CN117058719A - Secure fingerprint identification method, system, equipment and storage medium - Google Patents
Secure fingerprint identification method, system, equipment and storage medium Download PDFInfo
- Publication number
- CN117058719A CN117058719A CN202310819314.3A CN202310819314A CN117058719A CN 117058719 A CN117058719 A CN 117058719A CN 202310819314 A CN202310819314 A CN 202310819314A CN 117058719 A CN117058719 A CN 117058719A
- Authority
- CN
- China
- Prior art keywords
- user
- fingerprint
- database
- ciphertext
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000004891 communication Methods 0.000 claims description 4
- 238000005516 engineering process Methods 0.000 description 17
- 241000282414 Homo sapiens Species 0.000 description 12
- 238000004590 computer program Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000007723 transport mechanism Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/10—Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
- G06V40/12—Fingerprints or palmprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/10—Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
- G06V40/12—Fingerprints or palmprints
- G06V40/1347—Preprocessing; Feature extraction
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Multimedia (AREA)
- Human Computer Interaction (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Collating Specific Patterns (AREA)
Abstract
The application discloses a safe fingerprint identification method, a system, equipment and a storage medium, which comprise the steps of carrying out key matching according to an encryption index user unique identifier to obtain a user public key corresponding to an encryption index user private key, decrypting encryption index user fingerprint data ciphertext according to the encryption index user public key to obtain user fingerprint data plaintext, carrying out key matching according to an encryption index to generate a corresponding symmetric key, decrypting fingerprint feature ciphertext of an encryption index database according to the encryption index symmetric key to obtain fingerprint feature plaintext of the encryption index database, comparing the encryption index user fingerprint data plaintext with the fingerprint feature plaintext of the encryption index database to obtain a fingerprint identification result, and decrypting data only when the fingerprint feature data is compared, so that the risk of information leakage in the use process of fingerprint identification is reduced, and the safety of private data is improved.
Description
Technical Field
The present application relates to the field of fingerprint identification technologies, and in particular, to a method, a system, an apparatus, and a storage medium for secure fingerprint identification.
Background
With the vigorous development of information security technology and the rapid update of security concepts, the application of human body biological recognition technology in the fields of information security and identity authentication is in the process of growing, and the human body biological recognition technology is more and more highly valued by governments around the world. In the international passing technical standards of information security level, human body biometric authentication has been determined as an identity authentication technology adopted by a high-level information security system. It is generally considered that the human body biological feature recognition is gradually replacing the traditional identity authentication technology, and the representative fingerprint recognition technology as the tip of the human body biological recognition technology plays an increasingly unique role with high accuracy and high unique reliability.
The fingerprint is taken as individual characteristics of human beings, belongs to individual privacy data, is closely related to personal rights and interests, and can cause great loss to the information security of the individuals if the fingerprint information is revealed, so that how to prevent information disclosure in the use process of fingerprint identification and protect the individual fingerprint privacy information is a technical problem to be solved in identity authentication.
Disclosure of Invention
The present application aims to at least solve the technical problems existing in the prior art. Therefore, the application provides a safe fingerprint identification method, a system, equipment and a storage medium, which can prevent information leakage in the fingerprint identification use process and improve the security of private data.
The first aspect of the present application provides a secure fingerprint identification method for comparing servers, comprising the steps of:
receiving a user unique identifier and a user fingerprint data ciphertext from an authentication server, wherein the user unique identifier is generated when the authentication server receives terminal registration information, and the user fingerprint data ciphertext is obtained by encrypting user fingerprint data by a pre-stored user private key;
performing key matching according to the unique user identifier to obtain a user public key corresponding to the user private key;
decrypting the user fingerprint data ciphertext according to the user public key to obtain user fingerprint data plaintext;
receiving an encryption index and a fingerprint characteristic ciphertext of the database from the database according to the unique user identifier;
performing key matching according to the encryption index to generate a corresponding symmetric key;
decrypting the fingerprint characteristic ciphertext of the database according to the symmetric key to obtain a fingerprint characteristic plaintext of the database;
and comparing the user fingerprint data plaintext with the fingerprint feature plaintext of the database to obtain a fingerprint identification result.
The control method according to the embodiment of the application has at least the following beneficial effects:
according to the method, key matching is carried out according to the unique identification of the encryption index user, a user public key corresponding to the private key of the encryption index user is obtained, the fingerprint data ciphertext of the encryption index user is decrypted according to the encryption index user public key, a user fingerprint data plaintext is obtained, key matching is carried out according to the encryption index, a corresponding symmetric key is generated, the fingerprint feature ciphertext of the encryption index database is decrypted according to the encryption index symmetric key, the fingerprint feature plaintext of the encryption index database is obtained, the fingerprint identification result is obtained by comparing the fingerprint data plaintext of the encryption index user with the fingerprint feature plaintext of the encryption index database, and the risk of information leakage in the fingerprint identification using process is reduced by only decrypting the data when the fingerprint feature data is compared, so that the security of the private data is improved.
According to some embodiments of the application, after comparing the user fingerprint data plaintext with the fingerprint feature plaintext of the database to obtain a fingerprint identification result, the method further includes:
and sending the fingerprint identification result to the authentication server so that the authentication server sends the fingerprint identification result to the terminal according to the unique user identifier.
According to some embodiments of the application, before receiving the fingerprint signature ciphertext of the database from the database according to the user unique identification, the method comprises:
receiving the unique user identifier and a user registration fingerprint data ciphertext from the authentication server, wherein the user registration fingerprint data ciphertext is obtained by encrypting user registration fingerprint data by a pre-stored user private key;
performing key matching according to the unique user identifier to obtain a user public key corresponding to the user private key;
decrypting the user registration fingerprint data ciphertext according to the user public key to obtain a user registration fingerprint data plaintext, and extracting user fingerprint characteristic data from the user registration fingerprint data plaintext;
performing characteristic data symmetric encryption on the user fingerprint characteristic data through a KMS according to the encryption index to obtain fingerprint characteristic ciphertext of a database;
and sending the encryption index, the user unique identifier and the fingerprint characteristic ciphertext of the database to the database so that the database stores the encryption index, the user unique identifier and the fingerprint characteristic ciphertext of the database.
According to some embodiments of the application, the terminal obtains the user fingerprint data ciphertext by:
receiving a user private key sent by the comparison server;
collecting a user fingerprint image, and extracting the user fingerprint data from the user fingerprint image;
and encrypting the user fingerprint data by adopting the user private key to obtain the user fingerprint data ciphertext.
According to some embodiments of the application, the database obtains the fingerprint feature ciphertext and the encryption index of the database by:
receiving the unique user identification sent by the authentication server;
and carrying out data matching according to the unique user identifier to obtain the fingerprint characteristic ciphertext and the encryption index of the database.
According to some embodiments of the application, the performing key matching according to the encryption index to obtain a corresponding symmetric key includes:
and performing key matching according to the encryption index, and generating a corresponding symmetric key through the KMS.
According to some embodiments of the application, before the performing the key matching according to the unique user identifier to obtain the public user key corresponding to the private user key, the method further includes:
and generating the user private key and a user public key corresponding to the user private key through an asymmetric encryption algorithm.
In a second aspect of the present application, there is provided a secure fingerprint identification system for comparing servers, the secure fingerprint identification system comprising:
the data acquisition module is used for receiving a user unique identifier and a user fingerprint data ciphertext from an authentication server, wherein the user unique identifier is generated when the authentication server receives terminal registration information, and the user fingerprint data ciphertext is obtained by encrypting user fingerprint data by a pre-stored user private key;
the key matching module is used for carrying out key matching according to the unique user identifier to obtain a user public key corresponding to the user private key;
the user data decryption module is used for decrypting the user fingerprint data ciphertext according to the user public key to obtain user fingerprint data plaintext;
the encryption index and ciphertext acquisition module is used for receiving the encryption index and fingerprint characteristic ciphertext of the database from the database according to the unique user identifier;
the symmetric key matching module is used for carrying out key matching according to the encryption index to generate a corresponding symmetric key;
the database ciphertext decrypting module is used for decrypting the fingerprint characteristic ciphertext of the database according to the symmetric key to obtain the fingerprint characteristic plaintext of the database;
and the fingerprint identification module is used for comparing the user fingerprint data plaintext with the fingerprint feature plaintext of the database to obtain a fingerprint identification result.
According to the system, key matching is carried out according to the unique identification of the encryption index user, a user public key corresponding to the private key of the encryption index user is obtained, the fingerprint data ciphertext of the encryption index user is decrypted according to the public key of the encryption index user, a user fingerprint data plaintext is obtained, key matching is carried out according to the encryption index, a corresponding symmetric key is generated, the fingerprint feature ciphertext of the encryption index database is decrypted according to the symmetric key of the encryption index, the fingerprint feature plaintext of the encryption index database is obtained, the fingerprint identification result is obtained by comparing the fingerprint data plaintext of the encryption index user with the fingerprint feature plaintext of the encryption index database, and the risk of information leakage in the fingerprint identification using process is reduced by only decrypting the data when the fingerprint feature data is compared, so that the security of the private data is improved.
In a third aspect of the application, a secure fingerprint identification electronic device is provided comprising at least one control processor and a memory for communication connection with the at least one control processor; the memory stores instructions executable by the at least one control processor to enable the at least one control processor to perform the secure fingerprinting method described above.
In a fourth aspect of the present application, there is provided a computer-readable storage medium storing computer-executable instructions for causing a computer to perform the above-described secure fingerprint identification method.
It should be noted that the advantages of the second to fourth aspects of the present application and the prior art are the same as those of the above-described security fingerprint identification system and the prior art, and will not be described in detail here.
Additional aspects and advantages of the application will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the application.
Drawings
The foregoing and/or additional aspects and advantages of the application will become apparent and may be better understood from the following description of embodiments taken in conjunction with the accompanying drawings in which:
FIG. 1 is a flow chart of a security fingerprint identification method according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a security fingerprint recognition system according to an embodiment of the present application.
Detailed Description
Embodiments of the present application are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are illustrative only and are not to be construed as limiting the application.
In the description of the present application, the description of first, second, etc. is for the purpose of distinguishing between technical features only and should not be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated or implicitly indicating the precedence of the technical features indicated.
In the description of the present application, it should be understood that the direction or positional relationship indicated with respect to the description of the orientation, such as up, down, etc., is based on the direction or positional relationship shown in the drawings, is merely for convenience of describing the present application and simplifying the description, and does not indicate or imply that the apparatus or element referred to must have a specific orientation, be constructed and operated in a specific orientation, and thus should not be construed as limiting the present application.
In the description of the present application, unless explicitly defined otherwise, terms such as arrangement, installation, connection, etc. should be construed broadly and the specific meaning of the terms in the present application can be determined reasonably by a person skilled in the art in combination with the specific content of the technical solution.
With the vigorous development of information security technology and the rapid update of security concepts, the application of human body biological recognition technology in the fields of information security and identity authentication is in the process of growing, and the human body biological recognition technology is more and more highly valued by governments around the world. In the international passing technical standards of information security level, human body biometric authentication has been determined as an identity authentication technology adopted by a high-level information security system. It is generally considered that the human body biological feature recognition is gradually replacing the traditional identity authentication technology, and the representative fingerprint recognition technology as the tip of the human body biological recognition technology plays an increasingly unique role with high accuracy and high unique reliability.
The fingerprint is taken as individual characteristics of human beings, belongs to individual privacy data, is closely related to personal rights and interests, and can cause great loss to the information security of the individuals if the fingerprint information is revealed, so that how to prevent information disclosure in the use process of fingerprint identification and protect the individual fingerprint privacy information is a technical problem to be solved in identity authentication.
In order to solve the above technical drawbacks, referring to fig. 1, the present application provides a secure fingerprint identification method for comparing servers, including:
step S101, receiving a user unique identifier and a user fingerprint data ciphertext from an authentication server, wherein the user unique identifier is generated when the authentication server receives terminal registration information, and the user fingerprint data ciphertext is obtained by encrypting user fingerprint data by a pre-stored user private key;
step S102, carrying out key matching according to the unique user identifier to obtain a user public key corresponding to the user private key;
step S103, decrypting the ciphertext of the user fingerprint data according to the public key of the user to obtain the plaintext of the user fingerprint data;
step S104, receiving the encryption index and the fingerprint characteristic ciphertext of the database from the database according to the unique user identifier;
step 105, performing key matching according to the encryption index to generate a corresponding symmetric key;
s106, decrypting the fingerprint feature ciphertext of the database according to the symmetric key to obtain a fingerprint feature plaintext of the database;
and S107, comparing the user fingerprint data plaintext with the fingerprint feature plaintext of the database to obtain a fingerprint identification result.
According to the method, key matching is carried out according to the unique identification of the encryption index user, a user public key corresponding to the private key of the encryption index user is obtained, the fingerprint data ciphertext of the encryption index user is decrypted according to the encryption index user public key, a user fingerprint data plaintext is obtained, key matching is carried out according to the encryption index, a corresponding symmetric key is generated, the fingerprint feature ciphertext of the encryption index database is decrypted according to the encryption index symmetric key, the fingerprint feature plaintext of the encryption index database is obtained, the fingerprint identification result is obtained by comparing the fingerprint data plaintext of the encryption index user with the fingerprint feature plaintext of the encryption index database, and the risk of information leakage in the fingerprint identification using process is reduced by only decrypting the data when the fingerprint feature data is compared, so that the security of the private data is improved.
In some embodiments, after comparing the user fingerprint data plaintext with the fingerprint feature plaintext of the database to obtain the fingerprint identification result, the method further includes:
and sending the fingerprint identification result to the authentication server so that the authentication server sends the fingerprint identification result to the terminal according to the unique user identification.
In some embodiments, prior to receiving the fingerprint signature ciphertext of the database from the database based on the user unique identification, the method comprises:
receiving a user unique identifier and a user registration fingerprint data ciphertext from an authentication server, wherein the user registration fingerprint data ciphertext is obtained by encrypting user registration fingerprint data by a pre-stored user private key;
performing key matching according to the unique user identifier to obtain a user public key corresponding to the user private key;
decrypting the user registration fingerprint data ciphertext according to the user public key to obtain the user registration fingerprint data plaintext, and extracting user fingerprint characteristic data from the user registration fingerprint data plaintext;
performing characteristic data symmetric encryption on the user fingerprint characteristic data through the KMS according to the encryption index to obtain fingerprint characteristic ciphertext of the database;
and sending the encryption index, the unique user identifier and the fingerprint characteristic ciphertext of the database to the database so that the database stores the encryption index, the unique user identifier and the fingerprint characteristic ciphertext of the database.
In some embodiments, the terminal obtains the user fingerprint data ciphertext by:
receiving a user private key sent by a comparison server;
collecting a user fingerprint image, and extracting user fingerprint data from the user fingerprint image;
and encrypting the user fingerprint data by adopting the user private key to obtain a user fingerprint data ciphertext.
In some embodiments, the database obtains the fingerprint feature ciphertext and the encryption index of the database by:
receiving a user unique identifier sent by an authentication server;
and carrying out data matching according to the unique user identifier to obtain the fingerprint characteristic ciphertext and the encryption index of the database.
In some embodiments, performing key matching according to the encryption index to obtain a corresponding symmetric key includes:
and performing key matching according to the encryption index, and generating a corresponding symmetric key through the KMS.
In some embodiments, before performing key matching according to the unique user identifier to obtain the public user key corresponding to the private user key, the method further includes:
and generating a user private key and a user public key corresponding to the user private key through an asymmetric encryption algorithm.
In addition, referring to fig. 2, an embodiment of the present application provides a secure fingerprint identification system for comparing servers, which includes a data acquisition module 1100, a key matching module 1200, a user data decryption module 1300, an encryption index and ciphertext acquisition module 1400, a symmetric key matching module 1500, a database ciphertext decryption module 1600, and a fingerprint identification module 1700, wherein:
the data acquisition module 1100 is configured to receive a user unique identifier and a user fingerprint data ciphertext from an authentication server, where the user unique identifier is generated when the authentication server receives terminal registration information, and the user fingerprint data ciphertext is obtained by encrypting user fingerprint data with a pre-stored user private key;
the key matching module 1200 is configured to perform key matching according to the unique identifier of the user, so as to obtain a public key of the user corresponding to the private key of the user;
the user data decryption module 1300 is configured to decrypt the ciphertext of the user fingerprint data according to the user public key to obtain the plaintext of the user fingerprint data;
the encryption index and ciphertext obtaining module 1400 is configured to receive the encryption index and the fingerprint feature ciphertext of the database from the database according to the unique user identifier;
the symmetric key matching module 1500 is configured to perform key matching according to the encryption index, and generate a corresponding symmetric key;
the database ciphertext decrypting module 1600 is configured to decrypt the fingerprint feature ciphertext of the database according to the symmetric key to obtain a fingerprint feature plaintext of the database;
the fingerprint identification module 1700 is used for comparing the user fingerprint data plaintext with the fingerprint feature plaintext of the database to obtain a fingerprint identification result.
According to the system, key matching is carried out according to the unique identification of the encryption index user, a user public key corresponding to the private key of the encryption index user is obtained, the fingerprint data ciphertext of the encryption index user is decrypted according to the public key of the encryption index user, a user fingerprint data plaintext is obtained, key matching is carried out according to the encryption index, a corresponding symmetric key is generated, the fingerprint feature ciphertext of the encryption index database is decrypted according to the symmetric key of the encryption index, the fingerprint feature plaintext of the encryption index database is obtained, the fingerprint identification result is obtained by comparing the fingerprint data plaintext of the encryption index user with the fingerprint feature plaintext of the encryption index database, and the risk of information leakage in the fingerprint identification using process is reduced by only decrypting the data when the fingerprint feature data is compared, so that the security of the private data is improved.
It should be noted that, the system embodiment and the above-mentioned system embodiment are based on the same inventive concept, so that the relevant content of the above-mentioned method embodiment is also applicable to the system embodiment, and is not repeated here.
The application also provides a secure fingerprint identification electronic device, comprising: memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing when executing the computer program: such as the secure fingerprint identification method described above.
The processor and the memory may be connected by a bus or other means.
The memory, as a non-transitory computer readable storage medium, may be used to store non-transitory software programs as well as non-transitory computer executable programs. In addition, the memory may include high-speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory remotely located relative to the processor, the remote memory being connectable to the processor through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The non-transitory software program and instructions required to implement the secure fingerprint identification method of the above-described embodiment are stored in the memory, and when executed by the processor, the secure fingerprint identification method in the above-described embodiment is performed, for example, the method steps S101 to S107 in fig. 1 described above are performed.
The present application also provides a computer-readable storage medium storing computer-executable instructions for performing: such as the secure fingerprint identification method described above.
The computer-readable storage medium stores computer-executable instructions that are executed by a processor or controller, for example, by a processor in the above-described electronic device embodiment, which may cause the processor to perform the secure fingerprint identification method in the above-described embodiment, for example, to perform the method steps S101 to S107 in fig. 1 described above.
Those of ordinary skill in the art will appreciate that all or some of the steps, systems, and methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program elements or other data, as known to those skilled in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computer. Furthermore, as is well known to those of ordinary skill in the art, communication media typically embodies computer readable instructions, data structures, program elements or other data in a modulated data signal such as a carrier wave or other transport mechanism and may include any information delivery media.
The embodiments of the present application have been described in detail with reference to the accompanying drawings, but the present application is not limited to the above embodiments, and various changes can be made within the knowledge of one of ordinary skill in the art without departing from the spirit of the present application.
Claims (10)
1. A secure fingerprint identification method for a comparison server, the secure fingerprint identification method comprising:
receiving a user unique identifier and a user fingerprint data ciphertext from an authentication server, wherein the user unique identifier is generated when the authentication server receives terminal registration information, and the user fingerprint data ciphertext is obtained by encrypting user fingerprint data by a pre-stored user private key;
performing key matching according to the unique user identifier to obtain a user public key corresponding to the user private key;
decrypting the user fingerprint data ciphertext according to the user public key to obtain user fingerprint data plaintext;
receiving an encryption index and a fingerprint characteristic ciphertext of the database from the database according to the unique user identifier;
performing key matching according to the encryption index to generate a corresponding symmetric key;
decrypting the fingerprint characteristic ciphertext of the database according to the symmetric key to obtain a fingerprint characteristic plaintext of the database;
and comparing the user fingerprint data plaintext with the fingerprint feature plaintext of the database to obtain a fingerprint identification result.
2. The method according to claim 1, wherein after comparing the user fingerprint data plaintext with the fingerprint feature plaintext of the database to obtain a fingerprint identification result, further comprising:
and sending the fingerprint identification result to the authentication server so that the authentication server sends the fingerprint identification result to the terminal according to the unique user identifier.
3. A method of secure fingerprinting as defined in claim 1, comprising, prior to receiving a database of fingerprint signature ciphertexts from a database based on the user unique identification:
receiving the unique user identifier and a user registration fingerprint data ciphertext from the authentication server, wherein the user registration fingerprint data ciphertext is obtained by encrypting user registration fingerprint data by a pre-stored user private key;
performing key matching according to the unique user identifier to obtain a user public key corresponding to the user private key;
decrypting the user registration fingerprint data ciphertext according to the user public key to obtain a user registration fingerprint data plaintext, and extracting user fingerprint characteristic data from the user registration fingerprint data plaintext;
performing characteristic data symmetric encryption on the user fingerprint characteristic data through a KMS according to the encryption index to obtain fingerprint characteristic ciphertext of a database;
and sending the encryption index, the user unique identifier and the fingerprint characteristic ciphertext of the database to the database so that the database stores the encryption index, the user unique identifier and the fingerprint characteristic ciphertext of the database.
4. The method for identifying the secure fingerprint according to claim 1, wherein the terminal obtains the user fingerprint data ciphertext by:
receiving a user private key sent by the comparison server;
collecting a user fingerprint image, and extracting the user fingerprint data from the user fingerprint image;
and encrypting the user fingerprint data by adopting the user private key to obtain the user fingerprint data ciphertext.
5. The method for identifying the secure fingerprint according to claim 1, wherein the database obtains the fingerprint feature ciphertext and the encryption index of the database by:
receiving the unique user identification sent by the authentication server;
and carrying out data matching according to the unique user identifier to obtain the fingerprint characteristic ciphertext and the encryption index of the database.
6. The method for secure fingerprint identification according to claim 1, wherein said performing key matching according to the encryption index to obtain a corresponding symmetric key comprises:
and performing key matching according to the encryption index, and generating a corresponding symmetric key through the KMS.
7. The method for secure fingerprint identification according to claim 1, further comprising, before said performing key matching according to said user unique identifier to obtain a user public key corresponding to said user private key:
and generating the user private key and a user public key corresponding to the user private key through an asymmetric encryption algorithm.
8. A secure fingerprint identification system for use with an alignment server, the secure fingerprint identification system comprising:
the data acquisition module is used for receiving a user unique identifier and a user fingerprint data ciphertext from an authentication server, wherein the user unique identifier is generated when the authentication server receives terminal registration information, and the user fingerprint data ciphertext is obtained by encrypting user fingerprint data by a pre-stored user private key;
the key matching module is used for carrying out key matching according to the unique user identifier to obtain a user public key corresponding to the user private key;
the user data decryption module is used for decrypting the user fingerprint data ciphertext according to the user public key to obtain user fingerprint data plaintext;
the encryption index and ciphertext acquisition module is used for receiving the encryption index and fingerprint characteristic ciphertext of the database from the database according to the unique user identifier;
the symmetric key matching module is used for carrying out key matching according to the encryption index to generate a corresponding symmetric key;
the database ciphertext decrypting module is used for decrypting the fingerprint characteristic ciphertext of the database according to the symmetric key to obtain the fingerprint characteristic plaintext of the database;
and the fingerprint identification module is used for comparing the user fingerprint data plaintext with the fingerprint feature plaintext of the database to obtain a fingerprint identification result.
9. A secure fingerprint identification device comprising at least one control processor and a memory for communication connection with said at least one control processor; the memory stores instructions executable by the at least one control processor to enable the at least one control processor to perform a secure fingerprinting method as claimed in any one of claims 1 to 7.
10. A computer-readable storage medium, characterized by: the computer-readable storage medium stores computer-executable instructions for causing a computer to perform a secure fingerprint identification method according to any one of claims 1 to 7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310819314.3A CN117058719A (en) | 2023-07-05 | 2023-07-05 | Secure fingerprint identification method, system, equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310819314.3A CN117058719A (en) | 2023-07-05 | 2023-07-05 | Secure fingerprint identification method, system, equipment and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN117058719A true CN117058719A (en) | 2023-11-14 |
Family
ID=88654287
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310819314.3A Pending CN117058719A (en) | 2023-07-05 | 2023-07-05 | Secure fingerprint identification method, system, equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117058719A (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105207776A (en) * | 2014-06-18 | 2015-12-30 | 中标软件有限公司 | Fingerprint authentication method and system |
CN110392029A (en) * | 2018-04-20 | 2019-10-29 | 武汉真元生物数据有限公司 | Identity identifying method and system based on biological identification |
CN113378136A (en) * | 2021-06-08 | 2021-09-10 | 罗克佳华(重庆)科技有限公司 | Fingerprint identification method and device, password key and storage medium |
-
2023
- 2023-07-05 CN CN202310819314.3A patent/CN117058719A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105207776A (en) * | 2014-06-18 | 2015-12-30 | 中标软件有限公司 | Fingerprint authentication method and system |
CN110392029A (en) * | 2018-04-20 | 2019-10-29 | 武汉真元生物数据有限公司 | Identity identifying method and system based on biological identification |
CN113378136A (en) * | 2021-06-08 | 2021-09-10 | 罗克佳华(重庆)科技有限公司 | Fingerprint identification method and device, password key and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20220312208A1 (en) | Access method and system of internet of things equipment based on 5g, and storage medium | |
CN108173871B (en) | Wireless network access authentication system and method based on radio frequency fingerprint and biological fingerprint | |
US20090158033A1 (en) | Method and apparatus for performing secure communication using one time password | |
WO2017012175A1 (en) | Identity authentication method, identity authentication system, terminal and server | |
CN101958892A (en) | Electronic data protection method, device and system based on face recognition | |
CN109145628B (en) | Data acquisition method and system based on trusted execution environment | |
CN105099690A (en) | OTP and user behavior-based certification and authorization method in mobile cloud computing environment | |
CN107733636B (en) | Authentication method and authentication system | |
CN106789024B (en) | A kind of remote de-locking method, device and system | |
CN103067390A (en) | User registration authentication method and system based on facial features | |
CN112565265B (en) | Authentication method, authentication system and communication method between terminal devices of Internet of things | |
CN113114668A (en) | Information transmission method, mobile terminal, storage medium and electronic equipment | |
US9954853B2 (en) | Network security | |
CN104767616A (en) | Message processing method, system and related device | |
US20150328119A1 (en) | Method of treating hair | |
Griffin | Telebiometric authentication objects | |
CN106792669A (en) | Information of mobile terminal encryption method and device based on Hybrid Encryption algorithm | |
CN114996727A (en) | Biological feature privacy encryption method and system based on palm print and palm vein recognition | |
CN108989331B (en) | Use authentication method of data storage device, device and storage medium thereof | |
CN116709325B (en) | Mobile equipment security authentication method based on high-speed encryption algorithm | |
CN117692185A (en) | Electronic seal using method and device, electronic equipment and storage medium | |
CN110807210B (en) | Information processing method, platform, system and computer storage medium | |
KR101745482B1 (en) | Communication method and apparatus in smart-home system | |
JP2004013560A (en) | Authentication system, communication terminal, and server | |
KR100422198B1 (en) | Public Key Infrastructure using biometrics and digital watermark |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |