CN115700562A

CN115700562A - Authentication method, readable medium, and electronic device

Info

Publication number: CN115700562A
Application number: CN202110874959.8A
Authority: CN
Inventors: 华佳烽; 任兵飞; 赵国见
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2021-07-30
Filing date: 2021-07-30
Publication date: 2023-02-07

Abstract

The application relates to the technical field of communication, and discloses an authentication method, a readable medium and electronic equipment. The authentication method in the application comprises the following steps: the first electronic equipment collects the biological data to be authenticated of the user, extracts the biological features to be authenticated from the biological data to be authenticated, encrypts the biological features to be authenticated and sends the obtained first encrypted data to the second electronic equipment. And the second electronic equipment processes the first encrypted data according to the stored template biological characteristics so as to fuse the template biological characteristics into the first encrypted data under the condition that the first encrypted data keeps an encrypted state, and obtain second encrypted data which are returned to the first electronic equipment. The first electronic equipment obtains the matching degree of the biological characteristics to be authenticated and the template biological characteristics based on the second encrypted data and the biological characteristics to be authenticated, and then generates an authentication result according to the matching degree. The authentication method can reduce the security risk, avoid the authentication result from being tampered, and improve the user experience.

Description

Authentication method, readable medium, and electronic device

Technical Field

The present application relates to the field of communications technologies, and in particular, to an authentication method, a readable medium, and an electronic device.

Background

An identity authentication method based on biometric features is a method of performing authentication through inherent physiological or behavioral attributes of a user, and is widely used. Currently available biometric features for identity authentication include fingerprints, facial features, iris, palm prints, gait, voice prints, voice, handwriting, etc.

Among them, a Human Face Recognition Method (HFRM) based on facial feature Recognition is widely applied in various fields as a fast and convenient novel authentication Method. For example, the face recognition technology can be used for face-brushing payment in a financial scene, face-brushing authentication in a civil aviation scene, face-brushing access control in an office scene, face-brushing authentication in a hotel accommodation scene, and the like. For example, the facial features of the collected human face are compared with the reference features, so as to obtain a human face recognition result. However, because the facial features have high stability and uniqueness, once the facial features of the face of the user are leaked, a great safety hazard is brought.

Disclosure of Invention

The application aims to provide an authentication method, a readable medium and an electronic device. The authentication method comprises the steps that first electronic equipment collects biological data to be authenticated of a user, extracts biological features to be authenticated from the biological data to be authenticated, encrypts the biological features to be authenticated and sends the obtained first encrypted data to second electronic equipment. And the second electronic equipment fuses the biological features to be authenticated under the condition that the first encrypted data is not decrypted according to the stored template biological features to obtain second encrypted data. The first electronic device receives the second encrypted data and decrypts the second encrypted data. And then, the first electronic equipment further calculates according to the second processing result obtained by decryption and the biological characteristics to be authenticated to obtain the matching degree of the biological characteristics to be authenticated and the biological characteristics of the template, and obtains the authentication result of the user according to the matching degree to finish authentication. The authentication method can reduce the security risk, avoid the authentication result from being tampered, and improve the user experience.

A first aspect of the present application provides an authentication method, which specifically includes: the method comprises the steps that first electronic equipment collects biological data to be authenticated and encrypts first biological characteristics of the biological data by adopting a first preset secret key to obtain first encrypted data; the first electronic equipment sends first encrypted data to the second electronic equipment; the first electronic equipment receives second encrypted data from the second electronic equipment, wherein the second encrypted data is obtained by the second electronic equipment through first-class processing on second biological characteristics by using first encrypted data, the first encrypted data is encrypted data of a first biological characteristic and a first processing result of the second biological characteristic, and the second biological characteristic is a second biological characteristic of template biological data stored on the second electronic equipment; the first electronic equipment performs second type processing on the second encrypted data, and converts the second encrypted data into a second processing result of the first biological characteristic and the second biological characteristic; the first electronic equipment calculates the matching degree of the first biological characteristics and the second biological characteristics based on the second processing result, and generates an authentication result according to the matching degree.

The biological data refers to data which is acquired by the acquisition equipment and contains biological information of the user. For example, an image of the user, such as a face image, a fingerprint image, or an iris image, captured by the first electronic device. The first biometric characteristic is used to identify biometric information unique to the user. For example, the first electronic device extracts biometric information of the user, such as facial features, fingerprint features, or iris features, based on the biometric data. The template biological data refers to data which is acquired in advance and used for user biological authentication and contains user biological characteristic information, wherein the template biological data can be acquired through second electronic equipment data or can be directly acquired from other electronic equipment. The second biological characteristic is template biological characteristic information which is generated by collecting biological characteristic information of a user for multiple times and in multiple angles and has higher completeness. The first type of processing may be homomorphic cryptographic computation. The second type of processing may be decryption processing. The second processing result is the result of cross-computing the first biological characteristic and the second biological characteristic which are matched with the related operators in the matching algorithm. Wherein the correlation operator refers to a part of the cross-computation of the first and second biometric in the matching algorithm. It is understood that the first processing result and the second processing result may be the same, or the first processing result and the second processing result may be different. The encryption methods of the first encrypted data and the second encrypted data may be the same, or the encryption methods of the first encrypted data and the second encrypted data may be different, and the present application is not particularly limited.

In this embodiment of the application, after receiving the first encrypted data, the second electronic device processes the second biometric using the first encrypted data to obtain encrypted data obtained by integrating the first biometric and the second biometric, that is, the second biometric is correspondingly integrated into the first biometric without revealing the second biometric and decrypting the first encrypted data. And then, the first electronic device decrypts the second encrypted data to obtain a cross calculation result of the first biological characteristic and the second biological characteristic, and further calculates the matching degree of the first biological characteristic and the second biological characteristic based on the cross calculation result, and generates an authentication result according to the matching degree. Because the first electronic device obtains the cross calculation result of the first biometric characteristic and the second biometric characteristic after decryption, that is, the result presented after mutual encryption of the first biometric characteristic and the second biometric characteristic, the second biometric characteristic can be prevented from being leaked to the first electronic device, that is, the matching degree of the first biometric characteristic and the second biometric characteristic can be obtained under the condition that the first electronic device does not know the second biometric characteristic.

For example, taking the case that a user swipes a face on an access control system in an office to perform identity recognition, an authentication system in the authentication method includes a terminal device, an access control system server and a door lock. The terminal device can be a mobile electronic device such as a mobile phone, a tablet, a notebook computer, an intelligent watch, a tablet large screen, an intelligent bracelet, a mobile electronic mail device, a portable game machine, a portable music player and a reader device. The entrance guard equipment can also be replaced by other equipment corresponding to the scene, for example, public equipment such as a ticket machine capable of biological identification in a cinema, entrance guard equipment in a residential building, a ticket machine capable of biological identification in a railway station, a bus station and an airport, ticket checking equipment capable of biological identification in the railway station, the bus station and the airport, a payment machine capable of biological identification in a supermarket, and the like. In other application scenarios, the access control device may be replaced by other personal devices of the user, such as a tablet of the user, a notebook of the user, and the like.

The access control equipment collects face images of users, extracts facial features from the face images, encrypts the facial features and sends an encryption result to the terminal equipment. And the terminal equipment performs homomorphic encryption calculation on the encryption result according to the stored template characteristics to obtain a secret calculation result. And then, the terminal equipment sends the secret state calculation result to the access control equipment. And the access control equipment decrypts the secret calculation result. And the entrance guard equipment further calculates according to the decrypted integration result and the face characteristic to obtain a final comparison result of the face characteristic and the template characteristic, and the entrance guard equipment obtains an authentication result of the user identity according to the final comparison result so that the entrance guard system server controls the door lock to be unlocked or keeps locked according to the authentication result.

According to the authentication method, firstly, the secret calculation result sent to the first electronic equipment by the second electronic equipment is the integration result of the first biological characteristic and the second biological characteristic, the integration result is in an encrypted state, decryption cannot be performed under the condition that a secret key does not exist, and therefore the security risk can be reduced. And secondly, even if the secret calculation result is cracked, the first electronic device can further verify whether the returned integration result is correct or not because the cracked integration result is the integration result and is not the final comparison result, so that the influence of malicious tampering on the authentication result is reduced, the failure of the authentication function of the authentication system is effectively avoided, and the reliability and the accuracy of the authentication result are improved. Furthermore, the first encrypted data transmitted from the first electronic device to the second electronic device is the encrypted first biometric feature, and hence the difficulty of decryption is high, and even if the first encrypted data is decrypted, the extracted biometric feature is leaked, and the biometric information is not the user image, and the biometric information is not actually leaked without knowing the extraction method. In addition, the first electronic device can decrypt, so that the risk of leakage of a decryption mode is reduced, and the reliability and the accuracy of the authentication method are improved. In addition, the second electronic equipment does not have a decryption mode, so that the first biological characteristics are prevented from being leaked to the second electronic equipment, and the safety is further improved.

In a possible implementation of the first aspect, in order to further avoid the first biometric feature from being leaked, so as to improve the security of biometric identification, in a preset period, the first electronic device may delete the collected biometric data to be authenticated and the extracted biometric feature to be authenticated in time, so as to avoid the biometric data to be authenticated and the extracted biometric feature to be authenticated from being retained in each business system, and further reduce the risk of the biometric feature leakage of the user. For example, after each authentication, the first electronic device deletes the collected biometric data to be authenticated and the extracted biometric features to be authenticated.

In a possible implementation of the first aspect, when the second biometric characteristic is multiple, the authentication method further includes: the first electronic equipment respectively carries out first-class processing on each second biological characteristic by using the first encrypted data to obtain second encrypted data corresponding to each second biological characteristic; the first electronic equipment respectively carries out second type processing on each second encrypted data to obtain a second processing result corresponding to each second biological characteristic; the first electronic device respectively calculates the matching degree of the first biological characteristics and each second biological characteristic based on the second processing result corresponding to each second biological characteristic, and generates an authentication result according to the maximum value in the matching degree.

That is, in the embodiment of the present application, when the second biometric features are multiple, since the first electronic device cannot screen out the second biometric features corresponding to the first biometric features from the multiple second biometric features according to the first encrypted data, the second electronic device needs to perform the second type of processing on each second biometric feature by using the first encrypted data, so as to obtain the second processing result corresponding to each second biometric feature. Then, the second electronic device calculates the matching degree of each second biological feature and the first biological feature based on each second processing result, and generates an authentication result according to the maximum value of the matching degrees. The authentication method has the advantages of reasonable authentication process and higher accuracy and credibility of the authentication result.

For example, the terminal device stores template features of a plurality of fingers of a certain user, that is, the template features are a plurality of. The access control equipment collects fingerprint images of users, extracts middle fingerprint features from the fingerprint images, and then encrypts the fingerprint features by using the public key. And after receiving the encrypted fingerprint characteristics, the terminal equipment performs homomorphic encryption calculation on the encrypted fingerprint characteristics according to each template characteristic respectively to obtain a secret calculation result of each template characteristic on the fingerprint characteristics. The access control equipment receives the plurality of secret state calculation results, and decrypts each secret state calculation result by using the private key to obtain a decryption result corresponding to each template feature. And then, the entrance guard equipment calculates the similarity between the fingerprint characteristics and the characteristics of each template according to each decryption result. And finally, the entrance guard equipment extracts the maximum value in the similarity between the fingerprint features and the template features, and generates an authentication result according to the maximum value in the similarity.

In a possible implementation of the first aspect, the authentication method further includes: the first electronic equipment receives the first encrypted data and the matching algorithm identification, and performs first-class processing corresponding to the matching algorithm identification on the second biological characteristics by using the first encrypted data to obtain second encrypted data; the first electronic equipment receives second encrypted data from the second electronic equipment, and carries out second type processing on the second encrypted data to obtain a second processing result; and the first electronic equipment calculates the matching degree of the first biological characteristics and the second biological characteristics according to the matching mode corresponding to the matching algorithm identification based on the second processing result. Wherein the matching mode is a matching degree calculation mode.

That is, in the embodiment of the present application, because the matching degree calculation manners of different biometric feature adaptations are different, for example, the matching degree calculation manner of facial feature adaptation is generally a similarity calculation manner such as cosine similarity and euclidean distance, and the matching degree calculation manner of fingerprint feature or iris feature adaptation is generally a neural network algorithm. When the first electronic device is capable of being adapted to different matching degree calculation manners, in order to simplify an interaction process between the first electronic device and the second electronic device and provide authentication efficiency of the authentication system, it is further necessary to determine a corresponding first-type processing manner and a corresponding matching degree calculation manner.

For example, the entrance guard device calculates the matching degree of the biological feature and the template feature according to the adaptive matching degree calculation mode. The terminal equipment receives the encryption result sent by the access control equipment, and needs to determine a homomorphic encryption calculation formula corresponding to the adaptive matching degree calculation mode according to the algorithm identification. The algorithm identification can be identification information which is determined according to the type of the biological characteristics collected by the access control equipment and is used for indicating a homomorphic encryption calculation formula and a matching degree calculation mode.

In one implementation mode, the entrance guard equipment determines a corresponding matching degree calculation mode according to the collected biological characteristics. Specifically, the terminal device receives an encryption result and an algorithm identifier sent by the access control device, determines a homomorphic encryption calculation mode according to the algorithm identifier, and then performs homomorphic encryption calculation on the encryption result according to the determined homomorphic encryption calculation mode and the template characteristics to obtain a secret calculation result. And the access control equipment decrypts the secret calculation result and calculates the matching degree between the biological characteristics and the template characteristics according to the matching degree calculation mode corresponding to the algorithm identification.

In another alternative implementation manner, the terminal device determines the corresponding matching degree calculation manner according to the encrypted biological features, for example, the terminal device determines the corresponding matching degree calculation manner according to the number of dimensions and columns of the encrypted biological features. Specifically, the terminal device receives an encryption result sent by the access control device, determines a homomorphic encryption calculation mode according to the algorithm identification, and performs homomorphic encryption calculation on the encryption result according to the determined homomorphic encryption calculation mode and the template characteristics to obtain a secret calculation result. And the access control equipment receives the algorithm identification and the secret state calculation result. And decrypting the secret state calculation result, and then calculating the matching degree between the biological characteristics and the template characteristics according to the matching degree calculation mode corresponding to the algorithm identification.

In some other embodiments, before the authentication is started, the terminal device and the access control device negotiate a matching degree calculation mode in advance, that is, the access control device determines the matching degree calculation mode in advance, and the terminal device determines a homomorphic encryption calculation mode corresponding to the matching degree calculation mode in advance.

According to the authentication method, the first type processing mode and the matching degree calculation mode can be determined quickly and accurately through the algorithm identification, the authentication steps are simplified, the calculation amount is reduced, the authentication period is shortened, and the user experience is improved.

In a possible implementation of the first aspect, the first electronic device decrypts the second encrypted data by using the second preset key, and converts the second encrypted data into a second processing result of the first biometric characteristic and the second biometric characteristic. It is to be understood that the first electronic device may also decrypt the second encrypted data by using other calculation manners, and is not limited in particular.

In a possible implementation of the first aspect, the second electronic device performs a first type of processing on a second biometric feature of the template biometric data stored in the second electronic device by using the first encrypted data and a first preset secret key, where the first preset secret key is a public key, and the second preset secret key is a private key corresponding to the public key.

That is, in the embodiment of the present application, the first electronic device generates the first preset key and the second preset key in advance. The first electronic device and the second electronic device can encrypt the related data according to the first preset key to obtain corresponding encrypted data, and the first electronic device can decrypt the encrypted data by adopting the second preset key.

In other embodiments of the present application, neither the first preset key nor the second preset key generated in advance by the first electronic device needs to be sent to the second electronic device.

For example, the access control device generates a preset public key and a preset private key, where the public key is used to encrypt the circulation data between the terminal device and the access control device, and the private key is used to decrypt the encrypted data.

In some implementation manners, the access control device stores a public key and a private key, and the terminal device does not store the public key and the private key because the terminal device does not need to use the public key for the homomorphic encryption calculation formula of the encryption result through the template feature. The access control equipment encrypts the facial features by using the public key and sends the encrypted facial features to the terminal equipment, and the terminal equipment performs homomorphic encryption calculation on the encrypted facial features by using the template features and sends the calculated secret calculation result to the access control equipment. The access control equipment decrypts the homomorphic calculation result by using the private key to obtain a decryption result.

In other implementation manners, the terminal device further uses a public key in the homomorphic encryption calculation formula performed on the encryption result by the terminal device through the template feature, so that the terminal device stores the public key. And the terminal equipment performs homomorphic encryption calculation on the encrypted facial features by using the template features and the public key.

In order to enhance the user experience, in some embodiments, the access control device can further generate a session key, where the session key is used to encrypt communication contents of the terminal device and the access control device. It is understood that the public key is used by the terminal device and the access control device to transfer and agree on the session key.

In the authentication method, the private key is only stored in the first electronic equipment, so that the risk of leakage of the private key is reduced, and the reliability and the accuracy of the authentication method are improved. In addition, the second electronic equipment does not have a private key, so that the first biological characteristics are prevented from being leaked to the second electronic equipment, and the safety of the biological authentication is further improved.

In a possible implementation of the first aspect, the first electronic device is a public device, and the second electronic device is a user device.

In other words, in the embodiment of the present application, the scheme is not limited to the identity authentication between terminals that must have a trusted relationship, and can also be applied to the cooperative authentication of the temporary communication connection between the user equipment and the public equipment, so that the application range of the authentication method is increased.

In addition, the second biological characteristics of the user are stored in the user equipment and cannot be sent to the public equipment, the risk that the template characteristics are subjected to the second biological characteristics is reduced, and the safety can be effectively improved. Meanwhile, the second electronic device only stores the second biological characteristics of a certain user, namely the second electronic device is only used for identity authentication of the certain user, so that the response speed of the identity authentication is improved, and the user experience is improved.

In one possible implementation of the first aspect, the second biometric is stored in a trusted execution environment of the second electronic device, and the first type of processing of the second biometric by the first cryptographic data occurs in the trusted execution environment.

That is, in an embodiment of the application, the second biometric is stored in a Trusted Execution Environment (TEE) of the second electronic device. The second electronic device has a special code which can call the information in the TEE, and the special code can be called through the hardware abstraction layer in the calling process, so that the calling of the second biological characteristic by the hardware is coordinated. Furthermore, for security performance, all operations with respect to the second biometric must be done within the TEE, e.g., homomorphic cryptographic calculations of the first encrypted data according to the second biometric must be done within the TEE.

According to the authentication method, the second biological characteristics for assisting other equipment in authentication are stored in the trusted execution environment with higher security level in the second electronic equipment, meanwhile, the calculation related to the second biological integrity is set in the trusted environment, the second biological characteristics are prevented from being leaked from the second electronic equipment, and the security of the authentication scheme is improved.

In one possible implementation of the first aspect described above, the biometric data is any one of a face image, a fingerprint image, and an iris image. That is, in the embodiment of the present application, the first biometric feature is any one of a facial feature, a fingerprint feature, and an iris feature. In addition to this, the biometric data may be any one of a palm print feature, a gait feature, a voice print feature, and a handwriting feature. The authentication method is applicable to multiple application scenes, can be adapted to various types of biological authentication methods, and enlarges the application range of the authentication method in the application.

In a possible implementation of the first aspect, the first biometric feature constitutes a first feature vector, the first encrypted data is a vector formed by encrypting components in the first feature vector, the second biometric feature constitutes a second feature vector, and the first encrypted data is used to perform a first type of processing on a second biometric feature of template biometric data stored in the second electronic device, so as to obtain second encrypted data, which specifically includes: and performing power multiplication calculation on the first encrypted data and the second feature vector to obtain second encrypted data, wherein the encrypted first biological feature in the first encrypted data is used as a base number in the power multiplication calculation, and the corresponding second biological feature in the second feature vector is used as an exponent in the power multiplication calculation.

In a possible implementation of the foregoing first aspect, the performing a second type of processing on the second encrypted data by using a second preset key, and converting the second encrypted data into a second processing result of the first biometric characteristic and the second biometric characteristic specifically includes: and decrypting the second encrypted data by using a second preset key to obtain an inner product of the first characteristic vector and the second characteristic vector as a second processing result.

In a possible implementation of the first aspect, the calculating, by the first electronic device, a matching degree of the first biometric characteristic and the second biometric characteristic based on the second processing result, and generating the authentication result according to the matching degree specifically includes: the first electronic equipment receives a modulus of a second feature vector sent by the second electronic equipment; the first electronic equipment calculates the similarity of the first feature vector and the second feature vector through cosine similarity or Euclidean distance based on the mode of the second feature vector and the second processing result; and the first electronic equipment generates an authentication result by judging whether the calculated similarity reaches a similarity threshold value. Specifically, when the first electronic device determines that the similarity reaches the similarity threshold, the generated authentication result is authenticated, and when the first electronic device determines that the similarity does not reach the similarity threshold, the generated authentication result is not authenticated.

In a possible implementation of the first aspect, the authentication method further includes: the first biological features form a first feature vector, the probability of the second biological features forms a second feature matrix, and the second processing result is the product of the first feature vector and the second feature matrix; the first electronic device generates an authentication result based on whether or not a maximum value of the components in the second processing result reaches a weight threshold.

In a possible implementation of the first aspect, the authentication method further includes: the second electronic equipment is registered in a server corresponding to the first electronic equipment; and the first electronic equipment sends the authentication result to a server corresponding to the first electronic equipment so as to authenticate the authentication result and the second electronic equipment.

For example, in order to give the terminal device the authority to assist the access control device to complete the user identity authentication, before the user identity authentication step, the terminal device needs to register in the access control system server corresponding to the access control device. Specifically, the terminal device registers device information in the access control system server. The access control system server judges whether the authentication result is that the user identity authentication passes, and secondly, the access control system server can authenticate the terminal equipment according to the equipment information. The authentication method improves the safety and reliability of the authentication scheme.

A second aspect of the present application provides an authentication method, which specifically includes: the second electronic equipment receives first encrypted data from the first electronic equipment, wherein the first encrypted data is obtained by encrypting a first biological characteristic of biological data to be authenticated by a first preset secret key; the second electronic equipment performs first-class processing on second biological characteristics of template biological data stored in the second electronic equipment by using the first encrypted data to obtain second encrypted data, wherein the second encrypted data is encrypted data of first biological characteristics and first processing results of the second biological characteristics; the second electronic device sends second encrypted data to the first electronic device, wherein the second encrypted data can be used by the first electronic device for a second type of processing to convert the second encrypted data into a second processing result of the first biometric characteristic and the second biometric characteristic, the second processing result can be used by the first electronic device to calculate a matching degree of the first biometric characteristic and the second biometric characteristic, and the matching degree can be used by the first electronic device to generate an authentication result.

In a possible implementation of the second aspect, when the second biometric characteristic is multiple, the method further includes: the first electronic equipment respectively carries out first-class processing on each second biological characteristic by using the first encrypted data to obtain second encrypted data corresponding to each second biological characteristic; the first electronic equipment respectively carries out second type processing on each second encrypted data to obtain a second processing result corresponding to each second biological characteristic; the first electronic device respectively calculates the matching degree of the first biological characteristics and each second biological characteristic based on the second processing result corresponding to each second biological characteristic, and generates an authentication result according to the maximum value in the matching degree.

In a possible implementation of the second aspect, the authentication method further includes: the first electronic equipment receives the first encrypted data and the matching algorithm identification, and performs first-class processing corresponding to the matching algorithm identification on the second biological characteristics by using the first encrypted data to obtain second encrypted data; the first electronic equipment receives second encrypted data from the second electronic equipment, and performs second type processing on the second encrypted data to obtain a second processing result; and the first electronic equipment calculates the matching degree of the first biological characteristic and the second biological characteristic according to the matching mode corresponding to the matching algorithm identification based on the second processing result.

In a possible implementation of the second aspect, the first electronic device decrypts the second encrypted data by using the second preset key, and converts the second encrypted data into a second processing result of the first biometric characteristic and the second biometric characteristic.

In a possible implementation of the second aspect, the second electronic device performs a first type of processing on a second biometric feature of the template biometric data stored in the second electronic device by using the first encrypted data and a first preset secret key, where the first preset secret key is a public key, and the second preset secret key is a private key corresponding to the public key.

In a possible implementation of the second aspect, the first electronic device is a public device, and the second electronic device is a user device.

In one possible implementation of the second aspect, the second biometric is stored within a trusted execution environment of the second electronic device, and the first type of processing of the second biometric by the first cryptographic data occurs within the trusted execution environment.

In one possible implementation of the second aspect described above, the biometric data is any one of a face image, a fingerprint image, and an iris image.

In one possible implementation of the second aspect, the authentication method further includes: the first biological characteristics form a first characteristic vector, the first encrypted data are vectors formed by encrypting components in the first characteristic vector, the second biological characteristics form a second characteristic vector, and the first encrypted data are used for carrying out first-class processing on the second biological characteristics of template biological data stored in the second electronic equipment to obtain second encrypted data, wherein the first-class processing comprises the following steps: and performing power multiplication calculation on the first encrypted data and the second feature vector to obtain second encrypted data, wherein the encrypted first biological features in the first encrypted data are used as base numbers in the power multiplication calculation, and the corresponding second biological features in the second feature vector are used as exponents in the power multiplication calculation.

In a possible implementation of the second aspect, the authentication method further includes: the second type of processing is carried out on the second encrypted data by utilizing a second preset secret key, and the second encrypted data is converted into a second processing result of the first biological characteristic and the second biological characteristic, and the second processing result comprises the following steps: and decrypting the second encrypted data by using a second preset key to obtain an inner product of the first characteristic vector and the second characteristic vector as a second processing result.

In a possible implementation of the second aspect, the authentication method further includes: the first electronic equipment calculates the matching degree of the first biological characteristics and the second biological characteristics based on the second processing result, and generates an authentication result according to the matching degree, and the authentication method comprises the following steps: the first electronic equipment receives a modulus of a second feature vector sent by the second electronic equipment; the first electronic equipment calculates the similarity of the first feature vector and the second feature vector through cosine similarity or Euclidean distance based on the mode of the second feature vector and the second processing result; and the first electronic equipment generates an authentication result by judging whether the calculated similarity reaches a similarity threshold value.

In one possible implementation of the second aspect, the method further includes: the first biological features form a first feature vector, the probability of the second biological features forms a second feature matrix, and the second processing result is the product of the first feature vector and the second feature matrix; the first electronic device generates an authentication result based on whether a maximum value among the components in the second processing result reaches a weight threshold.

In a possible implementation of the second aspect, the authentication method further includes: the second electronic equipment is registered in a server corresponding to the first electronic equipment; and the first electronic equipment sends the authentication result to a server corresponding to the first electronic equipment so as to authenticate the authentication result and the second electronic equipment.

A third aspect of the present application provides an authentication method, which specifically includes: the method comprises the steps that first electronic equipment collects biological data to be authenticated and encrypts first biological characteristics of the biological data by adopting a first preset secret key to obtain first encrypted data; the second electronic equipment receives the first encrypted data from the first electronic equipment, and performs first-class processing on a second biological characteristic of template biological data stored in the second electronic equipment by using the first encrypted data to obtain second encrypted data, wherein the second encrypted data is encrypted data of a first processing result of the first biological characteristic and the second biological characteristic; the first electronic equipment receives second encrypted data from the second electronic equipment, carries out second type processing on the second encrypted data, and converts the second encrypted data into a second processing result of the first biological characteristic and the second biological characteristic; and the first electronic equipment calculates the matching degree of the first biological characteristics and the second biological characteristics based on the second processing result, and generates an authentication result according to the matching degree.

In a possible implementation of the third aspect, when the second biometric characteristic is multiple, the method further includes: the first electronic equipment respectively carries out first-class processing on each second biological characteristic by using the first encrypted data to obtain second encrypted data corresponding to each second biological characteristic; the first electronic equipment respectively carries out second type processing on each second encrypted data to obtain a second processing result corresponding to each second biological characteristic; the first electronic device respectively calculates the matching degree of the first biological characteristics and each second biological characteristic based on the second processing result corresponding to each second biological characteristic, and generates an authentication result according to the maximum value in the matching degree.

In a possible implementation of the third aspect, the authentication method further includes: the first electronic equipment receives the first encrypted data and the matching algorithm identification, and performs first-class processing corresponding to the matching algorithm identification on the second biological characteristics by using the first encrypted data to obtain second encrypted data; the first electronic equipment receives second encrypted data from the second electronic equipment, and performs second type processing on the second encrypted data to obtain a second processing result; and the first electronic equipment calculates the matching degree of the first biological characteristic and the second biological characteristic according to the matching mode corresponding to the matching algorithm identification based on the second processing result.

In a possible implementation of the third aspect, the first electronic device decrypts the second encrypted data by using the second preset key, and converts the second encrypted data into a second processing result of the first biometric characteristic and the second biometric characteristic.

In a possible implementation of the third aspect, the second electronic device performs a first type of processing on a second biometric feature of the template biometric data stored in the second electronic device by using the first encrypted data and a first preset secret key, where the first preset secret key is a public key, and the second preset secret key is a private key corresponding to the public key.

In a possible implementation of the foregoing third aspect, the first electronic device is a public device, and the second electronic device is a user device.

In one possible implementation of the foregoing third aspect, the second biometric is stored within a trusted execution environment of the second electronic device, and the first type of processing of the second biometric by the first cryptographic data occurs within the trusted execution environment.

In one possible implementation of the third aspect, the biometric data is any one of a face image, a fingerprint image, and an iris image.

In a possible implementation of the third aspect, the authentication method further includes: the first biological characteristics form a first characteristic vector, the first encrypted data are vectors formed by encrypting components in the first characteristic vector, the second biological characteristics form a second characteristic vector, and the first encrypted data are used for carrying out first-class processing on the second biological characteristics of template biological data stored in the second electronic equipment to obtain second encrypted data, wherein the first encrypted data comprise: and performing power multiplication calculation on the first encrypted data and the second feature vector to obtain second encrypted data, wherein the encrypted first biological feature in the first encrypted data is used as a base number in the power multiplication calculation, and the corresponding second biological feature in the second feature vector is used as an exponent in the power multiplication calculation.

In a possible implementation of the third aspect, the authentication method further includes: the second type of processing is carried out on the second encrypted data by utilizing a second preset secret key, and the second encrypted data is converted into a second processing result of the first biological characteristic and the second biological characteristic, and the second processing result comprises the following steps: and decrypting the second encrypted data by using a second preset key to obtain an inner product of the first characteristic vector and the second characteristic vector as a second processing result.

In a possible implementation of the third aspect, the authentication method further includes: the first electronic device calculates the matching degree of the first biological characteristic and the second biological characteristic based on the second processing result, and generates an authentication result according to the matching degree, and the authentication method comprises the following steps: the first electronic equipment receives a modulus of a second feature vector sent by the second electronic equipment; the first electronic equipment calculates the similarity of the first feature vector and the second feature vector through cosine similarity or Euclidean distance based on the mode of the second feature vector and the second processing result; and the first electronic equipment generates an authentication result by judging whether the calculated similarity reaches a similarity threshold value.

In a possible implementation of the third aspect, the authentication method further includes: the first biological features form a first feature vector, the probability of the second biological features forms a second feature matrix, and the second processing result is the product of the first feature vector and the second feature matrix; the first electronic device generates an authentication result based on whether or not a maximum value of the components in the second processing result reaches a weight threshold.

In a possible implementation of the third aspect, the authentication method further includes: the second electronic equipment is registered in a server corresponding to the first electronic equipment; and the first electronic equipment sends the authentication result to a server corresponding to the first electronic equipment so as to authenticate the authentication result and the second electronic equipment.

A fourth aspect of the present application provides a readable medium having stored thereon instructions that, when executed on an electronic device, cause the electronic device to perform any one of the authentication methods of the first, second and third aspects described above.

A fifth aspect of the present application provides an electronic device comprising a memory for storing instructions for execution by one or more processors of the electronic device, and a processor, which is one of the processors of the electronic device, for performing any one of the authentication methods of the first, second and third aspects described above.

Drawings

FIG. 1 illustrates an application scenario in which a user identity authentication scheme is applicable in some embodiments;

FIG. 2 illustrates an application scenario in which a user identity authentication scheme is applied in some other embodiments;

FIG. 3 is a diagram illustrating an application scenario in which a user authentication scheme is applied in some embodiments of the present application;

fig. 4 is an interaction diagram of a terminal device 100, an access control device 200, and an access control system server 300 in an identity authentication scheme according to some embodiments of the present application;

fig. 5 is a schematic structural diagram of the terminal device 100 and the access control device 200 according to some embodiments of the present disclosure;

fig. 6 is an interaction diagram illustrating specific modules in the terminal device 100 and the door lock device 200 according to some embodiments of the present disclosure;

FIG. 7 is a schematic diagram of a handset 100' according to some embodiments of the present application;

fig. 8 is a block diagram illustrating a software structure of a handset 100' according to some embodiments of the present application.

Wherein, in the reference numbers: 210' -a door access device; 210a' -a first access control device; 210b' -a second access control device; 220' -authentication device; 100a "-first terminal device; 110a "-authentication module; 120a "-trusted management module; 100b "-second terminal device; 110b "-an information collection module; 120b "-a trusted management module; 130b "-a traffic module;

100-a terminal device; 101-terminal equipment connection module; 102-a service authentication module; 103-template storage module; 104-a secret state calculation module; 200-an access control device; 201-entrance guard equipment connecting module; 202-an information acquisition module; 203-a feature extraction module; 204-a cryptographic service module; 205-similarity calculation module; 206-local authentication module; 300-an access control system server; 400-door lock.

Detailed Description

The illustrative embodiments of the present application include, but are not limited to, a method, apparatus, readable medium, and electronic device for user identity authentication.

The identity Authentication Method according to the technical solution of the present application may be a Biometric Identification Authentication Method (BIAM). The biometric authentication method is an authentication method for authenticating the identity of a user by using human physiological characteristics (such as fingerprints, facial characteristics, irises, palmprints and the like) or behavior characteristics (such as gait, voiceprints, handwriting and the like). The user identity authentication method is suitable for application scenes such as face brushing and/or fingerprint brushing access control in office scenes, face brushing payment in financial scenes, face brushing authentication in civil aviation scenes, face brushing authentication in hotel accommodation scenes and the like.

To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.

In order to better understand the technical solutions of the embodiments of the present application, identity authentication is performed by brushing a face or a fingerprint on an access control system of an office by a user, and a scene of entering the office is taken as an example, so that some technical solutions of the present application are described in detail below.

For example, fig. 1 shows a scene diagram of a user performing identity authentication by face brushing on an access control system in an office. The user carries out identity authentication by brushing a face or a fingerprint on the access control system of the office, so that the user enters the office under the condition that the identity authentication is passed.

As shown in fig. 1, the access control system applied to an office includes an access control device 210 '(e.g., a camera) for acquiring a face image of a user, where the access control device 210' includes a first access control device 210a 'and a second access control device 210b'; and an authentication device 220' (e.g., a cloud server) for authenticating the identity of the user. The access control device 210 'and the authentication device 220' are both public devices, and the public devices are devices for providing public services to the public.

Specifically, the principle of user identity authentication in the embodiment shown in fig. 1 is as follows:

the access control device 210 'collects a face image of the user and transmits the collected face image to the authentication device 220'. The authentication device 220 'stores template features of all employees of the company, wherein the template features refer to biological feature information of all employees acquired by an acquisition device (for example, the access control device 210' in an access control system or other acquisition devices) through multiple times and multiple angles, and biological features with higher completeness are finally generated through a server. It will be appreciated that the template features may be used as reference features for reference in authenticating the identity of the user. After receiving the face image sent by the access control device 210', the authentication device 220' extracts the facial features of the user from the face image, and authenticates the identity of the user by comparing the extracted facial features with the similarity of the template features. For example, when the similarity reaches the similarity threshold, it is determined that the user identity is trustworthy, i.e., the user identity authentication is passed. Otherwise, when the similarity does not reach the similarity threshold, the user identity is judged to be untrustworthy, namely, the user identity authentication is not passed. The identity authentication scheme shown in fig. 1 is referred to as a centralized authentication scheme hereinafter.

It will be appreciated that prior to identity authentication using the centralized scheme shown in fig. 1, the user is required to enter his own template features into the access control device 210'. For example, user A enters his own template features T ₁ User B inputs own template characteristics T ₂ . The template features are then stored in the authentication device 220'. That is, the authentication device 220 'collects template features of the user a and the user B in advance and stores them in the authentication device 220' in a centralized manner, so as to provide remote identity authentication for the user a and the user B subsequently.

In order to better understand the technical scheme of identity authentication shown in fig. 1, the identity authentication process of the user a is briefly described below.

When the user a wants to perform identity authentication through the first access control device 210a ', the user a stands facing the first access control device 210a', and the first access control device 210a 'collects a face image of the user a and sends the face image to the authentication device 220'. Authentication device 220' extracts facial features F in a face image ₁ . Subsequently, the authentication device 220' converts the facial feature F ₁ With its stored template features T ₁ And (6) matching. If the matching is successful, the identity authentication of the user A is passed; and if the matching fails, the identity authentication of the user A is not passed. Finally, the authentication device 220' returns the authentication result to the first access control device 210a ', and the first access control device 210a ' controls a door lock (not shown) to open or keep closed according to the authentication result.

The identity authentication process of the user B is similar to that of the user a, and is not described herein again.

However, since in the above-described user authentication scheme, the template feature referred to in authentication needs to be uploaded to the authentication device 220 'in advance, the template feature of the user is inevitably leaked to the vendor of the authentication device 220'. First, the authentication device 220 'centrally stores the template features of a plurality of users, and when the outside wants to maliciously obtain the template feature of one of the users, the outside attacks the authentication device 220'. Once the authentication device 220 'is broken, the template features of all users centrally stored in the authentication device 220' will be revealed together. Therefore, the risk of the template features of the user being leaked is high, and the security of the template feature storage of the user is low. Secondly, the authentication result obtained by the authentication device 220' is the only judgment condition for determining whether the access control is opened, and the authentication result may be cracked and tampered in the process of being transmitted from the authentication device 220' to the access control device 210', and since the access control device 210' cannot sense whether the authentication result is tampered, the access control device 210' may possibly execute the tampered authentication result, finally the authentication function of the access control system is disabled, and the reliability and accuracy of the user identity authentication are reduced. Furthermore, the access control device 210 'directly sends the acquired portrait image to the authentication device 220', once the encrypted channel of the portrait image is cracked in the sending process, the portrait image of the user is leaked, and once the portrait image is leaked, because the portrait image has certainty and uniqueness, the leakage is difficult to remedy, and great potential safety hazard and privacy threat are brought to the user. In addition, in the above-mentioned identity authentication scheme for the identity user, a single authentication device 220 'stores the template features of multiple users, that is, multiple users need to use the same authentication device 220' for identity authentication, which results in a slow response speed of user identity authentication and affects user experience.

Fig. 2 shows a scenario diagram of another identity authentication scheme. In the scenario related to user identity authentication shown in fig. 2, the user identity authentication scheme is a cross-device authentication scheme with a trusted relationship, for example, two terminal devices logging in the same user account are used to jointly complete an authentication process. Compared with the embodiment shown in fig. 1, the application scenario shown in fig. 2 is more limited, and the identity authentication scheme shown in fig. 2 cannot be applied to public places. Specifically, as shown in fig. 2, the user identity authentication scenario includes a first terminal device 100a ″ and a second terminal device 100b ″ having a trusted relationship. The first terminal device 100a "is a device having an authentication function (e.g., a handset having a processor). The second terminal device 100b "is a device having an acquisition function (e.g., a tablet with a camera). In addition, the trusted relationship may also be implemented by the first terminal device 100a ″ and the second terminal device 100b ″ being in the same wifi, account number association.

The first terminal device 100a "includes an authentication module 110 a" and a trust management module 120a ". The authentication module 110a ″ is configured to extract facial features in the face image, authenticate the user according to the facial features and the template features, and encrypt and decrypt an authentication result according to the shared key. The second terminal device 100b "includes an information collection module 110 b", a trust management module 120b ", and a business module 130 b". The information collecting module 110b ″ is used for collecting the facial image of the user and encrypting the facial image by the shared secret key. The service module 130b "is used to carry different service systems. The trusted management module 120a "and the trusted management module 120 b" respectively generate a pair of public key and private key, then share the public key to the other party, and create a secret key shared by both parties. Trusted management module 120a "and trusted management module 120 b" may encrypt and decrypt messages by sharing a key between the two parties.

During identity authentication, the first terminal device 100a "sends the encrypted face image to the second terminal device 100 b", the second terminal device 100b "decrypts the face image and then performs user identity authentication, then encrypts the authentication result and sends the authentication result to the first terminal device 100 a", the first terminal device 100a "decrypts the authentication result, and user identity authentication is completed according to the decrypted authentication result.

However, the user identity authentication scheme shown in fig. 2 has the following problems: first, the identity authentication scheme shown in fig. 2 can only be applied to the cooperative authentication between the first terminal device 100a ″ and the second terminal device 100b ″ that have a trusted relationship, and the application scenario is limited and the application range is narrow. Secondly, since the first terminal device 100a "and the second terminal device 100 b" have a trusted relationship, the authentication result directly sent by the first terminal device 100a "to the second terminal device 100 b" is the final result, i.e. the second terminal device 100b "can access the service or deny access to the service according to the authentication result. However, the authentication result may be cracked and tampered in the process of being sent to the second terminal device 100b "by the first terminal device 100 a", and since the second terminal device 100b "cannot sense whether the authentication result has been tampered, the second terminal device 100 b" may possibly execute the tampered authentication result, and finally the authentication function of the service system is disabled, and the reliability and accuracy of the user identity authentication are reduced. In addition, since the shared key is distributed to the first terminal device 100a "and the second terminal device 100 b" through the trusted management module 120a "and the trusted management module 120 b", respectively, the shared key may be intercepted, and then the face image of the user may be decrypted and revealed, and since the face image has certainty and uniqueness, once the revealing is difficult to remedy, a great potential safety hazard and privacy threat may be brought to the user.

In order to solve the above problems, the present application provides a new user identity authentication scheme. For convenience of understanding, the following still takes the case that a user swipes a face on an access control system of an office to perform identity recognition, and takes a scene of entering the office as an example, and the technical scheme of the application is described in detail. Fig. 3 is a schematic diagram illustrating a scenario of user identity authentication. As shown in fig. 3, the authentication system to which the identity authentication scheme is applied in the present application includes a terminal device 100, an access control device 200, an access control system server 300, and a door lock 400. The terminal device 100 may be a mobile electronic device such as a mobile phone, a tablet, a notebook computer, a smart watch, a tablet large screen, a smart band, a mobile email device, a portable game machine, a portable music player, and a reader device. It is understood that in some other application scenarios, the access control device 200 may also be replaced with other devices corresponding to the scenario, for example, a ticket machine capable of biometric identification in a movie theater, an access control device in a residential building, a ticket machine capable of biometric identification in a train station, a bus stop and an airport, a ticket checking device capable of biometric identification in a train station, a bus stop and an airport, a biometric payment machine in a supermarket, and other public devices capable of collecting biometric features. In other application scenarios, the access control device may be replaced by other personal devices of the user, such as a tablet of the user, a notebook of the user, and the like.

The terminal device 100 is a private electronic device of the user, and the template features of the user are stored in the terminal device 100 in advance. The access control device 200 is configured to collect a face image of a user, extract facial features from the face image, encrypt the facial features, and send an encryption result to the terminal device 100. The terminal device 100 performs homomorphic encryption calculation on the encryption result of the facial features according to the stored template features to obtain a secret calculation result. Wherein, homomorphic encryption is calculated as: and performing homomorphic encryption calculation on the template characteristics and the encryption result without decrypting the encryption result to obtain a secret calculation result, wherein the secret calculation result is a result obtained by integrating the facial characteristics and the template characteristics and encrypting the face characteristics according to the encryption method of the facial characteristics.

Since the terminal device 100 sends the secret calculation result to the access control device 200, the access control device 200 decrypts the received secret calculation result according to the preset private key to obtain the result after the facial feature and the template feature of the user are integrated. Compared with the technical scheme that the template features are directly sent to the access control equipment 200 by the terminal equipment 100, the technical scheme can avoid the template features of the user from being leaked, and the safety of user identity authentication is improved. Then, the terminal device 100 transmits the secret calculation result to the access control device 200. The access control device 200 decrypts the secret calculation result. The access control device 200 further calculates according to the decrypted integration result and the face feature to obtain a final comparison result of the face feature and the template feature, and the access control device 200 obtains an authentication result of the user identity according to the final comparison result, so that the access control system server 300 controls the door lock 400 to be unlocked or kept locked according to the authentication result.

Therefore, compared with the centralized identity authentication scheme and the identity authentication scheme between terminals in trusted relationship, the user identity authentication scheme in the present application has the following differences: first, the secret calculation result sent by the terminal device 100 to the access control device 200 is an integration result of the facial features and the template features, and the integration result is in an encrypted state and cannot be decrypted without a secret key, so that the secret calculation result is prevented from being intercepted and cracked, and the security risk can be reduced. Secondly, even if the secret state calculation result is intercepted and cracked, the integration result between the facial feature and the template feature is revealed, and the result is not the final comparison result, the access control device 200 can further verify whether the returned secret state calculation result is correct, and screen out the secret state calculation result which is maliciously tampered in time, so that the influence of the maliciously tampered in the authentication result returning process on the authentication result can be avoided, the failure of the authentication function of the authentication system can be effectively avoided, and the reliability and the accuracy of the user identity authentication are improved. Moreover, the data sent by the access control device 200 to the terminal device 100 is the encrypted facial features, which on one hand is difficult to crack, and on the other hand, even if the encryption result is intercepted and cracked in the transmission process, the obtained extracted facial features are not the user image (for example, human face image), and even if the facial features are leaked, the real leakage of the biological features of the user cannot be caused even if the facial features are leaked without knowing the image feature extraction method. In addition, since the private key capable of decrypting the secret calculation result and the encryption result is only stored in the access control device 200, the private key does not need to be sent to the terminal device 100, the risk of private key leakage is reduced, and the reliability and accuracy of user identity authentication are improved. In addition, since the terminal device 100 does not have a private key for decrypting the encrypted result, the terminal device 100 cannot decrypt the encrypted facial features, and therefore the facial features extracted by the access control device 200 according to the face image cannot be revealed to the terminal device 100, and the security of the user biological features is further improved.

In addition, compared with the centralized identity authentication scheme shown in fig. 1, the scheme of the present application is independent, the template feature of the user is stored in the terminal device 100 private to the user and is not sent to the public device (for example, the authentication device 220'), the risk that the template feature is attacked and leaked is reduced, and the security can be effectively improved. Meanwhile, the terminal device 100 only stores the template features of the user, that is, the single terminal device 100' is only used for identity authentication of a single user, so that the response speed of the identity authentication of the user is increased, and the user experience is improved. Compared with the identity authentication scheme between the terminals in the trusted relationship shown in fig. 2, the scheme in the present application is not limited to the identity authentication between the terminals that must have the trusted relationship, and can also be applied to the cooperative authentication of the temporary communication connection between the terminal device 100 (personal device) of the user and the entrance guard device 200 (public device), so that the application range of the identity authentication method is expanded.

The following describes the user identity authentication method and system disclosed in the present application in detail. For convenience of description, the following description will continue to use a scene in which a user swipes a face on an access control system in an office to perform identity recognition, and enters the office as an example, to describe the technical scheme of the present application in detail.

Fig. 4 shows an interaction diagram of the terminal device 100 and the access control device 200 when authenticating the identity of the user in the application scenario shown in fig. 3. In which the terminal device 100 stores therein a template feature T of the user. The access control device 200 is used for collecting a user image of a user, extracting a biological feature according to the user image, and encrypting the biological feature. The similarity between the biometric features acquired by the access control device 200 and the template features T in the terminal device 100 can be obtained by homomorphic encryption calculation between the terminal device 100 and the access control device 200, and then whether the user identity authentication is passed or not is judged. As can be seen from fig. 3 and 4, the user identity authentication process in the present application specifically includes the following steps:

step S401: a communication connection is established between the terminal device 100 and the access control device 200.

In some embodiments, the terminal device 100 and the access control device 200 are directly connected in a short distance, that is, when the terminal device 100 and the access control device 200 are close to each other, the terminal device 100 and the access control device 200 are in communication connection, so as to implement data transmission therebetween. For example, after the terminal device 100 enters the near field communication range of the access control device 200, a communication connection is established by means of near-field communication (NFC), bluetooth (BL), or near-field communication (near-field communication) modules of the terminal device 100 and the access control device 200. In the technical scheme of the application, the terminal device 100 and the entrance guard device 200 are required to cooperate to complete the authentication of the user identity. Therefore, when the user identity needs to be authenticated, the terminal device 100 and the access control device 200 are first required to establish a communication connection.

In addition, in order to give the terminal device 100 the authority to assist the access control device 200 in completing the user identity authentication, before the user identity authentication step (for example, when the terminal device 100 and the access control device 200 establish a communication connection), the terminal device 100 needs to register in the access control system server 300 corresponding to the access control device 200. For example, the terminal device 100 registers the device information in the access control system server 300, and the access control system server 300 returns the registration credential after the registration is successful.

In some implementations, the terminal device 100 sends a registration request to the access control system server 300. The access control system server 300 receives the registration request sent by the terminal device 100, and registers the terminal device 100 according to the registration request. The registration request is request information that is initiated by the terminal device 100 to the access control system server 300 and is used to request the access control system server 300 to register the terminal device 100. The registration request includes Device Identification (DID) and Protocol Version (PV) of the terminal Device 100 and other Device information. For example, the terminal device 100 is a mobile phone, and the device identifier is a mobile phone number corresponding to the terminal device 100, or a device ID corresponding to the terminal device 100, or a user name corresponding to the terminal device 100.

After receiving the registration request, the access control system server 300 verifies the registration request for the terminal device 100. After the verification is passed, the access control system server 300 registers the terminal device 100, and adds the device information of the terminal device 100 to a white list of the access control system server 300. For example, after receiving the registration request, the access control system server 300 determines whether the terminal device 100 is not registered by checking the device identifier of the terminal device 100, determines whether the protocol version of the terminal device 100 is consistent or compatible with the current version of the access control system server 300 by checking the protocol version number of the terminal device 100, and so on. If the parameters verified by the access control system server 300 are all satisfied by the terminal device 100, it indicates that the terminal device 100 satisfies the registration condition, and the access control system server 300 registers the terminal device 100.

The access control system server 300 transmits registration credentials to the terminal device 100, wherein the registration credentials are used to notify that the terminal device 100 has completed registration on the access control system server 300. The registration credential includes a "registration completed" flag and a registration Lifetime (LT). The registration lifecycle refers to a validity period of the current registration, and the terminal device 100 needs to update the registration within the validity period. For example, the registration lifecycle is 30 days, or the registration lifecycle is permanent.

It is understood that the registration scheme of the terminal device 100 in the access control system server 300 in the present application is not limited to the above scheme provided in the present application, and other schemes that enable the terminal device 100 to register in the access control system server 300 are also within the protection scope of the present application, and the present application is not limited specifically.

In other embodiments, the process of determining whether the user or the terminal device 100 has the authority to assist the access control device 200 in completing the user identity authentication by the white list in the access control system server 300 occurs during the process of establishing the communication connection between the terminal device 100 and the access control device 200.

In some implementation manners, when the terminal device 100 and the access control device 200 satisfy a communication connection establishment condition, for example, a distance between the terminal device 100 and the access control device 200 is smaller than a distance threshold, the terminal device 100 sends a communication connection request to the access control device 200, where the communication connection request carries a device identifier of the terminal device 100. The access control device 200 transmits a communication connection request or a device identification to the access control system server 300. The access control system server 300 determines whether the terminal device 100 has the right to assist the access control device 200 to complete the user identity authentication according to the white list, and when the determination result is yes, the terminal device 100 establishes communication connection with the access control device 200.

Step S402: the access control device 200 collects a face image of a user.

In some embodiments, after the access control device 200 detects the trigger signal, it starts to acquire a facial image of the user.

The trigger signal is instruction information for triggering the access control device 200 to acquire a face image of the user.

In some implementations, the trigger signal may be a signal generated by the access control device 200 according to an external image monitored in real time. For example, the access control device 200 monitors an external image in a target area in real time, and when it is monitored that the external image includes a face image, the access control device 200 generates a trigger signal.

In alternative other implementations, the trigger signal may also be a signal generated by the access control device 200 according to a specific operation of the user. The specific operation of the user may be a voice call, for example, the user sends voice information related to face recognition, and the access control device 200 generates the trigger signal after receiving the voice information sent by the user. The specific operation of the user can also be key touch, for example, a trigger signal is generated after the user touches a specific physical key (for example, a Call key). The face image refers to an image including face information. In some embodiments, the face image is a static image, and the access control device 200 captures an image of the target area through a camera or a video camera, and screens out the face image including face information from the captured image. In some other embodiments, the face image may also be a dynamic image, and the access control device 200 records a video stream in the target area through a camera or a video camera, and screens out a face image including face information from the recorded video stream.

Step S403: the access control device 200 extracts the facial features F in the face image.

It is understood that the facial features F refer to data used for face recognition. For example, the facial features are facial feature vectors. The facial feature vector may be a one-dimensional or multi-dimensional feature vector, that is, the facial features include features in one or more dimensions.

In some embodiments, the face image directly acquired by the access control device 200 may be limited by various conditions and randomly interfered, and may not be directly used. Therefore, it is necessary to perform preprocessing on the face image before image processing.

In some implementations, the preprocessing of the face image by the access control device 200 includes at least one of the following: size normalization, face alignment, light compensation, gray scale transformation, histogram equalization, geometry correction, median filtering, and sharpening, among others.

In some embodiments, the access control device 200 obtains a face element in the face image, and extracts a face key point corresponding to the face element. The access control device 200 performs normalization processing on the face key points to obtain face characteristic values. The face feature value is the feature in the face feature vector. The face element refers to an element set used for face recognition in a human face. Face elements include eyebrows, eyes, nose, mouth, ears, etc. The face elements may be characterized by facial key points, each face element corresponding to at least one facial key point. The face key points are points used for representing information such as size, position, shape and the like of the face elements. For example, the nose includes one facial key point at the tip of the nose and the mouth includes two facial key points at the left and right mouth corners.

In some embodiments, the number of facial keypoints may be 5, 11, 68, or 98.

In some embodiments, the access control device 200 selects one of the facial key points as an origin, and performs normalization processing on other facial key points to obtain a facial feature value corresponding to each facial key point. The normalization refers to representing the face key points by using a unified measurement unit and a measurement standard.

In an implementation manner, because the distribution positions of face elements in a face are relatively fixed, and the face key points are divergently distributed by taking a nose as a center, the face key points can be normalized by taking the nose as an origin to obtain face feature values of all the face key points. One face key point may correspond to a plurality of face feature values, for example, the face feature value may be a gray value, a relative position, or the like of the face key point.

For example, facial features may be characterized as n-dimensional vectors: f (x) ₁ ，x ₂ ，x ₃ ，......，x _n-1 ，x _n ). Wherein x is ₁ ，x ₂ ，x ₃ ，......，x _n-1 ，x _n Feature values of facial key points. These eigenvalues are used to characterize the gray value, position, color, etc. of a certain face keypoint, respectively.

Similarly, the template features previously mentioned in this application may also be tabulatedCharacterized as an n-dimensional vector: t (y) ₁ ，y ₂ ，y ₃ ，......，y _n-1 ，y _n ). Wherein, y ₁ ，y ₂ ，y ₃ ，......，y _n-1 ，y _n Feature values for facial keypoints in the template features. In addition, the eigenvalues of the same dimension in the F vector and the T vector are characterized with the same meaning. For example, x ₁ Characterize the location of the eyes in the facial feature, then y ₁ The location of the eye in the template features is characterized.

It can be understood that, in the present application, the manner of obtaining the facial features is not particularly limited, that is, the access control device 200 may also extract the facial features of the user from the face image through other technical solutions, and the method is also within the protection scope of the present application.

In addition, in order to further avoid the leakage of the biological features of the user, so as to improve the safety of biological recognition, in some embodiments, in a preset period, the access control device 200 deletes the acquired face image and the extracted facial features F, so as to avoid the face image and the facial features F of the user from being retained in each business system, and further reduce the risk of the leakage of the biological features of the user. For example, after the identity authentication is completed, the access control device 200 deletes the acquired face image and the extracted facial features F.

Step S404: the door control device 200 encrypts the face feature F to obtain an encryption result Enc (F).

In some embodiments, the access control device 200 encrypts the feature value in the facial feature according to the preset public key pk and the encryption method in the homomorphic encryption algorithm to obtain the encrypted facial feature, that is, the encryption result Enc (F).

In some embodiments, the access control device 200 generates a preset public key pk and a preset private key sk, where the public key pk is used to encrypt circulation data between the terminal device 100 and the access control device 200, and the private key sk is used to decrypt the encrypted data.

In some implementations, the access control device 200 stores the public key pk and the private key sk, and the terminal device 100 does not store the public key pk and the private key sk. Specifically, the door control device 200 encrypts the facial feature F by using the public key pk, and sends the encrypted facial feature F to the terminal device 100, and the terminal device 100 performs homomorphic encryption calculation on the encrypted facial feature F by using the template feature T, and sends a calculated secret calculation result to the door control device 200. The access control device 200 decrypts the homomorphic calculation result by using the private key sk to obtain a decryption result.

In other implementation manners, the access control device 200 stores a public key pk and a private key sk, and the terminal device 100 stores the public key pk. Specifically, the door control device 200 encrypts the facial feature F by using the public key pk, and sends the encrypted facial feature F to the terminal device 100, and the terminal device 100 performs homomorphic encryption calculation on the encrypted facial feature F by using the template feature T and the public key pk, and sends a secret calculation result to the door control device 200. The access control device 200 decrypts the secret calculation result by using the private key sk to obtain a decryption result.

In order to enhance the user experience, in some embodiments, the access control device 200 can also generate a session key, and the session key is used to encrypt the communication contents of the terminal device 100 and the access control device 200. It is understood that the terminal device 100 and the access control device 200 use the public key pk to transfer and subscribe the session key.

Homomorphic Encryption (HE) is an encryption form, when a specific form of algebraic operation is performed on an encryption result Enc (F) and a template feature T, an encrypted secret calculation result is obtained, and a decryption result obtained by decrypting the secret calculation result is the same as an algebraic operation result obtained by performing the same specific form on a face feature F and the template feature T.

Homomorphic encryption includes fully homomorphic encryption, addition homomorphic encryption, and multiplication homomorphic encryption. The fully homomorphic encryption is an encryption function which simultaneously satisfies the properties of addition homomorphy and multiplication homomorphy and can carry out addition and multiplication operations for any number of times. The addition homomorphism is that, if there is an effective algorithm ≦ Enc, enc (x + y) = Enc (x) ≦ Enc (y) or x + y = D (Enc (x) ≦ Enc (y)) holds, and only Enc (x), enc (y), and the private key sk needs to be known in the process of acquiring x + y, and x and y are not leaked. Multiplication homomorphism is that if there is an efficient algorithm

Or

It is true that only Enc (x), enc (y) and the private key sk need to be known in the process of acquiring x × y, and x and y are not leaked.

In some embodiments, the access control device 200 encrypts the face feature F by using an addition homomorphic encryption (semantic security type) algorithm based on a high-order residual computation difficulty assumption of a combined digital-analog algorithm, so as to obtain an encryption result Enc (F).

The access control device 200 sets a public key (pk) and a private key (sk) of the homomorphic encryption algorithm. Where the public key pk = (N, g), and the private key sk = λ. The specific obtaining method of the public key pk and the private key sk comprises the following steps: the access control equipment 200 selects random prime numbers p and q, and the access control equipment 200 selects a random number g epsilon Z. N = pq, λ = lcm (p-1, q-1), gcd (L (g) ^λ mod N ² ) N) =1, l (x) = (x-1)/N. Wherein, lcm is used for calculating the least common multiple of 2 or more than 2 values as lambda. The gcd is used to calculate the greatest common divisor of 2 or more values. mod is used to calculate the remainder for 2 values.

It is to be understood that the time node at which the access control device 200 obtains the public key pk and the private key sk is not particularly limited. For example, the access control device 200 acquires the public key pk and the private key sk as an initialization phase before the terminal device 100 establishes a communication connection with the access control device 200. For another example, the stage of obtaining the public key pk and the private key sk by the access control device 200 is after the access control device 200 extracts the facial feature F.

The access control device 200 uses the public key pk to set the eigenvalue x in the facial feature F by the formula (1) and the formula (2) _i Performing encryption, wherein the formula (1) and the formula (2) are encryption formulas, and the encryption result Enc (F) is [ [ x ] _i ]]：

Enc(x _i ,pk_device)＝[[x _i ]] (1)

Wherein x is _i As feature values in the facial feature F, r ₁ Constant, N = pq.

Step S405: the access control device 200 transmits the encryption result Enc (F) to the terminal device 100.

In some embodiments, after obtaining the encryption result Enc (F), the access control device 200 generates a transmission instruction for transmitting the encryption result Enc (F) to the terminal device 100. The access control device 200 transmits the encryption result Enc (F) to the terminal device 100 according to the transmission instruction.

In other embodiments, the similarity calculation method adopted by the terminal device 100 may need to cooperate with the public key pk to implement homomorphic encryption calculation of the template feature T on the encryption result Enc (F). Based on this, after obtaining the encryption result Enc (F), the access control device 200 sends the public key pk and the encryption result Enc (F) to the terminal device 100, so that the terminal device 100 performs homomorphic encryption calculation on the encryption result Enc (F) through the public key pk and the template feature T. It can be understood that, since the public key cannot decrypt the encrypted data, that is, the terminal device 100 cannot decrypt the encrypted result Enc (F) by using the public key pk, even if the access control device 200 sends the public key pk to the terminal device 100, the facial feature F will not be revealed to the terminal device 100.

In other embodiments, the terminal device 100 has already obtained the corresponding public key pk in advance, and the access control device 200 sends the encryption result Enc (F) to the terminal device 100.

Step S406: the terminal device 100 performs homomorphic encryption calculation on the encryption result Enc (F) by using the template feature T to obtain a secret calculation result.

In some embodiments, the terminal device 100 stores therein a template feature T of the user. Wherein the homomorphic encryption is calculated as: and under the condition that the encryption result is not required to be decrypted, introducing the template characteristics of the user into the encryption result to obtain an integration result of the facial characteristics F and the template characteristics T, wherein the integration result is in an encryption state, and the integration result in the encryption state is a secret calculation result. Since the terminal device 100 sends the secret calculation result to the access control device 200, the access control device 200 decrypts the secret calculation result according to the private key sk to obtain a result obtained by integrating the facial feature F and the template feature T, the template feature T of the user is prevented from being directly sent to the access control device 200, and the security of the user identity authentication is improved. The door access device 200 can calculate the similarity between the facial features F and the template features T by integrating the result and the facial features F stored in the door access device 200.

In some embodiments, the access control device 200 calculates the similarity between the facial feature F and the template feature T of the user through cosine similarity, and according to the formula of cosine similarity, the access control device 200 needs to obtain the product of the facial feature F and the template feature T, that is, F × T, and the modulus | T | of the template feature, in addition to the facial feature F of the user. Because:

i.e. according to equation (3),

wherein [ [ x ] ₁ ]]For encrypting the characteristic value, x, of the post-feature F _i As feature values in the facial feature F, y _i As a feature value in the template feature T, [ [ F ] T]]And calculating the encryption state of the encryption result Enc (F) for the template characteristic T.

Based on this, the terminal device 100 performs a secret addition operation on the encrypted result Enc (F) by using the template feature T through formula (4), to obtain an encrypted result of the product of the face feature F and the template feature T, that is, a secret calculation result [ [ F × T ] ].

In other embodiments, the access control device 200 calculates the similarity between the facial feature F and the template feature T by the euclidean distance. As can be seen from the formula of the euclidean distance, the access control device 200 needs to obtain, in addition to the facial feature F of the user, a product of the facial feature F and the template feature T, that is, F × T, and a modulo | T | of the template feature, and the calculation formula of the specific dense calculation result [ [ F × T ] ] is as above, which is not described herein again.

In other embodiments, the access control device 200 calculates the similarity between the facial feature F of the user and the template feature T through other similarity, and according to a similarity formula, the access control device 200 needs to obtain a result obtained by integrating the facial feature F with the template feature T, or needs a related numerical value obtained by converting the template feature T, where the result obtained by integrating the facial feature F with the template feature T may be obtained through homomorphic encryption calculation, and a derivation algorithm of cosine similarity is specifically referred to, which is not described herein.

As to the manner of obtaining the template features T, in some implementations, the terminal device 100 collects a face template image of a user, extracts facial features in the face template image, and then stores the extracted facial features as the template features T. The template characteristic T is biological characteristic information with higher completeness generated by acquiring biological characteristic information of a user for multiple times and multiple angles. The acquisition of the face template image is the same as the acquisition of the face image in the foregoing, the extraction of the template features in the face template image is the same as the extraction of the face features F in the face image in the foregoing, and the specific operation scheme refers to the foregoing, which is not described herein too much. It will be appreciated that the template features T may also be other kinds of biometric features, such as fingerprints, voice prints, irises etc.

In some other implementations, the terminal device 100 obtains the template feature T from other electronic devices.

In some embodiments, the template characteristics T may be stored in a Memory storage device of the terminal device 100, such as Flash, media Transfer Protocol (MTP), and Electrically Erasable Read-Only Memory (EEPROM).

In some embodiments, a low trust level layer and a high trust level layer are included in the terminal device 100, and the template features T are stored in the high trust level layer in order to satisfy security performance. An Application program (APP) can only access data stored in the low trust level layer, and the Application program and the low trust level layer cannot access the high trust level layer and can only process the data by calling an interface provided by the high trust level layer. The template characteristics T are stored in a Trusted Execution Environment (TEE) of the terminal device 100. The terminal device 100 has a special code to call the information in the TEE, and the special code can be called through a Hardware Abstraction Layer (HAL) in the calling process, so as to coordinate the calling of the Hardware to the template feature T. Furthermore, for security performance, all operations on the template characteristics T must be completed within the TEE, for example, homomorphic encryption calculation of the encryption result Enc (F) according to the template characteristics T must be completed within the TEE.

Step S407: the terminal device 100 transmits the secret state calculation result to the access control device 200.

It is understood that, based on different similar calculation methods, the terminal device 100 needs to send other parts related to the template characteristics T to the access control device 200 in addition to sending the encryption result Enc (F) to the access control device 200, and the other parts related to the template characteristics T do not reveal specific template characteristics T. For example, when the template feature T is a template feature vector, the other part related to the template feature T may be the modulo | T | of the template feature.

In some embodiments, if the access control device 200 calculates the similarity between the facial feature F and the template feature T using cosine similarity, and the secret calculation result is [ [ F ] T ] ], the terminal device 100 transmits the secret calculation result [ [ F ] T ] ] and the modulus | T | of the template feature to the access control device 200.

In other embodiments, if the access control device 200 calculates the similarity between the facial feature F and the template feature T using the euclidean distance, and the secret calculation result is [ [ F × T ] ], the terminal device 100 sends the secret calculation result [ [ F × T ] ] and the norm | T | of the template feature to the access control device 200.

It is understood that the cosine similarity and the euclidean distance are two of the matching degree calculation manners of the face feature F and the template feature T. In other embodiments, the access control device 200 may also calculate the matching degree between the facial feature F and the template feature T by using other matching degree calculation methods.

Step S408: the access control device 200 decrypts the secret calculation result to obtain a decryption result.

In some embodiments, the access control device 200 decrypts the secret calculation result [ [ F × T ] ] by using the private key sk, to obtain a decryption result F × T. It is understood that the access control device 200 may also convert the dense state calculation result [ [ F × T ] ] into F × T in other manners, and the specific conversion manner is not limited in this application.

For example, the access control device 200 decrypts the secret calculation result [ [ F × T ] ] using the expression formula (5) of the private key sk to obtain a decryption result F × T:

wherein F × T is a decryption result, that is, a product of the facial feature F and the template feature T, [ [ F × T ] ] is a dense state calculation result.

Step S409: and the entrance guard equipment 200 calculates the similarity between the facial feature F and the template feature T according to the decryption result and the facial feature F.

In some embodiments, the access control device 200 calculates the similarity between the facial feature F and the template feature T according to the decryption result F × T, the modulo | T | of the template feature, the facial feature F, and the cosine similarity formula or the euclidean distance.

For example, the access control device 200 calculates the similarity between the face feature F and the template feature T using cosine similarity. The entrance guard equipment 200 calculates the model | F | of the facial features according to the facial features F, and then the entrance guard equipment 200 calculates the cosine of the included angle between the facial features F and the template features T by using the formula (6):

wherein cos < F, T > is the cosine of the angle between the facial feature F and the template feature T, i.e., the similarity between the facial feature F and the template feature T.

For another example, the access control device 200 calculates the similarity between the facial feature F and the template feature T using the euclidean distance. The entrance guard equipment 200 calculates the model | F | of the facial feature according to the facial feature F, and then the entrance guard equipment 200 calculates the euclidean distance between the facial feature F and the template feature T by using formula (8):

wherein d < FT > is the euclidean distance between the facial feature F and the template feature T, that is, the similarity between the facial feature F and the template feature T.

In other technical solutions of the present application, other homomorphic encryption algorithms may be derived by combining methods such as a manhattan distance, a chebyshev distance, and a minkowski distance, and then the homomorphic encryption algorithm is used to calculate the similarity between the facial feature F and the template feature T, which is not limited in this application.

In other application scenarios of the present application, the access control device is a fingerprint acquisition device, and in other technical solutions of the present application, other homomorphic encryption algorithms can be derived by combining a neural network algorithm, so that a similarity weight between the fingerprint feature LW and the template feature T is calculated by using the homomorphic encryption algorithm, which is not specifically limited in the present application. For example, the fingerprint features collected by the access control device may be characterized as an n-dimensional vector: LW (x) ₁ ，x ₂ ，x ₃ ，......，x _n-1 ，x _n ). Wherein x is ₁ ，x ₂ ，x ₃ ，......，x _n-1 ，x _n Is the feature value of the key point of the fingerprint. These eigenvalues are used to characterize the gray value, position, color, etc. of a certain fingerprint keypoint, respectively.

The template features T corresponding to the fingerprint features LW can be characterized as an m-dimensional n-order matrix:

wherein, y ₁₁ ，y ₁₂ ，......，y _n(m-1) ，y _nm Is the probability that a fingerprint keypoint in a template feature occurs at a certain value. It can be understood that the acquisition mode of the template features corresponding to the fingerprint features in the application scenario is different from the acquisition mode of the template features corresponding to the facial features in the previous embodiment. The acquisition mode of the template features corresponding to the fingerprint features is as follows: firstly, a plurality of fingerprint images are obtained, a characteristic vector corresponding to each fingerprint image is respectively extracted, and then the probability of occurrence of each characteristic is obtained according to the characteristic vectors to form template characteristics.

And finally, calculating the weight of the fingerprint features according to the extracted fingerprint features and the template features to judge whether the fingerprint features are successfully matched with the template features, and if at least one weight of the fingerprint features is greater than a weight threshold, indicating that the fingerprint features are successfully matched with the template features. Wherein, the weight threshold is a critical value for successful matching of the fingerprint feature and the template feature.

In other embodiments, the access control device 200 may be capable of acquiring multiple types of biometric features, for example, the access control device 200 may be capable of acquiring facial features, fingerprint features, or iris features, and the matching degree calculation method for the access control device 200 may be two or more than two. For example, the matching degree calculation method for facial feature adaptation is generally a similarity calculation method such as cosine similarity and euclidean distance, and the matching degree calculation method for fingerprint feature or iris feature adaptation is generally a neural network algorithm. The access control device 200 preferably calculates a degree of matching of the biometric characteristic and the template characteristic according to the adapted degree of matching calculation.

Based on this, the terminal device 100 needs to determine a homomorphic encryption calculation formula corresponding to the adapted matching degree calculation manner according to the algorithm identifier, in addition to receiving the encryption result sent by the access control device 200. The algorithm identifier may be identification information that is determined according to the type of the biometric feature acquired by the access control device 200 and is used to indicate a homomorphic encryption calculation formula and a matching degree calculation method. How to determine the corresponding homomorphic encryption calculation formula and matching degree calculation according to the algorithm identification in the authentication process will be described in detail below.

In one implementation, the access control device 200 determines a corresponding matching degree calculation manner according to the collected biometric features. Specifically, the terminal device 100 receives the encryption result and the algorithm identifier sent by the access control device 200, the terminal device 100 determines a homomorphic encryption calculation mode according to the algorithm identifier, and then performs homomorphic encryption calculation on the encryption result according to the determined homomorphic encryption calculation mode and the template characteristics to obtain a secret calculation result. The access control device 200 decrypts the secret state calculation result, and calculates the matching degree between the biometric characteristic and the template characteristic according to the matching degree calculation mode corresponding to the algorithm identification.

In other alternative implementations, the terminal device 100 determines the corresponding matching degree calculation manner according to the encrypted biometric features, for example, the terminal device 100 determines the corresponding matching degree calculation manner according to the number of dimensions and columns of the encrypted biometric features. Specifically, the terminal device 100 receives the encryption result sent by the access control device 200, the terminal device 100 determines a homomorphic encryption calculation mode according to the algorithm identifier, and performs homomorphic encryption calculation on the encryption result according to the determined homomorphic encryption calculation mode and the template feature to obtain a secret calculation result. The access control device 200 receives the algorithm identification and the secret calculation result. And decrypting the secret state calculation result, and then calculating the matching degree between the biological characteristics and the template characteristics according to the matching degree calculation mode corresponding to the algorithm identification.

In other embodiments, before the identity authentication is started, the terminal device 100 and the access control device 200 negotiate a matching degree calculation manner in advance, that is, the access control device 200 determines the matching degree calculation manner in advance, and the terminal device 100 determines a homomorphic encryption calculation manner corresponding to the matching degree calculation manner in advance.

Step S410: the access control device 200 obtains an authentication result according to the similarity between the facial feature F and the template feature T.

In some embodiments, the access control device 200 determines whether the similarity between the facial feature F and the template feature T reaches a similarity threshold. If so, the user identity authentication result is passed; if not, the user identity authentication result is invalid.

The similarity threshold is a critical value of user identity authentication, when the similarity between the facial feature F and the template feature T reaches the similarity threshold, it is indicated that the facial feature F is correspondingly similar to the template feature T, that is, the face information in the face image is basically consistent with the face information in the template image, and the user identity authentication result is passed. When the similarity between the facial feature F and the template feature T does not reach the similarity threshold, it is indicated that the similarity difference between the corresponding features in the n-dimensional features in the facial feature F and the template feature T is large, that is, the difference between the facial information in the facial image and the facial information in the template image is large, and the user identity authentication result is failed.

In other embodiments, the template characteristics T stored in the terminal device 100 are plural. For example, the terminal device 100 stores template features of a plurality of fingers of the user a, that is, a plurality of template features. The access control device 200 collects a fingerprint image of a user, extracts a middle fingerprint feature from the fingerprint image, and then encrypts the fingerprint feature by using a public key. After receiving the encrypted fingerprint features, the terminal device 100 performs homomorphic encryption calculation on the encrypted fingerprint features according to each template feature, so as to obtain a secret calculation result of each template feature on the fingerprint features. The access control device 200 receives the plurality of secret state calculation results, and decrypts each secret state calculation result by using the private key to obtain a decryption result corresponding to each template feature. Then, the access control device 200 calculates the similarity between the fingerprint feature and each template feature according to each decryption result. Finally, the access control device 200 extracts the maximum value of the similarity between the fingerprint feature and each template feature, and generates an authentication result according to the maximum value of the similarity.

Step S411: the access control device 200 transmits the authentication result to the access control system server 300.

In some embodiments, after the access control device 200 obtains the authentication result of the user, the authentication result is sent to the access control system server 300, so that the access control system server 300 determines whether to open the access control for the user.

In other embodiments, after the access control device 200 obtains the authentication result of the user, the authentication credential including the authentication result of the user and the device identifier representing the identity information of the terminal device 100 may be further sent to the access control system server 300. In one implementation, the method for acquiring the authentication credential includes: when the access control device 200 determines that the user identity authentication result passes, the access control device 200 sends a credential request to the terminal device 100, where the credential request carries the authentication result. The credential request is used to request that terminal device 100 generate and return a request to authenticate the credential. The terminal device 100 generates an authentication credential according to the credential request, and then returns the authentication credential to the access control device 200.

Step S412: the access control system server 300 opens the door lock 400 or keeps the door lock 400 closed according to the authentication result. In some embodiments, the access control system server 300 records the authentication result of the user identity authentication.

In some implementations, when the authentication result is that the user identity authentication passes, the access control system server 300 controls the door lock 400 to open. When the authentication result is that the user identity authentication fails, the access control system server 300 does not process the door lock 400 to keep the door lock 400 closed.

Firstly, the access control system server 300 determines whether the authentication result is that the user identity authentication passes, and secondly, the access control system server 300 can also authenticate the terminal device 100. For example, in some embodiments, the access control device 200 may further send the device identifier of the terminal device 100 to the access control system server 300, and the access control system server 300 verifies whether the terminal device 100 is located in a white list of the access control system server 300 according to the received device identifier. If the terminal device 100 is in the white list of the access control system server 300 and the authentication result is that the user identity authentication passes, the access control system server 300 opens the door lock 400.

It is to be understood that, in other embodiments, if the access control system server 300 authenticates the terminal device 100 when the terminal device 100 and the access control device 200 establish a communication connection, the subsequent access control device 200 does not need to authenticate the terminal device 100 again through the above implementation manner.

In another alternative implementation manner, when the authentication result is that the user identity authentication passes, the access control system server 300 sends the control instruction to the access control device 200, and the access control device 200 controls the door lock 400 to open according to the control instruction. When the authentication result is that the user identity authentication does not pass, the access control system server 300 does not send a control instruction to the access control device 200, so that the access control device 200 does not process the door lock 400, so as to keep the door lock 400 closed.

After the identity authentication method in the present application is introduced, a specific structure of the identity authentication system will be described in detail below. Fig. 5 is a block diagram of an authentication system in some embodiments of the present application. The terminal device 100 and the access control device 200 that can be applied to the present invention will be described in detail with reference to fig. 3 to 5.

As shown in fig. 3 to 5, in some embodiments, the terminal device 100 includes a terminal device connection module 101, a service authentication module 102, a template storage module 103, and a secret calculation module 104.

The terminal device connection module 101 is configured to quickly discover an adjacent access control device 200, so as to implement secure and automatic communication connection between the terminal device 100 and the access control device 200 within a short distance. In addition, the terminal device connection module 101 is also used for data flow and signal transmission between the terminal device 100 and the door lock device 200. For example, the terminal device connection module 101 is configured to receive a facial feature authentication service request and an encryption result Enc (F) sent by the access control device 200.

The service authentication module 102 is configured to determine whether to establish a facial feature authentication service between the terminal device 100 and the access control device 200 according to the facial feature authentication service request and a service ID white list preset in the terminal device 100.

For example, in some embodiments, the registration scheme of the terminal device 100 in the access control system server 300 stores the device identifier of the access control device 200 corresponding to the access control system server 300 in the service ID white list of the terminal device 100. Further, the service authentication module 102 is specifically configured to establish an authentication service between the terminal device 100 and the access control device 200 when the device identifier of the access control device 200 exists in the service ID white list. Otherwise, when the device identifier of the access control device 200 does not exist in the service ID white list, the authentication service between the terminal device 100 and the access control device 200 cannot be established, or the user is prompted to register first.

The template storage module 103 is used for storing template features T. To improve security, the template storage module 103 is located within the TEE.

The cryptographic state calculation module 104 is configured to perform homomorphic calculation on the encryption result Enc (F) by using the template feature T stored in the template storage module 103.

As shown in fig. 5, the access control device 200 includes an access control device connection module 201, an information collection module 202, a feature extraction module 203, a password service module 204, a similarity calculation module 205, and a local authentication module 206.

The access control device connection module 201 is configured to quickly discover neighboring terminal devices 100, and implement secure automatic communication connection between the terminal devices 100 and the access control device 200 in a close range. The access control device connection module 201 is further configured to send the authentication service request and the encryption result Enc (F) to the terminal device 100.

The information acquisition module 202 is used for acquiring a face image of a user. For example, the information collection module 202 may be a camera.

In addition, in other application scenarios, the information collecting module 202 may be a microphone for collecting sound, the information collecting module 202 may also be a fingerprint scanner for collecting fingerprints, and so on.

The feature extraction module 203 is used for extracting facial features of the user from the face image.

The cryptographic service module 204 is configured to generate a public key pk, a private key sk and a session key in the homomorphic cryptographic calculation, encrypt the facial feature F by using the public key pk, and decrypt the cryptographic calculation result [ [ F × T ] ] by using the private key sk.

The similarity calculation module 205 is configured to calculate the similarity between the facial feature F of the user and the template feature T according to the decryption result F × T and the facial feature F. For example, the similarity calculation module 205 is configured to calculate the cosine similarity between the facial feature F and the template feature T of the user according to the decryption result F × T, the facial feature F, and the modulo | T | of the template feature.

The local authentication module 206 is configured to determine an authentication result according to the similarity between the facial feature F and the template feature T and a similarity threshold. For example, when the similarity between the facial features of the user and the template features is greater than a preset threshold, the user identity authentication result is passed; otherwise, the user identity authentication result is failed.

As shown in fig. 5, in some embodiments, the access control device 200 includes a capture device 210 and an authentication device 220. Wherein the capturing device 210 is used for capturing a facial image of a user. The authentication device 220 is configured to extract the facial features and interact with the terminal device 100 to complete similarity calculation between the facial features F and the template features T without revealing the facial features F and the template features T, thereby completing user identity authentication. In particular, the acquisition device 210 includes an information acquisition module 202. The authentication device 220 includes an entrance guard device connection module 201, a feature extraction module 203, a cryptographic service module 204, a similarity calculation module 205, and a local authentication module 206.

In other embodiments, the access control device 200 includes a capture device 210 and an authentication device 220. Wherein the acquisition device 210 is used for acquiring a face image of a user and extracting facial features F from the face image. The authentication device 220 is configured to interact with the terminal device 100 according to the facial feature F, so as to complete similarity calculation between the facial feature F and the template feature T without revealing the facial feature F and the template feature T, thereby completing user identity authentication. In particular, the acquisition device 210 includes an information acquisition module 202 and a feature extraction module 203. The authentication device 220 includes an entrance guard device connection module 201, a password service module 204, a similarity calculation module 205, and a local authentication module 206.

Before implementing the user identity authentication method in the present application, the terminal device 100 and the access control device 200 need to satisfy three preconditions:

the terminal device 100 stores the template feature T, and for a specific scheme, refer to step S402 and step S403, which are not described herein again.

The terminal device 100 is registered in the service system server 400 corresponding to the access control device 200, which has been described in detail above and will not be described herein again.

The cryptographic service module 204 in the access control device 200 generates a public key pk, a private key sk, and a session key for homomorphic cryptographic calculation. For a specific scheme, see S404, which is not described herein.

After the specific structures of the terminal device 100 and the access control device 200 are introduced, the authentication process of the authentication system in the present application will be described in detail below with reference to the specific structures of the terminal device 100 and the access control device 200. Fig. 6 is a diagram illustrating interaction between specific modules of the terminal device 100 and the access control device 200 in an identity authentication scheme according to some embodiments of the present application. As can be seen from fig. 5 and 6, the authentication process specifically includes the following steps:

step S601: the terminal device connecting module 101 and the access control device connecting module 201 establish communication connection.

According to the communication connection method, on one hand, communication connection is established through the terminal device connection module 101 and the access control device connection module 201, a user does not need to manually set network direct connection data transmission, on the other hand, communication connection between the terminal device 100 and the access control device 200 does not need the internet, and application scenes are expanded. Specifically, refer to step S401, which is not described herein.

Step S602: the information acquisition module 202 acquires a face image of a user.

Step S603: the information acquisition module 202 sends the face image to the feature extraction module 203.

Step S604: the feature extraction module 203 extracts a facial feature F from the face image.

Step S605: the feature extraction module 203 sends the facial features F to the cryptographic service module 204.

Step S606: the cryptographic service module 204 encrypts the face feature F by using the public key pk to obtain an encryption result Enc (F). The public key pk and the private key sk are stored in the cryptographic service module 204, and the time node at which the cryptographic service module 204 obtains the public key pk and the private key sk is not particularly limited, and it only needs to be ensured that the cryptographic service module 204 obtains the public key pk and the private key sk before encryption. Specifically, refer to step S404, which is not described herein.

Step S607: the password service module 204 transmits the encryption result Enc (F) and the authentication service request to the access control device connection module 201.

Step S608: the access control device connection module 201 transmits the encryption result Enc (F) and the authentication service request to the terminal device connection module 101.

Step S609: the terminal device connection module 101 transmits the encryption result Enc (F) and the authentication service request to the service authentication module 102.

Step S610: the service authentication module 102 verifies the device identifier in the service request, and if the verification passes, the process proceeds to step S611, and if the verification fails, the process ends.

In some embodiments, the terminal device 100 verifies whether the access control device 200 is in the white list of the terminal device 100 through the service authentication module 102. If the verification is passed, the terminal device 100 is indicated to be registered in the access control system server 300, and the subsequent identity authentication step is continued, and if the verification is not passed, the terminal device 100 is indicated to be not registered in the access control system server 300, and the subsequent identity authentication step is interrupted, or the user is reminded to complete the registration of the terminal device 100 on the access control system server 300 first, and then the identity authentication is continued.

In some embodiments, the registration process of the terminal device 100 in the access control system server 300 is that after the access control system server 300 receives the registration request, the terminal device 100 is verified according to the registration request. After the verification is passed, the access control system server 300 registers the terminal device 100, and sends the device information of the access control device 200 corresponding to the access control system server 300 to the terminal device 100. The terminal device 100 receives the device information of the access control device 200, and adds the device information of the access control device 200 to the white list of the terminal device 100.

Step S611: the service authentication module 102 sends the encryption result Enc (F) to the secret calculation module 104.

Step S612: the secret calculation module 104 sends a call request to the template storage module 103.

Step S613: the template storage module 103 sends the template feature T to the secret calculation module 104 in response to the call request.

Step S614: the secret state calculation module 104 performs homomorphic encryption calculation on the encryption result Enc (F) by using the template feature T to obtain a secret state calculation result. The homomorphic encryption calculation is to introduce the template feature T of the user under the condition of keeping the encryption state of the facial feature F to obtain the integration result of the facial feature F and the template feature T, and the integration result is in the encryption state.

Step S615: the cryptographic calculation module 104 sends the cryptographic calculation result to the cryptographic service module 204.

In some embodiments, based on different similar calculation methods, the terminal device 100 needs to send other parts related to the template characteristics T to the access control device 200 in addition to sending the encryption result Enc (F) to the access control device 200, and the other parts related to the template characteristics T do not reveal specific template characteristics T.

In some implementations, the access control device 200 calculates the similarity between the facial feature F and the template feature T by using cosine similarity, and the other part related to the template feature T may be the modulo | T | of the template feature. Specifically, refer to step S407, which is not described herein.

Step S616: the password service module 204 decrypts the secret calculation result according to the private key sk to obtain a decryption result.

Step S617: the cryptographic service module 204 sends the decryption result to the similarity calculation module 205.

Step S618: the similarity calculation module 205 calculates the similarity of the face feature F and the template feature T from the decryption result and the face feature F.

In some implementations, the access control device 200 calculates the similarity between the facial feature F and the template feature T by using cosine similarity or euclidean distance, and the similarity calculation module 205 calculates the similarity between the facial feature F and the template feature T according to the decryption result, the template | T | of the template feature, and the facial feature F. Specifically, refer to step S409, which is not described herein.

Step S619: the similarity calculation module 205 transmits the similarity of the face feature F and the template feature T to the local authentication module 206.

Step S620: the local authentication module 206 obtains an authentication result according to the similarity between the facial feature F and the template feature T.

In some embodiments, the local authentication module 206 determines whether the similarity of the facial feature F and the template feature T reaches a similarity threshold. If so, the access control device 200 obtains a pass authentication result; if not, the authentication result obtained by the access control device 300 is failed. Specifically, refer to step S410, which is not described herein again.

Step S621: the local authentication module 206 transmits the authentication result to the access control system server 300. Specifically, refer to step S411, which is not described herein.

Step S622: the access control system server 300 opens the door lock 400 or keeps the door lock 400 closed according to the authentication result. Specifically, refer to step S412, which is not described herein again.

The module in the authentication system in the foregoing embodiment is only one embodiment of the present application, and it may be understood that the module in the foregoing embodiment may be arbitrarily recombined or split, and the present application is not limited specifically, and any form that can implement the template in the authentication system in the authentication scheme in the present application is within the protection scope of the present application.

In some embodiments of the present application, the terminal device in the solution of the present application is a mobile phone 100'. The mobile phone 100' can execute the user identity authentication method provided by the embodiment of the present application. Fig. 7 shows a hardware structure diagram of a mobile phone 100' according to an embodiment of the present application. As shown in fig. 7, the cellular phone 100' may include a processor 110, a power module 140, a memory 180, a camera 170, a mobile communication module 130, a wireless communication module 120, a sensor module 190, an audio module 150, and an interface module 160, etc.

It should be understood that the illustrated structure of the embodiment of the present invention does not specifically limit the mobile phone 100'. In other embodiments of the present application, the handset 100' may include more or fewer components than shown, or some components may be combined, some components may be separated, or a different arrangement of components may be used. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.

The Processor 110 may include one or more Processing units, for example, processing modules or Processing circuits that may include a Central Processing Unit (CPU), an image Processing Unit (GPU), a Digital Signal Processor (DSP), a Micro-programmed Control Unit (MCU), an Artificial Intelligence (AI) Processor, or a Programmable logic device (FPGA), etc. Wherein, the different processing units may be independent devices or may be integrated in one or more processors.

The Memory 180 may be used to store data, software programs, and modules, and may be a Volatile Memory (RAM), such as a Random-Access Memory (Random-Access Memory); or a Non-Volatile Memory (Non-Volatile Memory), such as a Read-Only Memory (ROM), a Flash Memory (Flash Memory), a Hard Disk Drive (HDD) or a Solid State Drive (SSD); or a combination of the above types of memories, or may be a removable storage medium such as a Secure Digital (SD) memory card.

The mobile communication module 130 may include, but is not limited to, an antenna, a power amplifier, a filter, a Low Noise Amplifier (LNA), and the like. The mobile communication module 130 can provide a solution including wireless communication of 2G/3G/4G/5G and the like applied to the handset 100'. The mobile communication module 130 may receive electromagnetic waves from the antenna, filter, amplify, etc. the received electromagnetic waves, and transmit the electromagnetic waves to the modem processor for demodulation. The mobile communication module 130 can also amplify the signal modulated by the modem processor, and convert the signal into electromagnetic wave to radiate the electromagnetic wave through the antenna. In some embodiments, at least some of the functional modules of the mobile communication module 130 may be disposed in the processor 110. In some embodiments, at least some of the functional modules of the mobile communication module 130 may be disposed in the same device as at least some of the modules of the processor 110.

The wireless communication module 120 may include an antenna, and implement transceiving of electromagnetic waves via the antenna. The Wireless Communication module 120 may provide solutions for Wireless Communication applied to the mobile phone 100', including Wireless Local Area Networks (WLANs) (e.g., wireless Fidelity (Wi-Fi) network), bluetooth (BT), global Navigation Satellite System (GNSS), frequency Modulation (FM), near Field Communication (NFC), infrared (Infrared, IR), and the like. The handset 100' may communicate with a network and other devices via wireless communication techniques.

In some embodiments, the mobile communication module 130 and the wireless communication module 120 of the handset 100' may also be located in the same module.

The camera 170 is used to capture still images or video. The scene is projected to the photosensitive element through an optical image generated by the lens. The photosensitive element converts the optical Signal into an electrical Signal, and then transmits the electrical Signal to an ISP (Image Signal Processor) to be converted into a digital Image Signal. The mobile phone 100' may implement a shooting function through an ISP, a camera 170, a video codec, a GPU (graphics Processing Unit), a display screen 102, an application processor, and the like.

The display screen 102 includes a display panel. The Display panel may be a Liquid Crystal Display (LCD), an Organic Light-emitting Diode (OLED), an Active matrix Organic Light-emitting Diode (Active-matrix Organic Light-emitting Diode, AMOLED), a flexible Light-emitting Diode (FLED), a Mini LED, a Micro OLED, a Quantum Dot Light-emitting Diode (Quantum Dot Light-emitting Diodes, QLED), or the like.

The sensor module 190 may include a proximity light sensor, a pressure sensor, a gyroscope sensor, an air pressure sensor, a magnetic sensor, an acceleration sensor, a distance sensor, a fingerprint sensor, a temperature sensor, a touch sensor, an ambient light sensor, a bone conduction sensor, and the like.

The audio module 150 may convert digital audio information into an analog audio signal output or convert an analog audio input into a digital audio signal. The audio module 150 may also be used to encode and decode audio signals. In some embodiments, the audio module 150 may be disposed in the processor 110, or some functional modules of the audio module 150 may be disposed in the processor 110. In some embodiments, audio module 150 may include speakers, earphones, a microphone, and a headphone interface.

The interface Module 160 includes an external memory interface, a Universal Serial Bus (USB) interface, a Subscriber Identity Module (SIM) card interface, and the like. The external memory interface may be used to connect an external memory card, such as a Micro SD card, to extend the storage capability of the mobile phone 100'. The external memory card communicates with the processor 110 through an external memory interface to implement a data storage function. The usb interface is used for the handset 100' to communicate with other handsets. The SIM card interface is used to communicate with a SIM card installed to the handset 100', for example to read a telephone number stored in the SIM card, or to write a telephone number into the SIM card.

In some embodiments, the handset 100' also includes keys, motors, indicators, and the like. The keys may include a volume key, an on/off key, and the like. The motor is used to cause the handset 100' to produce a vibration effect, for example when the user's handset 100' receives a new IM APP message, to prompt the user to view the message. The indicators may include laser indicators, radio frequency indicators, LED indicators, and the like.

Fig. 8 shows an architectural diagram of a handset 100' according to an embodiment of the application. As shown in FIG. 8, the application framework layers may include a window manager, content provider, view system, phone manager, resource manager, notification manager, and the like.

The window manager is used for managing window programs. The window manager can obtain the size of the display screen, judge whether a status bar exists, lock the screen, intercept the screen and the like.

The content provider is used to store and retrieve data and make it accessible to applications. The data may include video, images, audio, calls made and received, browsing history and bookmarks, phone books, etc.

The view system includes visual controls such as controls to display text, controls to display pictures, and the like. The view system may be used to build applications. The display interface may be composed of one or more views. For example, the display interface including the short message notification icon may include a view for displaying text and a view for displaying pictures.

The phone manager is used to provide the communication functions of the handset 100'. Such as management of call status (including on, off, etc.).

The resource manager provides various resources for the application, such as localized strings, icons, pictures, layout files, video files, and the like.

The notification manager enables the application to display notification information in the status bar, can be used to convey notification-type messages, can disappear automatically after a short dwell, and does not require user interaction. Such as a notification manager used to notify download completion, message alerts, etc. The notification manager may also be a notification that appears in the form of a chart or scroll bar text at the top status bar of the system, such as a notification of a background running application, or a notification that appears on the screen in the form of a dialog window. For example, prompting text information in the status bar, sounding a prompt tone, vibrating the electronic device, flashing an indicator light, etc.

The Android Runtime comprises a core library and a virtual machine. The Android runtime is responsible for scheduling and managing an Android system.

The core library comprises two parts: one part is a function which needs to be called by java language, and the other part is a core library of android.

The application layer and the application framework layer run in a virtual machine. And executing java files of the application program layer and the application program framework layer into a binary file by the virtual machine. The virtual machine is used for performing the functions of object life cycle management, stack management, thread management, safety and exception management, garbage collection and the like.

The kernel layer is a layer between hardware and software. The inner core layer at least comprises a display driver, a camera driver, an audio driver and a sensor driver.

The system library may include a plurality of functional modules. For example: surface Managers (SM), media Libraries (ML), three-dimensional graphics processing Libraries (e.g., openGL ES), 2D graphics engines (e.g., SGL), and the like.

The media library supports a variety of commonly used audio, video format playback and recording, and still image files, among others. The media library may support a variety of audio-video encoding formats, such as: MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, etc.

Embodiments of the mechanisms disclosed herein may be implemented in hardware, software, firmware, or a combination of these implementations. Embodiments of the application may be implemented as computer programs or program code executing on programmable systems comprising at least one processor, a storage system (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device.

Program code may be applied to input instructions to perform the functions described herein and generate output information. The output information may be applied to one or more output devices in a known manner. For purposes of this Application, a processing system includes any system having a Processor such as, for example, a Digital Signal Processor (DSP), a microcontroller, an Application Specific Integrated Circuit (ASIC), or a microprocessor.

The program code may be implemented in a high level procedural or object oriented programming language to communicate with a processing system. The program code can also be implemented in assembly or machine language, if desired. Indeed, the mechanisms described in this application are not limited in scope to any particular programming language. In any case, the language may be a compiled or interpreted language.

In some cases, the disclosed embodiments may be implemented in hardware, firmware, software, or any combination thereof. The disclosed embodiments may also be implemented as instructions carried by or stored on one or more transitory or non-transitory machine-readable (e.g., computer-readable) storage media, which may be read and executed by one or more processors. For example, the instructions may be distributed via a network or via other computer readable media. Thus, a machine-readable medium may include any mechanism for storing or transmitting information in a form readable by a machine (e.g., a computer), including, but not limited to, floppy diskettes, optical disks, read-Only memories (CD-ROMs), magneto-optical disks, read-Only memories (ROMs), random Access Memories (RAMs), erasable Programmable Read-Only memories (EPROMs), electrically Erasable Programmable Read-Only memories (EEPROMs), magnetic or optical cards, flash Memory, or a tangible machine-readable Memory for transmitting information (e.g., carrier waves, infrared signals, digital signals, etc.) using the Internet in an electrical, optical, acoustical or other form of propagated signal. Thus, a machine-readable medium includes any type of machine-readable medium suitable for storing or transmitting electronic instructions or information in a form readable by a machine (e.g., a computer).

In the drawings, some features of structures or methods may be shown in a particular arrangement and/or order. However, it is to be understood that such specific arrangement and/or ordering may not be required. Rather, in some embodiments, the features may be arranged in a manner and/or order different from that shown in the illustrative figures. In addition, the inclusion of a structural or methodical feature in a particular figure is not meant to imply that such feature is required in all embodiments, and in some embodiments, may not be included or may be combined with other features.

It should be noted that, in the embodiments of the apparatuses in the present application, each unit/module is a logical unit/module, and physically, one logical unit/module may be one physical unit/module, or may be a part of one physical unit/module, and may also be implemented by a combination of multiple physical units/modules, where the physical implementation manner of the logical unit/module itself is not the most important, and the combination of the functions implemented by the logical unit/module is the key to solve the technical problem provided by the present application. Furthermore, in order to highlight the innovative part of the present application, the above-mentioned device embodiments of the present application do not introduce units/modules which are not so closely related to solve the technical problems presented in the present application, which does not indicate that no other units/modules exist in the above-mentioned device embodiments.

It is noted that, in the examples and description of the present patent, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, the use of the verb "comprise a" to define an element does not exclude the presence of another, same element in a process, method, article, or apparatus that comprises the element.

While the present application has been shown and described with reference to certain preferred embodiments thereof, it will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present application.

Claims

1. An authentication method, comprising:

the method comprises the steps that first electronic equipment collects biological data to be authenticated and encrypts first biological characteristics of the biological data by adopting a first preset secret key to obtain first encrypted data;

the first electronic equipment sends the first encrypted data to second electronic equipment;

the first electronic device receives second encrypted data from the second electronic device, wherein the second encrypted data is obtained by the second electronic device through first-class processing on a second biological characteristic by using the first encrypted data, the first encrypted data is encrypted data of the first biological characteristic and a first processing result of the second biological characteristic, and the second biological characteristic is a second biological characteristic of template biological data stored on the second electronic device;

the first electronic equipment performs second type processing on the second encrypted data, and converts the second encrypted data into a second processing result of the first biological characteristic and the second biological characteristic;

and the first electronic equipment calculates the matching degree of the first biological characteristics and the second biological characteristics based on the second processing result, and generates an authentication result according to the matching degree.

2. The method of claim 1, wherein when the second biometric characteristic is a plurality, the method further comprises:

the first electronic equipment respectively carries out first-class processing on each second biological characteristic by using the first encrypted data to obtain second encrypted data corresponding to each second biological characteristic;

the first electronic equipment respectively carries out second type processing on each second encrypted data to obtain a second processing result corresponding to each second biological characteristic;

and the first electronic equipment respectively calculates the matching degree of the first biological characteristics and each second biological characteristic based on the second processing result corresponding to each second biological characteristic, and generates an authentication result according to the maximum value in the matching degree.

3. The method according to claim 1 or 2, characterized in that the method further comprises:

the first electronic equipment receives the first encrypted data and the matching algorithm identification, and performs first-class processing corresponding to the matching algorithm identification on the second biological characteristics by using the first encrypted data to obtain second encrypted data;

the first electronic equipment receives the second encrypted data from the second electronic equipment, and performs second type processing on the second encrypted data to obtain a second processing result;

and the first electronic equipment calculates the matching degree of the first biological characteristic and the second biological characteristic according to the matching mode corresponding to the matching algorithm identification based on the second processing result.

4. The method according to any one of claims 1-3, wherein the first electronic device decrypts the second encrypted data using a second preset key, and converts the second encrypted data into the second processing result of the first biometric characteristic and the second biometric characteristic.

5. The method according to claim 4, wherein the second electronic device performs a first type of processing on a second biometric feature of the template biometric data stored in the second electronic device by using the first encrypted data and the first predetermined key, wherein the first predetermined key is a public key, and the second predetermined key is a private key corresponding to the public key.

6. The method of any of claims 1-5, wherein the first electronic device is a public device and the second electronic device is a user device.

7. The method of any of claims 1-6, wherein the second biometric is stored within a trusted execution environment of the second electronic device, and wherein the first type of processing of the second biometric by the first cryptographic data occurs within the trusted execution environment.

8. The method according to any one of claims 1 to 7, wherein the biometric data is any one of a face image, a fingerprint image, and an iris image.

9. The method according to any one of claims 1-8, further comprising:

the second electronic equipment is registered in a server corresponding to the first electronic equipment;

and the first electronic equipment sends the authentication result to the server corresponding to the first electronic equipment so as to authenticate the authentication result and the second electronic equipment.

10. An authentication method, comprising:

the method comprises the steps that a second electronic device receives first encrypted data from a first electronic device, wherein the first encrypted data is obtained by encrypting a first biological characteristic of biological data to be authenticated by a first preset secret key;

the second electronic equipment performs first-class processing on a second biological characteristic of template biological data stored in the second electronic equipment by using the first encrypted data to obtain second encrypted data, wherein the second encrypted data is encrypted data of the first biological characteristic and a first processing result of the second biological characteristic;

the second electronic device sends the second encrypted data to the first electronic device, wherein the second encrypted data can be used by the first electronic device for a second type of processing to convert the second encrypted data into a second processing result of the first biometric characteristic and the second biometric characteristic, and the second processing result can be used by the first electronic device to calculate a degree of matching of the first biometric characteristic and the second biometric characteristic, and the degree of matching can be used by the first electronic device to generate an authentication result.

11. The method according to claim 10, wherein the first electronic device decrypts the second encrypted data by using a second preset key, and converts the second encrypted data into the second processing result of the first biometric characteristic and the second biometric characteristic.

12. The method according to claim 11, wherein the second electronic device performs a first type of processing on a second biometric feature of the template biometric data stored in the second electronic device by using the first encrypted data and the first predetermined key, wherein the first predetermined key is a public key, and the second predetermined key is a private key corresponding to the public key.

13. The method of any of claims 10-12, wherein the first electronic device is a public device and the second electronic device is a user device.

14. The method of any of claims 10-13, wherein the second biometric is stored within a trusted execution environment of the second electronic device, and wherein the first type of processing of the second biometric by the first cryptographic data occurs within the trusted execution environment.

15. An authentication method, comprising:

the second electronic equipment receives the first encrypted data from the first electronic equipment, and performs first-class processing on a second biological characteristic of template biological data stored in the second electronic equipment by using the first encrypted data to obtain second encrypted data, wherein the second encrypted data is encrypted data of a first processing result of the first biological characteristic and the second biological characteristic;

the first electronic equipment receives the second encrypted data from the second electronic equipment, performs second type processing on the second encrypted data, and converts the second encrypted data into a second processing result of the first biological characteristic and the second biological characteristic;

16. The method of claim 15, wherein when the second biometric characteristic is a plurality, the method further comprises:

17. The method according to claim 15 or 16, characterized in that the method further comprises:

18. The method of any of claims 15-17, wherein the first electronic device is a public device and the second electronic device is a user device.

19. A readable medium having stored thereon instructions which, when executed on an electronic device, cause the electronic device to perform the authentication method of any one of claims 1-18.

20. An electronic device, comprising:

a memory for storing instructions for execution by one or more processors of the electronic device, an

A processor, being one of processors of an electronic device, for performing the authentication method of any one of claims 1-18.