CN115776413B - Iris encryption-based data transmission method and system - Google Patents
Iris encryption-based data transmission method and system Download PDFInfo
- Publication number
- CN115776413B CN115776413B CN202310086504.9A CN202310086504A CN115776413B CN 115776413 B CN115776413 B CN 115776413B CN 202310086504 A CN202310086504 A CN 202310086504A CN 115776413 B CN115776413 B CN 115776413B
- Authority
- CN
- China
- Prior art keywords
- iris
- user
- data
- feature
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Collating Specific Patterns (AREA)
Abstract
The invention provides a data transmission method and a system based on iris encryption, which relate to the technical field of data transmission and comprise the following steps: the first terminal encrypts data to be transmitted by utilizing iris characteristics of a first user to obtain first encrypted data; after the server acquires the first encrypted data, calling iris characteristics of the first user stored in the iris characteristic library, and decrypting the first encrypted data by utilizing the iris characteristics of the first user to obtain data to be transmitted; the server calls iris characteristics of a second user stored in the iris characteristic library, encrypts data to be transmitted by utilizing the iris characteristics of the second user, and obtains second encrypted data; the second terminal is used for decrypting the second encrypted data by utilizing the iris characteristics of the second user and the second target iris characteristics after the second encrypted data is acquired, so as to obtain the data to be transmitted, and the technical problem of poor transmission security of the existing iris encryption transmission method is solved.
Description
Technical Field
The invention relates to the technical field of data transmission, in particular to a data transmission method and system based on iris encryption.
Background
With the rapid development of computer network technology, network security problems are increasingly prominent, and the encryption technology requirements of data in the transmission process are also more and more urgent. The traditional network transmission encryption algorithm mainly comprises a DES encryption algorithm and an AES encryption algorithm in a symmetric cryptosystem, an RSA encryption algorithm and an ECC encryption algorithm in an asymmetric cryptosystem and the like. Effectively solves the problems of interception, data tampering and the like from end to end. But it is not guaranteed whether the end received data is received by the person actually needed. Different encryption methods cannot be adopted for specific people, and whether encryption and decryption are complicated or not is not carried out; sometimes requiring the end personnel to remember complex passwords or operations.
The prior art solves the problems by using an iris encryption transmission mode, but the prior iris encryption transmission mode has the technical problem of poor transmission safety.
An effective solution to the above-mentioned problems has not been proposed yet.
Disclosure of Invention
Therefore, the invention aims to provide a data transmission system based on iris encryption, so as to alleviate the technical problem of poor transmission security of the existing iris encryption transmission method.
In a first aspect, an embodiment of the present invention provides a data transmission system based on iris encryption, including: the system comprises a first terminal, a server and a second terminal, wherein the first terminal is used for encrypting data to be transmitted by utilizing the iris characteristics of a first user after acquiring the data to be transmitted and the iris characteristics of the first user, which are input by the first user, so as to obtain first encrypted data, and sending first ciphertext data constructed by the first encrypted data and first target iris characteristics to the server, wherein the first target iris characteristics are iris characteristics constructed based on the iris characteristics and first impurity characteristics of the first user; the server is configured to invoke iris features of the first user stored in an iris feature library according to a user ID of the first user after the first ciphertext data is acquired, and decrypt the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted; the server is further configured to invoke iris features of a second user stored in an iris feature library according to a user ID of the second user, encrypt the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and send second ciphertext data constructed by the second encrypted data and a second target iris feature to the second terminal, where the second target iris feature is an iris feature constructed based on the iris features of the second user and a second impurity feature; and the second terminal is used for acquiring iris characteristics of the second user after the second ciphertext data is acquired, and decrypting the second encrypted data by utilizing the iris characteristics of the second user and the second target iris characteristics to obtain the data to be transmitted.
Further, the first terminal includes: the device comprises a data acquisition module, a first iris characteristic acquisition module, a first encryption module, a first data processing module and a first sending module, wherein the data acquisition module is used for acquiring data to be transmitted input by a first user; the first iris characteristic acquisition module is used for acquiring iris characteristics of the first user and carrying out normalization processing on the iris characteristics of the first user to obtain normalized iris characteristics of the first user; the first encryption module is used for carrying out redundancy processing on the iris characteristics of the normalized first user based on a first preset recognition rate to obtain a first key, and encrypting the data to be transmitted by using the first key to obtain the first encrypted data; the data processing module is used for constructing the first ciphertext data by utilizing the first encrypted data and the first target iris characteristic; the sending module is configured to send the first ciphertext data to the server.
Further, the server includes: the system comprises an iris feature library, a first decryption module, a second encryption module, a second data processing module and a second sending module, wherein the iris feature library is used for storing iris features of all users; the first decryption module is used for calling iris characteristics of the first user stored in the iris characteristic library according to the user ID of the first user; the first decryption module is further configured to extract feature points included in the first target iris feature, and when a ratio between a first target feature point of the feature points included in the first target iris feature and a feature point of the iris feature of the first user is the first preset recognition rate, generate the first key by using the first target feature point, and decrypt the first encrypted data by using the key, so as to obtain the data to be transmitted, where the first target feature point is a feature point that is the same as a feature point of the iris feature of the first user in the feature points included in the first target iris feature; the second encryption module is configured to perform redundancy processing on iris features of the second user based on a second preset recognition rate to obtain a second key, and encrypt the data to be transmitted by using the second key to obtain second encrypted data; the second data processing module constructs the second ciphertext data by using the second encrypted data and a second target iris feature; and the second sending module is used for sending the two ciphertext data to the second terminal.
Further, the second terminal includes: the second iris characteristic acquisition module is used for acquiring iris characteristics of the second user and carrying out normalization processing on the iris characteristics of the second user to obtain normalized iris characteristics of the second user; the second decryption module is configured to extract feature points included in the second target iris feature, and when a ratio between a second target feature point of the feature points included in the second target iris feature and a feature point of the normalized iris feature of the second user is the second preset recognition rate, generate the second key by using the second target feature point, and decrypt the second encrypted data by using the second key, so as to obtain the data to be transmitted, where the second target feature point is a feature point that is the same as a feature point of the iris feature of the normalized second user in the feature points included in the second target iris feature.
In a second aspect, an embodiment of the present invention further provides a data transmission method based on iris encryption, including: after a first terminal obtains data to be transmitted input by a first user and iris features of the first user, encrypting the data to be transmitted by utilizing the iris features of the first user to obtain first encrypted data, and sending first ciphertext data constructed by the first encrypted data and first target iris features to a server, wherein the first target iris features are iris features constructed based on the iris features and first impurity features of the first user; after the server acquires the first ciphertext data, invoking iris features of the first user stored in an iris feature library according to the user ID of the first user, and decrypting the first encrypted data by utilizing the iris features of the first user and the first target iris features to obtain the data to be transmitted; invoking iris characteristics of a second user stored in an iris characteristic library through the server according to a user ID of the second user, encrypting the data to be transmitted by utilizing the iris characteristics of the second user to obtain second encrypted data, and sending second ciphertext data constructed by the second encrypted data and second target iris characteristics to a second terminal, wherein the second target iris characteristics are iris characteristics constructed based on the iris characteristics and second impurity characteristics of the second user; after the second terminal acquires the second ciphertext data, the iris feature of the second user is acquired, and the second encrypted data is decrypted by utilizing the iris feature of the second user and the second target iris feature to obtain the data to be transmitted.
Further, after the first terminal obtains the data to be transmitted input by the first user and the iris feature of the first user, encrypting the data to be transmitted by using the iris feature of the first user to obtain first encrypted data, and sending the first encrypted data and the first ciphertext data constructed by the first encrypted data and the first target iris feature to a server, wherein the method comprises the following steps: normalizing the iris characteristics of the first user to obtain normalized iris characteristics of the first user; redundancy processing is carried out on the iris characteristics of the normalized first user based on a first preset recognition rate to obtain a first key, and the data to be transmitted are encrypted by using the first key to obtain first encrypted data; constructing the first ciphertext data by utilizing the first encrypted data and a first target iris feature; and sending the first ciphertext data to the server.
Further, after the server obtains the first ciphertext data, invoking iris features of the first user stored in an iris feature library according to a user ID of the first user, and decrypting the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted, including: invoking iris features of the first user stored in an iris feature library according to the user ID of the first user; and extracting feature points contained in the first target iris feature, and when the ratio between a first target feature point of the feature points contained in the first target iris feature and the feature point of the iris feature of the first user is the first preset recognition rate, generating the first key by using the first target feature point, and decrypting the first encrypted data by using the key to obtain the data to be transmitted, wherein the first target feature point is the same feature point as the feature point of the iris feature of the first user in the feature points contained in the first target iris feature.
Further, invoking, by the server, iris features of the second user stored in an iris feature library according to a user ID of the second user, encrypting the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and sending second ciphertext data constructed by the second encrypted data and the second target iris features to a second terminal, where the steps include: redundancy processing is carried out on iris characteristics of the second user based on a second preset recognition rate to obtain a second key, and the data to be transmitted are encrypted by utilizing the second key to obtain second encrypted data; constructing the second ciphertext data by using the second encrypted data and a second target iris feature; and sending the two ciphertext data to the second terminal.
Further, after the second terminal obtains the second ciphertext data, collecting iris features of the second user, and decrypting the second encrypted data by using the iris features of the second user and the second target iris features to obtain the data to be transmitted, including: collecting iris characteristics of the second user, and carrying out normalization processing on the iris characteristics of the second user to obtain normalized iris characteristics of the second user; extracting feature points contained in the second target iris feature, and when the ratio between a second target feature point of the feature points contained in the second target iris feature and the feature point of the normalized iris feature of the second user is the second preset recognition rate, generating the second key by using the second target feature point, and decrypting the second encrypted data by using the second key to obtain the data to be transmitted, wherein the second target feature point is the same feature point as the feature point of the iris feature of the normalized second user in the feature points contained in the second target iris feature.
In a third aspect, an embodiment of the present invention further provides an electronic device, including a memory and a processor, where the memory is configured to store a program for supporting the processor to execute the method described in the first aspect, and the processor is configured to execute the program stored in the memory.
In a fourth aspect, embodiments of the present invention also provide a computer-readable storage medium having a computer program stored thereon.
In the embodiment of the invention, after the data to be transmitted and the iris characteristics of the first user input by the first user are acquired through the first terminal, encrypting the data to be transmitted by utilizing the iris characteristics of the first user to obtain first encrypted data, and sending first ciphertext data constructed by the first encrypted data and first target iris characteristics to the server, wherein the first target iris characteristics are iris characteristics constructed based on the iris characteristics and first impurity characteristics of the first user; the server is configured to invoke iris features of the first user stored in an iris feature library according to a user ID of the first user after the first ciphertext data is acquired, and decrypt the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted; the server is further configured to invoke iris features of a second user stored in an iris feature library according to a user ID of the second user, encrypt the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and send second ciphertext data constructed by the second encrypted data and a second target iris feature to the second terminal, where the second target iris feature is an iris feature constructed based on the iris features of the second user and a second impurity feature; the second terminal is configured to collect iris features of the second user after the second ciphertext data is obtained, decrypt the second encrypted data by using the iris features of the second user and the second target iris features to obtain the data to be transmitted, thereby achieving the purpose of safely transmitting the data by using the iris features, further solving the problem of poor transmission security of the existing iris encryption transmission method, and further achieving the technical effect of improving the transmission security of the iris encryption transmission method.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
In order to make the above objects, features and advantages of the present invention more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the description of the embodiments or the prior art will be briefly described, and it is obvious that the drawings in the description below are some embodiments of the present invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic diagram of a data transmission system based on iris encryption according to an embodiment of the present invention;
fig. 2 is a schematic diagram of ciphertext data according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of iris features and keys provided in an embodiment of the present invention;
Fig. 4 is a flowchart of a data transmission method based on iris encryption according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Embodiment one:
according to an embodiment of the present invention, there is provided an embodiment of a data transmission system based on iris encryption, fig. 1 is a schematic diagram of a data transmission system based on iris encryption according to an embodiment of the present invention, as shown in fig. 1, including: a first terminal 10, a server 20 and a second terminal 30.
The first terminal is configured to encrypt data to be transmitted by using iris features of a first user after obtaining the data to be transmitted and the iris features of the first user, to obtain first encrypted data, and send first ciphertext data constructed by the first encrypted data and first target iris features to the server, where the first target iris features are iris features constructed based on the iris features and first impurity features of the first user;
The server is configured to invoke iris features of the first user stored in an iris feature library according to a user ID of the first user after the first ciphertext data is acquired, and decrypt the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted;
the server is further configured to invoke iris features of a second user stored in an iris feature library according to a user ID of the second user, encrypt the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and send second ciphertext data constructed by the second encrypted data and a second target iris feature to the second terminal, where the second target iris feature is an iris feature constructed based on the iris features of the second user and a second impurity feature;
and the second terminal is used for acquiring iris characteristics of the second user after the second ciphertext data is acquired, and decrypting the second encrypted data by utilizing the iris characteristics of the second user and the second target iris characteristics to obtain the data to be transmitted.
In the embodiment of the invention, after the data to be transmitted and the iris characteristics of the first user input by the first user are acquired through the first terminal, encrypting the data to be transmitted by utilizing the iris characteristics of the first user to obtain first encrypted data, and sending first ciphertext data constructed by the first encrypted data and first target iris characteristics to the server, wherein the first target iris characteristics are iris characteristics constructed based on the iris characteristics and first impurity characteristics of the first user; the server is configured to invoke iris features of the first user stored in an iris feature library according to a user ID of the first user after the first ciphertext data is acquired, and decrypt the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted; the server is further configured to invoke iris features of a second user stored in an iris feature library according to a user ID of the second user, encrypt the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and send second ciphertext data constructed by the second encrypted data and a second target iris feature to the second terminal, where the second target iris feature is an iris feature constructed based on the iris features of the second user and a second impurity feature; the second terminal is configured to collect iris features of the second user after the second ciphertext data is obtained, decrypt the second encrypted data by using the iris features of the second user and the second target iris features to obtain the data to be transmitted, thereby achieving the purpose of safely transmitting the data by using the iris features, further solving the problem of poor transmission security of the existing iris encryption transmission method, and further achieving the technical effect of improving the transmission security of the iris encryption transmission method.
In an embodiment of the present invention, the first terminal includes: the device comprises a data acquisition module, a first iris characteristic acquisition module, a first encryption module, a first data processing module and a first sending module.
The data acquisition module is used for acquiring data to be transmitted input by the first user;
the first iris characteristic acquisition module is used for acquiring iris characteristics of the first user and carrying out normalization processing on the iris characteristics of the first user to obtain normalized iris characteristics of the first user;
the first encryption module is used for carrying out redundancy processing on the iris characteristics of the normalized first user based on a first preset recognition rate to obtain a first key, and encrypting the data to be transmitted by using the first key to obtain the first encrypted data;
the data processing module is used for constructing the first ciphertext data by utilizing the first encrypted data and the first target iris characteristic;
the sending module is configured to send the first ciphertext data to the server.
The server comprises: the system comprises an iris characteristic library, a first decryption module, a second encryption module, a second data processing module and a second sending module.
The iris feature library is used for storing iris features of all users;
the first decryption module is used for calling iris characteristics of the first user stored in the iris characteristic library according to the user ID of the first user;
the first decryption module is further configured to extract feature points included in the first target iris feature, and when a ratio between a first target feature point of the feature points included in the first target iris feature and a feature point of the iris feature of the first user is the first preset recognition rate, generate the first key by using the first target feature point, and decrypt the first encrypted data by using the key, so as to obtain the data to be transmitted, where the first target feature point is a feature point that is the same as a feature point of the iris feature of the first user in the feature points included in the first target iris feature;
the second encryption module is configured to perform redundancy processing on iris features of the second user based on a second preset recognition rate to obtain a second key, and encrypt the data to be transmitted by using the second key to obtain second encrypted data;
The second data processing module constructs the second ciphertext data by using the second encrypted data and a second target iris feature;
and the second sending module is used for sending the two ciphertext data to the second terminal.
It should be noted that, the first encryption module sets redundancy processing according to the first preset recognition rate, so as to generate and determine a unique key according to the first preset recognition rate, for example, when the normalized iris feature of the first user includes 10 feature points and the first preset recognition rate is 70%, the first decryption module extracts 7 target feature points included in the first target iris feature, and then can determine the first key according to the 7 target feature points, and further decrypt the first encrypted data to obtain data to be transmitted.
In addition, it should be noted that the first encryption module generally encrypts the data to be transmitted by using symmetric encryption algorithms such as AES-128, AES-192 or AES-256, so as to obtain first encrypted data.
In the embodiment of the invention, the structure of ciphertext data is shown in fig. 2, the relation between iris characteristics and keys is shown in fig. 3, and the higher the preset recognition rate is, the less the key redundancy data is, the more the doping characteristics are, and the higher the data transmission safety is.
In an embodiment of the present invention, the second terminal includes: the system comprises a second iris characteristic acquisition module and a second decryption module.
The second iris characteristic acquisition module is used for acquiring iris characteristics of the second user and carrying out normalization processing on the iris characteristics of the second user to obtain normalized iris characteristics of the second user;
the second decryption module is configured to extract feature points included in the second target iris feature, and when a ratio between a second target feature point of the feature points included in the second target iris feature and a feature point of the normalized iris feature of the second user is the second preset recognition rate, generate the second key by using the second target feature point, and decrypt the second encrypted data by using the second key, so as to obtain the data to be transmitted, where the second target feature point is a feature point that is the same as a feature point of the iris feature of the normalized second user in the feature points included in the second target iris feature.
In the embodiment of the invention, the process that the server performs iris encryption transmission on the data to be transmitted to the second terminal and decrypts the data to obtain the data to be transmitted is similar to the process that the first terminal performs iris encryption transmission on the data to be transmitted to the server and decrypts the data to obtain the data to be transmitted, so that the description is omitted.
According to the embodiment of the invention, the iris encryption is utilized to transmit the data, so that important information can be prevented from being intercepted and terminal equipment can be prevented from being paid, and the safety of the important information in the transmission process and the acquisition of the data by appointed personnel are ensured; and the second key is portable, is not easy to forget or lose, and has low application technical requirements and wide trial applicability. And setting different encryption keys according to the receiving and transmitting sides of the information in the data transmission process. The data security of the information in the transmission process and on the transmission end is ensured. Only the real receiver can complete the decryption of the data through the iris information of the real receiver. The last step of data security is ensured.
Embodiment two:
the embodiment of the invention also provides a data transmission method based on iris encryption, and the data transmission system based on iris encryption provided by the embodiment of the invention is used for executing the data transmission method based on iris encryption, and the following is a specific description of the data transmission method based on iris encryption provided by the embodiment of the invention.
As shown in fig. 4, fig. 4 is a flowchart of the above data transmission method based on iris encryption, and the data transmission method based on iris encryption includes:
Step S102, after a first terminal obtains data to be transmitted input by a first user and iris features of the first user, encrypting the data to be transmitted by utilizing the iris features of the first user to obtain first encrypted data, and sending first ciphertext data constructed by the first encrypted data and first target iris features to a server, wherein the first target iris features are iris features constructed based on the iris features and first impurity features of the first user;
step S104, after the server acquires the first ciphertext data, invoking iris features of the first user stored in an iris feature library according to the user ID of the first user, and decrypting the first encrypted data by utilizing the iris features of the first user and the first target iris features to obtain the data to be transmitted;
step S106, calling iris characteristics of a second user stored in an iris characteristic library through the server according to the user ID of the second user, encrypting the data to be transmitted by utilizing the iris characteristics of the second user to obtain second encrypted data, and sending second ciphertext data constructed by the second encrypted data and second target iris characteristics to a second terminal, wherein the second target iris characteristics are iris characteristics constructed based on the iris characteristics of the second user and second impurity characteristics;
Step S108, after the second terminal obtains the second ciphertext data, collecting iris features of the second user, and decrypting the second encrypted data by using the iris features of the second user and the second target iris features to obtain the data to be transmitted.
In the embodiment of the invention, after a first terminal obtains data to be transmitted input by a first user and iris characteristics of the first user, encrypting the data to be transmitted by utilizing the iris characteristics of the first user to obtain first encrypted data, and sending first ciphertext data constructed by the first encrypted data and first target iris characteristics to a server, wherein the first target iris characteristics are iris characteristics constructed based on the iris characteristics and first impurity characteristics of the first user; after the server acquires the first ciphertext data, invoking iris features of the first user stored in an iris feature library according to the user ID of the first user, and decrypting the first encrypted data by utilizing the iris features of the first user and the first target iris features to obtain the data to be transmitted; invoking iris characteristics of a second user stored in an iris characteristic library through the server according to a user ID of the second user, encrypting the data to be transmitted by utilizing the iris characteristics of the second user to obtain second encrypted data, and sending second ciphertext data constructed by the second encrypted data and second target iris characteristics to a second terminal, wherein the second target iris characteristics are iris characteristics constructed based on the iris characteristics and second impurity characteristics of the second user; after the second terminal acquires the second ciphertext data, the iris feature of the second user is acquired, the second encrypted data is decrypted by utilizing the iris feature of the second user and the second target iris feature, and the data to be transmitted is obtained, so that the aim of safely transmitting the data by utilizing the iris feature is fulfilled, the problem that the transmission safety of the conventional iris encryption transmission method is poor is solved, and the technical effect of improving the transmission safety of the iris encryption transmission method is realized.
Embodiment III:
the embodiment of the invention also provides a computer readable storage medium, and a computer program is stored on the computer readable storage medium, and when the computer program is executed by a processor, the steps of the method in the first embodiment are executed.
In addition, in the description of embodiments of the present invention, unless explicitly stated and limited otherwise, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be, for example, fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; can be directly connected or indirectly connected through an intermediate medium, and can be communication between two elements. The specific meaning of the above terms in the present invention will be understood in specific cases by those of ordinary skill in the art.
In the description of the present invention, it should be noted that the directions or positional relationships indicated by the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc. are based on the directions or positional relationships shown in the drawings, are merely for convenience of describing the present invention and simplifying the description, and do not indicate or imply that the devices or elements referred to must have a specific orientation, be configured and operated in a specific orientation, and thus should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. The above-described apparatus embodiments are merely illustrative, for example, the division of the units is merely a logical function division, and there may be other manners of division in actual implementation, and for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some communication interface, device or unit indirect coupling or communication connection, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
Finally, it should be noted that: the above examples are only specific embodiments of the present invention, and are not intended to limit the scope of the present invention, but it should be understood by those skilled in the art that the present invention is not limited thereto, and that the present invention is described in detail with reference to the foregoing examples: any person skilled in the art may modify or easily conceive of the technical solution described in the foregoing embodiments, or perform equivalent substitution of some of the technical features, while remaining within the technical scope of the present disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention, and are intended to be included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A data transmission system based on iris encryption, comprising: a first terminal, a server and a second terminal, wherein,
the first terminal is configured to encrypt data to be transmitted by using iris features of a first user after obtaining the data to be transmitted and the iris features of the first user, to obtain first encrypted data, and send first ciphertext data constructed by the first encrypted data and first target iris features to the server, where the first target iris features are iris features constructed based on the iris features and first impurity features of the first user;
The server is configured to invoke iris features of the first user stored in an iris feature library according to a user ID of the first user after the first ciphertext data is acquired, and decrypt the first encrypted data by using the iris features of the first user and the first target iris features to obtain the data to be transmitted;
the server is further configured to invoke iris features of a second user stored in an iris feature library according to a user ID of the second user, encrypt the data to be transmitted by using the iris features of the second user to obtain second encrypted data, and send second ciphertext data constructed by the second encrypted data and a second target iris feature to the second terminal, where the second target iris feature is an iris feature constructed based on the iris features of the second user and a second impurity feature;
and the second terminal is used for acquiring iris characteristics of the second user after the second ciphertext data is acquired, and decrypting the second encrypted data by utilizing the iris characteristics of the second user and the second target iris characteristics to obtain the data to be transmitted.
2. The system of claim 1, wherein the first terminal comprises: the device comprises a data acquisition module, a first iris characteristic acquisition module, a first encryption module, a first data processing module and a first transmission module, wherein,
the data acquisition module is used for acquiring data to be transmitted input by the first user;
the first iris characteristic acquisition module is used for acquiring iris characteristics of the first user and carrying out normalization processing on the iris characteristics of the first user to obtain normalized iris characteristics of the first user;
the first encryption module is used for carrying out redundancy processing on the iris characteristics of the normalized first user based on a first preset recognition rate to obtain a first key, and encrypting the data to be transmitted by using the first key to obtain the first encrypted data;
the data processing module is used for constructing the first ciphertext data by utilizing the first encrypted data and the first target iris characteristic;
the sending module is configured to send the first ciphertext data to the server.
3. The system of claim 2, wherein the server comprises: the iris characteristic library, the first decryption module, the second encryption module, the second data processing module and the second sending module, wherein,
The iris feature library is used for storing iris features of all users;
the first decryption module is used for calling iris characteristics of the first user stored in the iris characteristic library according to the user ID of the first user;
the first decryption module is further configured to extract feature points included in the first target iris feature, and when a ratio between a first target feature point of the feature points included in the first target iris feature and a feature point of the iris feature of the first user is the first preset recognition rate, generate the first key by using the first target feature point, and decrypt the first encrypted data by using the key, so as to obtain the data to be transmitted, where the first target feature point is a feature point that is the same as a feature point of the iris feature of the first user in the feature points included in the first target iris feature;
the second encryption module is configured to perform redundancy processing on iris features of the second user based on a second preset recognition rate to obtain a second key, and encrypt the data to be transmitted by using the second key to obtain second encrypted data;
The second data processing module constructs the second ciphertext data by using the second encrypted data and a second target iris feature;
and the second sending module is used for sending the second ciphertext data to the second terminal.
4. A system according to claim 3, wherein the second terminal comprises: a second iris characteristic acquisition module and a second decryption module, wherein,
the second iris characteristic acquisition module is used for acquiring iris characteristics of the second user and carrying out normalization processing on the iris characteristics of the second user to obtain normalized iris characteristics of the second user;
the second decryption module is configured to extract feature points included in the second target iris feature, and when a ratio between a second target feature point of the feature points included in the second target iris feature and a feature point of the normalized iris feature of the second user is a second preset recognition rate, generate the second key by using the second target feature point, and decrypt the second encrypted data by using the second key, so as to obtain the data to be transmitted, where the second target feature point is a feature point that is the same as a feature point of the iris feature of the normalized second user in the feature points included in the second target iris feature.
5. A data transmission method based on iris encryption, which is applied to the data transmission system based on iris encryption as claimed in any one of claims 1 to 4, comprising:
after a first terminal obtains data to be transmitted input by a first user and iris features of the first user, encrypting the data to be transmitted by utilizing the iris features of the first user to obtain first encrypted data, and sending first ciphertext data constructed by the first encrypted data and first target iris features to a server, wherein the first target iris features are iris features constructed based on the iris features and first impurity features of the first user;
after the server acquires the first ciphertext data, invoking iris features of the first user stored in an iris feature library according to the user ID of the first user, and decrypting the first encrypted data by utilizing the iris features of the first user and the first target iris features to obtain the data to be transmitted;
invoking iris characteristics of a second user stored in an iris characteristic library through the server according to a user ID of the second user, encrypting the data to be transmitted by utilizing the iris characteristics of the second user to obtain second encrypted data, and sending second ciphertext data constructed by the second encrypted data and second target iris characteristics to a second terminal, wherein the second target iris characteristics are iris characteristics constructed based on the iris characteristics and second impurity characteristics of the second user;
After the second terminal acquires the second ciphertext data, the iris feature of the second user is acquired, and the second encrypted data is decrypted by utilizing the iris feature of the second user and the second target iris feature to obtain the data to be transmitted.
6. The method according to claim 5, wherein after the first terminal obtains the data to be transmitted input by the first user and the iris feature of the first user, and encrypts the data to be transmitted by using the iris feature of the first user to obtain first encrypted data, and sends the first encrypted data and the first ciphertext data constructed by the first encrypted data and the first target iris feature to the server, the method comprises:
normalizing the iris characteristics of the first user to obtain normalized iris characteristics of the first user;
redundancy processing is carried out on the iris characteristics of the normalized first user based on a first preset recognition rate to obtain a first key, and the data to be transmitted are encrypted by using the first key to obtain first encrypted data;
constructing the first ciphertext data by utilizing the first encrypted data and a first target iris feature;
And sending the first ciphertext data to the server.
7. The method of claim 6, wherein after the server obtains the first ciphertext data, invoking the iris feature of the first user stored in the iris feature library according to the user ID of the first user, and decrypting the first encrypted data using the iris feature of the first user and the first target iris feature to obtain the data to be transmitted, comprising:
invoking iris features of the first user stored in an iris feature library according to the user ID of the first user;
and extracting feature points contained in the first target iris feature, and when the ratio between a first target feature point of the feature points contained in the first target iris feature and the feature point of the iris feature of the first user is the first preset recognition rate, generating the first key by using the first target feature point, and decrypting the first encrypted data by using the key to obtain the data to be transmitted, wherein the first target feature point is the same feature point as the feature point of the iris feature of the first user in the feature points contained in the first target iris feature.
8. The method according to claim 7, wherein invoking, by the server, iris features of a second user stored in an iris feature library according to a user ID of the second user, encrypting the data to be transmitted using the iris features of the second user to obtain second encrypted data, and transmitting second ciphertext data constructed by the second encrypted data and a second target iris feature to a second terminal, includes:
redundancy processing is carried out on iris characteristics of the second user based on a second preset recognition rate to obtain a second key, and the data to be transmitted are encrypted by utilizing the second key to obtain second encrypted data;
constructing the second ciphertext data by using the second encrypted data and a second target iris feature;
and sending the second ciphertext data to the second terminal.
9. The method of claim 8, wherein after the second terminal obtains the second ciphertext data, collecting iris features of the second user, and decrypting the second encrypted data using the iris features of the second user and the second target iris features to obtain the data to be transmitted, comprising:
Collecting iris characteristics of the second user, and carrying out normalization processing on the iris characteristics of the second user to obtain normalized iris characteristics of the second user;
extracting feature points contained in the second target iris feature, and when the ratio between a second target feature point of the feature points contained in the second target iris feature and the feature point of the normalized iris feature of the second user is the second preset recognition rate, generating the second key by using the second target feature point, and decrypting the second encrypted data by using the second key to obtain the data to be transmitted, wherein the second target feature point is the same feature point as the feature point of the iris feature of the normalized second user in the feature points contained in the second target iris feature.
10. A computer-readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, performs the steps of the method according to any of the preceding claims 5 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310086504.9A CN115776413B (en) | 2023-02-09 | 2023-02-09 | Iris encryption-based data transmission method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310086504.9A CN115776413B (en) | 2023-02-09 | 2023-02-09 | Iris encryption-based data transmission method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115776413A CN115776413A (en) | 2023-03-10 |
| CN115776413B true CN115776413B (en) | 2023-05-09 |
Family
ID=85393394
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310086504.9A Active CN115776413B (en) | 2023-02-09 | 2023-02-09 | Iris encryption-based data transmission method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115776413B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117336100B (en) * | 2023-11-27 | 2024-02-23 | 湖南湘科智慧科技有限公司 | Data processing method and device based on escort service multiparty flattened communication |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016187892A1 (en) * | 2015-05-22 | 2016-12-01 | 宇龙计算机通信科技(深圳)有限公司 | Data transmission method and terminal |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105656870B (en) * | 2015-06-29 | 2019-03-08 | 宇龙计算机通信科技(深圳)有限公司 | A kind of data transmission method, apparatus and system |
| CN105447405A (en) * | 2015-11-09 | 2016-03-30 | 南京以太安全技术有限公司 | Document encryption/decryption method and apparatus based on iris recognition and authentication |
| CN109087415A (en) * | 2018-07-17 | 2018-12-25 | 珠海格力电器股份有限公司 | A kind of method and apparatus of the data transmission based on cloud |
| CN110581847A (en) * | 2019-08-26 | 2019-12-17 | 杭州城市大数据运营有限公司 | Input foreknowledge system |
| CN114117463A (en) * | 2021-10-14 | 2022-03-01 | 深圳供电局有限公司 | Network information security protection method and system |
-
2023
- 2023-02-09 CN CN202310086504.9A patent/CN115776413B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016187892A1 (en) * | 2015-05-22 | 2016-12-01 | 宇龙计算机通信科技(深圳)有限公司 | Data transmission method and terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115776413A (en) | 2023-03-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101789865B (en) | Dedicated server used for encryption and encryption method | |
| CN103124269B (en) | Based on the Bidirectional identity authentication method of dynamic password and biological characteristic under cloud environment | |
| CN102082790B (en) | Method and device for encryption/decryption of digital signature | |
| TWI642288B (en) | Instant communication method and system | |
| CN103458382A (en) | Hardware encryption transmission and storage method and system of mobile phone private short messages | |
| CN102664898A (en) | Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system | |
| CN106411926A (en) | Data encryption communication method and system | |
| CN107465665A (en) | A kind of file encryption-decryption method based on fingerprint identification technology | |
| CN105142134B (en) | Parameter acquisition and parameter transmission method and device | |
| US11652640B2 (en) | Systems and methods for out-of-band authenticity verification of mobile applications | |
| CN115776413B (en) | Iris encryption-based data transmission method and system | |
| CN110505055A (en) | Based on unsymmetrical key pond to and key card outer net access identity authentication method and system | |
| CN108401494B (en) | Method and system for transmitting data | |
| CN105376233A (en) | Soft SIM parameter management method, soft SIM parameter management device, terminal and network side server | |
| CN106605419A (en) | Method and system for secure SMS communications | |
| WO2015120769A1 (en) | Password management method and system | |
| CN110191136A (en) | A kind of convenient and fast file secure transmission method and equipment | |
| CN110278077B (en) | Method, device, equipment and storage medium for acquiring data information of electric energy meter | |
| US11463251B2 (en) | Method for secure management of secrets in a hierarchical multi-tenant environment | |
| CN106972928B (en) | Bastion machine private key management method, device and system | |
| CN215186781U (en) | Quantum computing resistant mobile communication system based on quantum secret communication network | |
| CN105577382A (en) | Communication information transmission method, device and system | |
| CN109726584A (en) | Cloud database key management system | |
| KR20110057376A (en) | A method of transporting certificate to mobile terminal | |
| CN112367323B (en) | Text end-to-end encryption and decryption system and method of intelligent terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |