JP6492141B2 - Vector conversion system and vector conversion method - Google Patents

Description

  The present invention relates to a vector conversion system and a vector conversion method.

  Electronic signatures are widely used for the purpose of preventing forgery and falsification of electronic documents and for personal authentication. Conventionally, a digital key has a private key / public key pair generated in advance and stored. In particular, the secret key can be used only by the signer, and is generally stored in an IC card or the like and managed by the signer so that it is secret from others. The signer can generate a signature for any electronic document using the private key, and the verifier can use the public key to verify that the signature / electronic document pair is correct (not forged or falsified). Can be verified. Examples of such digital signature algorithms include RSA, DSA, and Schnorr signatures, and a PKI (Public Key Infrastructure) is constructed using the algorithms.

  However, in order to safely operate a system that uses electronic signatures such as PKI, the private key used to generate the signature can be used only by a legitimate signer to prevent unauthorized use by others. A "key management" mechanism is required. For this reason, it is necessary to take measures such as storing it in a tamper-proof device such as an IC card and keeping it safely by the signer, or protecting the secret key with a password. However, IC cards and passwords cannot be said to be sufficiently secure because they can be used by others by theft or guessing, and there are problems that usability is reduced and operational costs are increased due to complicated operations associated with key management.

  Patent Document 1 discloses an electronic signature method (Biometric Signature) in which biometric information of a signer itself can be used as a secret key. In the technique described in Patent Document 1, biometric information unique to humans such as fingerprints and veins is used as a secret key. Also, Non-Patent Document 1 describes a technique for generating a secret key that can be used in a cryptographic system from biometric information.

JP 2013-123142 A

G. Zheng, W. Li, and C. Zhan, "Cryptographic key generation from biometric data using lattice mapping," Proceedings of the 18th International Conference on Pattern Recognition, vol. 4, pp. 513-516,2006.

  In the techniques described in Patent Document 1 and Non-Patent Document 1, rounding processing to the nearest integer grid point on the feature vector space is used to correct an error included in biological information. This is equivalent to the fact that the process of determining whether or not two pieces of biological information are sufficiently similar to each other is realized by threshold processing for the “L∞ distance” between feature vectors extracted from biological information. Yes. However, in many biometric authentication methods such as fingerprint, vein, face and iris, the distance between feature vectors of biometric information is defined by Euclidean distance (L2 distance), Hamming distance (L1 distance), etc. Therefore, it is impossible to realize an electronic signature or encryption system using biometric information as a secret key.

  An object of the present invention is to realize a biometric signature or encryption system using various types of biometric information by converting a feature vector in an arbitrary metric space into a vector in an L∞ metric space.

  A vector conversion system according to the present invention includes a vector extraction unit that extracts a feature vector defined on an n-dimensional Lp norm space for a predetermined real number p and a predetermined integer n from biological information, and a real number For a real number q such that q = p / (p-1) for p, an integer n, and a predetermined integer m, it is defined on an n-dimensional Lq norm space, and the q norm is a predetermined constant c The reference vector generation unit that generates m reference vectors that match and generates a reference matrix, and the matrix product of the extracted feature vector and the reference matrix are calculated. A vector conversion unit that outputs a vector obtained by regarding a vector as a vector on an m-dimensional L∞ norm space.

  According to the present invention, a vector X on a vector space having an arbitrary distance structure (Lp distance) can be converted into a vector Y having an L∞ distance structure. Thereby, the feature vector of the biological information defined by the Hamming distance or the Euclidean distance is converted into a vector defined by the L∞ distance, and the biological information even if the distance between the feature vectors of the biological information is defined by the L∞ distance. A signature system can be realized.

It is a block diagram which shows a function structure. It is a flowchart which shows a registration process. It is a flowchart which shows a signature production | generation process. It is a figure which shows a vector conversion process flow and a reference | standard matrix production | generation process flow. It is a block diagram which shows the hardware constitutions of an apparatus and a terminal.

  In this embodiment, data for verifying a signature (hereinafter referred to as “biometric certificate”) is created based on the user's biometric information at the time of registration, and the signature generating terminal responds to an arbitrary message when generating the signature. An example of a biometric signature system that generates a signature based on only (hereinafter, “biometric signature”) will be described. The system of the present embodiment can be used for electronic application in e-government, user authentication via a network, and the like. Biometric information refers to pattern information such as fingerprints, veins, and irises acquired from a user.

  FIG. 1 shows a system configuration of a biometric signature system in the present embodiment.

  The system generates a reference vector from a registration terminal 100 that issues a user's biometric certificate, a signature generation terminal 110 that generates a biometric signature for a message (electronic document) using the user's biometric information, and a feature vector. And a reference matrix generation device 400.

  The registration terminal 100 includes a sensor unit 101 that acquires biometric information for registration such as a fingerprint and a vein from a user, a feature vector extraction unit 102 that extracts a registration feature vector from the biometric information for registration, a vector conversion unit 106, a reference A reference matrix storage unit 107 that stores matrices, an ID input unit 103 that receives input of a user ID, a biometric public key creation unit 104 that creates a biometric public key from a registration feature vector, and a user ID and a biometric public key And a biometric certificate creating unit 105 that creates a biometric certificate by giving an electronic signature of the registered terminal itself.

  The signature generation terminal 110 includes a message input unit 111 that inputs a message that is a signature generation target, an ID input unit 116 that inputs a user ID, a sensor 112 that acquires biometric information for signature from the user, and a biometric for signature. A feature vector extraction unit 113 that extracts a signature feature vector from information, a feature vector conversion unit 117, a reference matrix storage unit 118 that stores a reference matrix, and a biometric that generates a biometric signature for a message using the signature feature vector It comprises a signature generation unit 114 and a biometric signature output unit 115 that outputs a biometric signature.

  The reference matrix generation device 400 includes a feature vector DB 405 and a reference matrix generation unit 406.

  In this embodiment, it is assumed that the reference matrix is generated in advance by the reference matrix generation device 400 and stored in the reference matrix storage unit 107 of the registration terminal 100 and the reference matrix storage unit 118 of the signature generation terminal 110.

  FIG. 5 shows the hardware configuration of the registration terminal 100, signature generation terminal 110, vector feature device 410, and reference matrix generation device 400 in this embodiment. These can be constituted by a CPU 500, a RAM 501, an HDD 502, an input device 503, an output device 504, and a communication device 505 as shown in the figure.

Next, the registration processing flow in the present embodiment will be described with reference to FIG.
The registration terminal 100 acquires biometric information for registration (such as a fingerprint image and a vein image) of the registered user through the sensor unit 101 (S200).
The feature vector extraction unit 102 extracts the registration feature vector X from the registration biometric information (S201).

  The vector conversion unit 106 converts the registration feature vector X according to the processing in steps S411 to S413 of FIG. 4 described later, and generates a registration conversion vector Y (S202). At this time, the reference matrix M stored in the reference matrix storage unit 107 is used, and the first seed is used as necessary. The first seed may be, for example, a random number or user attribute information (ID or the like).

The ID input unit 103 acquires the input of the registered user ID (S203).
The biometric public key creation unit 104 creates a corresponding biometric public key using the registration conversion vector Y converted by the vector conversion unit 106 as a secret key (S204). A specific method for creating a biometric public key follows the method described in Patent Document 1 or Non-Patent Document 1.

  By changing the first seed, a plurality of different biometric public keys can be created from the biometric information of the same user, and cross matching between these biometric public keys can be prevented. As a result, when registering biometric public keys in different systems, it is possible to prevent the link between them and protect privacy, and discard biometric public keys without changing the biometric information itself.・ It can be updated.

  Next, a signature generation flow in this embodiment will be described with reference to FIG.

  The signature generation terminal 110 acquires an input of an arbitrary message M via the message input unit 111 (S300).

  The ID input unit 116 acquires a user ID by a user input (S301). Note that this step may be omitted, and a symbol such as NULL may be used as the user ID in the following steps. By doing so, the user does not need to input an ID at the time of signing, and further convenience improvement is expected.

  The sensor unit 112 acquires the user's signature biometric information (S302).

  The feature vector extraction unit 113 extracts the signature feature vector X ′ from the signature biometric information acquired from the sensor unit 112 (S303).

  The vector conversion unit 117 converts the signature feature vector X ′ according to the processing of steps S411 to S413 shown in FIG. 4 to be described later, and generates a registration conversion vector Y ′ (S304). At this time, the reference matrix M stored in the reference matrix storage unit 118 is used, and the first seed is used as necessary. The first seed uses the same value as that used in step S202.

  The biometric signature generation unit 114 generates a biometric signature for the message M using the signature conversion vector Y ′ converted by the vector conversion unit 117 as a secret key (S305). A specific method for creating a biometric signature follows the method described in Patent Document 1.

  Alternatively, encryption key generation and authentication processing using the signature conversion vector Y ′ can be performed according to the method of Non-Patent Document 1.

  The biometric signature can be verified using the biometric public key, which confirms that the message M has not been tampered with and that the biometric signature has been generated by a legitimate user. A specific verification method follows the method described in Patent Document 1.

  The biometric signature method described in Patent Document 1 is based on the premise that the distance between feature vectors is defined as an L∞ distance, but the feature vectors of biometric information such as veins, irises, fingerprints, and faces are generally Euclidean distances. (L2 distance) and Hamming distance (L1 distance) are often assumed, and biometric signatures cannot be realized with such biometric information. In this embodiment, by converting the feature vector into a vector in which the L∞ distance is defined, this problem can be solved and a biometric signature can be realized with a large amount of biometric information.

  In this embodiment, a system that converts an n-dimensional real vector X whose distance is defined by a p-norm into an m-dimensional real vector Y whose distance is defined by an ∞ norm will be described as an example.

  First, as a preparation, we define the norm and distance. n-dimensional real vector, where p is a positive real number or infinity (∞)

P-norm

Is defined as follows:

The Lp distance between n-dimensional real vector x, y is

It is defined as

q for p,
1 / p + 1 / q = 1
A real number (or infinity) that satisfies That is, q = p / (p-1). For example, if p = 2, then q = 2. q = ∞ (infinity) when p = 1, and q = 1 when p = ∞.

  FIG. 4 shows a vector conversion process flow and a reference matrix generation process flow. The processing entities of this flow are the reference matrix generation device 400, the vector conversion unit 106 of the registration terminal 100, and the vector conversion unit 117 of the signature generation terminal 110. The reference matrix generation unit and the vector conversion unit may be a reference matrix generation device and a vector conversion device instead of the functional blocks provided in the registration terminal and the signature generation terminal.

  The reference matrix generation device 400 includes the feature vector DB 405 as a component, and the registration terminal 100 and the signature generation terminal 110 include a storage 415 as a component.

  The feature vector DB 405 records a plurality of feature vectors of the same type, for example, a set of feature vectors extracted from the finger patterns of a plurality of people. However, as will be described later, the reference matrix generation device 400 does not necessarily include the feature vector DB 405.

Next, the reference matrix generation processing flow in this embodiment will be described.
The reference matrix generation device 400 reads a plurality of feature vectors included in the feature vector DB and learns their distribution (S401). For distribution learning, for example, principal component analysis, discriminant analysis, maximum likelihood method, or a more advanced machine learning algorithm may be used.

  The reference matrix generation apparatus 400 sets m n-dimensional vectors (hereinafter referred to as reference vectors) that well represent the distribution of feature vectors to a predetermined constant value c> 0 having all q norms according to the result of distribution learning. It produces | generates so that it may become equal (S402). The generated reference vector

  And an n × m matrix in which these transposed vectors are arranged is a reference matrix M. This is recorded in the storage 415 of the vector transformation generation apparatus. m is a predetermined natural number. As will be described later, the error in distance before and after conversion can be reduced by increasing m. m can be greater than, less than, or equal to n. The m reference vectors do not need to be orthogonal and may not be linearly independent. For this reason, M is different from general basis transformation.

  As a reference vector generation method, for example, m vectors may be independently generated according to a learned distribution, and the q-norm may be normalized to c. By doing so, the angle between the reference vector and the feature vector becomes relatively small, and the inner product of the vectors tends to be relatively large. As a result, the distance error before and after conversion can be reduced even with a relatively small m.

  Alternatively, m reference vectors may be generated uniformly and randomly so as to satisfy only the constraint that the q-norm is equal to c regardless of the distribution of feature vectors. In this case, the feature vector DB 405 is unnecessary, and step S401 is also unnecessary.

  A pseudorandom number generator may be used with the second seed as an input when it is generated according to the distribution or when it is generated uniformly at random. By doing so, the same reference matrix is always generated when the seed is fixed, and a different reference matrix can be generated by changing the second seed. This property works effectively in the second embodiment described later.

  That is, the reference matrix generation device 400 further includes a learning unit that uses a plurality of n-dimensional feature vectors in advance and statistically learns the feature vector distributions they follow, and the reference vector generation unit 406 includes the feature vector distribution described above. Accordingly, m number of n-dimensional reference vectors whose norms match a predetermined constant c may be generated randomly.

  When p = 1 and q = ∞, the reference vector is generated so that the ∞ norm is equal to c. In this case, the reference vector may be further generated so that each element of the reference vector is equal to c or −c. . For example

Such. By doing so, it is expected that the absolute value of the inner product of the reference vector and the feature vector is increased, and the error in the distance before and after conversion can be further reduced.

  In the following description, c = 1 is used for simplicity, but the same effect can be obtained even if it is not so.

  Next, the vector conversion processing flow in the present embodiment will be described.

  The vector conversion units 106 and 117

, Calculate the matrix product with the reference matrix M recorded in the storage 415, and calculate the m-dimensional projection vector

(S411).

  The vector conversion units 106 and 117 are m-dimensional vectors

(Hereinafter referred to as a random number vector) is generated (S412). The random number vector may be generated using the first seed as an input and using a pseudo random number generator. Or you may produce | generate based on a reference | standard matrix, and may produce | generate the predetermined | prescribed random vector fixed beforehand.

  The vector conversion units 106 and 117 are configured to perform the projection vector

The random vector

 Add the transformation vector

(S413).

  This step is not always necessary and may not be executed.

  The reason why the metric space defined by the p-norm is copied (approximately) to the metric space defined by the ∞ norm by the above vector conversion process will be described below.

  The above conversion

Can be written. two n-dimensional vectors whose distance is defined by the p-norm

On the other hand, m-dimensional vectors converted by the above processing are

Then,

  And can be transformed. Therefore

L∞ distance between

Can be written. Where Helder's inequality

Than,

Is established. Reference vector

Has a q-norm of 1 (

) So that the above formula is

And can be transformed. Since the above inequality holds for all i = 1, 2,..., M 1, the maximum value on the left side is also kept below the right side. Therefore

Together with (Equation 1)

Is established.

  On the other hand, the reference vector

By changing variously

Also within the range satisfying the inequality of (Equation 3), that is,

It varies in the following range. Therefore, the maximum value for more reference vectors is more

Approaching. That is

Is established. Therefore, if m is sufficiently large, approximately

Is established.

  For example, when p = 2, that is, when the feature vector is defined in Euclidean space, the condition for the equality of the Helder inequality is

Is first-order dependent (parallel vectors). Therefore, m reference vectors

One of them

(Equation 5) is satisfied. Further, even if they are not completely parallel, if they are close to each other, (Equation 5) is approximately established, and the distance error becomes small.

  As described above in steps S401 and S402, by learning the distribution that the feature vector follows in advance and generating the reference vector according to the distribution, it is possible to generate a reference vector close to parallel as described above. Even for a small m, the error in distance before and after conversion can be reduced.

  That is, the registration terminal 100 converts a feature vector according to a sensor unit 101 that acquires biometric information of the user, a feature vector extraction unit 102 that extracts a registration feature vector from the biometric information, and a predetermined vector conversion method, A vector conversion unit 106 that generates a conversion vector for registration, and a biometric public key creation unit 104 that generates a biometric public key that uses the conversion vector for registration as a secret key based on a predetermined biometric signature algorithm determined in advance. The signature generation terminal 110 includes a message input unit 111 that acquires an input message, a sensor unit 112 that acquires biometric information of the user, a feature vector extraction unit 113 that extracts a signature feature vector from the biometric information, A vector conversion unit that converts a feature vector according to a vector conversion method and generates a conversion vector for signature 17 and a biometric signature generation unit 114 that generates a biometric signature for a message using a signature conversion vector as a secret key based on a predetermined biometric signature algorithm. The reference matrix generation device 400 includes a predetermined real number p Then, for a given integer n, m, an n-dimensional input vector whose distance is defined by Lp distance is set to a constant q for a real number q of q = p / (p-1) A reference vector generation unit 406 that generates m matching n-dimensional reference vectors, generates a reference matrix in which the vectors are arranged, and transmits the input vector and the reference matrix vector to the signature generation terminal 110 and the registration terminal 100; The vector conversion units 106 and 117 of the terminal 100 and the signature generation terminal 110 calculate the matrix product of the input vector and the reference matrix, and the m-dimensional output vector in which the distance obtained as a result of the matrix product is defined by the L∞ distance Convert to Output.

  In addition, the reference vector generation unit 406 of the reference matrix generation device 400 determines that the ∞ norm is a predetermined value when the n-dimensional input vector is defined as a Hamming distance or an L1 distance with respect to a predetermined integer n, m. It is also possible to generate m n-dimensional reference vectors that match the constant c, generate a reference matrix in which they are arranged, and transmit the input vector and the reference matrix vector to the signature generation terminal 110 and the registration terminal 100.

  In addition, the reference vector generation unit 406 of the reference matrix generation device 400 has m n n input elements whose n-dimensional input vectors match a predetermined constant c or −c with respect to predetermined integers n and m. It is also possible to generate a dimension reference vector, generate a reference matrix in which they are arranged, and transmit the input vector and the reference matrix vector to the signature generation terminal 110 and the registration terminal 100.

  Further, the reference vector generation unit 406 of the reference matrix generation device 400, when the n-dimensional input vector is defined as the Euclidean distance (L2 distance) with respect to the predetermined integers n and m, the Euclidean norm (L2 Norm) generates m n-dimensional reference vectors having a predetermined constant c, generates a reference matrix in which these are arranged, and inputs the input vector and the reference matrix vector to the signature generation terminal 110 and the registration terminal 100. You may send it.

  In addition, the vector conversion units 106 and 117 of the registration terminal 100 and the signature generation terminal 110 calculate a matrix product, generate an m-dimensional random vector, and generate a random number for the m-dimensional vector obtained as a result of the matrix product calculation. Vectors may be added and an m-dimensional vector obtained as a result of the vector addition may be output.

100 registration terminal 101 sensor unit 102 feature vector extraction unit 103 ID input unit 104 biometric public key creation unit 106 vector conversion unit 107 reference matrix storage unit 110 signature generation terminal 111 message input unit 112 sensor unit 113 feature vector extraction unit 114 biometric signature generation Unit 115 biometric signature output unit 116 ID input unit 117 vector conversion unit 118 reference matrix storage unit 400 reference matrix generation device 405 feature vector DB
410 vector converter 415 storage 500 CPU
501 RAM
502 HDD
503 Input device 504 Output device 505 Communication device

Claims (20)

A vector extraction unit that extracts a feature vector defined on an n-dimensional Lp norm space for a predetermined real number p and a predetermined integer n from biological information;
The real number q is defined on the n-dimensional Lq norm space for the real number q, q = p / (p-1) with respect to the real number p, the integer n, and the predetermined integer m, and the q norm is predetermined. A reference vector generation unit that generates m reference vectors that match the constant c of
A matrix product of the extracted feature vector and the reference matrix is calculated, and a vector obtained as a result of the matrix product calculation is regarded as a vector on an m-dimensional L∞ norm space and is output as a conversion vector. A vector conversion unit;
A vector conversion system comprising: The vector conversion system according to claim 1, wherein
The reference vector generation unit
When the real number p is 1, m m-dimensional vectors are generated so that each element of each reference vector matches one of the predetermined constants c and -c, and a reference matrix in which they are arranged is generated.
A vector conversion system characterized by that. The vector conversion system according to claim 1, wherein
The reference vector generation unit
When the real number p is 2, a vector characterized by generating m n-dimensional reference vectors whose Euclidean norm (L2 norm) matches a predetermined constant c and generating a reference matrix in which they are arranged. Conversion system. The vector conversion system according to claim 1, wherein
The reference vector generation unit generates the reference vector uniformly and randomly.
A vector conversion system characterized by that. The vector conversion system according to claim 1, wherein
The reference vector generation unit further includes a learning unit that statistically learns a feature vector distribution according to the plurality of n-dimensional feature vectors using a plurality of n-dimensional feature vectors in advance, and randomly includes the feature vector distribution according to the feature vector distribution. Generate a reference vector,
A vector conversion system characterized by that. The vector conversion system according to claim 1, wherein
The predetermined constant c is 1.
A vector conversion system characterized by that. The vector conversion system according to claim 1, wherein
The vector conversion unit generates a m-dimensional random vector after calculating the matrix product, adds the random vector to the m-dimensional vector obtained after the matrix product calculation, and is obtained as a result of the vector addition outputting an m-dimensional vector as the transformation vector;
A vector conversion system characterized by that. The vector conversion system according to claim 1, wherein
The reference vector generation unit
Generating the reference vector based on an output of a pseudorandom number generator having a predetermined first seed as an input;
A vector conversion system characterized by that. The vector conversion system according to claim 7 , wherein
The vector conversion unit generates the random number vector based on an output of a pseudo random number generator that receives a predetermined second seed.
A vector conversion system characterized by that. A vector extraction unit that extracts a feature vector defined on an n-dimensional Lp norm space for a predetermined real number p and a predetermined integer n from biological information;
The real number q is defined on the n-dimensional Lq norm space for the real number q, q = p / (p-1) with respect to the real number p, the integer n, and the predetermined integer m, and the q norm is predetermined. A matrix product of a reference matrix in which m reference vectors matching the constant c of the above are arranged and the extracted feature vector is calculated. A vector conversion unit that outputs a vector regarded as a vector in space as a conversion vector;
A vector conversion system comprising: A step of extracting a feature vector defined on an n-dimensional Lp norm space for a predetermined real number p and a predetermined integer n from the biometric information;
The reference vector generation unit is defined on the n-dimensional Lq norm space for the real number q with respect to the real number p, q = p / (p-1), the integer n, and the predetermined integer m. Generating m reference vectors whose q norm matches a predetermined constant c, and generating a reference matrix in which they are arranged; and
A vector conversion unit calculates a matrix product of the extracted feature vector and the reference matrix, and considers a vector obtained as a result of the matrix product calculation as a vector in an m-dimensional L∞ norm space Outputting as a transformation vector;
A vector conversion method comprising: The vector conversion method according to claim 11, wherein
The reference vector generation unit
When the real number p is 1, m n-dimensional vectors are generated so that each element of each reference vector matches one of the predetermined constants c and −c, and a reference matrix in which they are arranged is generated. ,
A vector conversion method characterized by that. The vector conversion method according to claim 11, wherein
The reference vector generation unit
When the real number p is 2, a vector characterized by generating m n-dimensional reference vectors whose Euclidean norm (L2 norm) matches a predetermined constant c and generating a reference matrix in which they are arranged. Conversion method. The vector conversion method according to claim 11, wherein
The reference vector generation unit generates the reference vector uniformly and randomly.
A vector conversion method characterized by that. The vector conversion method according to claim 11, wherein
The learning unit further includes a step of statistically learning a feature vector distribution followed by the plurality of n-dimensional feature vectors using a plurality of n-dimensional feature vectors in advance.
The reference vector generation unit randomly generates the reference vector according to the feature vector distribution.
A vector conversion method characterized by that. The vector conversion method according to claim 11, wherein
The predetermined constant c is 1.
A vector conversion method characterized by that. The vector conversion method according to claim 11, wherein
The vector conversion unit generates a m-dimensional random vector after calculating the matrix product, adds the random vector to the m-dimensional vector obtained after the matrix product calculation, and is obtained as a result of the vector addition outputting an m-dimensional vector as the transformation vector;
A vector conversion method characterized by that. The vector conversion method according to claim 11, wherein
The reference vector generation unit
Generating the reference vector based on an output of a pseudorandom number generator having a predetermined first seed as an input;
A vector conversion method characterized by that. The vector conversion method according to claim 17 ,
The vector conversion unit generates the random number vector based on an output of a pseudo random number generator that receives a predetermined second seed.
A vector conversion method characterized by that. A step of extracting a feature vector defined on an n-dimensional Lp norm space for a predetermined real number p and a predetermined integer n from the biometric information;
A vector conversion unit is defined on an n-dimensional Lq norm space for a real number q of q = p / (p-1) with respect to the real number p, the integer n, and a predetermined integer m. , Calculate a matrix product of a reference matrix in which m reference vectors whose q norm matches a predetermined constant c and the extracted feature vector, and obtain a vector obtained as a result of the matrix product calculation outputting a vector regarded as a vector on an m-dimensional L∞ norm space as a transformation vector;
A vector conversion method comprising:

Images