JP2001251295A - Personal identification method and system, server and terminal - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a personal identification method and device with high security and convenience for reducing the risk of any illicit identification due to the robbery of registered identification data as much as possible regardlessly of the unnecessity of any encipherment operation, key keeping and management work. SOLUTION: A featured value obtained from physical characteristic information is quantized and converted into a quantized characteristic code, and unidirectional function value data generated by applying unidirectional functions to the quantized characteristic code string are stored as registered identification data. When physical characteristic information is newly inputted, the collation of identification confirmation data (unidirectional function value data) obtained by integrating quantized characteristic codes generated by adding perturbation to the quantized characteristic codes as necessary into unidirectional function values with the registered identification data is repeated only by the prescribed number of times while the parameter of the perturbation is changed, and when any unidirectional function value data matched with the registered identification data are found, it is judged that the data belong to the person himself who registered.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a personal authentication method based on physical characteristics, an apparatus thereof, a server and a terminal.

[0002]

2. Description of the Related Art In the information-oriented society, it is necessary to ensure security, and personal identification technology is becoming important for identity verification. Although there is an authentication method using a password as a means of personal authentication, there is a disadvantage that a password can be impersonated by another person by plagiarism, or that the person may forget the password.

In order to prevent this, there is a method of using physical characteristics (biometrics) such as fingerprints and handwriting, which are characteristics unique to the user, for authentication. In this method, the physical characteristic information of the individual is registered in advance as registered authentication data, and at the time of authentication, the physical characteristic information of the individual to be collated is acquired, and the physical characteristic information (authentication confirmation data) is obtained. Then, by checking the registered authentication data, authentication of the identity of the user is confirmed.

Here, when the original information of the physical characteristics of an individual is used as it is as the registered authentication data, it is difficult to prevent the registered authentication data from being misused when it is stolen. Becomes

Therefore, in order to deal with data theft,
The original information of the person or the physical characteristics extracted from the original information,
A method of encrypting and registering the data as the registration authentication data is adopted.

[0006]

However, even if the physical characteristic information is encrypted and registered, it can be decrypted if the key is stolen together with the encrypted registered authentication data. Therefore, key storage and management tasks require a great deal of time, such as safe storage of the key so that it is not leaked or lost, and the need to periodically change the key to ensure security. There is a problem.

[0007] The present invention has been made in view of such a problem, and despite the fact that encryption operation and key storage / management work are unnecessary, unauthorized authentication by theft of registered authentication data is not required. It is an object of the present invention to provide a personal authentication method capable of minimizing danger, that is, a personal authentication method having high security and convenience, and an apparatus, a server, and a terminal thereof.

[0008]

In order to solve the above-mentioned problems, the present invention relates to a personal authentication method for authenticating an individual using physical features, the method comprising the steps of: To generate a quantized feature code sequence, generate a one-way function value data from the quantized feature code sequence by using a one-way function, and prepare the one-way function value data and the identity check in advance. The registered one-way function value data is compared with the registered one-way function value data, and if the one-way function value data and the registered authentication data match, it is determined that the user is the principal corresponding to the one-way function value data. If the registered authentication data does not match, a perturbation is made to one of the physical feature quantity and the quantized feature code sequence to generate new one-way function value data, and the generated one-way function value is calculated. Function value data and the above It repeats collating with the registered authentication data, and if the one-way function value data and the registered authentication data match by the collation, it is determined that the user is the principal corresponding to the registered authentication data. When the perturbation and the collation are repeated and the number of collations reaches a predetermined number, it is determined that the user is not the person corresponding to the registered authentication data.

Here, quantization means that a feature space is divided and a quantization value is assigned to each section to map a feature value to a quantization value, and perturbation is an object. This means that the value of a feature amount or a feature code is changed.

The one-way function referred to in the present invention is:
It is a function that it is difficult to specify the input other than brute force based on the output of the function. Examples include literature
Bruce Schneier, “Applied Cryptography, Second E
dition ”, John Wiley & Sons, Inc., 1996, MD
5, a one-way hash function described in SHA-1 or a combination of those functions a plurality of times.

The physical characteristics include fingerprints and voices, and handwriting is one of the physical characteristics (for example, An
il Jain et al., “Biometrics- Personal Identification
inNetworked Society − ”, Kluwer Academic Publish
ers, 1999).

Since the one-way function value data obtained by applying the one-way function to the feature amount converted to the quantized feature code is stored as registered authentication data, even if the registered authentication data is stolen, It is extremely difficult to generate physical characteristic information that matches registered authentication data. Therefore, the security is high, and the trouble of storing and managing the key is not required, and the security and the convenience are improved.

[0013] However, the biometric information fluctuates every time, even for the person himself / herself. In the one-way hash function, the proximity of the input and the proximity of the output are irrelevant, so it is impossible to determine the similarity between the input information and the registered information, and the identity is determined only by the perfect match. Can not. Therefore, a mechanism that allows some tolerance is indispensable.

According to the present invention, a system having a high authentication rate and high security can be constructed by incorporating a quantization mechanism for the feature quantity and a perturbation mechanism for the feature quantity or the quantized feature code. The reason will be described.

First, consider the case where there is only a quantization mechanism. If the quantization width is widened, the false rejection rate (the rate of being authenticated but not authenticated) decreases and the false acceptance rate increases.
Further, if the width is reduced, there is a trade-off relationship that the false rejection rate increases and the false acceptance rate (the rate of being authenticated even as another person) decreases. Therefore, by setting the width to an appropriate width, a desired false rejection rate and false acceptance rate can be obtained.

However, an attacker who steals registration information and attempts to successfully perform authentication illegally guesses the quantized value of each feature amount, and obtains a quantized feature code string that successfully completes authentication. It is conceivable to make an attack to search for. The smaller the quantization width, the greater the number of times required to search for the difference between the estimated feature value sequence and the correct feature value sequence.

Therefore, in the case of identity authentication, by incorporating a perturbation mechanism in addition to the quantization mechanism, it is possible to authenticate a wider range of input than in the case without such a mechanism. In addition, the width of quantization can be reduced while maintaining the false rejection rate. That is, higher security and a higher authentication rate can be obtained.

Next, according to the present invention, based on a given maximum authentication time (upper limit of calculation time required for authentication),
It is characterized in that the maximum number of times of performing the collation is set.

According to the present invention, in a machine for performing authentication, by setting the number of times of collation that can be performed in a given maximum authentication time as the maximum number of times of collation, personal authentication can be performed within a predetermined authentication time. Can be done.

Next, according to the present invention, a quantization parameter describing a method of dividing each feature amount space used in performing the above-described quantization operation is obtained by distributing each feature amount and a given maximum rejection. It is determined based on the rate and the maximum number of matchings.

The width of quantization affects the authentication rate and security. According to the present invention, by setting a quantization parameter based on a given maximum rejection rate (allowed rejection rate) and the maximum number of times of collation, an authentication system having an appropriate authentication rate and security can be provided. Can be built.

Next, according to the present invention, a pseudo (dummy) parameter which is not actually used is included in a quantization parameter which describes a method of dividing each feature amount space used when performing the above-mentioned quantization operation. It is characterized by the following.

According to the present invention, the number of features actually used can be hidden, and security can be improved.

Next, according to the present invention, when it is determined that the user is a person, a distribution of a new characteristic amount is obtained by taking into account the characteristic amount of the acquired physical characteristic, and based on the distribution of the new characteristic amount. ,
The present invention is characterized in that parameters for quantization are updated, and registered authentication data registered is updated based on the new parameters.

According to the present invention, it is possible to set a quantization parameter and registered authentication data based on a feature amount distribution with higher approximation accuracy, and it becomes possible to perform authentication that is resistant to aging.

Next, the present invention provides, as the above-mentioned physical characteristics,
It is characterized in that the writing time of each stroke in the handwriting is used.

Next, the present invention is characterized in that, based on a plurality of predetermined basic strokes, a stroke number of the basic stroke most similar to each stroke in the handwriting is used as a quantization feature code. Is what you do.

Next, the present invention is characterized in that a change in the number of strokes of a plurality of handwriting information is absorbed and then used for registration.

Next, the present invention makes use of the fact that the quantized feature code sequence corresponding to the registered authentication data, which is obtained when the user is authenticated, is constant, Is used to generate a personal key. According to the present invention, by inputting physical characteristic information, it is possible to generate a personal key that can be generated only by the user.

Next, according to the present invention, in a personal authentication apparatus for authenticating a person using physical features, at least one kind of physical features of an individual is quantized to generate a quantized feature code sequence. Feature quantizing means, one-way function value generating means for generating one-way function value data using the one-way function from the quantized feature code sequence, and the one-way function value data for identifying the user. A matching unit that matches registered authentication data prepared in advance, and if the one-way function value data and the registered authentication data do not match, any one of the physical feature amount and the quantized feature code sequence Searching means for repeating perturbation to generate new one-way function value data and collating the generated one-way function value data with the registered authentication data; and Teru If the number of times does not match even if the number of times has reached a predetermined number, the personal authentication device has an authentication rejecting means for determining that the user is not the principal corresponding to the registered authentication data and terminating the authentication processing. To provide.

Next, the present invention is characterized in that a quantization parameter which describes a method of dividing each feature space used in performing the above-described quantization operation is determined based on each feature. Things.

Next, the present invention is characterized in that the maximum number of times of collation is set based on the given maximum authentication time.

Next, according to the present invention, a quantization parameter describing a method of dividing each feature amount space used in performing the above-described quantization operation is obtained by distributing each feature amount and giving a given maximum rejection. It is determined based on the rate and the maximum number of matchings.

Next, the present invention is characterized in that a pseudo (dummy) parameter is included in the quantization parameter.

Next, the present invention is activated when the one-way function value data and the registered authentication data coincide with each other in the matching means, and the distribution of the feature amount is taken into account in consideration of the acquired feature amount of the physical feature. And a quantization parameter updating means for updating a parameter at the time of quantization based on the distribution of the feature amount after the update, and a parameter registered based on the new parameter when the parameter at the time of quantization is updated. Registered authentication data updating means for updating the registered authentication data.

Next, the present invention provides, as the above-mentioned physical characteristics,
It is characterized in that the writing time of each stroke in the handwriting is used.

Next, according to the present invention, one or more basic strokes most similar to each of the strokes in the handwriting are used as quantization feature codes on the basis of a plurality of predetermined basic strokes. It is characterized by the following.

Next, according to the present invention, there is provided a personal authentication server for personal authentication in which personal authentication is performed using physical features, wherein registration authentication data prepared in advance for personal identification is stored. Storage means, and one-way function value generation means for generating one-way function value data using a one-way function from a quantized feature code sequence obtained by quantizing at least one type of physical feature amount of an individual; And a collation unit for collating the one-way function value data with the registered authentication data stored in the registered authentication data storage unit.

Next, according to the present invention, in a personal authentication terminal for personal authentication in which a person is authenticated using physical features, at least one type of physical features of an individual is quantized by quantizing each. It is characterized by having feature quantizing means for generating a code sequence, and transmitting means for transmitting the quantized feature code generated by the feature quantizing means.

[0040]

Next, an embodiment of the present invention will be described with reference to the drawings.

FIG. 1 is a block diagram showing the configuration of a personal authentication apparatus according to an embodiment of the present invention. The personal characteristic information input unit 1, the characteristic quantization unit 3, the quantization parameter storage unit 5, It comprises a collating unit 7, a quantization parameter updating unit 9, a registered authentication data storage unit 11, a registered authentication data updating unit 13, and an authentication result storage unit 15.

First, the flow of registration and authentication processing in a typical embodiment of the present authentication method will be described with reference to FIGS. 11 and 12, respectively.

In the registration process, physical characteristic information is collected a plurality of times from the physical characteristic information input unit 1 in FIG. 1 (step S101), and the physical quantizing unit 3 normalizes each physical characteristic information. Then, a feature amount is obtained by performing feature extraction (step S102). Therefore, for each feature, a distribution of the feature amount is obtained, a quantization parameter is determined based on the distribution, and stored in the quantization parameter storage unit 5 (step S10).
3). Next, a feature amount (average value or the like) considered to be a representative value of each feature is quantized using the quantization parameter set previously (step S104).

Next, the sequence of quantized feature codes obtained by the quantization is compared with the one-way function
1 (step S105), and the obtained one-way function value data is stored in the registered authentication data storage unit 11 (step S106).

In the authentication process, physical feature information is collected from the physical feature information input unit 1 (step S201), and the feature quantizer 3 performs normalization and feature extraction to obtain feature amounts (step S202). ). Next, the obtained feature amount is quantized using a quantization parameter (step S20).
3). Next, the sequence of the quantized feature codes obtained by the quantization is sent to the collation unit 7, and the one-way function value conversion circuit 71 converts it into a one-way function value (step S204).

Next, the comparison circuit 73 compares the data with the registered authentication data stored in the registered authentication data storage unit 11, and sends whether or not they match to the determination circuit 75 (step S205).
Therefore, if they match, the authentication is completed successfully, and the process ends.If they do not match, the quantization feature code sequence is perturbed.Here, the number of perturbations performed so far is counted. If the number of times exceeds a predetermined number, the process ends as authentication failure (step S206). Otherwise, the search circuit 77 is requested to perturb the quantized feature code sequence (step S207). The perturbed quantized feature code sequence is sent again to the one-way function value conversion circuit 71, and the above operation is repeated.

Next, each embodiment will be described in detail with reference to FIG. 1, and an embodiment will be described.

The physical characteristic information input unit 1 acquires physical characteristic information input by the user using a tablet or a camera, for example, and sends the physical characteristic information to the characteristic quantization unit 3.

The feature quantization unit 3 normalizes and extracts the physical features from the input physical feature information, and then, for each set of a plurality of feature amounts related to the physical features, stores each feature amount in the quantization parameter storage unit 3. , Is converted to a sequence M of quantized feature codes, and the sequence M of quantized feature codes is sent to the matching unit 7. The quantization parameter stored in the quantization parameter storage unit 5 may be set based on statistical information of individual characteristics obtained by acquiring physical characteristic information from a user several times during registration or the like. It may be set in advance by a method such as using statistical information collected from an unspecified number of people. However, since the parameter information is stored in the recording medium, the parameter information must be such that the quantization parameter for successful authentication cannot be estimated from the information. As an example, as described later, there is an example in which a width is used to equally divide each feature amount space and an offset indicating a deviation from the origin of the section is used as parameters.

FIG. 2 shows the processing of the feature quantization unit 3.
The details will be described with reference to FIG. The feature quantization unit 3 includes a feature extraction circuit 31, a quantization parameter setting circuit 33, and a quantization circuit 35.

Here, the physical characteristic information input section 1 and the characteristic extraction circuit 31 constitute a characteristic acquisition means, and the quantization circuit 35 constitutes a characteristic quantization means. Further, the quantization parameter setting circuit 33 constitutes a quantization parameter setting unit. In the present embodiment, the feature quantization unit 3 also serves as a registration processing unit.

After normalizing the input physical characteristic information, the characteristic extraction circuit 31 extracts a plurality of physical characteristics f _i (i = 1, 2,..., N; n is the number of characteristics) from the physical characteristic information. extracted sequentially the feature quantity q _i of each of the physical characteristics f _i, and sends the quantization circuit 35.

However, when the quantization parameter is set from the statistical information of the user's characteristics, in the registration mode, for each of the physical characteristics information input a plurality of times, each characteristic amount q of the above-mentioned physical characteristics f _{i i} is also sent to the quantization parameter setting circuit 33. The quantization parameter setting circuit 33 obtains a feature amount distribution from each of the plurality of feature amounts for each feature, determines a quantization parameter for each feature amount based on the distribution of the feature amounts, and determines the quantization parameter as a quantization parameter. It is stored in the storage unit 5. A specific setting method of the quantization parameter will be described later. The quantization parameter setting circuit 33 operates only in the registration mode.

The quantization circuit 35 stores, from the quantization parameter storage unit 5, the width w _i of the section to be quantized, which is a quantization parameter, and the offset o representing the deviation of the section from the origin.
while sequentially reading out _i, a feature quantity q _i corresponding to physical characteristics f _i input, as shown in FIG. 3, the quantization characteristic code s calculated respectively according to the following formula (1)
_i (Section number).

S _i = [q _i / w _i + o _i ] (1) In the equation (1), [] is a Gaussian symbol and represents an integer value not exceeding the value in [].

The quantization circuit 35 performs the above-described quantization process on all the feature quantities q _i corresponding to all the physical features f _i (i = 1, 2,..., N), M (s ₁ , s ₂ ,..., S _n ) of the quantized feature code corresponding to the sequence (f ₁ , f ₂ ,..., F _n ) of the statistical feature, and It is sent to the collation unit 7.

FIG. 4 shows an example of a quantization operation performed on the physical features f _i . Each of the physical features f ₁ , f ₂ ,... Is an interval width w ₁ , w ₂ ,.
, And offsets o ₁ , o ₂ ,... (Offset o _i is omitted in FIG. 4). Physical features f ₁ ,
If the feature values of f ₂ ,... are q ₁ , q ₂ ,... indicated by ●, the section numbers s ₁ , s ₂ ,.
4 ...

FIG. 5 shows a quantized feature code matrix in which the physical features f _i are quantized in the column direction and the respective section numbers s _i are arranged in the column direction, and ○ indicates a quantized feature code corresponding to each feature. Is represented. The curve represented by the arrow indicates the correct path in the quantized feature code matrix when this feature is a standard feature unique to an individual.

[0059] The multiple quantization parameter based on the calculated feature quantity q _i w _i, as set method o _i are for example the following methods. Multiple features q for the same physical feature
_i mean m _i the frequency distribution of obtains the fluctuation band of the characteristic quantity q _i to contain the majority of the distribution is approximated by a normal distribution of variance sigma _i ^2, so as to include the fluctuation range with a small number of sections The above quantization parameters w _i and o _i are determined. For example, the average value m _i
Is located at the center of the section r _i , and the section [r _i
−1, r _i +1] and the interval [m _i -3]
As can comprise _{σ i, m i + 3σ i} ], determining the width w _i and the offset o _i of the interval. In this method, the variation range of the feature amount, that is, most of the variation of the feature amount,
Section number r _i -1, r _i, can be covered by three sections of r _i +1. However, it is not limited to three sections as in this example.

In the above example of obtaining the quantization parameter, the quantization parameters w _i and o _i determined from the distribution of the feature amount are set to the fixed values obtained at the time of registration. When the acquired physical information is authenticated as the person, the distribution of the feature amount is sequentially corrected while adding the information of the feature amount at that time, so that the quantization parameter w _i may be provided a quantization parameter update unit 9 updates the o _i sequentially updating the quantization parameter.

As a method of successive correction by the quantization parameter updating unit 9, the following method can be exemplified. That is, when the authentication by the collating unit 7 succeeds under the currently set quantization parameters w _i and o _i , the sequence M of the successful quantization feature code (the column of the section number s _i ) the basis, by (2) and (3) below, w _i representing reference for setting the current quantization parameter, it is possible to obtain the o _i.

[0062]

(Equation 1) At this time, the feature amount obtained at the k-th time corresponding to the feature f _i is q _{i, k} , and the average obtained from u feature amounts corresponding to the feature f _i is m _{i, u} and the feature f _i . The corresponding variance obtained from u features is

(Equation 2)

(Equation 3) It is.

Therefore, the known m _i and σ _i are, for example,
The value is obtained from 00 data. That is, m _i
= M _{i, 100} , σ _i = σ _{i, 100} , the mean value and the variance m _{i ′} = m _{i, 101} , σ ′ = σ after successive correction
_{i, 101,} the feature amount obtained this time q _{i, 10 1} and known m
_{It can be obtained from i, 100} and σ _{i, 100 using} the above equations (6) and (7). As described above, the accuracy of approximation of the distribution of the feature amount can be improved by the successive correction.

[0064] Then, the quantization parameter update unit 9, the newly obtained m _{i ',} σ _i' from based on the quantization parameter setting method, the new sequentially modified quantization parameter m _{i ',} σ _{i ′} is obtained, and its quantization parameters m _{i ′} , σ
_The quantization parameter in the quantization parameter storage unit 5 is updated to _{i ′} . Further, when the quantization parameter is updated, the registered authentication data updating unit 13 obtains new registered authentication data based on the sequentially corrected quantization parameter and obtains the registered authentication data stored in the registered authentication data storage unit 11. Update the data.

[0065] Examples of a method of obtaining a new registration authentication data, the average value m _i of the characteristic amounts of the updated as feature amount input _', sigma _i' use therewith registered by the updated quantization parameter Is performed.

Next, the collation unit 7 obtains one-way function value data by applying a one-way function to the sequence M of the quantized feature codes input from the feature quantization unit 3 and obtains the one-way function value data. Is used as the authentication confirmation data, the authentication confirmation data is compared with the registered authentication data (one-way function value data) of the specific individual registered in the registered authentication data storage unit 11 to determine whether or not the user is the principal. Is stored in the authentication result storage unit 15. If the above collation does not match,
While adding the perturbation to the quantized feature code and updating the quantized feature code, the matching operation is repeated a predetermined number of times, and even if the matching operation is performed a predetermined number of times, there is no match,
Judge that it is not his / her own and reject.

The processing of the collating unit 7 will be described in detail with reference to FIG. The collation unit 7 includes a one-way function value conversion circuit 71, a comparison circuit 73, a determination circuit 75,
And a search circuit 77.

Here, the one-way function value conversion circuit 71 constitutes one-way function value conversion means, the comparison circuit 73 and the judgment circuit 75 constitute verification means, and the search circuit 77 comprises search means and authentication rejection means. Is configured. In the present embodiment, the one-way function value conversion circuit 71 also serves as a registration processing unit.

The one-way function value conversion circuit 71 converts the input sequence M of quantized feature codes into one-way function value data H (M) using a one-way function, H (M) is sent to the comparison circuit 73 as authentication confirmation data.

As an example, as a one-way function H,
Using SHA-1 with a bit string as input, each quantized value is
32 bits, and the sequence M of the input quantized feature codes
= S ₁, S_Two, S_Three, ..., s_nAnd s₁× 2^{32 × 0}+ S_Two× 2^{32 × 1}+ ... + s_n× 2^{32 ×
(n-1)} Expressed as a bit string, and it is input as one-way
There is a way to input to the function.

In the case of the registration mode, the one-way function value conversion circuit 71 stores the obtained one-way function value data in the registered authentication data storage section 11 as registered authentication data H (M _r ).

The comparison circuit 73 includes the registration authentication data storage 1
1 and reads out the registered authentication data H (M _r ) and compares it with the authentication confirmation data H (M _c ).

If the comparison result in the comparison circuit 73 is “match”, the judgment circuit 75 judges that the inputted physical characteristic information belongs to the person registered in the registered authentication data storage unit 11, The result is sent to the authentication result storage unit 15. If "mismatch", the search circuit 77 is activated to perform authentication again.

However, the comparison circuit 73 counts the number of activations of the search circuit 77 itself, and when the count exceeds a predetermined value, the input circuit is assumed to have an input fluctuation without activating the search circuit 77. Was big outside or
Assuming that the physical characteristic information of the other person has been input, the authentication rejection information is sent to the authentication result storage unit 15, and the processing of the collation unit 7 ends.

The search circuit 77 adds a perturbation to the value of the sequence M of the quantized feature codes input from the feature quantizing unit 3 by a method determined by a predetermined rule, thereby obtaining a new sequence of quantized feature codes. M ′ is obtained, and the new sequence of quantized feature codes M ′ is sent to the one-way function value conversion circuit 71.
Thus, the comparison / collation operation is performed again.

The above-mentioned perturbation changes the value of the feature code within the variation range of the feature code. In the example of the present embodiment, the quantization parameter setting circuit 33 determines the width of the section of the quantization parameter corresponding to each feature amount so that the variation width can be included in three sections for each feature amount. Therefore, perturbation is performed within a range of a variation of ± 1 for the target feature code.

Next, an example of the perturbation method will be described.

First, physical characteristics f_iFeature code corresponding to
C (section number) s₁New by adding ± 1 perturbation to
Sequence M '= s₁+ 1, s_Two,
s_Three, ..., s_nGenerate Whenever this is started
Then, perform the above operation_Two, S_Three, ..., s _nRepeat with. this
Is the operation the path of si obtained from the input physical characteristic information?
S _i5 while shifting in the order of i = 1, 2, 3,.
This is equivalent to searching for the correct route described above.

FIG. 7 is a diagram showing an example of a route search.
The line is a sequence M of input quantized feature codes. _cThe path of the arrow
s₁= 1 to s_iExpress the perturbation of +1 to = 2 respectively
I have. In FIG. 7, M_cIs the same as the correct route in Fig. 5.
No, but correct by changing the path with perturbation
It turns out that the route can be found.

Further, each of the quantized feature codes s ₁ , s ₂ ,
If s ₃ ,..., s _n do not match even if a +1 perturbation is applied, a new quantized feature code generated by adding a -1 perturbation to s _1. column _{M "= s 1 -1, s} 2, s 3, ..., and output to create a s _n. this operation, each time it is started, s _2, s _3,
, And s _n are repeatedly perturbed until −1. In addition, if it is activated, that is, if there is a mismatch,
Perturbation is performed for any two combinations of s _i and s _j (i <j) within a range of ± 1. Furthermore, when the activation is performed, that is, when there is a mismatch, any three are tried, and if the activation still occurs, four, five,..., N are tried.

In the above description of the perturbation method, there has been described a method of performing up to perturbation for arbitrary n numbers in a range of ± 1.
It is not necessary to activate the search circuit 77 up to that number, and the authentication processing may be terminated and rejection information may be supplied to the authentication result storage unit 15 when the number of perturbations reaches a predetermined number. Depending on the feature, the order of perturbations may be changed if the order of other perturbations is higher in the probability of finding a match in a smaller number of times.

In the above example of perturbation, a method of adding a perturbation to s _i has been described. However, depending on a feature, a method of adding a perturbation to a feature quantity q _i in consideration of the frequency distribution of the feature may be used. Good. However, in this case, activation of the feature quantization unit is required.

Next, an example of a method for setting the maximum number of times of search / collation based on a predetermined maximum authentication time (upper limit of calculation time required for authentication) will be described.

For example, when the predetermined maximum authentication time is T
_{Assuming max} , the authentication processing can be performed on a sample of several pieces of physical characteristic information on the computer that performs the collation, and the average of the number of collations that can be performed within _Tmax can be determined.

Next, the quantization parameter is calculated by dividing
Cloth and given maximum rejection rate P _rejAnd the maximum number of matches
T_maxAn example of a method of setting based on the following is shown.

The distribution of each feature q _i is represented by an average value m _i and a variance σ
determining the quantization parameters w _i and o _i so that the range of the distribution that cannot be included by the T _max perturbations is less than or equal to the maximum rejection rate _Prej by approximating the normal distribution of _i ² think of.

In the case of no perturbation, in order to satisfy the condition that the rejection rate becomes equal to or less than _{Prej in} one trial, the ratio of the width w _i of one quantization section to the standard deviation σ _i is fixed for each feature. That is, assuming that the ratio is 2R, all i
If w _i = 2Rσ _i , then the number of features is n,
The proportion of distribution interval _{[m i -R · σ i,} m i + R · σ i] covers is,

(Equation 4) Required by Where Φ (z) is the distribution function of the standard normal distribution, that is,

(Equation 5) And The approximation was performed on the _assumption that _Prej was sufficiently close to 0.

Now, for each feature f _i ,

(Equation 6) Is a reference quantization width.

Since this is a case where no perturbation is considered,
By adding perturbations, some quantization widths can be reduced.

Consider proceeding like the above perturbation.

Search (d ₀ , d ₁ , d ₂ ,...) Is calculated by changing the number of unshifted features to d
_0, number ₁ d of the features ± 1 shift, _two numbers d characteristics of ± 2 shifting, the combination of perturbation is ... When indicating to explore all streets, searching the following You will go down from the top of the table.

[0092]

[Table 1] Here, for example, if it is possible to search up to Search (N-1, 1), all combinations that shift one feature by ± 1 can be tried. Means that the target rejection rate can be achieved even if is reduced to 1/3.

In the above-described search, the quantization width can be further reduced each time a point marked with * is reached.

Therefore, if it is possible to calculate up to which * mark can be achieved by T _max perturbations, it is possible to determine how much the quantization width can be reduced.

The tables with the asterisks are summarized as follows.

[0096]

[Table 2] Let W _e (N) be the total number of trials to reach Search (0, 0,..., N (= d _e )) and complete the search, and PW _e
Search (d ₀ , d ₁ , ..., de _-1 , i (=
d _e)) for all of d _0, d _1, ..., and the number of attempts to try the _{d e-1, W e (} N) = (2e +1) N (1) PW _e (i, N) = _N C _i · 2 ⁱ · W _e−1 (N−i) (2)

Therefore, it can be understood how far it can be reached by performing the following procedure.

1. 2 to determine the _{W e-1 (N) ≦} T max <W e (N) become e. r: = _{Tmax -We-1} (N) 3. 3. for (i: = 1; r ≧ 0; i: = i + 1) {r: = r−PW _e (i, N)} i: = i−2 5. if (i == 0) ｛e: = e−1; i = N｝ The arrival point is Search (0,0, ..., N−i, i (=
a d _e)).

Therefore, for any i features, the quantization width can be set to 1 / (2e + 1) of the reference width,
For any Ni features, the quantization width can be 1 / (2e-1) of the reference width.

By the above method, the quantization parameter can be set based on the distribution of each feature, the given maximum rejection rate and the maximum number of times of collation.

Next, a method of creating a private key using a quantized feature code after perturbation that has succeeded in authentication will be described. FIG. 10 is a block diagram showing a configuration of a personal authentication device that can generate a personal key.

The personal authentication device shown in FIG. 10 has a key generation function. The basic configuration of the personal authentication device shown in FIG. 1, the physical characteristic information input unit 1, the characteristic quantization unit 3, and the storage of the quantization parameter 5, the matching unit 7, the quantization parameter updating unit 9, the registered authentication data storage unit 11, and the registered authentication data updating unit 13 are substantially the same.
Is connected. This also allows the collating unit 7
Is configured to transmit a perturbed quantized feature code sequence that has succeeded in authentication to the key generation unit 17 when authentication is successful.

The following method is conceivable as a key generation method.

[0104] For example, as one-way function H _l, using a one-way function SHA-1 of known for generating a fixed-length output as an input the bit string of arbitrary length, each quantized value is 32 bits, the quantum Sequence of generalized feature codes M = s ₁ , s ₂ , s
_3, ..., a ^{_{s n, s 1 × 2 32}} × 0 + s 2 × 2 32 × 1 + ... + s n × 2
^{32 × (n−1),} and the number L obtained by adding the random number R stored in the recording medium in advance is represented by a bit string,
By applying H _l to it, a fixed-length private key H
_l (L) can be generated.

[0105] Further, using H _l (L) is a key for common key encryption, a plurality of keys K _1, K _2, ..., may be stored which is encrypted with K _v in the storage medium, when necessary H again
By generating and decrypting _l (L), a plurality of keys can be generated.

As described above, by using encryption, it is possible to use not only a plurality of keys but also data to be kept secret.

As another method, a plurality of keys K ₁ ,
If K ₂ ,..., K _v are all less than or equal to the length of H _l (L),
K ₁ #H ₁ (L), k ₂ #H ₁ (L),... K _v #H without using complicated encryption
_l (L) (here, “#” indicates exclusive OR) is stored in the storage medium, and when desired, the exclusive OR can be obtained again.

Next, the operation and effects of the personal authentication device having the above configuration will be described.

In the conventional personal authentication method, for example, when a fingerprint is a physical feature, a minutiae is used, and when a handwriting is a physical feature, a pen point coordinate series of xy coordinates and a pen pressure are used. In addition, features that enable approximate reproduction of original information of physical feature information from physical features have been frequently used. Also,
In many cases, the authentication method is determined using a similarity measure between the features. If the input feature is similar to the registered feature, but is similar to the registered feature, the feature is authenticated. Therefore, when the registered feature is stolen, the physical feature information used for registration is approximately reproduced from the feature,
When used as an input to a personal authentication system, there is a risk that security will be broken.

On the other hand, in the above-described apparatus according to the present invention, the feature itself is not stored, but the one-way function obtained by further quantizing and converting the feature code into a quantized feature code is obtained. The value data is registered as registered authentication data, and the one-way function value data is collated with each other. Therefore, even if the registered authentication data stored in the registered authentication data storage unit 11 is stolen, reverse conversion cannot be performed, and it is extremely difficult to reproduce physical characteristic information that matches the registered authentication data.

[0111] The quantization parameter w _i, even o _i is stolen, when the maximum value of the physical features f _i corresponding quantization characteristic code (section number) s _i and k-1, the quantization There are k ⁿ combinations of paths in the feature code matrix. That is, stealing the quantization parameter and registered authentication data, if you try to explore the correct answer, it does not not examine the combination of up to k ⁿ street. When k and n are unknown, the number of possible combinations of paths is theoretically infinite, and it is extremely difficult to find the correct path. For these reasons, in the present embodiment according to the present invention, the risk of theft of registered authentication data and the like is reduced as much as possible.

As described above, when an attempt is made to incorrectly search for a correct answer, the search becomes more difficult as k and n are larger. Therefore, the larger k and n are, the higher the security is.
That is, the smaller the quantization section width w _{i, the} higher the security.

However, if the size is too small, there is a variation in the amount of physical characteristics, so that there is a possibility that even the person himself cannot be authenticated. Therefore, by repeating perturbation and repeating verification, it becomes possible to perform authentication without narrowing the quantization section width and increasing the false rejection rate as compared with the case without perturbation. That is, authentication with high security and high reliability can be performed.

The number of times of search / collation and the method of determining the quantization parameter are as follows. The number of times of search / collation is determined based on the maximum authentication time, and the quantization parameter is determined in advance by the distribution of the characteristic amount of the individual. By determining based on the maximum rejection rate and the maximum authentication time, the authentication rate, security, and the processing time required for authentication can be adjusted so as to be practically usable.

According to the above-described method, under the conditions satisfying the maximum rejection rate and the maximum authentication time, the number of perturbations and the quantization parameter are determined so as to be the most secure against an attack for illegally searching for the correct answer. Becomes possible.

Further, when the quantization parameter is sequentially changed, the accuracy of approximation of the feature amount distribution can be improved, so that more stable authentication can be performed.

Next, an embodiment in which the writing time of each stroke of the handwriting of the handwritten signature is used as a physical feature amount will be described as an effective embodiment capable of making k and n unknown. FIG. 8 shows an example in which "Tsugken" is signed, and is composed of 16 strokes 1 to 16. Now
The writing time of the i-th stroke is taken as a physical feature f _i and is represented by a feature quantity q (msec). This is quantized, further converted into a one-way function value, and the above-described collation processing is performed. In this case, the writing time is the time of an actual stroke consisting of the pen points from pen down to pen up, and the time from pen down to pen up is represented to separate each stroke from the handwriting.

Here, the writing time of each stroke is selected as one of the characteristics with small intra-individual variations.

In the example of FIG. 8, the writing time of the actual stroke composed of the pen points from pen down to pen up is taken as the feature f _i , but the writing of the virtual stroke represented by the straight line from pen up to pen down is taken. Time may also be used.

Here, in order to improve the security, as a method of obscuring the number n of feature values, a method in which the quantization parameter storage unit 3 has a dummy quantization parameter after the feature number n + 1 as an example. Can be. This makes it impossible for anyone other than those who know how to write the signature to know the true value of n.

[0121] Pseudo parameters (dummy quantization _{parameter) w n + 1, ...,} o n + 1, as the ... Source setting, for example, the distribution of w _i, the average value m _wi, the variance sigma _wi ² Regular Approximate by a distribution, randomly generate a sequence according to the distribution, set it as a value after w _{n + 1} , and o _{n + 1} ,.
There is a method of setting a random value of [0, 1).

Further, if information on the basic stroke is added in addition to the feature amount based on each stroke, the number of routes to be searched can be further increased. That is, the feature extraction circuit 21 selects one or more basic strokes that are closest to the input stroke among the basic strokes, and uses the stroke numbers as quantized feature codes. To calculate the distance between strokes, see Toru Wakahara, Hiroshi Mura
se, Kazumi Odaka, `` On-line Handwriting Recognitio
n '', Proceedings of The IEEE, Vol.80, No.7, July 19
The method at 92 can be used.

For example, R ₁ , R ₂ , R ₃ , R shown in FIG.
₄ ,... Are examples of basic strokes. From the input strokes, the closest one of the basic strokes is selected, and the stroke number is assigned as a quantization code. For example, stroke 1 in FIG.
_The stroke number ₃ assigned to 3 is a quantized feature code.

Here, each of the basic strokes can easily show individuality from a set of many primitives expressing characters based on the analysis result of a large amount of data created by a large number of scribes. It can be obtained by selecting one.

Next, an example of a method for equalizing the number of strokes in a plurality of pieces of handwriting information will be described.

As handwriting information, time series data of the pen pressure
Assume that it has been collected twice. All combinations that select two of the data have a known technique, dynamic programming (D
P) method was applied to, b _0-th data, it is the basic data when the sum of the distances between the other data is the smallest.

The dynamic programming method is described, for example, in the literature Hiroaki Sakoe, Seibi Chiba, “Dynamic Pro
gramming Algoritthm Optimization for Spoken Word R
ecognition ", IEEE Trans. on Acoustics, Speech, and
Signal Processing, Vol. ASSP-26, No. 1, Feb. 1978.

As a notation, the pen data of the m-th data
T / p time_ud ^(m)(1), t_ud ^(m)(2),…
You.

Next, all data m (m
≠ b₀), T_ud ^{(b 0 )}(i), mapped by DP
The nearest t in the given time series space_ud ^(m)(j)
To t_ud ^{(b 0 )}Considering the corresponding point of (i), c^{(b 0 , m)}(i) = j and table
Manifest.

[0130] Next, for each data m, the time of a plurality of pen-up / down time on the data b ₀ of one pen-up / down data m corresponds, that is, for a j'c ^{(b 0 , m)} (i ₁ ) = c ^{(b 0 , m)} (i ₂ ) =... J ′, t _ud ^{(b 0 )} (i ₁ ), t _ud ^{(b 0 )} (i ₂ ), ... are mapped on the time axis of m, and only the point closest to t _ud ^(m) (j) and only t _ud ^{(b 0 )} (i _h ) are recognized as corresponding points. It is assumed that c ^{(b 0 , m )} (i _l ) = − 1 (l ≠ h) and the corresponding point is not a corresponding point.

Next, in each _tud ^{(b 0 )} (i), corresponding points exist for all data m (m ≠ b ₀ ), that is, for all m, c ^{(b 0 , m)} (i ) ≠ −1, each _tud ^(l) (i) is converted to a stable pen-up / down time t ′ _ud ^(l) ( i ′).

All points that were not recognized as stable pen-up / down times were removed, and t ′ _ud ^(l) (i ′) obtained for each data was considered as the pen-up / down time. Stroke time.

In the above-described embodiment, the creation and registration of the registered authentication data is also performed through the feature quantization unit 3 and the collation unit 7. However, the process of creating and registering the registered authentication data is performed by another block. (Another device).

[0134] The device for performing the actual authentication may be divided into a server for performing the authentication and a terminal for the user to input the physical characteristic information.

As an example, the physical characteristic information input unit 1 in FIG. 1 is used as a personal authentication terminal, the remaining part is used as a personal authentication server, and the part connecting the physical characteristic information input unit 1 and the characteristic quantization unit is used. A method of making a network, a physical feature information input unit 1, a feature quantization unit 3, and a quantization parameter storage unit 5 are used as personal authentication terminals, and the remaining part is used as a personal authentication server. There is a method in which the part connecting the 7 is a network.

If the terminal wants to know the authentication result, this can be achieved by providing means for transmitting and receiving the authentication result between the server and the terminal.

In the latter method, the quantization parameter and the registered feature data are updated based on a new feature distribution obtained by adding the feature of the physical feature when the authentication is successful. Can be performed by providing a means for transmitting and receiving data required for updating.

However, when the physical feature information or the quantized feature code is transmitted as it is, the network line connecting the personal authentication server and the personal authentication terminal must be an intranet or the like that does not have a fear of eavesdropping and tampering. Needless to say.

Although the embodiments of the present invention have been specifically described above, it is needless to say that the present invention is not limited to the above embodiments, and that various changes can be made without departing from the gist of the present invention.

[0140]

As described above, according to the present invention,
The feature amount of the feature obtained from the physical feature information is converted into a quantized feature code by a quantization operation, and one-way function value data generated by applying a one-way function to the sequence of the quantized feature code is registered. It is stored as authentication data, and when new physical feature information is input, the obtained quantized feature code is appropriately added with a perturbation to the feature amount obtained from the input or the quantized feature code. Since it is converted to a one-way function value and collated with the registered authentication data, even if the registered authentication data is stolen, the reverse conversion cannot be performed. Because it is extremely difficult, it is a highly secure and reliable authentication method, and also handles fluctuations in the input physical characteristics. That is, there is an effect that a stable authentication is enabled by coping with a physical characteristic that changes every time.

Further, as compared with the conventional method in which the registered features are encrypted and stored, there is an advantage that the labor for storing and managing the key is not required.

According to the present invention, the maximum number of times of collation is obtained based on the given maximum authentication time, and the quantization parameter is determined based on the given maximum rejection rate and maximum number of times of collation. Authentication rate, security, and authentication time can be adjusted to be realistically usable.

For example, it is possible to determine the quantization width and the number of perturbations so that the security is maximized under the condition that the required maximum rejection rate and the maximum authentication time are satisfied.

Further, according to the present invention, the number of feature quantities becomes unknown by including the pseudo parameter in the quantization parameter, and the security of the authentication system is improved.

Further, according to the present invention, a new feature amount distribution is obtained by using the feature amount of the physical feature at the time of successful authentication. Since the parameterization can be set, a stable authentication can be performed by coping with the characteristics of the physical characteristic information which fluctuates every time and easily changes with time, and there is an effect that the reliability of the authentication is further improved.

Further, according to the present invention, the writing time of each stroke of the handwriting of the signature is used as a physical feature amount.
Alternatively, each effect described in the above embodiment can be obtained by using the stroke number of the most similar basic stroke as the quantization feature code.

Further, according to the present invention, by generating a personal key from physical characteristics, a person such as a personal identification number at a bank ATM or a password required at the time of logging in to the system must be kept secret. Keep the necessary symbol strings etc. safely without relying on the person's memory,
Can be generated.

Further, according to the present invention, by performing authentication using the personal authentication server and the personal authentication terminal, it is possible to make the place where the physical characteristic is obtained and the place where the collation is performed different. is there.

Further, according to the present invention, when extracting stroke information from a plurality of pieces of handwriting information, variations in the number of strokes between the pieces of handwriting information are absorbed, and each stroke obtained after equalizing the number of strokes of all data. By creating registration authentication data using the stroke writing time as a physical feature, it is possible to reduce registration failures due to differences in the number of strokes, even in handwriting where strokes are easily connected or disconnected, and stable Enable registration.

[Brief description of the drawings]

FIG. 1 is a block diagram of a personal authentication device according to an embodiment of the present invention.

FIG. 2 is a configuration diagram of a feature quantization unit according to an embodiment based on the present invention.

FIG. 3 is a diagram illustrating an example of quantization using a quantization width w _i and offset quantization o _i as quantization parameters.

FIG. 4 is a diagram illustrating an example of a quantization operation.

FIG. 5 is a diagram illustrating an example of a quantized feature code matrix.

FIG. 6 is a configuration diagram of a collation unit according to the embodiment based on the present invention.

FIG. 7 is a diagram illustrating an example of perturbation of a quantization section number in a quantization feature code matrix.

FIG. 8 is a diagram illustrating an example of a case where handwriting is used as physical characteristic information.

FIG. 9 is a diagram illustrating an example of a basic stroke in a handwriting.

FIG. 10 is a block diagram of a personal authentication device that generates a personal key.

FIG. 11 is a flowchart illustrating an example of a processing procedure of a registration process.

FIG. 12 is a flowchart illustrating an example of a processing procedure of an authentication process.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 Physical characteristic information input part 3 Feature quantization part 5 Quantization parameter storage part 7 Matching part 9 Quantization parameter update part 11 Registration authentication data storage part 13 Registration authentication data update part 15 Authentication result storage part 17 Key generation part 31 Features Extraction circuit 33 Quantization parameter setting circuit 35 Quantization circuit 71 One-way function value conversion circuit 73 Comparison circuit 75 Judgment circuit 77 Search circuit

 ──────────────────────────────────────────────────続 き Continuing on the front page (72) Inventor Akira Banno 2-3-1 Otemachi, Chiyoda-ku, Tokyo Nippon Telegraph and Telephone Corporation (72) Inventor Toru Wakahara 2-3-3 Otemachi, Chiyoda-ku, Tokyo No. 1 Nippon Telegraph and Telephone Corporation (72) Inventor Ken Sakamura 4-9-2 Osaki, Shinagawa-ku, Tokyo F-term (reference) 5B043 AA09 BA06 EA04 EA05 FA07 FA09 GA04 5J104 AA07 KA01 KA03 KA06 KA16 NA11 PA14

Claims (22)

[Claims] 1. A personal authentication method for authenticating an individual using physical features, wherein each of at least one type of physical features of the individual is quantized to generate a quantized feature code sequence. Generating one-way function value data from the code sequence using a one-way function, collating the one-way function value data with registered authentication data prepared in advance for identity verification, If the value data and the registered authentication data match, it is determined that the user is the principal corresponding to the registered authentication data. If the one-way function value data and the registered authentication data do not match, the physical Perturbing any of the feature amount and the quantized feature code sequence to generate new one-way function value data, and comparing the generated one-way function value data with the registered authentication data. Repeat, place If the one-way function value data matches the registered authentication data by matching within a fixed number of times, it is determined that the user is the principal corresponding to the registered authentication data. A personal authentication method characterized by determining that the user is not the person corresponding to the registered authentication data. 2. An individual authentication method for authenticating an individual using physical features, comprising: acquiring a physical feature of an individual to be authenticated; and obtaining a quantization parameter based on each feature of the physical feature. Generating a quantized feature code based on the quantized parameter and each of the feature amounts, and converting the sequence of the quantized feature code into one-way function value data by a one-way function to obtain registered authentication data. The personal authentication method according to claim 1, wherein 3. An individual authentication method for authenticating an individual using physical features, wherein each of at least one type of physical features of the individual is quantized to generate a quantized feature code sequence. Generating one-way function value data from the code sequence using a one-way function, collating the one-way function value data with registered authentication data prepared in advance for identity verification, If the value data matches the registered authentication data, it is determined that the user is the principal corresponding to the registered authentication data, and a personal key is generated based on the quantized feature code sequence corresponding to the one-way function value data. If the one-way function value data does not match the registered authentication data, any one of the physical feature value and the quantized feature code sequence is perturbed to generate new one-way function value data. Do and do The generated one-way function value data is repeatedly compared with the registered authentication data, and when it is determined that the user is the principal corresponding to the registered authentication data, the one-way function value data matched by the verification is determined. A personal authentication method characterized in that a personal key is generated based on a quantized feature code sequence corresponding to (1). 4. The method according to claim 1, wherein the maximum number of times of matching is set based on a given maximum authentication time.
The personal authentication method according to any one of claims 1 to 3, wherein the personal authentication method according to any one of claims 1 to 3. 5. The quantization parameter according to claim 1, wherein the quantization parameter is set based on a distribution of each feature amount, a given maximum rejection rate, and a maximum number of times of matching. The personal authentication method according to any one of the preceding claims. 6. The personal authentication method according to claim 1, wherein a pseudo parameter is included in the parameter at the time of the quantization. 7. When the one-way function value data matches the registered authentication data by the collation, a new feature amount distribution is obtained by taking into account the acquired feature amount of the physical feature, and the new feature is obtained. The method according to any one of claims 1 to 5, wherein a parameter at the time of quantization is updated based on the amount distribution, and registered authentication data registered is updated based on the new parameter. Personal authentication method described in section. 8. The writing method according to claim 1, wherein the physical feature quantity is a stroke from a point at which the writing instrument comes into contact with the writing object to a point at which the writing tool leaves, and a writing time of each stroke is used. The personal authentication method according to any one of the preceding claims. 9. As the physical characteristic amount, a stroke from when the writing instrument comes into contact with the writing object to when it leaves the writing object is recognized as a stroke, and each of the obtained strokes is used.
1 most similar to a plurality of predetermined basic strokes
9. The method according to claim 1, wherein a stroke number of two or more basic strokes is used as a quantization feature code corresponding to the stroke.
Personal authentication method described in section. 10. When extracting stroke information from a plurality of pieces of handwriting information, a variation in the number of strokes between the pieces of handwriting information is absorbed, and the writing time of each stroke obtained after equalizing the number of strokes of all data is reduced. 10. The personal authentication method according to claim 8, wherein the registration authentication data is created by using the registration authentication data as a characteristic amount. 11. A personal authentication device for authenticating a person using physical features, wherein a feature quantizing means for quantizing at least one type of physical features of an individual to generate a quantized feature code sequence. A one-way function value generating means for generating one-way function value data from the quantized feature code sequence by using a one-way function; Verification means for verifying the registered authentication data; and if the one-way function value data and the registered authentication data do not match, a perturbation is made to one of the physical feature amount and the quantized feature code sequence to newly perform Search means for repeating the generation of the one-way function value data and the collation of the generated one-way function value data with the registered authentication data; and Personal identification device characterized by having an authentication rejection means for the end the decision to the authentication process is not the person corresponding to the registration authentication data if also not match reaches a count. 12. A personal authentication device for authenticating an individual using a physical feature amount, wherein a personal feature of an individual to be authenticated is obtained and quantized based on each feature amount of the physical feature. Quantization parameter setting means for obtaining a parameter; generating a quantized feature code based on the quantized parameter and each of the feature amounts; and converting a sequence of the quantized feature code into one-way function value data by a one-way function. And a registration processing means for registering the registered authentication data in the registered authentication data storage unit. 13. A personal authentication device for authenticating an individual using physical feature values, wherein a feature quantization means for quantizing at least one type of physical feature value of an individual to generate a quantized feature code sequence. A one-way function value generating means for generating one-way function value data from the quantized feature code sequence by using a one-way function; Checking means for checking the registered authentication data; determining means for determining whether or not the user corresponds to the registered authentication data when the one-way function value data matches the registered authentication data; Key generation means for generating a personal key based on a quantized feature code sequence corresponding to the one-way function value data when the identity is authenticated by the determination means; and the one-way function value data and the registration Authentication data Are not coincident with each other, a perturbation is made to one of the physical feature amount and the quantized feature code sequence to generate new one-way function value data, and the generated one-way function value data and A search unit that repeats collation with the registered authentication data; and if it does not match, if the number of collations reaches a predetermined number by repeating the perturbation and collation, it is determined that the user is not the principal corresponding to the registered authentication data. An authentication rejecting means for terminating the authentication process and terminating the authentication process. 14. Based on a given maximum authentication time,
14. The personal authentication apparatus according to claim 11, wherein a maximum number of times of the collation is set. 15. The method according to claim 11, wherein the parameters for the quantization are set based on the distribution of each feature amount, the given maximum rejection rate and the maximum number of times of matching. The personal authentication device according to claim 1. 16. The quantization parameter may include:
16. The personal authentication device according to claim 11, further comprising a pseudo parameter. 17. When the one-way function value data and the registered authentication data match, the matching means obtains a new feature amount distribution by taking into account the acquired feature amount of the physical feature, and 17. The method according to claim 11, further comprising: updating a parameter at the time of quantization based on the distribution of the feature amount, and updating registered authentication data registered based on the new parameter. Or 1
Personal authentication device according to the paragraph. 18. The writing method according to claim 11, wherein the physical feature is that a writing implement is recognized as a stroke from the time when the writing implement comes into contact with the writing object to the time when the writing implement leaves, and the writing time of each stroke is used. 2. The personal authentication device according to claim 1. 19. The method according to claim 19, wherein the physical feature amount is a stroke from a point at which the writing instrument comes into contact with the writing object to a point at which the writing tool leaves the writing object, and each of the obtained strokes is used.
1 most similar to a plurality of predetermined basic strokes
19. The personal authentication apparatus according to claim 11, wherein a stroke number of two or more of the basic strokes is used as a quantization feature code corresponding to the stroke. 20. When extracting stroke information from a plurality of pieces of handwriting information, a variation in the number of strokes between the pieces of handwriting information is absorbed, and the writing time of each stroke obtained after equalizing the number of strokes of all data is reduced. 19. The registration authentication data is created by using as a characteristic feature amount.
Alternatively, the personal authentication device according to claim 19. 21. A personal authentication server for personal authentication for performing personal authentication using a physical feature quantity, a registration authentication data storage means for storing registration authentication data prepared in advance for personal identification, A one-way function value generating means for generating one-way function value data using a one-way function from a quantized feature code sequence obtained by quantizing at least one kind of physical feature amount; A personal authentication server, comprising: matching means for comparing function value data with registered authentication data stored in the registered authentication data storage unit. 22. A personal authentication terminal for personal authentication for performing personal authentication using a physical feature amount, wherein at least one type of physical feature amount of an individual is quantized to generate a quantized feature code sequence. A personal authentication terminal comprising: feature quantization means; and transmission means for transmitting the quantized feature code sequence.