identifying the authentication data.
6. The method for authenticating the real name of the electronic signature fingerprint as claimed in claim 5, wherein the first data list is stored in a fingerprint information database, and when the fingerprint data is successfully authenticated and identified, a message algorithm is used to decrypt and restore the third ciphertext corresponding to the fingerprint data, and the decrypted fingerprint data, the user information and the mouse device information are stored in a second data list located in a back-end server for continuous authentication.
7. The method for authenticating an electronic signature according to claim 6, wherein the method for continuously authenticating comprises:
acquiring fingerprint data, user information and mouse equipment information of a user on a mouse; and symmetrically encrypting the fingerprint data, the user information and the mouse equipment information by adopting the first symmetric key, comparing the symmetrically encrypted fingerprint data with the symmetrically encrypted fingerprint data in the second data list, if the same fingerprint data exists, continuously authenticating successfully, and otherwise, returning failure information.
8. The method of claim 7, wherein the method of persistent authentication further comprises: and sending the fingerprint data, the user information and the mouse equipment information encrypted by the first symmetric key to the back-end server, respectively decrypting the fingerprint data from the mouse and the fingerprint database by the back-end server by using the first symmetric key, if the same fingerprint data exists, continuously authenticating successfully, and otherwise, returning to fail.
9. An electronic signature fingerprint real-name authentication system, characterized in that the system adopts an electronic signature fingerprint real-name authentication method of any one of the above claims 1-8.
10. A computer-readable storage medium storing and applying the electronically signed real-name fingerprint authentication system of claim 9.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110309982.2A CN113079017B (en) | 2021-03-23 | 2021-03-23 | Fingerprint real-name authentication method and system for electronic signature |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110309982.2A CN113079017B (en) | 2021-03-23 | 2021-03-23 | Fingerprint real-name authentication method and system for electronic signature |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113079017A true CN113079017A (en) | 2021-07-06 |
CN113079017B CN113079017B (en) | 2023-09-05 |
Family
ID=76613755
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110309982.2A Active CN113079017B (en) | 2021-03-23 | 2021-03-23 | Fingerprint real-name authentication method and system for electronic signature |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113079017B (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004054395A (en) * | 2002-07-17 | 2004-02-19 | Nec Corp | Fingerprint authentication mouse with storage device, fingerprint collation management system using the mouse and fingerprint collation management method |
CN101267310A (en) * | 2008-05-04 | 2008-09-17 | 王琰 | Computer network access control system and method |
CN105407100A (en) * | 2010-09-24 | 2016-03-16 | 维萨国际服务协会 | Method And System Using Universal Id And Biometrics |
US20180336554A1 (en) * | 2017-05-17 | 2018-11-22 | Douglas H. Trotter | Secure electronic transaction authentication |
CN109145562A (en) * | 2018-09-25 | 2019-01-04 | 浙江智贝信息科技有限公司 | A kind of lasting authenticating identity method and its equipment by finger print mouse |
CN109933966A (en) * | 2019-03-13 | 2019-06-25 | 中国人民解放军国防科技大学 | Continuous authentication method and system based on biological characteristics |
CN110061995A (en) * | 2019-04-24 | 2019-07-26 | 上海互啊佑智能科技有限公司 | A kind of mouse, identity authorization system, method, apparatus and storage medium |
CN111226450A (en) * | 2019-11-26 | 2020-06-02 | 深圳市汇顶科技股份有限公司 | External security authentication device, man-machine interaction device, communication system and authentication method |
-
2021
- 2021-03-23 CN CN202110309982.2A patent/CN113079017B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004054395A (en) * | 2002-07-17 | 2004-02-19 | Nec Corp | Fingerprint authentication mouse with storage device, fingerprint collation management system using the mouse and fingerprint collation management method |
CN101267310A (en) * | 2008-05-04 | 2008-09-17 | 王琰 | Computer network access control system and method |
CN105407100A (en) * | 2010-09-24 | 2016-03-16 | 维萨国际服务协会 | Method And System Using Universal Id And Biometrics |
US20180336554A1 (en) * | 2017-05-17 | 2018-11-22 | Douglas H. Trotter | Secure electronic transaction authentication |
CN109145562A (en) * | 2018-09-25 | 2019-01-04 | 浙江智贝信息科技有限公司 | A kind of lasting authenticating identity method and its equipment by finger print mouse |
CN109933966A (en) * | 2019-03-13 | 2019-06-25 | 中国人民解放军国防科技大学 | Continuous authentication method and system based on biological characteristics |
CN110061995A (en) * | 2019-04-24 | 2019-07-26 | 上海互啊佑智能科技有限公司 | A kind of mouse, identity authorization system, method, apparatus and storage medium |
CN111226450A (en) * | 2019-11-26 | 2020-06-02 | 深圳市汇顶科技股份有限公司 | External security authentication device, man-machine interaction device, communication system and authentication method |
Also Published As
Publication number | Publication date |
---|---|
CN113079017B (en) | 2023-09-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106412907B (en) | Network access method, related equipment and system | |
US11943363B2 (en) | Server-assisted privacy protecting biometric comparison | |
CN106612259B (en) | Identity recognition, business processing and biological characteristic information processing method and equipment | |
US9218473B2 (en) | Creation and authentication of biometric information | |
WO2017012175A1 (en) | Identity authentication method, identity authentication system, terminal and server | |
US11947650B2 (en) | Biometric data security system and method | |
WO2021004519A1 (en) | Data security processing terminal, system and method | |
CN104239815A (en) | Electronic document encryption and decryption method and method based on iris identification | |
KR20130009356A (en) | Authentication method and device using otp including biometric data | |
CN109145628B (en) | Data acquisition method and system based on trusted execution environment | |
US9280650B2 (en) | Authenticate a fingerprint image | |
CN113114668B (en) | Information transmission method, mobile terminal, storage medium and electronic equipment | |
TW201929483A (en) | Method and apparatus of verifying usability of biological characteristic image | |
CN106936775A (en) | A kind of authentication method and system based on fingerprint recognition | |
WO2018166484A1 (en) | Data encryption and decryption methods and apparatuses, electronic device and readable storage medium | |
CN114117386A (en) | Conference management method and device, computer readable storage medium and electronic device | |
CN114357418A (en) | Encryption authentication method, system, terminal device, server and storage medium | |
CN107077558B (en) | Authentication method and authentication device based on biological characteristics and electronic equipment | |
CN113079017B (en) | Fingerprint real-name authentication method and system for electronic signature | |
WO2019245437A1 (en) | Method and electronic device for authenticating a user | |
CN105610778A (en) | Account registration method, account registration apparatus and terminal | |
CN114245374B (en) | Security authentication method, system and related equipment | |
CN115396222B (en) | Device instruction execution method, system, electronic device and readable storage medium | |
CN115941183B (en) | Biological information processing method and related device | |
CN115208620B (en) | File encryption method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |