CN1403941A - Safety confirming method combining cipher and biological recognition technology - Google Patents
Safety confirming method combining cipher and biological recognition technology Download PDFInfo
- Publication number
- CN1403941A CN1403941A CN 01123669 CN01123669A CN1403941A CN 1403941 A CN1403941 A CN 1403941A CN 01123669 CN01123669 CN 01123669 CN 01123669 A CN01123669 A CN 01123669A CN 1403941 A CN1403941 A CN 1403941A
- Authority
- CN
- China
- Prior art keywords
- user
- cipher
- password
- biological
- card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention provides one kind of safety confirming method combining cryptography and biological recognition technology. Body's biometric features, which are unique and unchanged, are used in asymmetrical comparison and this can eliminate the demerits, such as difficulty in preserving cipher, etc. of using pure cipher technology in safe confirmation.
Description
Technical field
The present invention relates to the method that a kind of combining cipher and biological identification technology are applied to safety certification.
Background technology
Existing cryptographic technique comprises computing method, cryptanalysis, identification, the Electronic Signature of encryption (Encryption) and deciphering (Decryption), the management of cryptographic private key etc.; it mainly is in order to solve information transmission, exchange, storage; and for realizing the core technology of information confidentiality, confidentiality, integrality, transaction security; but, utilize it to protect password key lock that two big obviously problems are arranged with tediously long private key password:
(1) is difficult to memory or preservation;
(2) be easy to be cracked in every way by hacker (Hacker);
In addition, the access to your password mode of private key of general cryptographic technique is divided into following three kinds:
(1) private key password (Private key or Secret key): be a kind of method of symmetric encryption and decryption, employed encryption and decryption sign indicating number key is identical, its shortcoming is an easy crack password, dangerous, and more famous private key cipher system comprises DES (Data Encryption Standard), IDEA (InternationalData Encryption Algorithm) etc.
(2) public key cryptography (Public key): be a kind of encipher-decipher method of asymmetry, employed encryption and decryption key is fully inequality, therefore, be difficult for the password that is cracked, and more famous public-key cryptosystem comprises RSA (Revest, Shamir and Adlemn).
(3) combined type password (Combing private and public key): be a kind of method in conjunction with private key and public key cryptography, it also is the general technology that generally adopts, in practical application, use public and private password encryption to produce password at random, transmit data with the private key password encryption again, its method is than practicality and safety.
And for example shown in Figure 1, the mode of general password information exchange, be plaintext M is changed to ciphertext C via encryption method EK and to transmit by the sender, be plaintext M with DK deciphering key with ciphertext C deciphering by the recipient more at last, for obtaining data, therefore, by recognizing from aforesaid way, no matter be private key password or public-key cryptosystem (Mechanism), all relate to user security and preserve its password steadily, and prevent problem by others obtains;
Summary of the invention
Yet traditional pin mode can take place stolen, can not satisfy the needs of security mechanism.Be difficult to problems such as memory or latent close storage at its tediously long private key of the cryptographic technique that is widely used in the information exchanging safety, how a kind of method with uniqueness and high security is provided, be inventor's technical matters to be solved.
In view of this, the inventor makes the present invention be produced itself to be engaged in relevant industries many years of experience and constantly thinking research eventually.
A kind of combining cipher and biological identification technology are applied to the method for safety certification, it is characterized in that: tool is the uniqueness of applying biological feature identification and the mechanism of selecting for use automated biological feature authentication to combine with password, password to the user is maintained secrecy, the user is exchanged with extraneous information safely, and wherein these method concrete steps comprise:
With user's password and biological characteristic storage and uniform at KDC (cipher authentication center), KDC (cipher authentication center) then will be encrypted by the user cipher that this machine transmitted and the user biometric data of user side, after the deciphering, password and biological characteristic data by the original storage of user are compared, behind the user identity to be confirmed, user's private key is taken out, and be returned to this machine of user with the user cipher encryption key again, this this machine of user is decrypted with user cipher, to obtain the private key for user password, the puzzlement that can avoid the user to preserve password voluntarily is one to have the method that tight security is confirmed personal identification.
Wherein, this this machine of user is fiscard, credit card, stored value card, magnetic stripe card, IC-card, smart card, full magnetic card, optical card, CD, DVD, two-dimensional bar code card, portability magnetic Storage Media, portability electronic memory Storage Media or the portability mobile device that possesses the ability of storing data.
Wherein, the wafer of this private key for user password storage in this machine of user, and carry out encryption and decryption processing, related operation, contrast, the checking of biological characteristic data and user cipher by arithmetical unit in this machine of user or processor.
Wherein, wafer in this this machine of user is contained reduced instruction set computing microprocessor (RISC CPU), complicated order set operation microprocessor (CISC CPU), digital signals processor (DSP), on-the-spot programmable logic array (FPGA), complicated programmable logic element (CPLD), specific integrated circuit (ASIC), microprocessor (Microprocessor), or microcontroller (Microcontroller) possesses the wafer that arithmetic capability is arranged, and the kenel of its wafer also can be single integration wafer kenel, or the integrated wafer kenel of a plurality of complex functions, or the wafer kenel of a plurality of simple functions.
Wherein, this biological characteristic data can be the pattern that fingerprint (Fingerprint), vocal print (Voiceprint), looks (Face), retina (Retina), pupil (IRIS), palmmprint (Palm print), palm type (Palm shape) or signature (Signature) can be represented human biological characteristic, and its standard can be the standard that international biological characteristic TIA (International Biometric Industry Association:IBIA) is formulated.
For making the present invention show its progressive and practicality more, now its advantage is listed below:
L, can eliminate the defective that the single utilization cryptographic technique is engaged in safety certification.
2, can remove the privacy exposure problem that the single creature feature is engaged in authentication.
3, has the advantage that high safety is confirmed identity.
4, its uniqueness, unique feature can guarantee that the user is engaged in the safety guarantee of business transaction, economic activity or other purposes.
5, adopt password and biological identification combination, can avoid suffering lawless person's the danger of stealing and forging.
6, can avoid the user to preserve the puzzlement of password voluntarily.
7, can be widely used in the field of multiple authentication.
8, has value on business circles and the industrial community.
Understand feature of the present invention and advantage for convenient, and the effect of reaching, now conjunction with figs. of the present invention is described in detail as follows:
Description of drawings
Fig. 1 is the flow process of general password information exchanged form;
Fig. 2 is the system architecture calcspar that automated biological feature authentication of the present invention combines with password;
Fig. 3 is the flow process of automated biological feature authentication of the present invention.
Embodiment
The present invention is applied to the method for safety certification about a kind of combining cipher and biological identification technology, it is the uniqueness of applying biological feature identification, human body has with living, speciality such as all one's life is constant, to carry out the asymmetry contrast of a kind of dynamic biological feature (Biometric Feature) data, simultaneously, for guarantee user cipher in KDC (cipher authentication center) security and guarantee that KDC (cipher authentication center) is not is not intercepted and captured and cracks by the people again when the user sends password, therefore in total system, utilize the uniqueness of biological characteristic, and the mechanism of selecting for use the authentication of automated biological feature to combine with password, user's password is maintained secrecy being used for, make the user safely with the mutual exchange message in the external world; Its mainly be with user's password and biological characteristic storage and uniform at KDC (cipher authentication center), the user selects the authentication of automated biological feature for use and obtains from KDC when accessing to your password, so just avoided the trouble of user oneself preservation password; Now enumerate a preferred embodiment, the private key password that it utilized is example with DES, and it is as follows that public key cryptography with RSA is that example describes:
As shown in Figure 2, the user at first produces user cipher K11 with DES algorithm (private key algorithm) on this machine, then can be by biological sensing equipment in order to collect user biological feature templates 2 data or to import address name (user number) data by input media, and with its user cipher K1 and user biometric data, the PKI EK that address name (user number) is reinstated KDC (cipher authentication center) encrypts, and be sent to KDC (cipher authentication center) 3 by the networking, KDC (cipher authentication center) then can utilize its private key DK that these information are decrypted, then, KDC (cipher authentication center) also can compare by the password of the original storage of user and user key K1 and the user biological feature 4 after biological characteristic data and the deciphering, with identifying user identity 5, if authentication error, then this KDC (cipher authentication center) can refuse to provide user's the middle private key password K26 of RSA (PKI algorithm), otherwise, checking is correct, promptly private key password K2 among user's the RSA (PKI algorithm) can be taken out 7, and be returned to this machine of user 8 with user cipher K1 encryption K2 again, and this machine of user promptly is decrypted with user cipher K1, to obtain private key password K29 among the user RSA (PKI algorithm), this method is used for the user and is engaged in Internet and trade financing transaction, promptly obtain the private key for user password by KDC (cipher authentication center), and can avoid the user to preserve the puzzlement of password voluntarily, and eliminate and utilize cryptographic technique to be engaged in the defective of safety certification, and be one to have the method for the affirmation personal identification of tight security, reach the effect that can be widely used in multiple field of identity authentication;
Wherein this this machine of user can be fiscard, credit card, stored value card, magnetic stripe card, IC-card, smart card, full magnetic card, optical card, CD, DVD, the two-dimensional bar code card, portability magnetic Storage Media, portability electronic memory Storage Media or possess the portability mobile device of the ability of storing data, and private key for user password K2 of the present invention also can be stored in the wafer (as: RAM in this machine of user, FLASH, EEPROM etc.), and handle by the encryption and decryption that this internal arithmetic (al) of user device or processor carry out biological characteristic data and user cipher, related operation, contrast, security mechanisms such as checking, and need not pass through KDC (cipher authentication center) storage user's private key password K2, and avoided KDC (cipher authentication center) when the user sends password by the generation of puzzlement incidents such as intercepting and capturing and crack, be the convenient again mechanism of using of a safety, and then guarantee that the user is engaged in business transaction, economic activity or multiduty security;
Wafer in above-mentioned this machine of user is contained RISC CPU (reduced instruction set computing microprocessor), CISCCPU (complicated order set operation microprocessor), DSP (digital signals processor), FPGA (on-the-spot programmable logic array), CPLD (complicated programmable logic element), ASIC (specific integrated circuit), Microprocessor (microprocessor), Microcontroller (microcontroller) or other possess the wafer of arithmetic capability etc., and the kenel of its wafer also can be single integration wafer kenel, or the integrated wafer kenel of a plurality of complex functions, or the wafer kenel of a plurality of simple functions.
As shown in Figure 3, wherein the process of this automated biological feature authentication is to exist template biological characteristic in the biological attribute data storehouse at KDC (cipher authentication center) to extract 11 it according to user's information such as name to come out, and then the input 10 of user's biometric templates compared 12 with this template biological characteristic, to determine that whether this two width of cloth biological characteristic is for same width of cloth biological characteristic;
Described biological characteristic (Biometric Feature) can be fingerprint (Fingerprint), vocal print (Voiceprint), looks (Face), retina (Retina), pupil (IRIS), palmmprint (Palm print), palm type (Palm shape), signatures (Signature) etc. or other can be represented the pattern of human biological characteristic, its standard can be the standard that international biological characteristic TIA (International Biometric IndustryAssociation:IBIA) is formulated, and it can be source book (Raw data), or treated data, or the data (Signed data) crossed of stamped signature, or the data of encrypting (Encrypted) is via the eigenwert that is extracted after the algorithm (Feature).
A kind of combining cipher of the present invention and biological identification technology are applied to the method for safety certification, it is the uniqueness of applying biological feature identification (Biometric feature), human body has with living, speciality such as all one's life is constant, carry out the asymmetry contrast of a kind of dynamic biological feature (Biometric Feature) data, except utilizing cryptographic technique, elimination is engaged in the defective of safety certification, improved the puzzlement of human bored keeping private key (Privatekey) simultaneously, and fact proved that combining with biological characteristic identification and cryptographic technique (Cryptographytechnology) can remove single privacy of being engaged in authentication with biological characteristic and expose problem, and can be widely used in the safety technique that information exchanges, therefore, can be business transaction, the authentication safety problem that networking ecommerce etc. is involved is brought very high commercial practical value.
In sum, the present invention has really met the application condition of patent of invention, now files an application in accordance with the law, earnestly asks early and authorizes, and will be deeply grateful.
Claims (5)
1, a kind of combining cipher and biological identification technology are applied to the method for safety certification, it is characterized in that: it is the uniqueness of applying biological feature identification and the mechanism of selecting for use automated biological feature authentication to combine with password, password to the user is maintained secrecy, the user is exchanged with extraneous information safely, and wherein these method concrete steps comprise:
With user's password and biological characteristic storage and uniform at KDC (cipher authentication center), after KDC (cipher authentication center) then will be encrypted, be deciphered by the user cipher that this machine transmitted and the user biometric data of user side, password and biological characteristic data by the original storage of user are compared, behind the user identity to be confirmed, user's private key is taken out, and be returned to this machine of user with the user cipher encryption key again, this this machine of user is decrypted with user cipher, obtains the private key for user password.
2, combining cipher according to claim 1 and biological identification technology are applied to the method for safety certification, it is characterized in that: this this machine of user is fiscard, credit card, stored value card, magnetic stripe card, IC-card, smart card, full magnetic card, optical card, CD, DVD, two-dimensional bar code card, portability magnetic Storage Media, portability electronic memory Storage Media or the portability mobile device that possesses the ability of storing data.
3, combining cipher according to claim 1 and biological identification technology are applied to the method for safety certification, it is characterized in that: the wafer of this private key for user password storage in this machine of user, and carry out encryption and decryption processing, related operation, contrast, the checking of biological characteristic data and user cipher by arithmetical unit in this machine of user or processor.
4, combining cipher according to claim 1 and biological identification technology are applied to the method for safety certification, it is characterized in that: the wafer in this this machine of user is contained reduced instruction set computing microprocessor (RISCCPU), complicated order set operation microprocessor (CISC CPU), digital signals processor (DSP), on-the-spot programmable logic array (FPGA), complicated programmable logic element (CPLD), specific integrated circuit (ASIC), microprocessor (Microprocessor), or microcontroller (Microcontroller) possesses the wafer that arithmetic capability is arranged, and the kenel of its wafer is single integration wafer kenel, or the integrated wafer kenel of a plurality of complex functions, or the wafer kenel of a plurality of simple functions.
5, combining cipher according to claim 1 and biological identification technology are applied to the method for safety certification, it is characterized in that: this biological characteristic data is the pattern that fingerprint (Fingerprint), vocal print (Voiceprint), looks (Face), retina (Retina), pupil (IRIS), palmmprint (Palm print), palm type (Palmshape) or signature (Signature) can be represented human biological characteristic, and its standard is the standard that international biological characteristic TIA (International Biometric Industry Association:IBIA) is formulated.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 01123669 CN1403941A (en) | 2001-09-03 | 2001-09-03 | Safety confirming method combining cipher and biological recognition technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 01123669 CN1403941A (en) | 2001-09-03 | 2001-09-03 | Safety confirming method combining cipher and biological recognition technology |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1403941A true CN1403941A (en) | 2003-03-19 |
Family
ID=4665211
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 01123669 Pending CN1403941A (en) | 2001-09-03 | 2001-09-03 | Safety confirming method combining cipher and biological recognition technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1403941A (en) |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1322703C (en) * | 2005-05-16 | 2007-06-20 | 刘小鹏 | Self-determined authentication card with multiplayer ciphers, system, method and authentication telephone set |
| CN100338596C (en) * | 2003-07-30 | 2007-09-19 | 富士通株式会社 | Authentication method, authentication device, and computer-readable storage medium |
| WO2008022585A1 (en) * | 2006-08-18 | 2008-02-28 | Huawei Technologies Co., Ltd. | A certification method, system, and device |
| CN1913547B (en) * | 2006-08-28 | 2010-05-12 | 华为技术有限公司 | Card distributing user terminer, paying center, and method and system for protecting repaid card data |
| CN101345625B (en) * | 2008-08-15 | 2010-08-25 | 西安电子科技大学 | Remote authentication method based on biological characteristic |
| CN101227278B (en) * | 2007-01-18 | 2010-10-27 | 中国科学院自动化研究所 | Method and system of remote network identification authenticating based on multiple biology characteristics |
| CN101393665B (en) * | 2007-09-17 | 2010-12-08 | 联想(北京)有限公司 | Credit card unlocking method and device |
| CN1972189B (en) * | 2005-11-24 | 2011-05-11 | 株式会社日立制作所 | Biometrics authentication system |
| WO2011066690A1 (en) * | 2009-12-04 | 2011-06-09 | Sheng Yongxiang | Electronic security device for validation adopting biometrics information and using method thereof |
| CN1918526B (en) * | 2004-04-30 | 2012-03-14 | 富士通半导体股份有限公司 | Information management device and information management method |
| CN103220265A (en) * | 2012-01-19 | 2013-07-24 | 西门子公司 | Industrial automation system and method for safeguarding the system |
| CN103345703A (en) * | 2013-06-17 | 2013-10-09 | 上海方付通商务服务有限公司 | Banking transaction authentication method and system based on image authentication |
| CN103795542A (en) * | 2014-01-24 | 2014-05-14 | 中国工商银行股份有限公司 | Digital signature authentication method and device |
| CN105183192A (en) * | 2015-09-08 | 2015-12-23 | 周兴剑 | Electronic identity pen based on intelligent touch screen interactive type input screen and electronic signing method |
| CN106415597A (en) * | 2014-03-27 | 2017-02-15 | F·吉斯特斯 | Security method |
| CN108446909A (en) * | 2018-04-02 | 2018-08-24 | 福州安佳智电子科技有限公司 | A kind of electronic signature method based on biological characteristic electronic business card |
| CN109978535A (en) * | 2017-12-28 | 2019-07-05 | 李耀庭 | A kind of private key processing method of stored value card |
| CN112800477A (en) * | 2021-04-02 | 2021-05-14 | 西安慧博文定信息技术有限公司 | Data encryption and decryption system and method based on biological characteristic value |
-
2001
- 2001-09-03 CN CN 01123669 patent/CN1403941A/en active Pending
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100338596C (en) * | 2003-07-30 | 2007-09-19 | 富士通株式会社 | Authentication method, authentication device, and computer-readable storage medium |
| CN1918526B (en) * | 2004-04-30 | 2012-03-14 | 富士通半导体股份有限公司 | Information management device and information management method |
| CN1322703C (en) * | 2005-05-16 | 2007-06-20 | 刘小鹏 | Self-determined authentication card with multiplayer ciphers, system, method and authentication telephone set |
| CN1972189B (en) * | 2005-11-24 | 2011-05-11 | 株式会社日立制作所 | Biometrics authentication system |
| WO2008022585A1 (en) * | 2006-08-18 | 2008-02-28 | Huawei Technologies Co., Ltd. | A certification method, system, and device |
| CN1913547B (en) * | 2006-08-28 | 2010-05-12 | 华为技术有限公司 | Card distributing user terminer, paying center, and method and system for protecting repaid card data |
| CN101227278B (en) * | 2007-01-18 | 2010-10-27 | 中国科学院自动化研究所 | Method and system of remote network identification authenticating based on multiple biology characteristics |
| CN101393665B (en) * | 2007-09-17 | 2010-12-08 | 联想(北京)有限公司 | Credit card unlocking method and device |
| CN101345625B (en) * | 2008-08-15 | 2010-08-25 | 西安电子科技大学 | Remote authentication method based on biological characteristic |
| CN102640166B (en) * | 2009-12-04 | 2014-06-11 | 深圳市永盛世纪科技有限公司 | Electronic security device for validation adopting biometrics information and using method thereof |
| WO2011066690A1 (en) * | 2009-12-04 | 2011-06-09 | Sheng Yongxiang | Electronic security device for validation adopting biometrics information and using method thereof |
| CN103220265A (en) * | 2012-01-19 | 2013-07-24 | 西门子公司 | Industrial automation system and method for safeguarding the system |
| CN103220265B (en) * | 2012-01-19 | 2018-03-30 | 西门子公司 | Industrial automation system and the method protected to it |
| CN103345703A (en) * | 2013-06-17 | 2013-10-09 | 上海方付通商务服务有限公司 | Banking transaction authentication method and system based on image authentication |
| CN103795542A (en) * | 2014-01-24 | 2014-05-14 | 中国工商银行股份有限公司 | Digital signature authentication method and device |
| CN106415597A (en) * | 2014-03-27 | 2017-02-15 | F·吉斯特斯 | Security method |
| CN106415597B (en) * | 2014-03-27 | 2020-07-31 | F·吉斯特斯 | Security method |
| CN105183192A (en) * | 2015-09-08 | 2015-12-23 | 周兴剑 | Electronic identity pen based on intelligent touch screen interactive type input screen and electronic signing method |
| CN109978535A (en) * | 2017-12-28 | 2019-07-05 | 李耀庭 | A kind of private key processing method of stored value card |
| CN108446909A (en) * | 2018-04-02 | 2018-08-24 | 福州安佳智电子科技有限公司 | A kind of electronic signature method based on biological characteristic electronic business card |
| CN112800477A (en) * | 2021-04-02 | 2021-05-14 | 西安慧博文定信息技术有限公司 | Data encryption and decryption system and method based on biological characteristic value |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN201181472Y (en) | Hardware key device and movable memory system | |
| CN1403941A (en) | Safety confirming method combining cipher and biological recognition technology | |
| Campisi | Security and privacy in biometrics: towards a holistic approach | |
| CN111466097B (en) | Server-assisted privacy preserving biometric comparison | |
| Barman et al. | Fingerprint-based crypto-biometric system for network security | |
| US20030101349A1 (en) | Method of using cryptography with biometric verification on security authentication | |
| CN107925581A (en) | 1:N organism authentications, encryption, signature system | |
| CN1825341A (en) | Biometric authentication apparatus, terminal device and automatic transaction machine | |
| CN115336223A (en) | Optimized private biometric matching | |
| Rajeswari et al. | Multi-fingerprint unimodel-based biometric authentication supporting cloud computing | |
| CN1193538C (en) | Electronic cipher formation and checking method | |
| CN2609069Y (en) | Fingerprint digital autograph device | |
| CN113420049B (en) | Data circulation method, device, electronic equipment and storage medium | |
| CN102752112B (en) | Based on authority control method and the device of SM1/SM2 algorithm | |
| El Shafai et al. | Optical Ciphering Scheme for Cancellable Speaker Identification System. | |
| Gandhi et al. | Study on security of online voting system using biometrics and steganography | |
| CN112380404B (en) | Data filtering method, device and system | |
| KR100406009B1 (en) | Method for protecting forgery and alteration of smart card using angular multiplexing hologram and system thereof | |
| Barman et al. | Approach to cryptographic key generation from fingerprint biometrics | |
| TWI220502B (en) | Method of using cryptography with biometric verification on security authentication | |
| Sarkar et al. | RSA key generation from cancelable fingerprint biometrics | |
| CN106682531A (en) | Method for confidential data encryption based on biological information authorization | |
| Barman et al. | An approach to cryptographic key exchange using fingerprint | |
| Joshi | Session passwords using grids and colors for web applications and PDA | |
| CN113468596A (en) | Multi-element identity authentication method and system for power grid data outsourcing calculation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |