KR20100123032A - Short range wireless digital signature generator based on fingerprint - Google Patents

Short range wireless digital signature generator based on fingerprint Download PDF

Info

Publication number
KR20100123032A
KR20100123032A KR1020090042023A KR20090042023A KR20100123032A KR 20100123032 A KR20100123032 A KR 20100123032A KR 1020090042023 A KR1020090042023 A KR 1020090042023A KR 20090042023 A KR20090042023 A KR 20090042023A KR 20100123032 A KR20100123032 A KR 20100123032A
Authority
KR
South Korea
Prior art keywords
fingerprint
data
digital signature
range wireless
wireless communication
Prior art date
Application number
KR1020090042023A
Other languages
Korean (ko)
Inventor
서문석
Original Assignee
서문석
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 서문석 filed Critical 서문석
Priority to KR1020090042023A priority Critical patent/KR20100123032A/en
Publication of KR20100123032A publication Critical patent/KR20100123032A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/12Fingerprints or palmprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Human Computer Interaction (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Theoretical Computer Science (AREA)
  • Power Engineering (AREA)
  • Collating Specific Patterns (AREA)

Abstract

PURPOSE: A short range wireless digital signature generating device based on fingerprint recognition is provided to store a generated digital document in an official digital document repository, thereby simplifying works, facilitating search, and saving document storage costs. CONSTITUTION: A digital signature generating device recognizes a fingerprint in a short range wireless communication environment like Bluetooth. Data received through a wireless communication unit is displayed on a data display unit to enable a user to check content of the data. It is determined whether to digitally sign after checking whether the content of the data is genuine. It is checked that a person is a right signature person by contacting a fingerprint of the person with a fingerprint recognizing unit to generate a digital signature.

Description

지문인식 기반 근거리 무선 전자서명 생성장치{Short Range Wireless Digital Signature Generator Based on Fingerprint}Short Range Wireless Digital Signature Generator Based on Fingerprint

본 발명은 적외선 데이터통신(IrDA : Infrared Data Association) 또는 블루투스(Bluetooth) 등과 같은 근거리 무선통신 환경하에서 두 장치간 전자서명에 의한 업무처리가 필요한 경우 수기서명을 대신하여 본 발명장치에 의해 전자서명을 생성하여 무선 송신함으로써 업무처리 전과정을 전산화하여 종이문서의 발생을 억제하고 처리시간을 단축할 수 있도록하기 위한 지문인식에 기반한 휴대형 무선 전자서명 생성장치에 관한 기술이다.The present invention is to replace the digital signature by the device of the present invention in place of a handwritten signature when a business process by the electronic signature between two devices is required in a short range wireless communication environment such as Infrared Data Association (IrDA) or Bluetooth (Bluetooth). The present invention relates to a portable wireless digital signature generating apparatus based on fingerprint recognition for generating and transmitting wirelessly to computerize the whole process of processing to suppress the generation of paper documents and to shorten the processing time.

일반적으로 전자서명은 유무선 인터넷 환경에서 컴퓨터를 활용하여 안전한 전자상거래, 인터넷뱅킹 및 증권거래 등에 활용하기 위해 사용되고 있다. 이러한 전자서명을 통해 인터넷 상의 거래에서 사용자의 인증, 데이터의 무결성 및 거래 내역에 대한 송수신부인방지등의 목적을 달성할 수 있다. 전자서명을 생성하기 위해서는 공인인증기관으로터 공인인증서를 발급받아야 하며 이과정에서 서명자의 개인키가 생성되며 이를 비밀번호로 암호화하여 사용자의 컴퓨터 하드디스크 혹은 이동저장장치 등에 저장한다. 전자서명이 필요한 경우 비밀번호의 확인을 통해 개인 키를 복호화하고 전자서명 알고리즘을 이용하여 전자서명 값을 생성하여 전달함으로써 필요한 보안서비스를 받을 수 있다. 그러나 이러한 인터넷 환경에서 고기능 단말장치를 활용한 전자서명은 근거리 무선통신 환경에서 두 장치간 전자서명의 적용이 필요한 경우 사용할 수 없는 단점이 있다.In general, digital signatures are used for secure electronic commerce, internet banking, and securities transactions using computers in wired and wireless Internet environments. Through such an electronic signature, it is possible to achieve the purpose of authentication of a user, integrity of data, and prevention of unauthorized transmission and reception of transaction details in a transaction on the Internet. In order to generate an electronic signature, an accredited certificate must be issued from an accredited certification authority. In this process, a signer's private key is generated and encrypted with a password and stored in a user's computer hard disk or mobile storage device. If the digital signature is required, the required security service can be received by decrypting the private key through verification of the password and generating and transmitting the digital signature value using the digital signature algorithm. However, the electronic signature using a high-performance terminal device in such an Internet environment has a disadvantage that it cannot be used when the electronic signature between two devices is required in a short range wireless communication environment.

전자서명 값을 수신한 자는 인증서의 유효성과 전자서명의 검증을 통하여 정당한 사용자에 의한 전자서명임을 확인하여 업무처리를 완료할 수있다. 전자서명을 생성하고 활용하기 위해서는 해쉬함수, 대칭키 암호 및 공개키 암호알고리즘 등과 같은 암호기술이 구현되어져 있는 컴퓨팅 환경이 필요하므로 일반적으로 인증서 소지자의 개인용 컴퓨터가 전자서명 생성장치로 활용되고 있다. 전자서명이 필요한 경우 컴퓨터 하드디스크 혹은 이동저장장치 등과 같은 인증서의 개인키 저장매체로 부터 개인키를 읽어들여 이를 복호화하고 전자서명을 생성하고 있다. 현재 주로 사용되고 있는 이동 저장장치의 경우 계산 능력이 없고 컴퓨터와의 연결을 통해서만 전자서명을 생성할 수 있어 근거리 무선통신에서 전자서명을 생성하여 송신할 수 없는 단점이 있다.The person who receives the value of the digital signature can confirm the digital signature by the legitimate user through the validity of the certificate and the verification of the digital signature to complete the processing. In order to generate and utilize digital signatures, a computing environment in which cryptographic technologies such as hash function, symmetric key cryptography, and public key cryptographic algorithm are implemented is required. Therefore, a personal computer of a certificate holder is generally used as a digital signature generator. When digital signature is required, the private key is read from the private key storage medium of the certificate such as a computer hard disk or a mobile storage device, and the digital key is decrypted. Mobile storage devices, which are currently used mainly, have no computational ability and can generate digital signatures only through a connection with a computer, so they cannot be generated and transmitted in short-range wireless communication.

근거리 무선통신 환경에서 수신한 데이터에 대해 지문인식 정보를 기반으로 암호화 되어 있는 개인키 소지자가 지문인식을 통해 정당한 소지자임을 확인한 후 수신데이타에 대한 전자서명 값을 생성하여 전자서명을 요청한 장치로 무선 송신하고자하는 경우에 사용할 수 있는 장치After confirming that the private key holder, which is encrypted based on the fingerprint recognition information, for the data received in the short-range wireless communication environment is a valid holder through fingerprint recognition, generate a digital signature value for the received data and transmit it wirelessly to the device that requested the electronic signature. Available device if you wish

블루투스와 같은 근거리 무선통신 기술은 휴대형 장치에 활용되기 위해 저렴한 가격에 저전력(100㎽)으로 사용 가능하며 무선 전송에 따른 보안 위협에서도 상대적으로 안전하다. 또한 벽이나 가방 등 장애물이 있는 환경하에서도 신호를 주고받을 수 있으며 주파수 특성도 전 방향으로 신호가 전송되므로 각 장치를 연결하기 위해 일정한 각도를 유지할 필요가 없어 사용하기에 편리하며 이를 이용한 무선 통신은 언제 어디서나 모든 정보기기 간의 자유로운 데이터 교환이 이뤄질 수 있도록 한다. 이러한 무선통신 기술을 이용하여 특정 데이터에 대해 전자서명을 받고자하는 장치가 해당 데이타를 근거리 무선통신 송신 장치를 이용하여 본 발명장치의 무선통신수신부로 송신한다. 데이터를 수신한 무선통신부는 서명자가 데이터의 내용을 확인할 수 있도록 본 발명장치의 데이터 표시부에 이를 표시하고 확인이 완료될 때까지 대기한다. 서명자는 수신한 데이터의 내용을 확인한 후 전자서명 여부를 결정하고 전자서명을 생성하고자 하는 경우 자신의 지문을 본 장치의 지문인식부에 접촉하여 정당한 서명자임을 확인하고 전자서명을 생성한 후 무선송신부를 통해 전 자서명 요청 장치로 송신한다.Short-range wireless communication technologies such as Bluetooth are available at low cost (100kW) at an affordable price for use in portable devices, and are relatively safe from security threats caused by wireless transmission. In addition, it can send and receive signals even under obstacles such as walls and bags, and because its frequency characteristic is transmitted in all directions, it is not necessary to maintain a constant angle to connect each device. Ensure free data exchange between any information device anytime, anywhere. A device that wants to receive an electronic signature for specific data by using the wireless communication technology transmits the data to the wireless communication receiver of the device using the short range wireless communication transmitter. The wireless communication unit receiving the data displays it on the data display unit of the device of the present invention so that the signer can confirm the contents of the data and waits until the confirmation is completed. After verifying the contents of the received data, the signer decides whether to use the digital signature and generates a digital signature.If the signer contacts his / her fingerprint with the fingerprint recognition unit, the signer confirms that he is a legitimate signer. Send it to the electronic signature request device.

지문인식기술은 지문이 태어나면서 죽을 때까지 같은 형태를 유지하며, 외부 요인에 의해 상처가 생겼을 때도 금방 기존의 형태로 재생될 뿐만아니라 타인과 같은 형태의 지문을 가질 확률은 10억분의 1밖에 되지 않는 등 이러한 지문의 특성을 이용해 사용자의 손가락을 전자적으로 읽어 미리 입력된 데이터와 비교해 본인 여부를 판별하여 사용자의 신분을 확인하는 기술로 본 발명장치는 도 3의 순서대로 지문인식부를 통해 확인한 지문데이터를 통해 개인키 소유자임을 확인하고 정당한 소유자인 경우 지문데이터에 해쉬 알고리즘을 적용하여 비밀번호를 생성하고 이를 이용하여 암호화된 개인키를 복호화한다. 개인키 저장부에 저장되어 있는 개인키는 인증서 발급시점에 본 장치에 지문데이터로 부터 유도된 비밀번호로 암호화되어 있어여 한다.Fingerprint recognition technology maintains the same shape from birth to death, and when wounds are caused by external factors, it is not only immediately regenerated but also has a probability of 1 in 1 billion. By using the characteristics of the fingerprint, such as by reading the user's finger electronically compared to the previously input data to determine the identity of the user to verify the identity of the user device of the present invention fingerprint data confirmed through the fingerprint recognition unit in the order of FIG. Verify that you are the owner of the private key, and if you are a legitimate owner, apply a hash algorithm to the fingerprint data to create a password and use it to decrypt the encrypted private key. The private key stored in the private key storage must be encrypted with a password derived from fingerprint data at the time of certificate issuance.

본 발명장치의 암호연산부에서는 복호화된 개인키를 이용하여 수신한 데이터에 대해 전자서명 알고리즘을 적용하여 전자서명 값을 생성한다. 생성된 전자서명 값은 무선송신부를 통해 전자서명을 요청한 상대방에게 전달한다. 전자서명이 완료되어 생성된 전자문서의 보관를 위해서는 공인전자문서보관를 활용할 수 있다. 공인전자문서보관소는 종이 없는 사회 구현의 촉진을 위해 정부가 추진하고 있는 제도로 이는 생성된 전자문서를 공인된 전자문서보관소에 보관하고 필요시에 해당 전자문서 혹은 증명서를 발급하여 업무에 활용하는 방식이다.The cryptographic operation unit of the present invention generates an electronic signature value by applying an electronic signature algorithm to the data received using the decrypted private key. The generated digital signature value is transmitted to the other party requesting the digital signature through the wireless transmitter. Certified electronic document storage can be used for the storage of electronic documents created after the digital signature is completed. Accredited Electronic Archives is a system promoted by the government to promote the paperless society. This is a method of storing the created electronic documents in the certified electronic archives and issuing the relevant electronic documents or certificates for use in business. .

근거리 무선통신 환경하에서 이동 중에도 수기서명을 대신하여 전자서명의 생성을 가능하게 하여 수기서명에 따른 불편함을 해소할 수 있다. 또한 다양한 형태의 업무처리 전과정을 전산화할 수 있어 이를 통해 완전한 전자문서를 생성함으로써 전자문서의 활성화에 기여할 수 있다. 이는 수기서명으로 인한 종이서류의 발생을 억제하여 종이서류 보관 및 관리의 어려움을 해소하고 생성된 전자문서를 공인전자문서보관소에 저장함으로써 업무처리의 간소화, 검색의 용이성 및 문서보관비용 절감 등의 효과를 기대할 수 있다.In the short-range wireless communication environment, it is possible to solve the inconvenience caused by the handwriting signature by enabling the generation of the electronic signature instead of the handwriting signature on the move. In addition, various types of business processes can be computerized, thereby creating a complete electronic document and contributing to the activation of the electronic document. This eliminates the difficulty of storing and managing paper documents by suppressing the occurrence of paper documents due to handwritten signatures, and saves the generated electronic documents in a certified electronic archives, simplifying business processes, facilitating retrieval, and reducing document storage costs. You can expect.

기존 신용카드 사용 시 수기서명에 기반하여 업무를 처리하고 있는 신용카드거래 승인 업무처리 시스템에 본 발명장치를 적용한 실시 예를 보이고자 한다.An example of applying the present invention to a credit card transaction approval business processing system that processes a business based on a handwritten signature when using an existing credit card will be described.

주유소 등에서 신용카드 사용자가 본 발명장치를 이용하여 신용카드 거래내역을 확인한 후 전자서명을 수행하고 신용카드 가맹점 단말기를 통해 전자서명을 수신하는 방법은 도 2와 같다. 가맹점 단말기에서 전표 데이터(M)를 카드사용자의 본 발명 장치로 무선전송하고 신용카드 사용자가 데이터의 주요내용을 확인한 후 본 발명장치에 지문을 인식시켜 인증을 받은 후 저장된 개인키(pkey)를 복호화하여 해당 데이터에 대한 전자서명(Sig pkey (hash(M)))을 생성하고 이를 가맹점 단말기로 무선 전송한다. 가맹점 단말기는 수신된 전자서명 값과 메시지를 신용카드승인 VAN 사업자로 전달하여 신용카드 거래 승인 서비스를 완료한다.After the credit card user checks the transaction details of the credit card using the present invention at a gas station, the method of performing an electronic signature and receiving the electronic signature through the credit card merchant terminal is shown in FIG. 2. The merchant terminal wirelessly transmits the slip data ( M ) to the apparatus of the present invention of the card user, and after verifying the main contents of the data, the credit card user recognizes the fingerprint and decrypts the stored private key ( pkey ) after authentication. By generating an electronic signature ( Sig pkey (hash (M)) ) for the corresponding data and wirelessly transmits it to the merchant terminal. The merchant terminal completes the credit card transaction approval service by passing the received digital signature value and message to the credit card approval VAN operator.

제1도는 지문인식 기반 무선 전자서명 생성장치의 장치 구성요소를 나타내는 구성도 1 is a block diagram showing the device components of the fingerprint recognition-based wireless digital signature generation device

제2도는 이동 중 근거리 무선통신 환경하에서 신용카드 거래 데이터에 대해본 발명장치를 활용한 전자서명의 실시 예2 is an embodiment of an electronic signature using the present invention for credit card transaction data in a near field communication environment while on the move.

제3도는 본 발명장치 내에서 지문데이터로 부터 패스워드를 생성하는 방법을 나타낸 순서도3 is a flowchart showing a method for generating a password from fingerprint data in the apparatus of the present invention.

Claims (2)

블루투스와 같은 근거리 무선통신 환경에서 지문인식에 기반한 전자서명 생성장치로 무선통신부를 통해 수신한 데이터를 서명자가 내용의 확인을 위해 데이터 표시부에 이를 표시하고 서명자가 수신한 데이터 내용의 진위를 확인한 후 전자서명 여부를 결정하고 전자서명을 생성하고자 하는 경우 자신의 지문을 본 발명장치의 지문인식부에 접촉하여 정당한 서명자임을 확인하고 전자서명을 생성하여 무선 송신하는 장치로 도 1과 같이 구성된 휴대형 전자서명 생성장치.In the short-range wireless communication environment such as Bluetooth, the digital signature generation device based on fingerprint recognition displays the data received through the wireless communication unit on the data display unit for verification of the contents, and confirms the authenticity of the data contents received by the signer. When determining whether or not to sign and generate an electronic signature, a device for contacting the fingerprint reader of the device of the present invention to verify that the user is a legitimate signer, generating an electronic signature, and wirelessly transmitting the fingerprint, as shown in FIG. 1. Device. 청구항 1의 장치 내에서 지문인식부로 부터 입력된 지문데이터로 신원확인이 완료된 후에 해당 지문데이터에 대해 SHA-1과 같은 해쉬알고리즘을 적용하여 생성한 해쉬코드를 개인키 패스워드로 생성하여 개인키를 암복호화에 적용하는 방법.After identification is completed with the fingerprint data input from the fingerprint recognition unit in the apparatus of claim 1, a hash code generated by applying a hash algorithm such as SHA-1 to the fingerprint data is generated as a private key password to encrypt the private key. How to apply to decryption.
KR1020090042023A 2009-05-14 2009-05-14 Short range wireless digital signature generator based on fingerprint KR20100123032A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020090042023A KR20100123032A (en) 2009-05-14 2009-05-14 Short range wireless digital signature generator based on fingerprint

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020090042023A KR20100123032A (en) 2009-05-14 2009-05-14 Short range wireless digital signature generator based on fingerprint

Publications (1)

Publication Number Publication Date
KR20100123032A true KR20100123032A (en) 2010-11-24

Family

ID=43407757

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020090042023A KR20100123032A (en) 2009-05-14 2009-05-14 Short range wireless digital signature generator based on fingerprint

Country Status (1)

Country Link
KR (1) KR20100123032A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IT202100010241A1 (en) 2021-04-22 2022-10-22 Alosys Communications S R L CONFIDENTIAL SECURE EXCHANGE METHOD AND SYSTEM OF DIGITAL CONTENT

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IT202100010241A1 (en) 2021-04-22 2022-10-22 Alosys Communications S R L CONFIDENTIAL SECURE EXCHANGE METHOD AND SYSTEM OF DIGITAL CONTENT

Similar Documents

Publication Publication Date Title
CN102035654B (en) Identity authentication method, identity authentication equipment, server and identity authentication-based encryption method
US9369287B1 (en) System and method for applying a digital signature and authenticating physical documents
US8775814B2 (en) Personalized biometric identification and non-repudiation system
RU2018105186A (en) VERIFICATION OF PORTABLE CONSUMER DEVICES
US20190080300A1 (en) Cash-equivalent device for digital currencies
CN112106324A (en) Methods, computer program products and devices for creating, registering and verifying digitally stamped assets
US20100258625A1 (en) Dynamic Card Verification Values and Credit Transactions
CN112232814B (en) Encryption and decryption methods of payment key, payment authentication method and terminal equipment
CN101770619A (en) Multiple-factor authentication method for online payment and authentication system
JP2000242750A (en) Personal authentication system, and portable device and storage medium used for the same
CN102147884A (en) Anti-counterfeiting and authenticity-verifying method and system for article
KR101385429B1 (en) Method for authenticating individual of electronic contract using nfc, authentication server and terminal for performing the method
KR102178179B1 (en) apparatus and user terminal for mobile identification
US20140289129A1 (en) Method for secure contactless communication of a smart card and a point of sale terminal
KR101149695B1 (en) Business processing system using handwriting electronic signature on electronic document for finacial transactions services and method thereof
CN102710611A (en) Network security authentication method and system
CN101227276B (en) Method and system for public key safety transfer of digital mobile certificate
US20100005519A1 (en) System and method for authenticating one-time virtual secret information
US20240048395A1 (en) Method and system for authentication credential
CN103942479A (en) Electronic fingerprint identity label generating and verifying method
KR101666591B1 (en) One time password certifacation system and method
KR20100123032A (en) Short range wireless digital signature generator based on fingerprint
KR101868564B1 (en) Apparatus for authenticating user in association with user-identification-registration and local-authentication and method for using the same
KR20200022194A (en) System and Method for Identification Based on Finanace Card Possessed by User
KR20200013494A (en) System and Method for Identification Based on Finanace Card Possessed by User

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E601 Decision to refuse application