CN113079017B - Fingerprint real-name authentication method and system for electronic signature - Google Patents

Fingerprint real-name authentication method and system for electronic signature Download PDF

Info

Publication number
CN113079017B
CN113079017B CN202110309982.2A CN202110309982A CN113079017B CN 113079017 B CN113079017 B CN 113079017B CN 202110309982 A CN202110309982 A CN 202110309982A CN 113079017 B CN113079017 B CN 113079017B
Authority
CN
China
Prior art keywords
fingerprint
data
mouse
authentication
fingerprint data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110309982.2A
Other languages
Chinese (zh)
Other versions
CN113079017A (en
Inventor
李学谦
金宏洲
程亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Tiangu Information Technology Co ltd
Original Assignee
Hangzhou Tiangu Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Tiangu Information Technology Co ltd filed Critical Hangzhou Tiangu Information Technology Co ltd
Priority to CN202110309982.2A priority Critical patent/CN113079017B/en
Publication of CN113079017A publication Critical patent/CN113079017A/en
Application granted granted Critical
Publication of CN113079017B publication Critical patent/CN113079017B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The application discloses a fingerprint real-name authentication method and a fingerprint real-name authentication system for an electronic signature, which are characterized in that the method comprises the following steps: collecting fingerprint data of a user in advance, and establishing authentication data according to the fingerprint data; storing the authentication data into a first data list; collecting fingerprint data of a user on a mouse, comparing the fingerprint data collected on the mouse with the first data list, and storing authentication data corresponding to the same fingerprint data into the second data list if the same fingerprint data exists; and collecting fingerprint data on the mouse in real time, comparing the fingerprint data collected in real time with authentication data in the second data list, and continuously outputting an authentication result. The method and the system adopt three algorithms of SM1, SM2 and SM3, and can ensure the privacy security of the user on the basis of meeting the supervision requirement.

Description

Fingerprint real-name authentication method and system for electronic signature
Technical Field
The present application relates to fingerprint authentication methods, and more particularly, to a fingerprint real-name authentication method and system for electronic signature
Background
The current real-name authentication method mainly comprises four elements of a bank card and a face recognition technology, the current face recognition generally needs to call a third-party face recognition app by using a mobile phone, and is easy to be limited by mobile phone equipment and app, for example, a user cannot use a camera and cannot install the third-party face recognition app when using a non-intelligent mobile phone, and the user uses a smart mobile phone but does not install the third-party face recognition app or the third-party face recognition app is unregistered, so that the face recognition mode is not convenient for the user.
In addition, the existing face recognition technology has the following problems: the expression of the face changes, and different shooting angles can cause different images to be generated and cannot be recognized; the light intensity, such as overexposure or underexposure caused by the sun in the noon or at night in the open air, is not identifiable; face masks, such as eyeglasses, beard, hair, etc., affect the recognition effect; age changes affect identification.
In addition, the real-name authentication of four elements and the real-name authentication of a human face of the conventional bank card cannot achieve continuous authentication, and the data transmission of the authentication has large delay, so that high real-time performance cannot be achieved.
Disclosure of Invention
The application further aims to provide a fingerprint real-name authentication method and system of the electronic signature, which adopt a fingerprint identification technology to carry out real-name authentication and integrate a fingerprint identification device on a mouse, so that quick real-name authentication can be realized.
The application further aims to provide a fingerprint real-name authentication method and system of the electronic signature, which are used for performing continuous authentication based on a fingerprint identification technology and can improve the security of real-name authentication.
The application further aims to provide a fingerprint real-name authentication method and system of the electronic signature, which execute encrypted transmission of authentication data through a traditional encryption algorithm and improve the security of the transmission data on the basis of realizing high real-time response.
The application further aims to provide a fingerprint real-name authentication method and system of the electronic signature, and the method and the system adopt three algorithms of SM1, SM2 and SM3 of national security at the same time, so that the privacy security of a user can be ensured on the basis of meeting the supervision requirement.
In order to achieve at least one of the objects, the present application further provides a fingerprint real-name authentication method of an electronic signature, the method comprising the steps of:
collecting fingerprint data of a user in advance, and establishing authentication data according to the fingerprint data;
storing the authentication data into a first data list;
collecting fingerprint data of a user on a mouse, comparing the fingerprint data collected on the mouse with the first data list, and storing authentication data corresponding to the same fingerprint data into the second data list if the same fingerprint data exists;
and collecting fingerprint data on the mouse in real time, comparing the fingerprint data collected in real time with authentication data in the second data list, and continuously outputting an authentication result.
According to one preferred embodiment of the present application, the authentication data establishment method includes the steps of:
collecting fingerprint data, user information and mouse equipment information of a user, and sending a public key request to a back-end server by a mouse;
the back-end server sends a first public key request to an identity authentication server, and the identity authentication server generates a first private key and a first public key and issues the first public key;
the mouse generates a first symmetric key, encrypts the fingerprint data by adopting the first symmetric key, encrypts user information and mouse equipment information, and generates a first ciphertext;
the first public key only encrypts the first symmetric key to generate a second ciphertext comprising user information and mouse equipment information;
and uploading the second ciphertext to an identity authentication server for decryption, and obtaining decrypted fingerprint data, user information and mouse equipment information.
According to another preferred embodiment of the present application, the decryption method of the second ciphertext includes the following steps:
the identity authentication server acquires a second ciphertext, and decrypts the first symmetric key encrypted in the second ciphertext by adopting a first private key;
and decrypting the encrypted fingerprint data, the user information and the mouse information by using the decrypted first symmetric key.
According to another preferred embodiment of the application, decrypted fingerprint data, user information and mouse equipment information are obtained, the fingerprint data, the user information and the mouse equipment information are encrypted by adopting a summary algorithm, a third ciphertext is generated, and the third ciphertext is stored in a first data list of a fingerprint information database.
According to another preferred embodiment of the present application, the identification method of authentication data includes:
the method comprises the steps that fingerprint data of a user on a mouse are obtained, the mouse generates a first symmetric key, the identity authentication server requests to obtain a second public key, the identity authentication server generates a second private key and the second public key, the second public key is issued to the mouse, the first symmetric key encrypts the fingerprint data, user information and mouse equipment information, the second public key encrypts the first symmetric key to generate data to be authenticated, the data to be authenticated comprises the encrypted first symmetric key, the user data and the mouse equipment information, the data to be authenticated is sent to the identity authentication server to be decrypted, then message digest encryption is carried out, a result obtained by encrypting the message digest is compared with a third ciphertext in a first data list, and if the result is the same, authentication data identification is successful.
According to another preferred embodiment of the present application, the first data list is stored in a fingerprint information database, after the fingerprint data is successfully authenticated and identified, the message algorithm is adopted to decrypt and restore the third ciphertext corresponding to the fingerprint data, and the decrypted fingerprint data, the user information and the mouse device information are stored in a second data list located in a back-end server for continuous authentication.
According to another preferred embodiment of the application, the method for continuous authentication comprises the following steps:
acquiring fingerprint data, user information and mouse equipment information of a user on a mouse; and symmetrically encrypting the fingerprint data, the user information and the mouse equipment information by adopting the first symmetric key, comparing the symmetrically encrypted fingerprint data with symmetrically encrypted fingerprint data in the second data list, if the same fingerprint data exist, continuing to authenticate successfully, otherwise, returning failure information.
According to another preferred embodiment of the application, the method for continuous authentication further comprises: and sending the values of the fingerprint data, the user information and the mouse equipment information encrypted by the first symmetric key to the back-end server, wherein the back-end server adopts the first symmetric key to decrypt the fingerprint data from the mouse and the fingerprint database respectively, if the same fingerprint data exist, the continuous authentication is successful, and otherwise, the continuous authentication is failed.
In order to achieve at least one of the objects, the application further provides a fingerprint real-name authentication system of the electronic signature, and the system adopts the fingerprint real-name authentication method of the electronic signature.
The application further provides a computer readable storage medium which stores and applies the fingerprint real-name authentication system of the electronic signature.
Drawings
FIG. 1 is a flow chart of a method for authenticating a real name of a fingerprint of an electronic signature according to the present application;
FIG. 2 is a schematic diagram of a fingerprint data entry flow in the fingerprint real-name authentication method of an electronic signature according to the present application;
FIG. 3 is a schematic diagram showing a fingerprint data identification process in the fingerprint real-name authentication method of the electronic signature according to the present application;
FIG. 4 is a schematic diagram showing a continuous flow of fingerprint data in a method for authenticating a real name of a fingerprint with an electronic signature according to the present application;
fig. 5 is a schematic diagram of a mouse module in the fingerprint real-name authentication method of the present application.
Detailed Description
The following description is presented to enable one of ordinary skill in the art to make and use the application. The preferred embodiments in the following description are by way of example only and other obvious variations will occur to those skilled in the art. The basic principles of the application defined in the following description may be applied to other embodiments, variations, modifications, equivalents, and other technical solutions without departing from the spirit and scope of the application.
It will be appreciated by those skilled in the art that in the present disclosure, the terms "longitudinal," "transverse," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," etc. refer to an orientation or positional relationship based on that shown in the drawings, which is merely for convenience of description and to simplify the description, and do not indicate or imply that the apparatus or elements referred to must have a particular orientation, be constructed and operated in a particular orientation, and therefore the above terms should not be construed as limiting the present application.
It will be understood that the terms "a" and "an" should be interpreted as referring to "at least one" or "one or more," i.e., in one embodiment, the number of elements may be one, while in another embodiment, the number of elements may be plural, and the term "a" should not be interpreted as limiting the number.
Referring to fig. 1-5, the application discloses a fingerprint real-name authentication method and a fingerprint real-name authentication system for electronic signature, wherein the fingerprint real-name authentication system comprises a mouse module, a back-end server, an identity authentication module and a fingerprint information database. The mouse module is in communication connection with the back-end server, and the back-end server is respectively in communication connection with the identity authentication module and the fingerprint information database.
Referring to fig. 5, the mouse module includes a biological radio frequency device, a motion sensor, a controller, a processor, a key and a roller, wherein the biological radio frequency device sends out a trace radio frequency signal for detecting the texture information of the finger layer, and further extracts the texture information to generate fingerprint data. The motion sensor is arranged at the bottom of the mouse module and acquires image information on the surface of the bottom of the mouse, when the mouse moves, the motion sensor can acquire relative displacement of the bottom of the mouse, the controller reads fingerprint data in the biological radio frequency device, a symmetric key is stored in the controller and can acquire a public key for encryption through the rear end server, the processor is used for generating the symmetric key, fingerprint data can be encrypted through the processor to generate fingerprint data ciphertext, and the processor can carry out asymmetric encryption on the symmetric key, so that double-layer encryption can effectively guarantee data transmission safety.
The application adopts 3 encryption modes to encrypt fingerprint information, namely SM1, SM2 and SM3 respectively, because SM1 is symmetric encryption, encryption and decryption are good and time-consuming is short, SM2 is asymmetric encryption, encryption performance is better, SM3 is a hash value generated by a message digest algorithm for encryption comparison, and the hash value is used for judging whether data are consistent.
Specifically, the fingerprint real-name authentication method of the electronic signature comprises three stages of fingerprint data input, fingerprint data authentication and fingerprint data continuous authentication, wherein the fingerprint data input method comprises the following steps:
the method comprises the steps that fingerprint information to be input is obtained in advance, when a user puts a finger on a mouse module for the first time, a biological radio frequency device in the mouse module identifies fingerprint data, the fingerprint data are obtained through a controller, the controller sends a first public key request to a rear end server after obtaining the fingerprint data, the rear end server sends the first public key request to an identity recognition server after receiving the first public key request, the identity recognition server obtains the first public key request and then generates a first pair of asymmetric encryption keys (SM 2), the first pair of asymmetric encryption keys comprise a first public key and a first private key, the first public key is issued to the rear end server, the rear end server continues to issue the first public key to the mouse module, and the mouse module obtains the first public key. Wherein the asymmetric encryption algorithm may be used including but not limited to: RSA algorithm, ECC (elliptic curve algorithm). The processor generates a first symmetric key (SM 1) by using a symmetric encryption algorithm, which includes, but is not limited to, DES (data encryption standard algorithm), AES (advanced encryption algorithm), PBE (password verification based), RC5 (variable parameter based block cipher algorithm), and stores the first symmetric key in the controller, and when the mouse module acquires fingerprint data, the controller further acquires user information and mouse device information, wherein the user information can be recorded manually or automatically through a computer terminal, for example, in a hospital, the identity device identification apparatus can upload the identity information of the patient to a computer terminal used by a doctor for processing, and the computer terminal can store the user information in the controller of the mouse module used by the patient. The controller also stores information of the mouse module device itself. The processor acquires a first ciphertext by symmetrically encrypting the acquired fingerprint data, the user information and the mouse equipment information by adopting a stored first symmetric key, further reads a first public key in the controller, encrypts the first symmetric key by adopting the first public key, generates a second ciphertext comprising the asymmetrically encrypted first symmetric key, the symmetrically encrypted user information and the symmetrically encrypted mouse equipment information, and transmits the second ciphertext to the back-end server through the mouse module and transmits the second ciphertext to the identity authentication server through the back-end server. Because the identity authentication server stores the first private key, the identity authentication server can decrypt the first symmetric key in the second secret by adopting the first private key to obtain a decrypted first symmetric key, further decrypt the fingerprint data by adopting the decrypted first symmetric key to obtain decrypted real fingerprint data, the identity authentication server calculates the decrypted fingerprint data by adopting a digest eliminating algorithm to generate a message digest of the fingerprint data, generates a message digest comprising the fingerprint information, symmetrically encrypted user information and symmetrically encrypted third ciphertext of mouse equipment information, and stores the third ciphertext in a first data list of the fingerprint information database. The steps complete the initial input work of the original fingerprint data, user information, mouse equipment information and other authentication data.
In another preferred embodiment of the present application, the identity authentication module may further analyze authentication data such as the user information and the mouse device information by using the decrypted first symmetric key, and store the analyzed message digests of the user information, the mouse device information and the fingerprint information as a third ciphertext into the fingerprint database.
Further, after the initial authentication data entry process is completed, authentication identification operation is required, which specifically includes the following steps:
the biological radio frequency device on the mouse module identifies fingerprint lines placed on the mouse, the fingerprint lines are input to the controller after being identified, the processor acquires the fingerprint data after being identified, reads a first symmetric key stored in the controller, and symmetrically encrypts authentication data including but not limited to fingerprint data, user information, equipment information and the like by adopting the first symmetric key. After the controller obtains fingerprint data, the controller sends a second public key request to the back-end server, the back-end server sends the second public key request to the identity authentication server, the identity authentication server generates a second pair of asymmetric keys, namely a second public key and a second private key, the identity authentication server sends the second public key to the back-end server, the back-end server sends the second public key to the controller in the mouse module, the processor reads the second public key, and adopts the second public key to asymmetrically encrypt the first symmetric key, the asymmetrically encrypted first symmetric key, symmetrically encrypted fingerprint data, user information and equipment information wait for authentication data to be transmitted to the back-end server, the back-end server further inputs the data to be authenticated to the identity authentication server for identity authentication, the identity authentication server stores the second private key, the second private key and the second public key are paired with each other, the second private key can be adopted to decrypt the asymmetrically encrypted first symmetric key, the decrypted first symmetric key is adopted to decrypt the fingerprint data to obtain decrypted fingerprint data, the identity authentication server further calculates the decrypted fingerprint data by adopting a message digest algorithm to obtain a message digest of the fingerprint data and compares the message digest with the fingerprint data message digest stored in the first data list, if the same message digest exists, the first data list in the fingerprint information database has corresponding fingerprints, which indicates that authentication identification is successful, and authentication data corresponding to the successfully matched fingerprint data is further stored in the second data list, wherein the second data list is provided at the backend server for a subsequent continuous authentication step.
The continuous authentication step includes:
continuously acquiring authentication data including, but not limited to, fingerprint data, user information, and mouse device information;
after the mouse module obtains the fingerprint data, the processor reads the first symmetric key stored in the controller, the processor calculates the fingerprint data, the user information and the mouse device information by adopting the first symmetric key and adopting a symmetric encryption algorithm, waits for continuous authentication data, and transmits the symmetrically encrypted fingerprint data, the user information and the mouse device information to the symmetric encryption algorithm.
In another preferred embodiment of the present application, the first symmetric key may parse the authentication data such as the fingerprint data, the user information, and the mouse device information on the identity authentication server, and may store the parsed data in the first data list and the second data list, so that when the first authentication is successful, the original plaintext data may be transmitted to the backend server for subsequent continuous authentication, and therefore, the backend server may perform fingerprint information comparison only by parsing the encrypted fingerprint information from the mouse module using the first symmetric key. Of course, the application preferably stores the ciphertext information of the authentication data in the first data list and the second data list, thereby effectively reducing the risk of data leakage. Meanwhile, authentication efficiency is considered.
In particular, according to embodiments of the present disclosure, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method shown in the flowcharts. In such embodiments, the computer program may be downloaded and installed from a network via a communication portion, and/or installed from a removable medium. The above-described functions defined in the method of the present application are performed when the computer program is executed by a Central Processing Unit (CPU). The computer readable medium of the present application may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the above. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wire segments, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present application, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
It will be understood by those skilled in the art that the embodiments of the present application described above and shown in the drawings are merely illustrative and not restrictive of the current application, and that this application has been shown and described with respect to the functional and structural principles thereof, without departing from such principles, and that any modifications or adaptations of the embodiments of the application may be possible and practical.

Claims (10)

1. A fingerprint real-name authentication method of an electronic signature, the method comprising the steps of: the fingerprint real-name authentication system collects fingerprint data of a user in advance and establishes authentication data according to the fingerprint data; storing the authentication data into a first data list of a fingerprint information database;
the fingerprint mouse collects fingerprint data of a user on the mouse, the fingerprint data collected on the mouse is compared with the first data list in the fingerprint information database, if the same fingerprint data exist, authentication data corresponding to the same fingerprint data are stored in a second data list, and the second data list is arranged at a back-end server;
and the fingerprint mouse collects fingerprint data on the mouse in real time, compares the fingerprint data collected in real time with authentication data in the second data list in the back-end server, and continuously outputs an authentication result.
2. The method for authenticating a real name of a fingerprint by an electronic signature as set forth in claim 1, wherein the authentication data creation method comprises the steps of:
collecting fingerprint data, user information and mouse equipment information of a user, and sending a first public key request to a back-end server by a mouse;
the back-end server sends a first public key request to an identity authentication server, and the identity authentication server generates a first private key and a first public key and issues the first public key;
the mouse generates a first symmetric key, encrypts the fingerprint data by adopting the first symmetric key, encrypts user information and mouse equipment information, and generates a first ciphertext;
the first public key only encrypts the first symmetric key to generate a second ciphertext comprising user information and mouse equipment information;
and uploading the second ciphertext to an identity authentication server for decryption, and obtaining decrypted fingerprint data, user information and mouse equipment information.
3. The method for authenticating a real fingerprint name of an electronic signature as set forth in claim 2, wherein the method for decrypting the second ciphertext comprises the steps of:
the identity authentication server acquires a second ciphertext, and decrypts the first symmetric key encrypted in the second ciphertext by adopting a first private key;
and decrypting the encrypted fingerprint data, the user information and the mouse information by using the decrypted first symmetric key.
4. The method for authenticating a real fingerprint name of an electronic signature as set forth in claim 3, wherein decrypted fingerprint data, user information and mouse device information are obtained, the fingerprint data, the user information and the mouse device information are encrypted by a digest algorithm to generate a third ciphertext, and the third ciphertext is stored in a first data list of a fingerprint information database.
5. The method for authenticating a real fingerprint name of an electronic signature as set forth in claim 4, wherein the method for recognizing authentication data includes:
the method comprises the steps that fingerprint data of a user on a mouse are obtained, the mouse generates a first symmetric key, the identity authentication server requests to obtain a second public key, the identity authentication server generates a second private key and the second public key, the second public key is issued to the mouse, the first symmetric key encrypts the fingerprint data, user information and mouse equipment information, the second public key encrypts the first symmetric key to generate data to be authenticated, the data to be authenticated comprises the encrypted first symmetric key, the user data and the mouse equipment information, the data to be authenticated is sent to the identity authentication server to be decrypted, then message digest encryption is carried out, a result obtained by encrypting the message digest is compared with a third ciphertext in a first data list, and if the result is the same, authentication data identification is successful.
6. The method for authenticating a real fingerprint name based on an electronic signature as set forth in claim 5, wherein the first data list is stored in a fingerprint information database, and after the fingerprint data is authenticated successfully, the third ciphertext corresponding to the fingerprint data is decrypted and restored by a message algorithm, and the decrypted fingerprint data, user information and mouse device information are stored in a second data list located in a back-end server for continuous authentication.
7. The method for authenticating a real fingerprint name of an electronic signature as recited in claim 6, wherein said method for continuously authenticating comprises:
acquiring fingerprint data, user information and mouse equipment information of a user on a mouse; and symmetrically encrypting the fingerprint data, the user information and the mouse equipment information by adopting the first symmetric key, comparing the symmetrically encrypted fingerprint data with symmetrically encrypted fingerprint data in the second data list, if the same fingerprint data exist, continuing to authenticate successfully, otherwise, returning failure information.
8. The method for authenticating a real fingerprint name based on an electronic signature as recited in claim 7, wherein said method for continuously authenticating further comprises: and sending the values of the fingerprint data, the user information and the mouse equipment information encrypted by the first symmetric key to the back-end server, wherein the back-end server adopts the first symmetric key to decrypt the fingerprint data from the mouse and the fingerprint database respectively, if the same fingerprint data exist, the continuous authentication is successful, and otherwise, the continuous authentication is failed.
9. A fingerprint real-name authentication system of an electronic signature, characterized in that the system adopts a fingerprint real-name authentication method of an electronic signature as set forth in any one of the preceding claims 1-8.
10. A computer readable storage medium, wherein the computer readable storage medium stores and applies an electronically signed fingerprint real name authentication system according to claim 9.
CN202110309982.2A 2021-03-23 2021-03-23 Fingerprint real-name authentication method and system for electronic signature Active CN113079017B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110309982.2A CN113079017B (en) 2021-03-23 2021-03-23 Fingerprint real-name authentication method and system for electronic signature

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110309982.2A CN113079017B (en) 2021-03-23 2021-03-23 Fingerprint real-name authentication method and system for electronic signature

Publications (2)

Publication Number Publication Date
CN113079017A CN113079017A (en) 2021-07-06
CN113079017B true CN113079017B (en) 2023-09-05

Family

ID=76613755

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110309982.2A Active CN113079017B (en) 2021-03-23 2021-03-23 Fingerprint real-name authentication method and system for electronic signature

Country Status (1)

Country Link
CN (1) CN113079017B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004054395A (en) * 2002-07-17 2004-02-19 Nec Corp Fingerprint authentication mouse with storage device, fingerprint collation management system using the mouse and fingerprint collation management method
CN101267310A (en) * 2008-05-04 2008-09-17 王琰 Computer network access control system and method
CN105407100A (en) * 2010-09-24 2016-03-16 维萨国际服务协会 Method And System Using Universal Id And Biometrics
CN109145562A (en) * 2018-09-25 2019-01-04 浙江智贝信息科技有限公司 A kind of lasting authenticating identity method and its equipment by finger print mouse
CN109933966A (en) * 2019-03-13 2019-06-25 中国人民解放军国防科技大学 Continuous authentication method and system based on biological characteristics
CN110061995A (en) * 2019-04-24 2019-07-26 上海互啊佑智能科技有限公司 A kind of mouse, identity authorization system, method, apparatus and storage medium
CN111226450A (en) * 2019-11-26 2020-06-02 深圳市汇顶科技股份有限公司 External security authentication device, man-machine interaction device, communication system and authentication method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180336554A1 (en) * 2017-05-17 2018-11-22 Douglas H. Trotter Secure electronic transaction authentication

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004054395A (en) * 2002-07-17 2004-02-19 Nec Corp Fingerprint authentication mouse with storage device, fingerprint collation management system using the mouse and fingerprint collation management method
CN101267310A (en) * 2008-05-04 2008-09-17 王琰 Computer network access control system and method
CN105407100A (en) * 2010-09-24 2016-03-16 维萨国际服务协会 Method And System Using Universal Id And Biometrics
CN109145562A (en) * 2018-09-25 2019-01-04 浙江智贝信息科技有限公司 A kind of lasting authenticating identity method and its equipment by finger print mouse
CN109933966A (en) * 2019-03-13 2019-06-25 中国人民解放军国防科技大学 Continuous authentication method and system based on biological characteristics
CN110061995A (en) * 2019-04-24 2019-07-26 上海互啊佑智能科技有限公司 A kind of mouse, identity authorization system, method, apparatus and storage medium
CN111226450A (en) * 2019-11-26 2020-06-02 深圳市汇顶科技股份有限公司 External security authentication device, man-machine interaction device, communication system and authentication method

Also Published As

Publication number Publication date
CN113079017A (en) 2021-07-06

Similar Documents

Publication Publication Date Title
US20220312208A1 (en) Access method and system of internet of things equipment based on 5g, and storage medium
CN107079034B (en) Identity authentication method, terminal equipment, authentication server and electronic equipment
CN106412907B (en) Network access method, related equipment and system
CN103124269B (en) Based on the Bidirectional identity authentication method of dynamic password and biological characteristic under cloud environment
CN113114700B (en) Method and equipment for processing identity recognition, business processing and biological characteristic information
WO2017012175A1 (en) Identity authentication method, identity authentication system, terminal and server
CN110969431B (en) Secure hosting method, device and system for private key of blockchain digital coin
US20220360443A1 (en) Data security processing terminal, system and method
KR20130009356A (en) Authentication method and device using otp including biometric data
KR101520722B1 (en) Method, server and user device for verifying user
CN101420301A (en) Human face recognizing identity authentication system
EP4322464A1 (en) Information transmission method, storage medium and electronic device
US20220360440A1 (en) Image acquisition apparatus, server, and encryption and decryption methods
CN109145628B (en) Data acquisition method and system based on trusted execution environment
CN109375882B (en) Security printing method and system based on non-identification biometric authentication
CN104751154A (en) Fingerprint safe encryption method based on intelligent mobile information device
WO2018228061A1 (en) Data transmission method, device, and system
CN106936775A (en) A kind of authentication method and system based on fingerprint recognition
CN114117386A (en) Conference management method and device, computer readable storage medium and electronic device
CN110690969A (en) Method and system for completing bidirectional SSL/TLS authentication in cooperation of multiple parties
CN104715537A (en) Encryption and decryption method based on digital tags
CN108650219B (en) User identity identification method, related device, equipment and system
CN114357418A (en) Encryption authentication method, system, terminal device, server and storage medium
CN114079921B (en) Session key generation method, anchor point function network element and system
CN112425116A (en) Intelligent door lock wireless communication method, intelligent door lock, gateway and communication equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant