CN116028919A - Image proving method, device registering method and image verifying method - Google Patents

Image proving method, device registering method and image verifying method Download PDF

Info

Publication number
CN116028919A
CN116028919A CN202310173638.4A CN202310173638A CN116028919A CN 116028919 A CN116028919 A CN 116028919A CN 202310173638 A CN202310173638 A CN 202310173638A CN 116028919 A CN116028919 A CN 116028919A
Authority
CN
China
Prior art keywords
image
abstract
fingerprint
private
equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310173638.4A
Other languages
Chinese (zh)
Inventor
钱烽
马环宇
何思枫
杨磊
黄泓皓
罗涛
张晓博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ant Blockchain Technology Shanghai Co Ltd
Original Assignee
Ant Blockchain Technology Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ant Blockchain Technology Shanghai Co Ltd filed Critical Ant Blockchain Technology Shanghai Co Ltd
Priority to CN202310173638.4A priority Critical patent/CN116028919A/en
Publication of CN116028919A publication Critical patent/CN116028919A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Collating Specific Patterns (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides an image proving method, an equipment registering method and an image verifying method, and relates to the technical field of information security. The image proving method comprises the following steps: acquiring an image to be proved shot by target equipment; dividing an image to be proved, and determining a first public image corresponding to the image to be proved; determining a first device fingerprint abstract corresponding to the target device, wherein the first device fingerprint abstract characterizes the real identity of the target device; and executing the steps of generating a second device fingerprint abstract corresponding to the target device based on the image to be proved and the first public image and comparing the first device fingerprint abstract with the second device fingerprint abstract in the zero knowledge proof circuit to obtain a zero knowledge proof file corresponding to the image to be proved. By using the zero-knowledge proof file in the application, the image source can be authenticated under the condition of not revealing private information, and the complexity and cost of the target equipment application for false under the condition of dishonest are increased.

Description

Image proving method, device registering method and image verifying method
Technical Field
The application relates to the technical field of information security, in particular to an image proving method, an equipment registering method and an image verifying method.
Background
When there is massive image data on the internet, and the scenes of copyright protection and copyright transaction, commodity tracing, judicial evidence collection, identity authentication and the like are involved, source shooting equipment (mobile phones, cameras, video cameras and the like) for tracing the involved images are often needed. The source shooting equipment of the image is traced through the technical means, so that the fake attack of a third party and the fake of an equipment owner are prevented, and the method becomes a key problem faced by various related business products.
Disclosure of Invention
The present application has been made in order to solve the above technical problems. The embodiment of the application provides an image proving method, an equipment registering method and an image verifying method.
In a first aspect, an embodiment of the present application provides an image proving method, including: acquiring an image to be proved shot by target equipment; dividing an image to be proved, and determining a first public image corresponding to the image to be proved; determining a first device fingerprint abstract corresponding to the target device, wherein the first device fingerprint abstract characterizes the real identity of the target device; and executing the steps of generating a second device fingerprint abstract corresponding to the target device based on the image to be proved and the first public image and comparing the first device fingerprint abstract with the second device fingerprint abstract in the zero knowledge proof circuit to obtain a zero knowledge proof file corresponding to the image to be proved.
In a second aspect, an embodiment of the present application provides a device registration method, including: acquiring a sample image shot by equipment to be registered; acquiring a first equipment fingerprint abstract corresponding to equipment to be registered, wherein the first equipment fingerprint abstract characterizes the real identity of the equipment to be registered; dividing the sample image and determining a private image corresponding to the sample image; and in the zero knowledge proof circuit, executing the steps of generating a second device fingerprint abstract corresponding to the device to be registered based on the private image and comparing the first device fingerprint abstract with the second device fingerprint abstract to obtain a zero knowledge proof file corresponding to the device to be registered.
In a third aspect, an embodiment of the present application provides an image verification method, including: acquiring a first public image corresponding to an image to be verified; determining a first device fingerprint abstract corresponding to the target device based on the first public image; acquiring a zero knowledge proof file corresponding to an image to be verified, wherein the zero knowledge proof file corresponding to the image to be verified records a comparison process of a first public image and a first equipment fingerprint abstract; and running a zero knowledge proof file corresponding to the image to be verified based on the first public image and the first equipment fingerprint abstract so as to verify whether the image to be verified is shot by the target equipment.
In a fourth aspect, an embodiment of the present application provides an image proving apparatus, including: the acquisition module is used for acquiring an image to be proved shot by the target equipment; the segmentation module is used for segmenting the image to be proved and determining a first public image corresponding to the image to be proved; the determining module is used for determining a first device fingerprint abstract corresponding to the target device, and the first device fingerprint abstract characterizes the real identity of the target device; and the execution module is used for executing the steps of generating a second device fingerprint abstract corresponding to the target device based on the image to be proved and the first public image and comparing the first device fingerprint abstract and the second device fingerprint abstract in the zero knowledge proof circuit to obtain a zero knowledge proof file corresponding to the image to be proved.
In a fifth aspect, an embodiment of the present application provides a device registration apparatus, including: the first acquisition module is used for acquiring a sample image shot by equipment to be registered; the second acquisition module is used for acquiring a first equipment fingerprint abstract corresponding to equipment to be registered, and the first equipment fingerprint abstract characterizes the real identity of the equipment to be registered; the segmentation module is used for segmenting the sample image and determining a first private image corresponding to the sample image; and the execution module is used for executing the steps of generating a second device fingerprint abstract corresponding to the device to be registered based on the first private image and comparing the first device fingerprint abstract with the second device fingerprint abstract in the zero knowledge proof circuit to obtain a zero knowledge proof file corresponding to the device to be registered.
In a sixth aspect, an embodiment of the present application provides an image verification apparatus, including: the first acquisition module is used for acquiring a first public image corresponding to the image to be verified; the determining module is used for determining a first device fingerprint abstract corresponding to the target device based on the first public image; the second acquisition module is used for acquiring a zero knowledge proof file corresponding to the image to be verified, wherein the zero knowledge proof file corresponding to the image to be verified records a comparison process of the first public image and the first equipment fingerprint abstract; and the operation module is used for operating the zero knowledge proof file corresponding to the image to be verified based on the first public image and the first equipment fingerprint abstract so as to verify whether the image to be verified is shot by the target equipment.
In a seventh aspect, an embodiment of the present application provides a computer readable storage medium storing a computer program for executing the methods mentioned in the first, second and third aspects.
In an eighth aspect, an embodiment of the present application provides an electronic device, including: a processor; a memory for storing processor-executable instructions; the processor is configured to perform the methods mentioned in the first, second and third aspects.
A ninth aspect provides a computer program product comprising instructions which, when executed, enable the method of the first, second and third aspects mentioned above to be carried out.
The image proving method provided by the embodiment of the application has the following beneficial effects.
The method and the device generate the zero-knowledge proof file corresponding to the image to be proved through the image to be proved (private information), the first public image, the first equipment fingerprint abstract (public information) and the zero-knowledge proof circuit. In the zero knowledge proof circuit, a series of steps are executed to determine the correlation between the first public image and the first equipment fingerprint abstract, and further determine the relation between the to-be-proven image corresponding to the first public image and the target equipment corresponding to the first equipment fingerprint abstract. The method and the device are characterized in that the device fingerprint extraction and device fingerprint summary comparison main process is described through the zero knowledge proof circuit after each new image is shot by adopting the proof pattern based on the zero knowledge proof strategy, the zero knowledge proof file is generated, and the source device of the image can be effectively and accurately verified while private information is not disclosed. In addition, richer proving semantics are provided for a verifier or a third party independent auditor, the complexity and cost of the fake of the target equipment application under the dishonest condition are increased, and the information security of the target equipment is ensured.
Drawings
The foregoing and other objects, features and advantages of the present application will become more apparent from the following more particular description of embodiments of the present application, as illustrated in the accompanying drawings. The accompanying drawings are included to provide a further understanding of embodiments of the application and are incorporated in and constitute a part of this specification, illustrate the application and not constitute a limitation to the application. In the drawings, like reference numerals generally refer to like parts or steps.
Fig. 1 shows a specific architecture diagram of an embodiment of the present application.
FIG. 2 is a schematic diagram of an implementation environment suitable for embodiments of the present application.
Fig. 3 is a flowchart of an image proving method according to an exemplary embodiment of the present application.
Fig. 4 is a schematic diagram of a segmented image according to an exemplary embodiment of the present application.
Fig. 5 is a schematic view of a segmented image according to another exemplary embodiment of the present application.
Fig. 6 is a schematic flow chart of generating a fingerprint digest of a second device according to an exemplary embodiment of the present application.
Fig. 7 is a flowchart of an image proving method according to another exemplary embodiment of the present application.
Fig. 8 is a complete schematic diagram of an image proving process according to an exemplary embodiment of the present application.
Fig. 9 is a flowchart of a device registration method according to an exemplary embodiment of the present application.
Fig. 10 is a schematic flow chart of generating a fingerprint digest of a second device according to an exemplary embodiment of the present application.
Fig. 11 is a flowchart of a device registration method according to another exemplary embodiment of the present application.
Fig. 12 is a complete schematic diagram of a device registration process according to an exemplary embodiment of the present application.
Fig. 13 is a flowchart of an image proving method according to an exemplary embodiment of the present application.
Fig. 14 is a flowchart of an image proving method according to another exemplary embodiment of the present application.
Fig. 15 is a schematic view showing the structure of an image proving apparatus according to an exemplary embodiment of the present application.
Fig. 16 is a schematic structural diagram of a device registration apparatus according to an exemplary embodiment of the present application.
Fig. 17 is a schematic diagram illustrating the structure of an image verification apparatus according to an exemplary embodiment of the present application.
Fig. 18 is a schematic structural diagram of an electronic device according to an exemplary embodiment of the present application.
Detailed Description
The following description of the technical solutions in the embodiments of the present application will be made clearly and completely with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
Summary of the application
Device fingerprint: device fingerprint refers to the hardware noise (fixed deviation of the sensor, random white noise, etc.) of the image acquisition device that the image or video frame retains when imaged, and the software processing noise (which can be understood as a filter of some kind) that the image processing software brings in.
Zero knowledge proof: a protocol involving two or more parties, i.e., a series of steps that two or more parties need to take to accomplish a task. The prover proves to the verifier and believes itself to know or own a certain message, but the proving process cannot reveal any information about the proved message to the verifier.
Zero knowledge proof circuit: the calculation step is described in the form of a logic circuit such as a nand gate, and then the operation is performed.
In the related art, operations such as editing, transferring, authorizing and the like of images among different nodes are tracked generally based on a propagation link supervision system such as a blockchain and the like; or, the unique physical characteristic inherent to the image acquisition device is utilized to verify the shooting source of the image, for example, a security chip is utilized to sign the image, or the fingerprint consistency of the images of different nodes is utilized to compare the device fingerprint.
The first method has a large limit on the scope of use of the image, requiring all scene applications to access the blockchain network. The common means of the second method is to sign the image by the private key generated after fuzzy extraction of the secret key of the security chip or the device fingerprint, and to check the image by the corresponding public key during verification. In the second method, the public key and the private key are generally generated in a secure environment before the device leaves the factory (or when the device is reset), after which the private key is stored in the device, or the device fingerprint is re-extracted and the private key is recovered each time some images are captured, so that the new images captured each time by the signing device are signed, and the public key is distributed to the verifier for subsequent signature verification. The second approach employs a vouched-for schema, which may use a private key to sign images that are not self-captured when the device is applied dishonest.
Based on the above, the present application proposes an image proving method, firstly, obtaining an image to be demonstrated which is shot by a target device, further dividing the image to be demonstrated, and determining a first public image corresponding to the image to be demonstrated; determining a first device fingerprint abstract corresponding to the target device, wherein the first device fingerprint abstract characterizes the real identity of the target device; and executing the steps of generating a second device fingerprint abstract corresponding to the target device based on the image to be proved and the first public image and comparing the first device fingerprint abstract with the second device fingerprint abstract in the zero knowledge proof circuit to obtain a zero knowledge proof file corresponding to the image to be proved. According to the method and the device, based on the zero knowledge proof strategy, the proof pattern is adopted, after a new image is shot each time, the main process of fingerprint extraction and fingerprint abstract comparison can be described through the zero knowledge proof circuit, a zero knowledge proof file is generated, and the source equipment of the image can be effectively and accurately verified while the privacy information is not disclosed. In addition, the method also provides richer proving semantics for the verifier or the third party independent auditor, increases the complexity and cost of the fake of the equipment application under the dishonest condition, and ensures the information security of the image acquisition equipment.
Exemplary scenario
Fig. 1 shows a specific architecture diagram of an embodiment of the present application. The method can be divided into three stages (also called three processes), namely an image proving process, a device registering process and an image verifying process. In the flow shown in fig. 2, a device registration process may be performed first, that is, one or several images captured by a device to be registered may be acquired first as sample images for device registration, and each sample image may be subjected to uniform spatial domain segmentation, and each sample image may obtain at least one sub-image, for example, an image formed by pixels in odd columns in the sample image, or an image formed by pixels in even columns in the sample image. Inputting the sub-images corresponding to the sample images and the pre-acquired device fingerprint abstracts of the shooting devices into a pre-constructed zero knowledge proof circuit related to a device registration process, and generating a zero knowledge proof file related to the device registration process under the condition that the circuit is successful in operation, wherein the zero knowledge proof file corresponding to the device registration process is used for proving that the shooting devices are real devices in registration. Further, an image proving process is executed, and likewise, an image acquired by the shooting device is acquired, the image is segmented according to a space domain segmentation mode of a sample image in a registration process, two sub-images are obtained, one sub-image serves as a private image, the other sub-image serves as a public image, the shot complete image, the two sub-images, the device fingerprint generated in the registration process and the device fingerprint abstract are input into a zero knowledge proving circuit corresponding to the image proving process, and under the condition that the circuit is successful in operation, a zero knowledge proving file related to the image proving process is generated.
On the other hand, when the image acquired by the shooting device needs to be disclosed, other sub-images except the sub-image used for authenticating the device fingerprint can be disclosed, so that the device fingerprint used by the source device authentication is not the device fingerprint of all image pixels, and under the condition that the pixels used for the source device authentication are not disclosed in whole or in large part, the public cannot know the pixels used for the source device authentication and the noise thereof completely, so that the cost of forging the device fingerprint can be increased, the information security of the shooting device is ensured, and the reliability of data source authentication is improved.
For example, in the case that it is required to prove whether an image is from a target photographing device (also referred to as a target device), the image to be verified may be segmented according to an image segmentation method in the image proving process and the device registration process, so as to obtain two sub-images, and the segmented sub-image (for example, an image formed by even-numbered pixels) and the device fingerprint abstract stored in the image proving process are input into a zero knowledge proof file corresponding to the image proving process, and if the zero knowledge proof file corresponding to the image proving process runs successfully, it is indicated that the image to be verified is derived from the target device. Further, the device fingerprint abstract stored in the image proving process is input into a zero knowledge proving file corresponding to the device registering process, and if the zero knowledge proving file corresponding to the device registering process runs successfully, the target device is indicated to be the authenticated device.
FIG. 2 is a schematic diagram of an implementation environment suitable for embodiments of the present application. Illustratively, the device registration method is performed in the server 1, the image proving method is performed in the server 2, and the image verification method is performed in the server 3.
When the equipment leaves the factory, a worker can execute related computer programs by operating a computer page, connect the server 1, and register the equipment in a safe environment by using the server 1. The secure environment refers to the execution environment without the possibility of third party attack and the possibility of falsification of the device owner, and the environment can be inside or outside the device, and the information such as the zero knowledge proof file generated after the device is successfully registered, the device fingerprint abstract and the like is uploaded to the blockchain.
In the image proving stage, the proving party acquires the device fingerprint abstract from the blockchain so as to execute a zero knowledge proving circuit of the image proving stage in the server 2, and generates a zero knowledge proving file after the circuit is successfully operated. Likewise, zero knowledge proof files may be stored to the blockchain and addresses in the blockchain where the device registration phase and the image proof phase store information are stored in the device.
In the image verification stage, the verifier extracts the two addresses from the device and acquires the zero knowledge proof file generated in the two stages from the blockchain. Preferably, the zero knowledge proof file generated in the image proof phase is first run in the server 3 to prove whether the image to be verified is photographed by the target device. In the case where it is determined that the image to be verified is photographed by the target device, a zero-knowledge proof file generated in the device registration stage is further run to prove whether the target device is a device that has passed authentication. Illustratively, in the copyright protection scenario, when the copyright of the image is authorized, the trading platform and the buyer verify that the seller is indeed the source photographer of the image; in a judicial evidence obtaining scene, a judicial identification mechanism verifies whether an image proposed by an arbitrating or litigation related party is shot by a specific device; in the commodity tracing scene, whether the image in the commodity upstream process is shot by a specific device or not is verified by the downstream of the supply chain. In the foregoing three exemplary scenarios, the verifier may also verify the authenticity of a particular device registration further based on the zero-knowledge proof generated during the device registration phase.
Exemplary method
Fig. 3 is a flowchart of an image proving method according to an exemplary embodiment of the present application. As shown in fig. 3, the image proving method provided in the embodiment of the present application includes the following steps.
Step S310, obtaining an image to be proved shot by the target equipment.
Illustratively, the image to be certified is an image in a raw format, e.g., the image to be certified is an image in a RAW (RAW Image Format) format. In addition, the image to be certified is a private image and cannot be published to the public. The target device may be any device with image acquisition functionality, for example, a smart phone, a smart bracelet, a tablet, a monitoring device or a camera, etc.
Step S320, the image to be proved is segmented, and a first public image corresponding to the image to be proved is determined.
In this embodiment, the segmentation refers to segmenting a complete image to be proved into a plurality of partial images, and the first public image is an image published according to service processing requirements. Illustratively, the first public image is obtained by directly dividing the image to be proved according to a preset column range or a preset row range, for example, pixels from 100 th column to 800 th column in the image to be proved are divided, and an image formed by the pixels from 100 th column to 800 th column is determined as the first public image; alternatively, an image formed by a combination of pixels obtained by dividing an image to be proved may be exemplified with reference to fig. 4 and 5.
Fig. 4 is a schematic diagram of a segmented image according to an exemplary embodiment of the present application. As shown in fig. 4, the image to be proved is spatially split with respect to the pixel columns, gray blocks represent odd-numbered column pixels, white blocks represent even-numbered column pixels, and columns with odd-numbered pixel columns are sampled to form an odd image, and the odd image is taken as a first public image. In another embodiment, the columns of sampling pixels are even numbered in sequence, forming an even image, and the even image is taken as the first public image. In addition, the image to be proved may be spatially split with respect to the pixel rows, and similarly, an image composed of pixels in an odd row may be used as the first public image, or an image composed of pixels in an even row may be used as the first public image.
Further, fig. 5 is a schematic diagram of a segmented image according to another exemplary embodiment of the present application. As shown in fig. 5, the image to be certified is divided into a pixel block of a predetermined number of row pixels and a predetermined number of column pixels, for example, 10×10 pixel block. The combination of the gray pixel blocks 502 in fig. 5 is taken as the first public image, or the combination of the white pixel blocks 501 is taken as the first public image.
Step S330, determining a first device fingerprint abstract corresponding to the target device.
The first device fingerprint digest is capable of characterizing the true identity of the target device, is an authenticated digest generated in a secure trusted environment (e.g., zero knowledge proof circuitry), and is information published to the public.
The first device fingerprint digest is obtained by using noise data which is reserved by the target device during imaging, the device fingerprint of the target device is obtained by processing the noise data, and the device fingerprint is further encrypted to obtain the first device fingerprint digest. For example, noise data is processed based on a maximum likelihood estimation algorithm to obtain a device fingerprint, and then a hash operation is performed on the device fingerprint to obtain a first device fingerprint digest. In addition, the first device fingerprint related to the target device may be stored in advance, or may be obtained from another device, or may be obtained from a blockchain and an authentication center, or may be obtained by calling a related step execution process in the current step.
Step S340, in the zero knowledge proof circuit, the steps of generating the second device fingerprint abstract corresponding to the target device based on the image to be proven and the first public image, and comparing the first device fingerprint abstract and the second device fingerprint abstract are performed, so as to obtain the zero knowledge proof file corresponding to the image to be proven.
Illustratively, the image to be certified, the first public image and the first device fingerprint digest are input into a preset zero knowledge proof circuit. And in the zero knowledge proof circuit, regenerating a second device fingerprint abstract of the target device according to the correlation between the first public image and the image to be proved, and generating a zero knowledge proof file corresponding to the image to be proved under the condition that the first device fingerprint abstract and the second device fingerprint abstract are consistent.
It is understood that the zero-knowledge proof file of the image to be certified generated in the image certification stage is used for subsequently verifying whether the image input into the zero-knowledge proof file is photographed by a specific device.
According to the method and the device, the zero knowledge proof file corresponding to the image to be proved is generated through the image to be proved (private information), the first public image, the first device fingerprint abstract (public information) and the zero knowledge proof circuit. In the zero knowledge proof circuit, through a series of executed steps, the correlation between the first public image and the first equipment fingerprint abstract is determined, and the relation between the to-be-proven image corresponding to the first public image and the target equipment corresponding to the first equipment fingerprint abstract is further determined. The method and the device are characterized in that the device fingerprint extraction and device fingerprint summary comparison main process is described through the zero knowledge proof circuit after each new image is shot by adopting the proof pattern based on the zero knowledge proof strategy, the zero knowledge proof file is generated, and the source device of the image can be effectively and accurately verified while the privacy information is not disclosed. In addition, the method also provides richer proving semantics for the verifier or the third party independent auditor, increases the complexity and cost of the fake of the equipment application under the dishonest condition, and ensures the information security of the image acquisition equipment.
Fig. 6 is a schematic flow chart of generating a fingerprint digest of a second device according to an exemplary embodiment of the present application. The embodiment shown in fig. 6 is extended from the embodiment shown in fig. 3, and the differences between the embodiment shown in fig. 3 and the embodiment shown in fig. Chen Shutu are emphasized below, so that the details of the differences are not repeated.
As shown in fig. 6, in the embodiment of the present application, in the zero knowledge proof circuit, a step of generating a second device fingerprint digest corresponding to the target device based on the image to be proven and the first public image is performed, including the following steps.
Step S610, a first private image corresponding to the image to be proved is obtained.
Specifically, the first private image in the present embodiment corresponds to the method of acquiring the first public image in the embodiment shown in fig. 3. For example, the image to be certified is segmented according to a preset mode as well, and a first private image is obtained. Further, the first private image may be obtained by directly dividing the image to be proved according to a predetermined column range or a predetermined row range, for example, dividing the 900 th column pixel to the 1600 th column pixel in the image to be proved, and determining the image composed of the 900 th column pixel to the 1600 th column pixel as the first private image; or an image formed by a combination of pixels obtained by dividing an image to be proved. Similarly, referring to fig. 4, if the combination of odd column pixels is taken as the first public image, the combination of even column pixels may be taken as the first private image. Referring to fig. 5, if the combination of gray pixel blocks 502 is taken as the first public image, the combination of white pixel blocks 501 may be taken as the first private image. It will be appreciated that the first public image and the first private image are images acquired outside the zero knowledge proof circuit.
Step S620, the image to be proved is segmented, and a second public image and a second private image corresponding to the image to be proved are obtained.
Specifically, in the zero knowledge proof circuit, the image to be proved is segmented again to obtain a second public image and a second private image in the same manner as the image to be proved is segmented to obtain the first public image and the first private image in the previous embodiment.
In step S630, the consistency of the first public image and the second public image is determined.
Illustratively, consistency of the first public image and the second public image is determined by comparing the values of the first public image and the second public image at each pixel bit. And regarding the pixel value of the pixel point at the same position, if the difference value between the first public image and the second public image is smaller than a preset threshold value, the pixel value is considered to be consistent. Further, if there is a coincidence in the values of the preset number of pixel bits, the first public image and the second public image are considered to have coincidence.
For example, the first public image and the second public image may be input into a pre-trained deep learning model to determine consistency of the first public image and the second public image.
In practical application, if the result of step S630 is that the first public image is consistent with the second public image, step S640 is executed; if the result of step S630 is that the first public image and the second public image are inconsistent, the zero knowledge proof circuit fails to operate.
Step S640, generating a second device fingerprint digest based on the second private image and the first private image.
In one embodiment, the denoising operation may be performed on the second private image and the first private image, respectively, to obtain a denoised second private image and a denoised first private image. And determining a device fingerprint by using noise data between the second private image and the denoised second private image. And determining another device fingerprint by using noise data between the first private image and the denoised first private image. Further, a second device fingerprint digest is determined from the two device fingerprints. For example, if the two device fingerprints are identical, one device fingerprint may be selected to generate a second device fingerprint digest; or if the two device fingerprints are inconsistent, the acquiring process of the two device fingerprints can be modified, and the second device fingerprint abstract is determined according to the modified device fingerprints.
In the embodiment of the application, the image to be proved is segmented again in the zero knowledge proof circuit to obtain the second public image and the second private image, so that the authenticity and credibility of the second public image and the second private image are ensured, and an authentic and credible comparable object is provided for consistency verification of subsequent images and generation of the fingerprint abstract of the second device. In addition, on the premise that the first public image and the second public image are consistent, the second equipment fingerprint abstract is further generated, the fact that the input first public image is true and credible and is not tampered is guaranteed, and then the safety and credibility of the second equipment fingerprint abstract are improved.
With respect to step S640, in another embodiment, this may be achieved by the following steps one, two and three. Specifically, the contents of the first, second and third steps can be referred to as follows.
Step one, acquiring a denoised first private image corresponding to the first private image. Wherein the denoised first private image may also be referred to as a standard image.
Specifically, the first private image may be denoised outside the zero knowledge proof circuit to obtain a denoised first private image, and the denoised first private image may be obtained inside the zero knowledge proof circuit. Illustratively, the first private image may be denoised by a noise reducer outside the zero knowledge proof circuit; or denoising the first private image using a deep learning model, a conventional wavelet transform, or the like denoising algorithm.
And step two, judging whether the content similarity of the denoised first private image and the denoised first public image meets a preset similarity condition or not.
And carrying out semantic comparison on the denoised first private image and the denoised first public image to judge whether the first private image and the denoised first public image are derived from the segmentation result of the same image. Specifically, semantic features of the denoised first private image and the denoised first public image can be extracted respectively, consistency of the semantic features of the denoised first private image and the semantic features of the first public image is determined, and whether content similarity of the denoised first private image and the denoised first public image meets a preset similarity condition is judged.
In the actual application process, if the execution result of the second step is yes, executing a third step; if the execution result of the second step is no, the zero knowledge proves that the circuit fails to operate.
And thirdly, generating a second equipment fingerprint abstract based on the denoised first private image and second private image.
In one embodiment, the noise data corresponding to the target device may be obtained by subtracting the denoised first private image from the second private image. And obtaining the fingerprint abstract of the second equipment by using a maximum likelihood estimation method according to the noise data.
For example, the first private image after the denoising is subtracted from the second private image may be subtracted according to pixel-by-pixel values of the corresponding image channel, and an absolute value is taken as a result of the subtraction.
In this embodiment, firstly, content similarity of the denoised first private image and the first public image is compared so as to verify whether the denoised first private image and the denoised first public image are from the same image to be proved, detect whether the first private image and the first public image are tampered, and ensure authenticity and credibility of the denoised first private image and the first public image which are externally input by the zero knowledge proving circuit. And constructing the association relation between the first public image and the second equipment fingerprint abstract by taking the denoised first private image as an intermediate object. And secondly, generating a second device fingerprint abstract by utilizing noise data between a second private image (the second private image generated in the circuit is safe and credible by default) and the denoised first private image in the zero knowledge proof circuit, and determining the association relationship between the first public image and the first fingerprint abstract under the condition that the first fingerprint abstract is consistent with the second fingerprint abstract while ensuring the credibility of the second device fingerprint abstract. In the zero knowledge proof circuit, the first equipment fingerprint abstract can be deduced from the first public image through some column image comparison, and then the image to be verified corresponding to the first public image is verified to be derived from the target equipment corresponding to the first equipment fingerprint abstract.
For step three, in another embodiment, this may be achieved by the following steps four, five, six and seven. Specifically, the contents of the fourth, fifth, sixth and seventh steps are as follows.
And step four, acquiring device fingerprints corresponding to the target device.
Specifically, the device fingerprint is a first device fingerprint obtained outside the zero knowledge proof circuit. Preferably, the device fingerprint is an authenticated, trusted device fingerprint.
And fifthly, determining noise data based on the denoised first private image and the denoised second private image.
And step six, judging that the noise data and the device fingerprint have correlation.
For example, the correlation value between the noise data and the device fingerprint may be calculated by a measurement method, and if the correlation value is greater than a preset threshold pce_bold (e.g. 0.999), the noise data and the device fingerprint are considered to have correlation; otherwise, the noise data and the device fingerprint are considered to have no correlation.
Further, if the execution result of the step six is that there is a correlation, executing a step seven; otherwise, zero knowledge proves that the circuit has failed to operate.
And step seven, generating a second device fingerprint abstract based on the noise data.
And carrying out maximum likelihood estimation on the noise data to obtain equipment fingerprints, and carrying out hash operation on the equipment fingerprints to obtain second equipment fingerprint summaries.
In the embodiment, the noise data determined in the circuit is compared with the device fingerprint input outside the circuit, so that the cost of forging the device fingerprint is further increased, and the reliability of image source authentication is ensured.
Fig. 7 is a flowchart of an image proving method according to another exemplary embodiment of the present application. The embodiment shown in fig. 7 is extended from the embodiment shown in fig. 3, and differences between the embodiment shown in fig. 7 and the embodiment shown in fig. 3 are described with emphasis, and the details of the differences are not repeated.
As shown in fig. 7, in the embodiment of the present application, the image proving method further includes the following steps.
Step S710, storing the blockchain address of the first device fingerprint digest and/or the account information of the first device fingerprint digest at the authentication center to the first public image.
Step S720, storing the first public image and the zero knowledge proof file corresponding to the image to be proved to the target device.
In this embodiment, the first public image is an image for publishing, and the first device fingerprint digest is also information for publishing, so that the blockchain address corresponding to the first device fingerprint digest or account information of the authentication center is stored in the first public image, so that the first device fingerprint digest can be conveniently referred to in subsequent business processing, and privacy of private images (the first private image and the image to be proved) is ensured. And similarly, storing the zero knowledge proof file corresponding to the first public image and the image to be proved into target equipment, so that the required information can be conveniently and directly extracted from the target equipment at the subsequent time, and verifying the trusted source of the image.
Fig. 8 is a complete schematic diagram of an image proving process according to an exemplary embodiment of the present application. The image proof process is further described in connection with fig. 8, in which the order of execution of the steps is labeled based on A, B, C, D, E, F, G, H, I, J, K for ease of understanding, and further, the steps in the dashed box are steps performed in a zero knowledge proof circuit, and the environment within the zero knowledge proof circuit is trusted, ignoring the possibility of being attacked.
Specifically, in a zero knowledge proving circuit corresponding to an image to be demonstrated, shooting the image to be demonstrated by using target equipment, and carrying out space splitting on the image to be demonstrated to obtain a first private image and a first public image. The first private image is subjected to denoising processing to obtain a standard image (also called a denoised first private image).
And in a zero knowledge proving circuit corresponding to the image to be demonstrated, carrying out space splitting on the image to be demonstrated again to obtain a second public image and a second private image. Further, consistency of the second public image and the first public image is judged, and content consistency of the standard image and the first public image is judged under the condition that the second public image and the first public image are consistent. And under the condition that the two contents are consistent, subtracting the standard image from the second private image to obtain noise data. And acquiring the device fingerprint input outside the zero knowledge proving circuit, calculating the correlation between the device fingerprint and the noise data, and calculating a second device fingerprint abstract according to the noise data under the condition that the device fingerprint and the noise data have correlation. Further, a first device fingerprint abstract input outside the zero knowledge proof circuit is obtained, consistency of the first device fingerprint abstract and the second device fingerprint abstract is judged, and under the condition that the first device fingerprint abstract and the second device fingerprint abstract are consistent, the zero knowledge proof circuit executes successfully, and a zero knowledge proof file corresponding to an image to be proved is generated. And finally, storing the blockchain address of the fingerprint abstract of the first equipment or account information of the authentication center into the first public image, and storing the first public image and the zero knowledge proof file.
Fig. 9 is a flowchart of a device registration method according to an exemplary embodiment of the present application. As shown in fig. 9, the device registration method provided in the embodiment of the present application includes the following steps.
Step S910, a sample image captured by the device to be registered is acquired.
The number of sample images may be one or a plurality. Further, the content of the sample image is not limited, and for example, a plain white paper may be photographed as the sample image with the device to be registered. Preferably, in order to reduce the operation error rate of the zero-knowledge proof file corresponding to the device to be registered, a plurality of sample images may be acquired for subsequent application, for example, 40 sample images captured by the device to be registered may be acquired.
In addition, the sample image is an image in a RAW format, and illustratively, the sample image is an image in a RAW format, which is RAW data that the image acquisition sensor converts the captured light source signal into a digital signal. The RAW format image records the RAW information of the image acquisition sensor, while recording some metadata (such as setting of ISO sensitivity, shutter speed, aperture value, white balance, etc.) generated by the image acquisition sensor.
The device to be registered is any device before leaving the factory, which has an image acquisition function, and may be, for example, a smart phone, a smart watch, a tablet computer, a camera, a notebook computer, a monitoring device, a camera, or the like.
Step S920, obtaining a first device fingerprint abstract corresponding to the device to be registered.
The first device fingerprint digest is capable of characterizing the true identity of the device to be registered, and as such is information published to the public.
As explained in the embodiment shown in fig. 3, the first device fingerprint digest of the device to be registered may also be calculated from noise data contained in a sample image taken by the device to be registered. Further, the generation environment of the first device fingerprint digest is to ensure that the first device fingerprint digest is authentic, and the first device fingerprint digest may be obtained through a zero knowledge proof circuit, for example.
It will be appreciated that the device to be registered and the target device are named for devices of different phases. If the equipment to be registered and the target equipment are actually the same equipment in the equipment registration stage and the image proving stage, the first equipment fingerprint pick corresponding to the equipment to be registered and the first equipment fingerprint pick corresponding to the target equipment are the same. Further, in the device registration stage, if the zero knowledge proving circuit runs successfully, the first device fingerprint abstract corresponding to the device to be registered can be stored for use in the image proving stage.
In step S930, the sample image is segmented, and a private image corresponding to the sample image is determined.
Specifically, the method in the embodiment corresponding to fig. 3 may be referred to for dividing the sample image to obtain the private image corresponding to the sample image.
In order to ensure that the public input of the zero-knowledge proof circuit in the device registration stage (the first device fingerprint digest of the device to be registered) and the public input of the zero-knowledge proof circuit in the image proof stage (the first device fingerprint digest of the target device) are universal, i.e. can serve as the inputs of the two stages at the same time and do not cause operation errors of the circuit, the sample image and the image to be proved can be segmented in the same image segmentation mode.
In step S940, in the zero knowledge proof circuit, the steps of generating a second device fingerprint digest corresponding to the device to be registered based on the private image and comparing the first device fingerprint digest and the second device fingerprint digest are performed, so as to obtain a zero knowledge proof file corresponding to the device to be registered.
Specifically, the first private image and the first device fingerprint digest are input into a zero knowledge proof circuit. In the zero knowledge proof circuit, the device fingerprint corresponding to the device to be registered is regenerated according to the first private image and the denoised first private image, a second device fingerprint abstract corresponding to the device to be registered is further generated, the consistency of the first device fingerprint abstract and the second device fingerprint abstract is compared, and under the condition that the first device fingerprint abstract and the second device fingerprint abstract are consistent, the zero knowledge proof circuit runs successfully, and the zero knowledge proof file corresponding to the device to be registered is obtained.
According to the method and the device, the zero knowledge proof file corresponding to the device to be registered is generated through the private image (private information), the first device fingerprint abstract (public information) of the device to be registered and the zero knowledge proof circuit corresponding to the device to be registered. Within the zero knowledge proof file, it is determined whether a second device fingerprint digest consistent with the first device fingerprint digest can be generated by executing a series of steps from the private image to which the sample image corresponds. Similarly, the embodiment of the application is based on a zero knowledge proof strategy, and the proof pattern is adopted, so that the private information is not disclosed, and meanwhile, whether a certain device is a real device in a registration stage can be effectively and accurately verified, so that richer proof semantics are provided for a verifier or a third party independent auditor, the complexity and cost of the fake application of the device under the non-honest condition are increased, and the information safety of the image acquisition device is ensured.
Fig. 10 is a schematic flow chart of generating a fingerprint digest of a second device according to an exemplary embodiment of the present application. The embodiment shown in fig. 10 is extended from the embodiment shown in fig. 9, and differences between fig. 10 and fig. 9 are emphasized below, and the details of the differences are not repeated.
As shown in fig. 10, in the embodiment of the present application, generating a second device fingerprint digest corresponding to a device to be registered based on a first private image includes the following steps.
In step S1010, a denoised private image (denoised private image is also called a standard image) corresponding to the private image is obtained.
It can be understood that the private image can also be denoised outside the zero knowledge proof circuit to obtain the denoised private image. For example, the private image corresponding to the sample image may be denoised by a noise reducer, or may be denoised by a deep learning model or a denoising method such as a conventional wavelet transform.
In step S1020, noise data is determined based on the denoised private image and the private image in the zero knowledge proof circuit.
In one embodiment, for the denoised private image and private image, a subtraction operation is performed according to pixel-by-pixel values of the corresponding image channels, the operation result is taken as an absolute value, and the absolute value is determined as noise data.
In the embodiment of the application, the noise data is determined in the zero knowledge proof circuit, so that the reality and the credibility of the noise data are ensured. In addition, the noise data is determined based on the denoised private image corresponding to the private image outside the circuit and the private image in the zero knowledge proof circuit, the noise data is taken as a correlation point, and the relation between the private information (the denoised private image and the private image in the circuit) and the public information (the first device fingerprint abstract) is established, and based on the relation, the authenticity of the device to be registered is determined conveniently through consistency verification of the second device fingerprint abstract (generated based on the denoised private image and the private image in the circuit) and the first device fingerprint abstract.
With respect to step S1020, in another embodiment, the method may be implemented by the following step one and step two, and specifically, the content of the step one and the step two may be referred to as follows.
Step one, determining the consistency of the standard image and the private image.
Specifically, the standard image and the private image are divided into N pixel blocks (patches) of 128×128 size in a grid form, for example, n= (3024/128) × (4032/128) =24×32=768 when the sizes of the standard image and the private image are 3024×4032. For the case of no integer division, for example 3024/128= 23.625, 4032/128=31.5, two tiles at the far right and far bottom of the image may be selected to be overlapped, and thus all the tiles are rounded 3024/128=24, 4032/128=32. In the practical application process, the size of the small block 128×128 can be changed into other sizes according to the situation.
It will be appreciated that the standard image and the private image are the same size, and that the locations of the pixel blocks into which the standard image is divided are in one-to-one correspondence with the locations of the pixel blocks into which the private image is divided. For each pixel block k e {1..n } at the corresponding position, the consistency of the contents of the pixel block p (k) before denoising (obtained by dividing the private image) and the pixel block N (k) after denoising (obtained by dividing the standard image) is judged. The judgment logic is as follows.
if C1(p (k) ,n (k) )≥C1_thld
report p (k) and n (k) are correlated
else if C2(p (k) ,n (k) )≥C2_thld
report p (k) and n (k) are correlated
else:
report p (k) and n (k) are incorrelated
Wherein c1 (p) (k) ,n (k) )=Jacard(Threshold(Sobe:l(p (k) )),Threshold(Sobel(n (k) )))C2(p (k) ,n (k) )
=max{IoA(Threshold(Pool(p (k) )),Threshold(Pool(Sobel(n (k) )))),1
-IoAThreshold(Pool(p (k) )),Threshold(Pool(Sobel(n (k) ))))}
C1_thld and c2_thld are two pre-defined thresholds. In the above two equations, sobel is a unitized edge detection operation with a convolution kernel of 3×3, threshold is a mean-based binarization operation, pool is a mean pooling operation with stride=8 and size=16, and IoA (Intersection over area) is a ratio of overlapping calculated for each corresponding position pixel of the binarized patch X and the binarized patch Y.
Figure BDA0004100190490000121
Setting a third threshold value count_hold, and when the number of pixel blocks meeting the judgment condition is greater than or equal to the count_hold, considering that the content of the standard image and the content of the private image are consistent, or else, considering that the content of the standard image and the private image are inconsistent.
And step two, if the standard image is consistent with the private image, determining noise data based on the standard image and the private image.
Corresponding to the description in the foregoing step 1020, a subtraction operation may be performed according to the pixel-by-pixel value of the corresponding image channel, and the absolute value may be taken as the absolute value of the operation result, and the absolute value may be determined as noise data between the standard image and the private image.
Step S1030, generating a second device fingerprint digest based on the noise data.
In one embodiment, the maximum likelihood estimation is performed on the noise data to obtain a device fingerprint corresponding to the device to be registered. Specifically, the following formula may be used to make maximum likelihood estimation of noise data.
Figure BDA0004100190490000131
Wherein p is (k) Representing the pixel values of the kth pixel block.
The hash operation is performed on the device fingerprint corresponding to the device to be registered, so as to obtain a second device fingerprint digest.
In this embodiment, before determining the noise data of the standard image and the private image, the content consistency of the standard image and the private image is first verified, so as to ensure that the standard image and the private image are from the same sample image, and at the same time, whether the standard image and the private image are attacked or not can be verified, so that the security of the obtained noise data is further ensured.
For step S1030, in another embodiment, this may be achieved by the following steps one and two.
Step one, a device fingerprint of a device to be registered is determined based on noise data.
And step two, generating a second device fingerprint abstract based on the device fingerprint, the device identifier of the device to be registered and the registration time.
Illustratively, the device identification of the device to be registered is device ID (Identity Document). Illustratively, a hash function (e.g., SHA256, SHA3, etc.) is used to synthesize information such as a device fingerprint, a device ID of a device to be registered, a registration time, or a registration place, etc., and generate irreversible digest information, and the digest information is used as a second device fingerprint digest of the device to be registered. The comprehensive mode may be a nested multiple hash function, for example, a hash function is used to operate on the device fingerprint and the device ID to obtain a first hash value, an operation based on the hash function is performed on the first hash value and the registration time to obtain a second hash value, and the second hash value is used as a second device fingerprint abstract, where the second device fingerprint abstract is characterized by information simplification, identification information, and hidden private information.
In the embodiment of the application, the second device fingerprint abstract is generated based on the device fingerprint, the device identification information of the device to be registered, the registration time and the like, so that verification of the information of the device to be registered from multiple dimensions is facilitated, and the difficulty of information tampering and attack is improved.
Fig. 11 is a flowchart of a device registration method according to another exemplary embodiment of the present application. The embodiment shown in fig. 11 is extended from the embodiment shown in fig. 10, and differences between fig. 11 and fig. 10 are emphasized below, and the same points are not repeated.
As shown in fig. 11, in the embodiment of the present application, the device registration method further includes the following steps.
Step S1110, the device fingerprint and the first device fingerprint digest are stored in the device to be registered.
And step S1120, storing the first equipment fingerprint abstract and the zero knowledge proof file corresponding to the equipment to be registered into the blockchain and/or the authentication center.
Blockchains are a distributed storage, record hierarchy that contains multiple nodes that can communicate with each other and transact data. The distributed ledgers serially connected by the blockchain technology enable the two parties to record the transaction effectively and to check the transaction permanently. Because the blockchain technology has the characteristics of non-falsification, decentralization and the like, the application problem related to trust is often solved.
In the embodiment of the application, the fingerprint abstract of the first equipment and the zero knowledge proof file corresponding to the equipment to be registered are stored in the blockchain or the authentication center, so that the credibility of data is ensured, and the downstream service system is convenient to use. The device fingerprint and the first device fingerprint abstract are stored in the device to be registered, so that a third party can conveniently verify whether the specific device is a real device during registration.
Fig. 12 is a complete schematic diagram of a device registration process according to an exemplary embodiment of the present application. The device registration process is further described in connection with fig. 12. For ease of understanding, the order of execution of the steps is labeled on the basis of a, b, c, d, e, f, g, h, i, j in fig. 12, and further, the steps in the dashed box are steps performed in a zero-knowledge proof circuit, and the environment within the zero-knowledge proof circuit is trusted, ignoring the possibility of being attacked.
As shown in fig. 12, in the device registration process, the device to be registered shoots a plurality of sample images, performs spatial splitting on the sample images to obtain private images corresponding to the sample images, performs denoising on the private images to obtain standard images (the standard images are denoised private images), determines whether the content of the private images is consistent with that of the standard images, determines noise data by using the standard images and the private images under the condition that the content of the private images is consistent with that of the standard images, calculates to obtain device fingerprints according to the noise data, and further determines a second device fingerprint abstract according to the device fingerprints. And acquiring a first device fingerprint abstract input outside the zero-knowledge proof circuit corresponding to the device to be registered, comparing the consistency of the first device fingerprint abstract with the consistency of the second device fingerprint abstract in the zero-knowledge proof circuit, and under the condition that the first device fingerprint abstract and the second device fingerprint abstract are consistent with each other, executing successfully by the zero-knowledge proof circuit, so as to generate a zero-knowledge proof file corresponding to the device to be registered. And finally, storing the device fingerprint and the first device fingerprint abstract to the device to be registered, and storing the zero knowledge proof file corresponding to the first device fingerprint abstract and the device to be registered to the blockchain and/or the authentication center for subsequent verification of the specific device.
Fig. 13 is a flowchart of an image proving method according to an exemplary embodiment of the present application. As shown in fig. 13, in the embodiment of the present application, the image proving method includes the following steps.
Step S1310, a first public image corresponding to the image to be verified is obtained.
The first public image is a published image, and the acquisition mode of the first public image is related to the storage mode of the image proving stage. Illustratively, in the image attestation phase, the first public image is stored in the device, and in the image verification phase, the first public image is obtained from the device.
In addition, the image to be verified and the image to be verified are in two different image naming modes, and on the premise that the image to be verified is not tampered, the image to be verified corresponds to the image to be verified, namely, a first public image corresponding to the image to be verified is consistent with a first public image corresponding to the image to be verified.
Step S1320, based on the first public image, determining a first device fingerprint abstract corresponding to the target device.
Likewise, the manner of acquiring the first device fingerprint digest of the target device is related to the manner of storing the first device fingerprint digest of the image proof stage. Illustratively, in the image proving stage, the first device fingerprint abstract of the target device is stored in the first public image, and then the first device fingerprint abstract of the target device is acquired from the acquired first public image of the image to be verified.
Step S1330, a zero knowledge proof file corresponding to the image to be verified is obtained.
The zero knowledge proof file corresponding to the image to be verified records the comparison process of the first public image and the first equipment fingerprint abstract. As before, the acquisition mode of the zero-knowledge proof file corresponding to the image to be verified is related to the acquisition mode of the zero-knowledge proof file in the image verification stage. Illustratively, in the image proving stage, the generated zero-knowledge proof file is stored in the target device or the blockchain, and then the zero-knowledge proof file corresponding to the image to be verified is acquired from the target device or the blockchain.
Step S1340, based on the first public image and the first device fingerprint abstract, running a zero knowledge proof file corresponding to the image to be verified.
The purpose of step S1340 is to verify whether the image to be verified was taken by the target device. The first public image and the first equipment fingerprint abstract are public information. In the image verification stage, the first public image and the first equipment fingerprint abstract are input into a zero knowledge proof file corresponding to the image to be verified, and if the zero knowledge proof file runs successfully, the image to be verified corresponding to the first public image is indicated to originate from a target equipment corresponding to the first equipment fingerprint abstract.
Specifically, in the image verification stage, the zero-knowledge proof file corresponding to the image to be verified is identical to the execution step of the zero-knowledge proof circuit in the image verification stage. Other private inputs required to run the zero-knowledge proof file during the image verification phase are private inputs of the zero-knowledge proof circuit of the reserved image verification phase, and no re-input is required during the image verification phase.
With continued reference to the zero-knowledge proof circuit within the dashed box in fig. 8, in the image verification stage, the first public image of the image to be verified and the first device fingerprint digest are input into the zero-knowledge proof circuit shown by the dashed box in fig. 8 (zero-knowledge proof file in the embodiment of the present application), and step D, step E, step F, step G, step H, and step I are sequentially performed. It should be noted that, in the execution process of step D, step E, step F, step G, step H, and step I, the execution of the subsequent step is based on that the execution result of the previous step meets the preset condition. For example, for step E and step F, if the result of step E is inconsistent, the step F is further executed, and if the result of step E is inconsistent, the zero knowledge proof file fails to run, so as to indicate that the true source device of the image to be verified is not the target device. That is, in the case where the foregoing steps D, E, F, G, H, and I are all successfully performed in order, the party can verify that the true source device of the image to be verified is the target device.
In the embodiment of the application, the real source equipment of the image to be verified is verified by using the zero knowledge proof file, and the input first public image and the first equipment fingerprint abstract are subjected to different-dimension trusted verification in the zero knowledge proof file, so that the real credibility of the verification environment is improved, the counterfeiting attack of a third party is effectively prevented, and meanwhile, the counterfeiting cost and difficulty are improved to a certain extent.
Fig. 14 is a flowchart of an image proving method according to another exemplary embodiment of the present application. The embodiment shown in fig. 14 is extended from the embodiment shown in fig. 13, and differences between fig. 14 and fig. 13 are emphasized below, and the same points are not repeated.
As shown in fig. 14, in the embodiment of the present application, the image proving method further includes the following steps.
Step S1410, obtaining a zero knowledge proof file corresponding to the target device.
The zero knowledge proof file corresponding to the target device records a comparison process of the first device fingerprint abstract and the second device fingerprint abstract generated in the zero knowledge proof file corresponding to the target device. Similarly, the acquisition mode of the zero-knowledge proof file corresponding to the target device is related to the storage mode of the zero-knowledge proof file generated in the device registration stage. Illustratively, in the device registration phase, the zero knowledge proof file is stored to the blockchain, and in the image verification phase, the zero knowledge proof file corresponding to the target device may be obtained from the blockchain.
Step S1420, based on the first device fingerprint digest, running a zero knowledge proof file corresponding to the target device.
The purpose of step S1420 is to verify whether the target device is a genuine device (i.e., a device that is authenticated). In the embodiment shown in fig. 13, in the case that the zero-knowledge proof file corresponding to the image to be verified runs successfully, the zero-knowledge proof file related to the target device generated in the device registration stage may be further run by using the first device fingerprint digest.
Similarly, in the image verification stage, the execution step of the zero-knowledge proof file corresponding to the target device is the same as the execution step of the zero-knowledge proof circuit in the device registration stage. In the image verification stage, the private input (standard image and private image corresponding to the image to be verified) required for running the zero knowledge proof file corresponding to the target device is the private input of the zero knowledge proof circuit in the reserved device registration stage, and in the image verification stage, repeated input is not needed.
With continued reference to the zero knowledge proof circuit in the dashed box in fig. 12, in the image verification stage, the first device fingerprint digest corresponding to the target device is input to the zero knowledge proof circuit shown in the dashed box in fig. 12 (zero knowledge proof file corresponding to the target device), and steps d, e, f, g, and h are sequentially executed. It should be noted that, in the step d, the step e, the step f, the step g, and the step h, for the judgment type step, the execution basis of the latter step is that the execution result of the former step meets the preset condition. For example, for step d and step e, on the premise that the execution result of step d is consistent, then step e is executed; if the execution result of the step d is inconsistent, the zero knowledge proves that the circuit fails to operate, and the target device is not the true device in the registration stage. On the premise that the steps d, e, f, g and h are successfully executed in sequence, the target device can be verified to be the true device in the registration stage.
In the embodiment of the application, the authenticity of the target device is verified by using the zero knowledge proof file of the target device generated in the registration stage, and in the zero knowledge proof file, the correlation verification is performed on the input first device fingerprint abstract and the standard image and the private image reserved in the zero knowledge proof file, so that the authenticity and the credibility of the verification environment are ensured, and the verification efficiency of the target device is improved.
Exemplary apparatus
Method embodiments of the present application are described above in detail in connection with fig. 3-14, and apparatus embodiments of the present application are described below in detail in connection with fig. 15-17. It is to be understood that the description of the method embodiments corresponds to the description of the device embodiments, and that parts not described in detail can therefore be seen in the preceding method embodiments.
Fig. 15 is a schematic view showing the structure of an image proving apparatus according to an exemplary embodiment of the present application. As shown in fig. 15, an image proving apparatus 150 provided in an embodiment of the present application includes:
an obtaining module 1510, configured to obtain an image to be certified that is captured by a target device;
a segmentation module 1520, configured to segment the image to be proved, and determine a first public image corresponding to the image to be proved;
a determining module 1530, configured to determine a first device fingerprint digest corresponding to the target device, where the first device fingerprint digest characterizes a true identity of the target device;
And the execution module 1540 is configured to execute, in the zero-knowledge proof circuit, the steps of generating a second device fingerprint digest corresponding to the target device based on the image to be proven and the first public image, and comparing the first device fingerprint digest and the second device fingerprint digest to obtain the zero-knowledge proof file corresponding to the image to be proven.
In an embodiment of the present application, the execution module 1540 is further configured to obtain a first private image corresponding to the image to be authenticated; dividing an image to be proved in a zero knowledge proof circuit to obtain a second public image and a second private image corresponding to the image to be proved; and if the first public image is consistent with the second public image, generating a second device fingerprint abstract based on the second private image and the first private image.
In an embodiment of the present application, the execution module 1540 is further configured to obtain a standard image corresponding to the first private image; and if the content similarity of the standard image and the first public image meets the preset condition, generating a second equipment fingerprint abstract based on the standard image and the second private image.
In an embodiment of the present application, the execution module 1540 is further configured to obtain a device fingerprint corresponding to the target device; determining noise data based on the standard image and the second private image; if the noise data and the first device fingerprint have correlation, a second device fingerprint digest is generated based on the noise data.
In an embodiment of the present application, the execution module 1540 is further configured to store the blockchain address of the first device fingerprint digest and/or account information of the first device fingerprint digest at the authentication center to the first public image; and storing the zero knowledge proof file corresponding to the first public image and the image to be proved to the target equipment.
Fig. 16 is a schematic structural diagram of a device registration apparatus according to an exemplary embodiment of the present application. As shown in fig. 16, a device registration apparatus 160 provided in an embodiment of the present application includes:
a first obtaining module 1610, configured to obtain a sample image captured by a device to be registered;
the second obtaining module 1620 is configured to obtain a first device fingerprint abstract corresponding to the device to be registered, where the first device fingerprint abstract characterizes real identity information of the device to be registered;
a segmentation module 1630, configured to segment the sample image and determine a first private image corresponding to the sample image;
the execution module 1640 is configured to execute, in the zero knowledge proof circuit, the steps of generating a second device fingerprint digest corresponding to the device to be registered based on the first private image, and comparing the first device fingerprint digest and the second device fingerprint digest to obtain a zero knowledge proof file corresponding to the device to be registered.
In an embodiment of the present application, the execution module 1640 is further configured to obtain a standard image corresponding to the private image; determining noise data based on the standard image and the private image within the zero knowledge proof circuit; a second device fingerprint digest is generated based on the noise data.
In an embodiment of the present application, the execution module 1640 is further configured to determine the consistency of the standard image and the private image; if the standard image and the private image are consistent, noise data is determined based on the standard image and the private image.
In an embodiment of the present application, the execution module 1640 is further configured to determine a device fingerprint based on the noise data; and generating a second device fingerprint abstract based on the device fingerprint, the device identification information of the device to be registered and the registration time.
In an embodiment of the present application, the execution module 1640 is further configured to store the device fingerprint and the first device fingerprint digest to the device to be registered.
In an embodiment of the present application, the execution module 1640 is further configured to store the first device fingerprint digest and the zero knowledge proof document corresponding to the device to be registered in the blockchain and/or the authentication center
Fig. 17 is a schematic diagram illustrating the structure of an image verification apparatus according to an exemplary embodiment of the present application. As shown in fig. 17, an image verification apparatus 170 provided in an embodiment of the present application includes:
A first obtaining module 1710, configured to obtain a first public image corresponding to an image to be verified;
a determining module 1720, configured to determine a first device fingerprint digest corresponding to the target device based on the first public image;
the second obtaining module 1730 is configured to obtain a zero-knowledge proof file corresponding to the image to be verified, where the zero-knowledge proof file corresponding to the image to be verified records a comparison process of the first public image and the first device fingerprint abstract;
the operation module 1740 is configured to operate, based on the first public image and the first device fingerprint digest, a zero knowledge proof file corresponding to the image to be verified, so as to verify whether the image to be verified is obtained by shooting by the target device.
In an implementation routine of the present application, the operation module 1740 is further configured to obtain a zero knowledge proof file corresponding to the target device, where the zero knowledge proof file corresponding to the target device records a comparison process of the first device fingerprint abstract and the second device fingerprint abstract generated in the zero knowledge proof file corresponding to the target device; and running a zero knowledge proof file corresponding to the target device based on the first device fingerprint abstract so as to verify whether the target device is a real device.
Next, an electronic apparatus according to an embodiment of the present application is described with reference to fig. 18. Fig. 18 is a schematic structural diagram of an electronic device according to an exemplary embodiment of the present application.
As shown in fig. 18, the electronic device 180 includes one or more processors 1801 and memory 1802.
The processor 1801 may be a processing unit (CPU) or other form of processing unit having data processing capabilities and/or instruction execution capabilities, and may control other components in the electronic device 180 to perform desired functions.
The memory 1802 may include one or more computer program products that may include various forms of computer-readable storage media, such as volatile memory and/or non-volatile memory. The volatile memory may include, for example, random Access Memory (RAM) and/or cache memory (cache), and the like. The non-volatile memory may include, for example, read Only Memory (ROM), hard disk, flash memory, and the like. One or more computer program instructions may be stored on the computer readable storage medium that can be executed by the processor 1801 to implement the methods of the various embodiments of the present application and/or other desired functions as described above. Various contents such as an image to be certified, a first public image, a first device fingerprint digest, a zero knowledge proof file corresponding to the image to be certified, a zero knowledge proof file corresponding to the target device, and the like may also be stored in the computer-readable storage medium.
In one example, the electronic device 180 may further include: an input device 1803 and an output device 1804, which are interconnected by a bus system and/or other forms of connection mechanisms (not shown).
The input device 1803 may include, for example, a keyboard, a mouse, and the like.
The output device 1804 may output various information to the outside, including an image to be certified, a first public image, a first device fingerprint digest, a zero knowledge proof file corresponding to the image to be certified, a zero knowledge proof file corresponding to the target device, and the like. The output devices 1804 may include, for example, a display, speakers, a printer, and a communication network and remote output devices connected thereto, etc.
Of course, only some of the components of the electronic device 180 relevant to the present application are shown in fig. 18 for simplicity, components such as buses, input/output interfaces, and the like being omitted. In addition, the electronic device 180 may include any other suitable components depending on the particular application.
In addition to the methods and apparatus described above, embodiments of the present application may also be a computer program product comprising computer program instructions which, when executed by a processor, cause the processor to perform the steps in the methods according to the various embodiments of the present application described above in the present specification.
The computer program product may write program code for performing the operations of embodiments of the present application in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server.
Furthermore, embodiments of the present application may also be a computer-readable storage medium, having stored thereon computer program instructions, which when executed by a processor, cause the processor to perform the steps in the methods according to various embodiments of the present application described above in the present specification.
The computer readable storage medium may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium may include, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The basic principles of the present application have been described above in connection with specific embodiments, however, it should be noted that the advantages, benefits, effects, etc. mentioned in the present application are merely examples and not limiting, and these advantages, benefits, effects, etc. are not to be considered as necessarily possessed by the various embodiments of the present application. Furthermore, the specific details disclosed herein are for purposes of illustration and understanding only, and are not intended to be limiting, as the application is not intended to be limited to the details disclosed herein as such.
The block diagrams of the devices, apparatuses, devices, systems referred to in this application are only illustrative examples and are not intended to require or imply that the connections, arrangements, configurations must be made in the manner shown in the block diagrams. As will be appreciated by one of skill in the art, the devices, apparatuses, devices, systems may be connected, arranged, configured in any manner. Words such as "including," "comprising," "having," and the like are words of openness and mean "including but not limited to," and are used interchangeably therewith. The terms "or" and "as used herein refer to and are used interchangeably with the term" and/or "unless the context clearly indicates otherwise. The term "such as" as used herein refers to, and is used interchangeably with, the phrase "such as, but not limited to.
It is also noted that in the apparatus, devices and methods of the present application, the components or steps may be disassembled and/or assembled. Such decomposition and/or recombination should be considered as equivalent to the present application.
The previous description of the disclosed aspects is provided to enable any person skilled in the art to make or use the present application. Various modifications to these aspects will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other aspects without departing from the scope of the application. Thus, the present application is not intended to be limited to the aspects shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
The foregoing description has been presented for purposes of illustration and description. Furthermore, this description is not intended to limit the embodiments of the application to the form disclosed herein. Although a number of example aspects and embodiments have been discussed above, a person of ordinary skill in the art will recognize certain variations, modifications, alterations, additions, and subcombinations thereof.

Claims (17)

1. An image proving method, comprising:
acquiring an image to be proved shot by target equipment;
dividing the image to be proved, and determining a first public image corresponding to the image to be proved;
Determining a first device fingerprint abstract corresponding to the target device, wherein the first device fingerprint abstract characterizes the real identity of the target device;
and in the zero knowledge proof circuit, executing the steps of generating a second device fingerprint abstract corresponding to the target device based on the image to be proved and the first public image, and comparing the first device fingerprint abstract and the second device fingerprint abstract to obtain a zero knowledge proof file corresponding to the image to be proved.
2. The method of claim 1, the generating a second device fingerprint digest corresponding to the target device based on the image to be certified and the first public image, comprising:
acquiring a first private image corresponding to the image to be proved;
dividing the image to be proved to obtain a second public image and a second private image corresponding to the image to be proved;
and if the first public image and the second public image are consistent, generating the second equipment fingerprint abstract based on the first private image and the second private image.
3. The method of claim 2, the generating the second device fingerprint digest based on the first private image and the second private image, comprising:
Acquiring a denoised first private image corresponding to the first private image;
and if the content similarity of the denoised first private image and the first public image meets a preset similarity condition, generating the second equipment fingerprint abstract based on the denoised first private image and the second private image.
4. The method of claim 3, the generating the second device fingerprint digest based on the denoised first private image and the second private image, comprising:
acquiring a device fingerprint corresponding to the target device;
determining noise data based on the denoised first private image and the second private image;
and if the noise data and the device fingerprint have correlation, generating the second device fingerprint abstract based on the noise data.
5. The method of any one of claims 1 to 4, further comprising:
storing the blockchain address of the first equipment fingerprint abstract and/or account information of the first equipment fingerprint abstract in an authentication center to the first public image;
and storing the zero knowledge proof file corresponding to the first public image and the image to be proved to the target equipment.
6. A device registration method, comprising:
acquiring a sample image shot by equipment to be registered;
acquiring a first equipment fingerprint abstract corresponding to the equipment to be registered, wherein the first equipment fingerprint abstract characterizes the real identity of the equipment to be registered;
dividing the sample image and determining a private image corresponding to the sample image;
and in the zero knowledge proof circuit, executing the steps of generating a second device fingerprint abstract corresponding to the device to be registered based on the private image and comparing the first device fingerprint abstract with the second device fingerprint abstract to obtain the zero knowledge proof file corresponding to the device to be registered.
7. The method of claim 6, the generating, based on the private image, a second device fingerprint digest corresponding to the device to be registered, comprising:
acquiring a denoised private image corresponding to the private image;
determining noise data based on the denoised private image and the private image;
and generating the second device fingerprint abstract based on the noise data.
8. The method of claim 7, the determining noise data based on the denoised private image and the private image, comprising:
Determining whether the image content of the denoised private image is consistent with the image content of the private image;
and if the image content of the denoised private image is consistent with that of the private image, determining the noise data based on the denoised private image and the private image.
9. The method of claim 7, the generating the second device fingerprint digest based on the noise data, comprising:
determining a device fingerprint of the device to be registered based on the noise data;
and generating the second device fingerprint abstract based on the device fingerprint, the device identifier of the device to be registered and the registration time.
10. The method of any of claims 6 to 9, further comprising:
and storing the first equipment fingerprint abstract and the zero knowledge proof file corresponding to the equipment to be registered into a blockchain and/or an authentication center.
11. An image verification method, comprising:
acquiring a first public image corresponding to an image to be verified;
determining a first device fingerprint abstract corresponding to the target device based on the first public image;
acquiring a zero knowledge proof file corresponding to the image to be verified, wherein the zero knowledge proof file corresponding to the image to be verified records a comparison process of the first public image and the first equipment fingerprint abstract;
And running a zero knowledge proof file corresponding to the image to be verified based on the first public image and the first equipment fingerprint abstract so as to verify whether the image to be verified is shot by the target equipment.
12. The method of claim 11, further comprising:
acquiring a zero knowledge proof file corresponding to the target equipment, wherein the zero knowledge proof file corresponding to the target equipment records a comparison process of the first equipment fingerprint abstract and a second equipment fingerprint abstract corresponding to the target equipment, and the second equipment fingerprint abstract is generated in the zero knowledge proof file corresponding to the target equipment;
and running a zero knowledge proof file corresponding to the target device based on the first device fingerprint abstract so as to verify whether the target device is authenticated or not.
13. An image proving apparatus comprising:
the acquisition module is used for acquiring an image to be proved shot by the target equipment;
the segmentation module is used for segmenting the image to be proved and determining a first public image corresponding to the image to be proved;
the determining module is used for determining a first equipment fingerprint abstract corresponding to the target equipment, wherein the first equipment fingerprint abstract characterizes the real identity of the target equipment;
And the execution module is used for executing the steps of generating a second device fingerprint abstract corresponding to the target device based on the image to be proved and the first public image and comparing the first device fingerprint abstract with the second device fingerprint abstract in the zero knowledge proof circuit to obtain a zero knowledge proof file corresponding to the image to be proved.
14. A device registration apparatus, comprising:
the first acquisition module is used for acquiring a sample image shot by equipment to be registered;
the second acquisition module is used for acquiring a first equipment fingerprint abstract corresponding to the equipment to be registered, and the first equipment fingerprint abstract characterizes the real identity of the equipment to be registered;
the segmentation module is used for segmenting the sample image and determining a first private image corresponding to the sample image;
and the execution module is used for executing the steps of generating a second device fingerprint abstract corresponding to the device to be registered based on the first private image and comparing the first device fingerprint abstract with the second device fingerprint abstract in the zero knowledge proof circuit to obtain the zero knowledge proof file corresponding to the device to be registered.
15. An image verification apparatus comprising:
The first acquisition module is used for acquiring a first public image corresponding to the image to be verified;
the determining module is used for determining a first device fingerprint abstract corresponding to the target device based on the first public image;
the second acquisition module is used for acquiring a zero knowledge proof file corresponding to the image to be verified, wherein the zero knowledge proof file corresponding to the image to be verified records a comparison process of the first public image and the first equipment fingerprint abstract;
and the operation module is used for operating the zero knowledge proof file corresponding to the image to be verified based on the first public image and the first equipment fingerprint abstract so as to verify whether the image to be verified is shot by the target equipment.
16. A computer readable storage medium storing a computer program for performing the method of any one of the preceding claims 1 to 12.
17. An electronic device, comprising:
a processor;
a memory for storing the processor-executable instructions;
the processor being configured to perform the method of any of the preceding claims 1 to 12.
CN202310173638.4A 2023-02-27 2023-02-27 Image proving method, device registering method and image verifying method Pending CN116028919A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310173638.4A CN116028919A (en) 2023-02-27 2023-02-27 Image proving method, device registering method and image verifying method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310173638.4A CN116028919A (en) 2023-02-27 2023-02-27 Image proving method, device registering method and image verifying method

Publications (1)

Publication Number Publication Date
CN116028919A true CN116028919A (en) 2023-04-28

Family

ID=86081345

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310173638.4A Pending CN116028919A (en) 2023-02-27 2023-02-27 Image proving method, device registering method and image verifying method

Country Status (1)

Country Link
CN (1) CN116028919A (en)

Similar Documents

Publication Publication Date Title
JP6859508B2 (en) Methods and equipment for verifying certificates and identities
CN107729847B (en) Certificate verification and identity verification method and device
US10958438B2 (en) Method, apparatus, and electronic device for blockchain-based recordkeeping
Liu et al. A passive image authentication scheme for detecting region-duplication forgery with rotation
Kraetzer et al. Modeling attacks on photo-ID documents and applying media forensics for the detection of facial morphing
CN111143883B (en) Digital content evidence obtaining method, device and equipment based on block chain
CN107832679B (en) Certificate verification and identity verification method and device
CN110674800B (en) Face living body detection method and device, electronic equipment and storage medium
CN110046649B (en) Multimedia information monitoring method, device and system based on block chain
KR101925463B1 (en) Method of record and validation of image hash value and apparatus using the same
CN111343179B (en) Real-time consensus method and device for authenticity of data on link
CN113642639B (en) Living body detection method, living body detection device, living body detection equipment and storage medium
CN111079816A (en) Image auditing method and device and server
CN112003888B (en) Blockchain-based certificate management method, device, equipment and readable medium
Zou et al. Blockchain-based photo forensics with permissible transformations
JP4130440B2 (en) Robust signature for signal authentication
US20220294635A1 (en) Method for proving original of data, and apparatus therefor
Chen et al. Detecting anti-forensic attacks on demosaicing-based camera model identification
US20210099772A1 (en) System and method for verification of video integrity based on blockchain
CN112989308A (en) Account authentication method, device, equipment and medium
US20220027342A1 (en) Methods for providing and checking data provenance
CN110992219A (en) Intellectual property protection method and system based on block chain technology
CN116028919A (en) Image proving method, device registering method and image verifying method
CN115908868A (en) Method and device for authenticating and generating digital collection
CN113656842A (en) Data verification method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination