WO2010050104A1 - 生体認証方法およびシステム - Google Patents
生体認証方法およびシステム Download PDFInfo
- Publication number
- WO2010050104A1 WO2010050104A1 PCT/JP2009/004022 JP2009004022W WO2010050104A1 WO 2010050104 A1 WO2010050104 A1 WO 2010050104A1 JP 2009004022 W JP2009004022 W JP 2009004022W WO 2010050104 A1 WO2010050104 A1 WO 2010050104A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- array
- feature quantity
- authentication
- position correction
- feature
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06T—IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
- G06T7/00—Image analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/30—Individual registration on entry or exit not involving the use of a pass
- G07C9/32—Individual registration on entry or exit not involving the use of a pass in combination with an identity check
- G07C9/37—Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/30—Individual registration on entry or exit not involving the use of a pass
- G07C9/38—Individual registration on entry or exit not involving the use of a pass with central registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2153—Using hardware token as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/50—Maintenance of biometric data or enrolment thereof
- G06V40/53—Measures to keep reference information secret, e.g. cancellable biometrics
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C2209/00—Indexing scheme relating to groups G07C9/00 - G07C9/38
- G07C2209/12—Comprising means for protecting or securing the privacy of biometric data, e.g. cancellable biometrics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/04—Masking or blinding
- H04L2209/043—Masking or blinding of tables, e.g. lookup, substitution or mapping
Definitions
- the present invention relates to a biometric authentication method and system for authenticating an individual using personal biometric information.
- the personal authentication system using biometric information acquires personal biometric information at the time of registration, extracts information called feature values from the biometric information, and registers it. This registration information is called a template.
- biometric information is obtained again from the individual, the feature amount is extracted, and it is checked against the template registered in advance to determine whether or not the user is the person.
- the server when the server performs biometric authentication for a user on the client side, the server typically holds a template.
- the client acquires the biometric information of the user at the time of authentication, extracts the feature value and transmits it to the server, and the server checks the feature value against the template to determine whether or not the user is the person.
- the template is information that can identify an individual, strict management is required as personal information, and high management costs are required. Even if strictly managed, many people feel psychological resistance to registering templates from a privacy perspective.
- the template since there is a limit to the number of one type of biometric information that one individual has (for example, the fingerprint is only 10 fingers), the template cannot be easily changed like a password or an encryption key. If the template is leaked and there is a risk of forgery, there is a problem that biometric authentication using the template cannot be used.
- the same biometric information is registered in another system, the other system is exposed to a threat.
- the feature value is converted with a certain function (a kind of encryption) and a secret parameter (a kind of encryption key) that the client has, and the original information is kept secret and stored in the server as a template.
- the feature value of the biometric information newly extracted by the client at the time of authentication is converted to the same function and parameter and sent to the server, and the server collates the received feature value and the template in the converted state (cancellable) Biometric authentication) has been proposed.
- the server since the client keeps the conversion parameter secret, the server cannot know the original feature amount even at the time of authentication, and personal privacy is protected. Even when a template leaks, safety can be maintained by changing the conversion parameter and creating and registering the template again. Furthermore, when the same biological information is used for another system, by registering templates converted with different parameters, it is possible to prevent the safety of other systems from being lowered even if one template leaks. .
- Patent Document 1 shows a method for realizing cancelable iris authentication.
- Japanese Patent Application Laid-Open No. 2004-228561 is data in which a feature amount is represented by an image, in particular, a two-dimensional array of luminance values (integers), and matches / mismatches are determined based on a maximum correlation value in consideration of a positional deviation between two images.
- An implementation method hereinafter referred to as correlation invariant random filtering
- correlation invariant random filtering applicable to such a biometric authentication technique is shown.
- Patent Document 3 and Non-Patent Document 1 the feature amount (iris code) in iris authentication cannot be expressed by a simple bit string, and an iris pattern such as an eyelid or a portion where light is reflected during imaging cannot be extracted.
- iris code iris code
- the minimum value minimum hamming distance
- a “rotation” process is added instead of the exclusive OR step, but this is equivalent to a combination of a bit replacement step and an exclusive OR step.
- Patent Document 3 and Non-Patent Document 1 as described above, the feature amount (iris code) in iris authentication cannot be expressed only with a simple bit string, such as a portion where the eyelid or light is reflected during imaging. Therefore, a mask pattern indicating a portion where the iris pattern could not be extracted is required. In other words, it is necessary to represent not a binary bit string of ⁇ 0, 1 ⁇ but a ternary bit string of ⁇ 0, 1, * ⁇ .
- “*” is a value indicating a portion where the iris pattern could not be extracted, and is a special bit (hereinafter referred to as “Don't care bit”) that is considered to match both 0 and 1 in the calculation of the Hamming distance. It is. Patent Document 1 does not consider the existence of Don't care bit.
- Patent Document 3 and Non-Patent Document 1 when two iris codes are compared, the Hamming distance is not calculated simply, but one of the iris codes is cyclically shifted little by little to calculate the Hamming distance repeatedly. Then, the minimum value (minimum Hamming distance) is compared with a threshold value to determine match / mismatch.
- the cyclic shift of the iris code corresponds to the rotation conversion in the original iris image, and this operation absorbs the rotational deviation of the iris at the time of imaging due to a change in the posture of the user.
- Patent Document 1 does not consider such a shift operation, and can only correctly collate when there is no rotational deviation, and it is considered that the authentication accuracy is significantly deteriorated.
- the code for bit concatenation is deterministically determined by R and does not change for each authentication.
- the original iris code may change due to deviation or noise at every authentication. Therefore, by recording and comparing the converted bit string for each authentication, it can be seen that the bit position that does not change no matter how many times the authentication is performed is the position where the concatenated bit is replaced. Therefore, bit concatenation does not contribute to improving safety in concealing the iris code.
- Patent Document 2 discloses a correlation function (correlation image) for a feature image (two-dimensional array) X1 (i, j), X2 (i, j).
- a correlation image can be correctly calculated by multiplying these converted images element by element and performing inverse basis conversion.
- the correlation image C (i, j) is a two-dimensional array in which values obtained by calculating inner products by shifting X2 relative to X1 by (i, j) (cyclically shifting) are arranged. For a given maximum deviation allowance ( ⁇ W, ⁇ H), the maximum value of C (i, j) within that range is compared with a predetermined threshold value to determine whether X1 and X2 match / mismatch can do.
- Patent Document 2 can be easily applied to one-dimensional array feature quantities (iris code, etc.), thereby taking into account the cyclic shift that was one of the problems of Patent Document 1. It can provide solutions to problems that must be addressed.
- the method of Patent Document 2 calculates a correlation value between feature quantity arrays, and is based on Hamming that originally considered Don't care bits, such as iris authentication shown in Patent Document 3 and Non-Patent Document 1. Authentication accuracy deteriorates when applied to biometric authentication to be determined.
- An object of the present invention is represented by a one-dimensional array (bit string) or two-dimensional array (image) whose feature amount includes Don't care bit, and the distance between them is the minimum Hamming distance in consideration of shift deviation (positional deviation). It is to provide a cancelable biometric authentication method and system with small accuracy degradation and high safety (feature secrecy).
- the present invention is a biometric authentication method and system in the following manner.
- the client When registering biometric information, the client extracts a registration feature quantity array from the biometric information of the registrant, generates a first matching conversion parameter for converting the registration feature quantity array, and positions the registration feature quantity array from the registration feature quantity array.
- a correction template is created, a collation template obtained by converting the registration feature amount array using the first collation conversion parameter is created, and the position correction template and the collation template are transmitted to the server.
- an authentication feature quantity array is extracted from the biometric information of the user, a second matching conversion parameter for converting the authentication feature quantity array is generated, and a position correction conversion feature quantity is obtained from the authentication feature quantity array. Create and send the position correction conversion feature value to the server.
- the server stores the position correction template and the collation template in a database to be connected, and uses the position correction template and the position correction conversion feature amount transmitted from the client to perform registration between the registration feature amount array and the authentication feature amount array.
- the position correction amount is calculated and the position correction amount is transmitted to the client.
- the client further creates a corrected feature quantity array obtained by correcting the position of the authentication feature quantity array based on the position correction quantity, and converts the corrected feature quantity array using the second matching conversion parameter. Is created, and the conversion feature quantity array for verification is transmitted to the server.
- the server calculates the distance between the collation template stored in the database and the collation conversion feature array transmitted from the client, and authenticates the user registrant based on the comparison between the distance and a predetermined authentication threshold. Determine success or failure.
- each of the registration feature quantity array and the authentication feature quantity array is a bit array of a predetermined size L
- the generation of the first matching conversion parameter is a random size L
- the first verification conversion parameter includes a mask bit array
- the verification template is an array obtained by calculating an exclusive OR of the registration feature quantity array and the mask bit array.
- the collation conversion feature quantity array is an array obtained by calculating an exclusive OR of the correction feature quantity array and the mask bit array, and uses a Hamming distance as a distance.
- each of the registration feature quantity array and the authentication feature quantity array is a bit array of a predetermined size L
- the generation of the first verification conversion parameter is a random size M
- creation of a collation template involves the size of the registration feature quantity array and the connected array (L + M) creating a registration linked array and creating a matching template in which the registration linked array is replaced according to a replacement pattern
- creating a matching conversion feature quantity array includes a predetermined offset Hamming distance with respect to the linked array
- Generation of a modified M sequence of size M separated by ⁇ creation of an authentication linked sequence of size (L + M) obtained by linking the authentication feature quantity sequence and the modified linked sequence, and a replacement pattern
- the conversion feature quantity array for verification in which the authentication concatenated array is replaced according to the pattern, and the calculation of the distance between the verification template and the conversion feature quantity array for verification is performed by Ham
- the creation of the position correction template includes creation of a registration local feature amount array obtained by cutting out a part of the registration feature amount array. This includes the creation of an authentication partial feature quantity array that is obtained by cutting out the feature feature array part, and the position correction amount calculation is performed by repeatedly shifting the authentication partial feature quantity array relative to the registration local feature quantity array. The shift amount that minimizes the distance is used as the position correction amount, and the creation of the corrected feature amount array is performed by shifting the authentication feature amount array by the position correction amount.
- a position correction conversion parameter for converting a registration feature quantity array is generated, and a position correction template is created from the registration feature quantity array.
- a position correction template obtained by converting a local feature quantity array for registration using a conversion parameter for position correction, and creating a converted feature quantity for position correction from an authentication feature quantity array. This includes cutting out the partial feature amount array and creating a position correction conversion feature amount obtained by converting the authentication partial feature amount array using the position correction conversion parameter.
- a biometric information registration client and an authentication client are different.
- a feature quantity of biometric information is converted in the client and transmitted to the server, and the server performs a verification without knowing the original feature quantity as an example of a server / client type cancelable biometric authentication system. explain.
- FIG. 1 shows a configuration example of a cancelable biometric authentication system.
- the cancelable biometric authentication system of this embodiment includes a client terminal (hereinafter referred to as a client) 100 that performs biometric information acquisition, feature extraction, and feature conversion at the time of registration / authentication, and an authentication server that performs template storage and verification. (Hereinafter referred to as a server) 130 is configured to be connected via a network such as the Internet or an intranet.
- the client 100 is managed by the user himself / herself or a trusted third party, has a sensor 110 for acquiring biometric information (for example, iris, fingerprint, vein, etc.) and reads / writes data from / to the recording medium 120.
- the recording medium 120 may be managed by the user as a portable recording medium such as an IC card or a USB memory, or may be a recording medium such as a hard disk fixedly connected to the client.
- the client 100 when Internet banking is performed from home, the client 100 may be a home PC managed by the user, and the server 130 may be a server machine managed by the bank.
- the PC at the user's home may be used as an authentication client, and a window terminal provided in the bank may be used as a registration client.
- the client 100 is used for registration and authentication of biometric information.
- the client 100 includes a feature amount extraction unit 101 that extracts a feature amount of biometric information acquired from a sensor, a pseudo-random number generation unit 102, a position correction conversion parameter creation unit 103, a position correction feature amount conversion unit 104, A verification conversion parameter creation unit 105, a verification feature value conversion unit 106, a recording medium I / F unit 107, and a communication unit 108 that communicates with a server are included.
- the biometric information is data such as a fingerprint image, a vein image, and an iris image, for example
- the feature amount is, for example, an image obtained by emphasizing a fingerprint or vein image (two-dimensional array) or an iris image.
- an iris code (one-dimensional array) created by the method described in Non-Patent Document 1.
- Each value of the feature quantity array is assumed to be one of three values ⁇ 0, 1, * ⁇ (“*” is Do n’t care bit).
- the distance between the two feature amounts is given by the minimum value of the Hamming distance or the normalized value when they are overlapped while being shifted little by little in consideration of positional deviation (shift deviation).
- the server 130 includes a communication unit 131 that communicates with the client 100, a database 133 that manages templates, a registration unit 132 that registers a position correction template and a collation template received from the client in the database 133, and without knowing the original feature amount.
- a position correction amount calculation unit 134 for calculating a position correction amount for correcting a positional deviation between the registered feature amount and the authentication feature amount, and an authentication feature after the registration feature amount and the positional deviation correction without knowing the original feature amount.
- a collation determination unit 135 that calculates the Hamming distance of the quantity and determines the match / mismatch is configured.
- FIG. 2 shows a hardware configuration example of the client 100 and the server 130 for realizing the cancelable biometric authentication system.
- Each of the client 100 and the server 130 can be composed of a CPU 200, a memory 201, an HDD 202, an input device 203, an output device 204, and a communication device 205 as shown in the figure.
- programs and various data corresponding to the processing units shown in FIG. 1 are stored in the memory 201 and the HDD 202, and the CPU 200 executes these programs, whereby the biometric authentication system of the present embodiment. Is realized.
- the input device 203 and the output device 204 are appropriately used by a user or a server administrator, and the communication device 205 is connected to a network.
- FIG. 3 shows a flow chart of biometric information registration processing in the present embodiment.
- the pseudo-random number generation unit 102 of the client 100 generates a pseudo-random number using a time or an operator's random keyboard input as a seed, and randomly generates a random number seed used in the subsequent pseudo-random number generation. This is set as a seed for the pseudorandom number generator 102 (S301).
- the position correction conversion parameter creation unit 103 uses the pseudo random number generation unit 102 to randomly generate a position correction conversion parameter (S302). Details of the generation method will be described later.
- the collation conversion parameter creation unit 105 generates a collation conversion parameter at random using the pseudo random number generation unit 102 (S303). Details of the generation method will be described later.
- the sensor 110 acquires the biometric information of the user (registrant) (S304).
- the feature amount extraction unit 101 extracts a registered feature amount from the acquired biological information (S305).
- a registered feature amount array an image having a size W ⁇ H (two-dimensional array) is referred to as a registration feature quantity array.
- the value of each element (pixel) is assumed to be one of ⁇ 0, 1, * ⁇ .
- the position correction feature value conversion unit 104 converts the registered feature value using the position correction conversion parameter generated in S302, and creates a position correction template (S306). Details of the conversion method will be described later.
- the matching feature value conversion unit 106 converts the registered feature value using the matching conversion parameter generated in S303, creates a matching template, and transmits the position correction template and the matching template to the server 130 (S307). Details of the conversion method will be described later.
- the registration unit 132 of the server 130 registers the received position correction template and collation template in the database 133 (S308).
- the recording medium I / F unit 107 of the client 100 writes the random number seed set by the pseudo random number generation unit 102 to the recording medium 120 (S309).
- the recording medium 120 is owned and managed by the user.
- information related to biometric authentication by unauthorized access to the client 100 is also obtained by storing a mask code and a concatenated code, which will be described later, in the recording medium 120 and deleting various data and parameters generated in the client 100 at the time of registration. Leakage can be prevented. Further, in a system configuration in which the authentication client is different from the registration client, it is necessary to store a mask code or a concatenated code in the recording medium 120.
- FIG. 4 shows an authentication flow diagram of biometric information in the present embodiment.
- the recording medium I / F unit 107 of the client 100 reads the random number seed from the user recording medium 120 and sets it as the seed of the pseudo-random number generation unit 102 (S401).
- the position correction conversion parameter creation unit 103 uses the pseudo-random number generation unit 102 to randomly generate a position correction conversion parameter (S402).
- the collation conversion parameter creation unit 105 uses the pseudo random number generation unit 102 to randomly generate a collation conversion parameter (S403).
- a collation conversion parameter S403
- the pseudo-random number generator 102 outputs the same random number sequence, so S302 and S402 are the same position correction conversion.
- a parameter is generated, and S303 and S403 generate the same collation conversion parameter.
- the sensor 110 acquires the biometric information of the user (user) (S404).
- the feature amount extraction unit 101 extracts an authentication feature amount (authentication feature amount array) from the acquired biometric information (S405).
- the position correction feature quantity conversion unit 104 converts the authentication feature quantity using the position correction conversion parameter generated in S402, creates a position correction conversion feature quantity, and uses the created position correction conversion feature quantity as a server. It transmits to 130 (S406). Details of the conversion method will be described later.
- the position correction amount calculation unit 134 of the server 130 uses the received position correction conversion feature amount and the position correction template registered in the database 133 to calculate a position correction amount between the registered feature amount and the authentication feature amount.
- the calculated position correction amount is transmitted to the client 100 (S407).
- the matching feature value conversion unit 106 of the client 100 corrects the position of the authentication feature value using the received position correction value, and the authentication feature value (corrected feature value) corrected using the matching conversion parameter generated in S403. (Referred to as “quantity array”), a conversion feature value for collation is created and transmitted to the server 130 (S408).
- the collation determination unit 135 of the server 130 calculates the hamming distance between the received conversion feature value for collation and the collation template registered in the database 133, and if it is equal to or less than a predetermined threshold, the authenticated user (user ) Authentication with the registered user (registrant) is successful, otherwise it is determined that authentication has failed (success / failure determination) (S409).
- the server 130 can determine the match / mismatch without knowing the original registered feature value and authentication feature value.
- FIG. 5 shows a detailed flowchart of position correction conversion parameter generation (S302) and position correction feature value conversion (S306) during registration.
- the pseudo random number generation unit 102 first generates a pseudo random number sequence (S501).
- the position correction conversion parameter creation unit 103 generates a random filter (S502).
- the random filter is a two-dimensional array having a size of W2 ⁇ H2, and each element of the array is created so as to take a uniform random integer value within a predetermined range.
- W1 and H1 indicate the allowable range of the position correction amount ( ⁇ x, ⁇ y) when the registered feature amount and the authentication feature amount are superimposed.
- W1 W2-2 ⁇ ⁇ W
- H1 H2-2 ⁇ ⁇ H.
- each pixel value of the local image is encoded (numerized) according to the following rule (S504).
- the encoded array (local image) is referred to as a registered local feature amount array for registration. 1 ⁇ 1, 0 ⁇ ⁇ 1, * ⁇ 0
- the top, bottom, left and right of the encoded local image are reversed (S505). Centering on the inverted image (size W1 ⁇ H1), the size is expanded to W2 ⁇ H2, and the expanded area is padded with 0 (S506).
- the expanded and padded image is subjected to basis transformation (Fourier transformation or number theory transformation) (S507).
- the base-transformed image and the random filter generated in S502 are multiplied for each corresponding pixel to obtain a position correction template (S508).
- the multiplication is an operation on a base transform definition field (a complex number field for Fourier transform, a prime field Z / pZ or the like for number theory transform).
- a base transform definition field a complex number field for Fourier transform, a prime field Z / pZ or the like for number theory transform.
- FIG. 6 shows a detailed flowchart of the position correction feature amount conversion (S406) and the position correction amount calculation (S407) at the time of authentication.
- the position correction feature value conversion unit 104 of the client 100 cuts out a partial image (authentication partial feature value array) of size W2 ⁇ H2 from the image center of the authentication feature value. (S601).
- each pixel value of the partial image is encoded (numerized) according to the following rule (S602).
- the encoded array (partial image) is called an authentication encoded partial feature amount array. 1 ⁇ 1, 0 ⁇ ⁇ 1, * ⁇ 0
- the encoded partial image is subjected to basis transformation (Fourier transformation or number theory transformation) (S603).
- the image created by dividing each pixel value of the base-transformed image by the corresponding pixel value of the random filter created at the time of registration is transmitted to the server 130 as a position correction conversion feature value (S604).
- division is an operation on a base transform definition field (such as complex number field for Fourier transform, prime field Z / pZ, etc. for number theory transform).
- the position correction amount calculation unit 134 of the server 130 multiplies the received position correction conversion feature amount by the position correction template read from the database 133 for each corresponding pixel.
- An image is created (S605).
- the inverse multiplication transform (inverse Fourier transform or inverse number transformation) is performed on the created multiplication image, and a correlation image 700 is calculated (S606).
- the correlation image is a correlation function (correlation image, correlation) between a local image cut out from a registered feature quantity (encoded partial feature quantity array for registration) and a partial image cut out from an authentication feature quantity (encoded partial feature quantity array for authentication).
- Array (formula (1)).
- the correlation image 700 is searched for the correlation peak position (the position of the array element having the maximum value) (S607).
- FIG. 7 shows a schematic diagram of the correlation image 700.
- Correlation image C (x, y) is the multiplication for each corresponding pixel when the local image extracted from the registered feature value is shifted by (x, y) and superimposed on the partial image extracted from the authentication feature value. Stores the sum of values (inner product value). The larger the inner product value, the higher the degree of coincidence of images in the shift amount (x, y).
- the coordinates (x, y) on the correlation image are cyclic, and
- the maximum value among the pixel values (inner product values) of the correlation image 700 in the above region is searched, and the coordinates (peak position in the figure) that achieve this maximum value are ( ⁇ x, ⁇ y).
- the coordinates (peak position in the figure) that achieve this maximum value are ( ⁇ x, ⁇ y).
- ( ⁇ x, ⁇ y) be the position correction amount.
- the coordinates ( ⁇ x, ⁇ y) that achieve the maximum value are fed back to the client 100 as the position correction amount, so that the client 100 keeps the original feature amount secret from the server 130. It becomes possible to correct the position of the quantity. Furthermore, according to this embodiment, the client cannot know the original registered feature amount in the position correction process. For this reason, it is possible to prevent an attack in which an unauthorized client user attempts to obtain the original registered feature amount.
- Patent Document 1 since the position of the feature value cannot be corrected on the client side, if there is a difference between the registered feature value and the authentication feature value, the distance cannot be calculated correctly, and the authentication accuracy is greatly increased. There was a problem of deterioration. This embodiment provides a solution to this problem.
- FIG. 8 shows a detailed flow chart of verification conversion parameter generation (S303) and verification feature value conversion (S307) during registration.
- FIG. 10 is a diagram for explaining the position correction and padding processing of the authentication feature amount. As shown in FIG. 10, the authentication feature amount image is represented by an image of size W ⁇ H (two-dimensional array), and each pixel value takes any value of ⁇ 0, 1, * ⁇ .
- the pseudorandom number generation unit 102 first generates a pseudorandom number sequence (S801).
- the matching feature value conversion unit 106 first performs exclusive logic with the mask code C1 on the registered feature value code X (L bit) in which the registered feature value is regarded as a bit string. The sum is calculated (S810).
- X1 X (+) C1 (“(+)” represents exclusive OR (XOR))
- the original feature value is strongly concealed by performing exclusive OR with a random bit string, concatenation with a random code, and random bit replacement on the registered feature value.
- it is registered in the server 130 as a verification template.
- FIG. 9 shows a detailed flowchart of position correction and verification feature value conversion (S408) and verification determination (S409) during authentication.
- the pseudorandom number generation unit 102 In the position correction and matching feature value conversion (S408), first, the pseudorandom number generation unit 102 generates a pseudorandom number sequence (S901).
- the matching feature value conversion unit 106 shifts the authentication feature value by the position correction amount ( ⁇ x, ⁇ y) and pads the vacant area with Don't care bit “*” ( S902). It should be noted that the region that protrudes from the original image region (size W ⁇ H) due to the shift is discarded.
- An exclusive OR with the mask code C1 is calculated with respect to the corrected feature value code Y (L bit) in which the shifted and padded image (corrected feature value array) is regarded as a bit string (S903).
- Y1 Y (+) C1
- the modified concatenated code C3 randomly selects ⁇ from the 0 or 1 bit positions in the concatenated code C2, inverts the bits at the selected bit positions, and ⁇ 0, 1, * ⁇ Created by replacing with any bit value.
- the qualified concatenation code C3 is bit-concatenated with the bit string Y1 (S905).
- Y2 Y1 ⁇ C3
- the bit string Y2 (authentication linked array) of the calculation result is subjected to bit substitution by the substitution pattern ⁇ , and the bit string Y ′ after substitution is used as a matching conversion feature (S906).
- Y ' ⁇ Y2
- the collation determination unit 135 first calculates the Hamming distance between the conversion feature Y ′ for collation and the collation template X ′, subtracts a predetermined Hamming distance ⁇ therefrom, and calculates a distance value d. (S910).
- HW (A, B) HW (A (+) B)
- HW (C) is the number of bits “1” in the bit string C (Hamming weight))
- HW ( ⁇ A) HW (A)
- HW2 (C) represent the number of bits “0” or “1” in the bit string C.
- HW2 ( ⁇ A) HW2 (A)
- HW2 (A ⁇ B) HW2 (A) + HW2 (B)
- the original feature value is strengthened by performing exclusive OR with a random bit string, concatenation with a random code, and random bit substitution on the authentication feature value.
- a concealed state it is transmitted to the server 130 as a conversion feature value for verification.
- the malicious server since the authentication concatenation code C3 is randomly generated for each authentication, the malicious server replaces the concatenation code even if the malicious user performs an attack that compares the conversion features for verification in multiple authentications of the same user.
- the specified bit position cannot be specified, and high security is realized.
- the feature amount is expressed by a one-dimensional array (bit string) or a two-dimensional array (image) including Don't care bit, and the distance between them is the minimum hamming in consideration of shift shift (position shift).
- the client does not hold a template while maintaining the same authentication accuracy as a conventional biometric authentication method
- Cancelable biometric authentication that can be authenticated while keeping the amount concealed can be realized.
- 100 Client, 101: Feature amount extraction unit, 102: Pseudorandom number generation unit, 103: Position correction conversion parameter creation unit, 104: Position correction feature amount conversion unit, 105: Collation conversion parameter creation unit, 106: Collation Feature amount conversion unit, 107: recording medium I / F unit, 108: communication unit, 110: sensor, 120: recording medium, 130: server, 131: communication unit, 132: registration unit, 133: database, 134: position Correction amount calculation unit, 135: collation determination unit, 200: CPU, 201: memory, 202: HDD, 203: input device, 204: output device, 205: communication device, 700: correlation image.
Abstract
Description
HD(X1,X2)=HD(f(X1,R),f(X2,R))
具体的には、コードXに対して、Rから決まるランダムなコードをビット連結し(ビット連結ステップ)、Rから決まるランダムなパターンでビット位置を置換し(ビット置換ステップ)、更にRから決まるランダムなコードとの排他的論理和を取る(排他的論理和ステップ)。なお特許文献1では、上記排他的論理和ステップの代わりに「回転」処理を加えると記述されているが、これはビット置換ステップと排他的論理和ステップの組合せと等価である。
C(i,j)=X1(i,j)*X2(i,j)=ΣkΣl X1(k,l)X2(k-i,l-j) (1)
を、X1,X2自体を秘匿したまま照合する方法を示している。これは、X1に対して、あるランダムに生成した可逆フィルタRを畳み込むことで秘匿し、またX2を反転した画像に対してRの逆フィルタR’を畳み込むことで秘匿し、秘匿された状態の2枚の画像を畳み込むことでC=X1*X2を計算する、という方法である。より具体的には、特徴量画像を基底変換(フーリエ変換または数論変換)した上で、各要素に対しパラメータにより決定されるランダムな値を乗算(登録時)または除算(認証時)して秘匿する。照合の際は、これらの変換画像同士を要素毎に乗算し、逆基底変換することで、相関画像を正しく計算することができる。相関画像C(i,j)は、X1に対してX2を相対的に(i,j)だけずらして(巡回シフトして)内積を計算した値を並べた2次元配列である。所定の最大ずれ許容量(ΔW,ΔH)に対して、その範囲内のC(i,j)の最大値を、所定のしきい値と比較することで、X1,X2の一致/不一致を判定することができる。
本実施形態のキャンセラブル生体認証システムは、登録・認証時の生体情報取得、特徴量抽出、および特徴量の変換を行うクライアント端末(以下、クライアント)100と、テンプレートの保管と照合を行う認証サーバ(以下、サーバ)130が、インターネットやイントラネットなどのネットワークを介し接続して構成される。
クライアント100の記録媒体I/F部107が、ユーザの記録媒体120から乱数シードを読み込み、擬似乱数生成部102のシードとして設定する(S401)。
-ΔW<=Δx<=ΔW、-ΔH<=Δy<=ΔHとした場合、
W1=W2-2×ΔW、H1=H2-2×ΔHとする。
1→1、0→-1、*→0
符号化した局所画像の上下左右を反転する(S505)。反転した画像(サイズW1×H1)を中心に、サイズをW2×H2まで拡張し、拡張領域を0でパディングする(S506)。拡張およびパディングした画像を、基底変換(フーリエ変換または数論変換)する(S507)。
1→1、0→-1、*→0
符号化した部分画像を、基底変換(フーリエ変換または数論変換)する(S603)。
左上(ΔW+1)×(ΔH+1)の領域は 0<=x<=ΔW、0<=y<=ΔH、
左下(ΔW+1)×ΔH の領域は 0<=x<=ΔW、-ΔH<=y<0、
右上ΔW×(ΔH+1) の領域は -ΔW<=x<0、0<=y<=ΔH、
右下ΔW×ΔH の領域は -ΔW<=x<0、-ΔH<=y<0
とする。それ以外の領域は参照しない。上記の領域中の相関画像700の画素値(内積値)の中の最大値を検索し、この最大値を達成する座標(図中、ピーク位置)を(Δx,Δy)とする。最大値を達成する座標が複数存在する場合は、そのうち1つを任意に選び(Δx,Δy)とする。(Δx,Δy)を位置補正量とする。
σ=(σ(1),σ(2),・・・,σ(N))
をランダムに生成し、置換パターンとする(S804)。ここで置換σは、自然数集合{1,2,…,N}の任意の並べ替え(順列)であり、長さNのビット列(配列)
b=(b(1),b(2),…,b(N))
に対して、
b’=σb=(b(σ(1)),b(σ(2)),・・・,b(σ(N)))
なるビット列b’を対応させる写像を表す。
X1=X(+)C1 (“(+)”は排他的論理和(XOR)を表す)
なおここで、任意のビットとDon’t care bit“*”の排他的論理和は常に“*”である。つまり
*(+)0=0(+)*=*(+)1=1(+)*=*
である。(2値論理{0,1}における排他的論理和の演算条件(互いに異なれば1、同じならば0)に加えて、排他的論理和を求める少なくとも一方のビットが*であるならば、その排他的論理和を*とする。)
計算結果のビット列X1に対し、連結コードC2をビット連結する(S811)。
X2=X1∥C2 (“∥”はビット連結を表す)
計算結果のビット列X2(登録用連結配列)に対し、置換パターンσによりビット置換する(S812)。
X’=σ X2
置換後のビット列X’を、照合テンプレートとする。このように本実施形態によれば、登録特徴量に対してランダムなビット列との排他的論理和、ランダムなコードとの連結、ランダムなビット置換を施すことにより、元の特徴量を強固に秘匿した状態で、照合テンプレートとしてサーバ130に登録する。
Y1=Y(+)C1
連結コードC2に対し、所定のハミング距離δ(<=M)だけ離れた修飾連結コードC3(修飾連結配列)をランダムに作成する(S904)。修飾連結コードC3は、連結コードC2の中の0または1のビット位置からランダムにδ個を選択し、選択したビット位置のビットを反転するとともに、全ての*のビット位置について{0,1,*}の任意のビット値に置き換えることで作成する。
Y2=Y1∥C3
計算結果のビット列Y2(認証用連結配列)に対し、前記置換パターンσによりビット置換し、置換後のビット列Y’を照合用変換特徴量とする(S906)。
Y’=σ Y2
照合判定(S409)では、まず照合判定部135が、照合用変換特徴量Y’と照合テンプレートX’のハミング距離を計算し、そこから所定のハミング距離δを引いて、距離値dを計算する(S910)。
d=HD(X’,Y’)-δ
ここで、任意のビット列A,Bに対して
HD(A,B)=HW(A(+)B),
(HW(C) はビット列Cにおける”1”のビット数(ハミング重み))
HW(σA)=HW(A),
HW(A∥B)=HW(A)+HW(B)
σA(+)σB=σ(A(+)B)
が成立するため、
HW(X’(+)Y’)
=HW(σ((X(+)C1)∥C2)(+)σ((Y(+)C1)∥C3))
=HW(σ(((X(+)C1)∥C2)(+)((Y(+)C1)∥C3)))
=HW(((X(+)C1)∥C2)(+)((Y(+)C1)∥C3))
=HW(((X(+)C1)(+)(Y(+)C1))∥(C2(+)C3))
=HW((X(+)C1)(+)(Y(+)C1))+HW(C2(+)C3)
=HW(X(+)Y)+δ
となり、従って
d=HW(X(+)Y)
=HD(X,Y)
となる。つまり距離値dは登録特徴量Xと認証特徴量Yのハミング距離に一致する。
d<=t ならば認証成功(OK)
d>t ならば認証失敗(NG)
と判定する(S911)。
Z=X(+)Y
における”0”または”1”のビット数nで割った正規化ハミング距離
d’=d/n
を用いて一致/不一致を判定する。
HW2(C)を、ビット列Cにおける”0”または”1”のビット数を表すものとする。任意のビット列A,Bに対して
HW2(σA)=HW2(A),
HW2(A∥B)=HW2(A)+HW2(B)
が成立するため、
HW2(X’(+)Y’)
=HW2(σ((X(+)C1)∥C2)(+)σ((Y(+)C1)∥C3))
=HW2(σ(((X(+)C1)∥C2)(+)((Y(+)C1)∥C3)))
=HW2(((X(+)C1)∥C2)(+)((Y(+)C1)∥C3))
=HW2(((X(+)C1)(+)(Y(+)C1))∥(C2(+)C3))
=HW2((X(+)C1)(+)(Y(+)C1))+HW2(C2(+)C3)
=HW2(X(+)Y)+HW2(C2)
=n+δ2 (δ2=HW2(C2))
となる。従って登録時に予めδ2を計算し、サーバ130がテンプレートと共に記憶しておくことで、正規化ハミング距離の分母nを
n=HW2(X’(+)Y’)-δ2
と計算することができる。
Claims (21)
- クライアントは、生体情報の登録時に、
登録者の生体情報から登録用特徴量配列を抽出し、
前記登録用特徴量配列を変換する第1の照合用変換パラメータを生成し、
前記登録用特徴量配列から位置補正テンプレートを作成し、
前記第1の照合用変換パラメータを用いて、前記登録用特徴量配列を変換した照合テンプレートを作成し、
前記位置補正テンプレートおよび前記照合テンプレートをサーバに送信し、
認証時に、
利用者の生体情報から認証用特徴量配列を抽出し、
前記認証用特徴量配列を変換する第2の照合用変換パラメータを生成し、
前記認証用特徴量配列から位置補正用変換特徴量を作成し、
前記位置補正用変換特徴量を前記サーバに送信し、
前記サーバは、前記クライアントから送信された前記位置補正テンプレートおよび前記照合テンプレートを接続するデータベースに格納し、
前記データベースに格納された前記位置補正テンプレートと前記クライアントから送信された前記位置補正用変換特徴量とを用いて、前記登録用特徴量配列と前記認証用特徴量配列との間の位置補正量を計算し、
前記位置補正量を前記クライアントに送信し、
前記クライアントは、前記位置補正量に基づいて、前記認証用特徴量配列を位置補正した補正特徴量配列を作成し、
前記第2の照合用変換パラメータを用いて、前記補正特徴量配列を変換した照合用変換特徴量配列を作成し、
前記照合用変換特徴量配列を前記サーバに送信し、
前記サーバは、前記データベースに格納された前記照合テンプレートと前記クライアントから送信された前記照合用変換特徴量配列との距離を計算し、
前記距離と所定の認証閾値との比較に基づいて、前記利用者の前記登録者との認証成否を判定することを特徴とする生体認証方法。 - 前記登録用特徴量配列および前記認証用特徴量配列の各々は、所定のサイズLのビット配列であり、
前記第1の照合用変換パラメータの生成は、サイズLのランダムなマスク用ビット配列の生成を含み、
前記第1の照合用変換パラメータは、前記マスク用ビット配列を含み、
前記照合テンプレートは、前記登録用特徴量配列と前記マスク用ビット配列との排他的論理和を求めた配列であり、
前記照合用変換特徴量配列は、前記補正特徴量配列と前記マスク用ビット配列との排他的論理和を求めた配列であり、
前記距離はハミング距離であることを特徴とする請求項1記載の生体認証方法。 - 前記登録用特徴量配列、前記補正特徴量配列、及び前記マスク用ビット配列の各々は、ドントケアビット“*”を含むビット配列であり、
前記照合テンプレートを求める前記登録用特徴量配列と前記マスク用ビット配列との排他的論理和、及び前記照合用変換特徴量配列を求める前記補正特徴量配列と前記マスク用ビット配列との排他的論理和の各々は、互いのビットの少なくとも一方がドントケアビット“*”であるならば、その排他的論理和をドントケアビット“*”とする規則に従って計算し、
前記照合テンプレートと前記照合用変換特徴量配列との前記ハミング距離は、前記照合テンプレートと前記照合用変換特徴量配列との排他的論理和を求めたビット配列に含まれるビット“1”の数であることを特徴とする請求項2記載の生体認証方法。 - 前記登録用特徴量配列および前記認証用特徴量配列の各々は、所定のサイズLのビット配列であり、
前記第1の照合用変換パラメータの生成は、サイズMのランダムな連結配列の生成と、サイズ(L+M)の配列に対して、その要素同士の位置を置換する置換パターンの生成とを含み、
前記照合テンプレートの作成は、前記登録用特徴量配列と前記連結配列とを連結したサイズ(L+M)の登録用連結配列の作成と、前記置換パターンに従って前記登録用連結配列を置換した前記照合テンプレートの作成とを含み、
前記照合用変換特徴量配列の作成は、前記連結配列に対して所定のオフセットハミング距離δだけ離れたサイズMの修飾連結配列の生成と、前記認証用特徴量配列と前記修飾連結配列とを連結したサイズ(L+M)の認証用連結配列の作成と、前記置換パターンに従って前記認証用連結配列を置換した前記照合用変換特徴量配列の作成とを含み、
前記照合テンプレートと前記照合用変換特徴量配列との距離の計算は、前記照合テンプレートと前記照合用変換特徴量配列とのハミング距離dから、前記オフセットハミング距離δを引いた補正ハミング距離(d-δ)の計算であり、
前記認証成否の判定のための前記距離は、前記補正ハミング距離であることを特徴とする請求項1記載の生体認証方法。 - 前記位置補正テンプレートの作成は、前記登録用特徴量配列の部分を切り出した、登録用局所特徴量配列の作成を含み、
前記位置補正用変換特徴量の作成は、前記認証用特徴量配列の部分を切り出した、認証用部分特徴量配列の作成を含み、
前記位置補正量の計算は、前記登録用局所特徴量配列に対し、前記認証用部分特徴量配列を繰り返しシフトしながら距離を計算し、距離が最小となるシフト量を前記位置補正量とし、
前記補正特徴量配列の作成は、前記認証用特徴量配列を、前記位置補正量だけシフトすることを特徴とする請求項1記載の生体認証方法。 - 前記生体情報の登録時に、
前記登録用特徴量配列を変換する位置補正用変換パラメータを生成し、
前記位置補正テンプレートの作成は、前記登録用特徴量配列から登録用局所特徴量配列の切り出しと、前記登録用局所特徴量配列を、前記位置補正用変換パラメータを用いて変換した前記位置補正テンプレートの作成とを含み、
前記位置補正用変換特徴量の作成は、前記認証用特徴量配列から認証用部分特徴量配列の切り出しと、前記認証用部分特徴量配列を、前記位置補正用変換パラメータを用いて変換した前記位置補正用変換特徴量の作成とを含むことを特徴とする、請求項1記載の生体認証方法。 - 前記位置補正用変換パラメータは、ランダムに作成した可逆なフィルタであり、
前記位置補正用変換パラメータを用いた前記登録用局所特徴量配列の変換は、前記登録用局所特徴量配列の要素の値0,1,*をそれぞれ所定の整数および実数のいずれか一方の値a,b,cに置き換える登録用符号化局所特徴量配列の作成と、前記登録用符号化局所特徴量配列の逆順に並べ替える逆順ソートと、前記逆順ソートした配列に対する前記フィルタの畳み込みとを含み、
前記位置補正用変換パラメータを用いた前記認証用部分特徴量配列の変換は、前記認証用部分特徴量配列の要素の値0,1,*をそれぞれ所定の整数および実数のいずれか一方の値a’,b’,c’に置き換える認証用符号化部分特徴量配列の作成と、前記認証用符号化部分特徴量配列に対する前記フィルタの逆畳み込みとを含み、
前記位置補正量の計算は、前記位置補正テンプレートと前記位置補正用変換特徴量とからの、前記登録用符号化部分特徴量配列と前記認証用符号化部分特徴量配列との相関配列の計算と、前記相関配列中で、最大値をとる配列要素の位置の検索と、前記位置に基づいて前記位置補正量の決定とを含むことを特徴とする請求項6に記載の生体認証方法。 - 生体情報の登録時に登録者の生体情報から登録用特徴量配列を抽出し、認証時に、利用者の生体情報から認証用特徴量配列を抽出する特徴量抽出部、
前記登録時に前記登録用特徴量配列を変換する第1の照合用変換パラメータを生成し、前記認証時に前記認証用特徴量配列を変換する第2の照合用変換パラメータを生成する照合用変換パラメータ作成部、
前記登録時に前記登録用特徴量配列を変換し位置補正テンプレートを作成する位置補正用変換パラメータ作成部、
前記認証時に前記認証用特徴量配列から位置補正用変換特徴量を作成する位置補正用特徴量変換部、および
前記登録時に前記第1の照合用変換パラメータを用いて、前記登録用特徴量配列を変換した照合テンプレートを作成し、前記認証時に位置補正量に基づいて、前記認証用特徴量配列を位置補正した補正特徴量配列を作成し、前記第2の照合用変換パラメータを用いて、前記補正特徴量配列を変換した照合用変換特徴量配列を作成する照合用特徴量変換部を有するクライアントと、
前記位置補正テンプレートと前記位置補正用変換特徴量とを用いて、前記登録用特徴量配列と前記認証用特徴量配列との間の前記位置補正量を計算する位置補正量計算部、および前記照合テンプレートと前記照合用変換特徴量配列との距離を計算し、前記距離と所定の認証閾値との比較に基づいて、前記利用者の前記登録者との認証成否を判定する照合判定部を有する、前記クライアントと接続するサーバを設けることを特徴とする生体認証システム。 - 前記登録用特徴量配列および前記認証用特徴量配列の各々は、所定のサイズLのビット配列であり、
前記照合用変換パラメータ作成部が生成する前記第1の照合用変換パラメータは、サイズLのランダムなマスク用ビット配列を含み、
前記照合テンプレートは、前記登録用特徴量配列と前記マスク用ビット配列との排他的論理和を求めた配列であり、
前記照合用変換特徴量配列は、前記補正特徴量配列と前記マスク用ビット配列との排他的論理和を求めた配列であり、
前記距離はハミング距離であることを特徴とする請求項8記載の生体認証システム。 - 前記登録用特徴量配列、前記補正特徴量配列、及び前記マスク用ビット配列の各々は、ドントケアビット“*”を含むビット配列であり、
前記照合テンプレートを求める前記登録用特徴量配列と前記マスク用ビット配列との排他的論理和、及び前記照合用変換特徴量配列を求める前記補正特徴量配列と前記マスク用ビット配列との排他的論理和の各々は、互いのビットの少なくとも一方がドントケアビット“*”であるならば、その排他的論理和をドントケアビット“*”とする規則に従って計算し、
前記照合テンプレートと前記照合用変換特徴量配列との前記ハミング距離は、前記照合テンプレートと前記照合用変換特徴量配列との排他的論理和を求めたビット配列に含まれるビット“1”の数であることを特徴とする請求項9記載の生体認証システム。 - 前記登録用特徴量配列および前記認証用特徴量配列の各々は、所定のサイズLのビット配列であり、
前記照合用変換パラメータ作成部による前記第1の照合用変換パラメータの生成は、サイズMのランダムな連結配列の生成と、サイズ(L+M)の配列に対して、その要素同士の位置を置換する置換パターンの生成とを含み、
前記照合用特徴量変換部による前記照合テンプレートの作成は、前記登録用特徴量配列と前記連結配列とを連結したサイズ(L+M)の登録用連結配列の作成と、前記置換パターンに従って前記登録用連結配列を置換した前記照合テンプレートの作成とを含み、
前記照合用特徴量変換部による前記照合用変換特徴量配列の作成は、前記連結配列に対して所定のオフセットハミング距離δだけ離れたサイズMの修飾連結配列の生成と、前記認証用特徴量配列と前記修飾連結配列とを連結したサイズ(L+M)の認証用連結配列の作成と、前記置換パターンに従って前記認証用連結配列を置換した前記照合用変換特徴量配列の作成とを含み、
前記位置補正量計算部による前記照合テンプレートと前記照合用変換特徴量配列との距離の計算は、前記照合テンプレートと前記照合用変換特徴量配列とのハミング距離dから、前記オフセットハミング距離δを引いた補正ハミング距離(d-δ)の計算であり、
前記照合判定部による前記認証成否の判定のための前記距離は、前記補正ハミング距離であることを特徴とする請求項8記載の生体認証システム。 - 前記位置補正用特徴量変換部による前記位置補正テンプレートの作成は、
前記登録用特徴量配列の部分を切り出した、登録用局所特徴量配列の作成を含み、
前記位置補正用特徴量変換部による前記位置補正用変換特徴量の作成は、前記認証用特徴量配列の部分を切り出た、認証用部分特徴量配列の作成を含み、
位置補正量計算部による前記位置補正量の計算は、前記登録用局所特徴量配列に対し、前記認証用部分特徴量配列を繰り返しシフトしながら距離を計算し、距離が最小となるシフト量を前記位置補正量とし、
前記補正特徴量配列の作成は、前記認証用特徴量配列を、前記位置補正量だけシフトすることを特徴とする請求項8記載の生体認証システム。 - 前記位置補正用変換パラメータ作成部は、前記登録時に前記登録用特徴量配列を変換する位置補正用変換パラメータを生成し、
前記位置補正用変換パラメータ作成部による前記位置補正テンプレートの作成は、前記登録用特徴量配列から登録用局所特徴量配列の切り出しと、前記登録用局所特徴量配列を、前記位置補正用変換パラメータを用いて変換した前記位置補正テンプレートの作成とを含み、
前記位置補正用特徴量変換部による前記位置補正用変換特徴量の作成は、前記認証用特徴量配列から認証用部分特徴量配列の切り出しと、前記認証用部分特徴量配列を、前記位置補正用変換パラメータを用いて変換した前記位置補正用変換特徴量の作成とを含むことを特徴とする、請求項8記載の生体認証システム。 - 前記位置補正用変換パラメータは、ランダムに作成した可逆なフィルタであり、
前記位置補正用変換パラメータを用いた前記登録用局所特徴量配列の変換は、前記登録用局所特徴量配列の要素の値0,1,*をそれぞれ所定の整数および実数のいずれか一方の値a,b,cに置き換える登録用符号化局所特徴量配列の作成と、前記登録用符号化局所特徴量配列の逆順に並べ替える逆順ソートと、前記逆順ソートした配列に対する前記フィルタの畳み込みとを含み、
前記位置補正用変換パラメータを用いた前記認証用部分特徴量配列の変換は、前記認証用部分特徴量配列の要素の値0,1,*をそれぞれ所定の整数および実数のいずれか一方の値a’,b’,c’に置き換える認証用符号化部分特徴量配列の作成と、前記認証用符号化部分特徴量配列に対する前記フィルタの逆畳み込みとを含み、
前記位置補正量の計算は、前記位置補正テンプレートと前記位置補正用変換特徴量とからの、前記登録用符号化部分特徴量配列と前記認証用符号化部分特徴量配列との相関配列の計算と、前記相関配列中で、最大値をとる配列要素の位置の検索と、前記位置に基づいて前記位置補正量の決定とを含むことを特徴とする請求項13に記載の生体認証システム。 - 生体情報の登録時に登録者の生体情報から登録用特徴量配列を抽出する第1の特徴量抽出部、前記登録用特徴量配列を変換する第1の照合用変換パラメータを生成する第1の照合用変換パラメータ作成部、前記登録用特徴量配列を変換し位置補正テンプレートを作成する位置補正用変換パラメータ作成部、および前記第1の照合用変換パラメータを用いて、前記登録用特徴量配列を変換した照合テンプレートを作成する第1の照合用特徴量変換部を有する登録用クライアントと、
認証時に、利用者の生体情報から認証用特徴量配列を抽出する第2の特徴量抽出部、前記認証用特徴量配列を変換する第2の照合用変換パラメータを生成する第2の照合用変換パラメータ作成部、前記認証用特徴量配列から位置補正用変換特徴量を作成する位置補正用特徴量変換部、および位置補正量に基づいて、前記認証用特徴量配列を位置補正した補正特徴量配列を作成し、前記第2の照合用変換パラメータを用いて、前記補正特徴量配列を変換した照合用変換特徴量配列を作成する第2の照合用特徴量変換部を有する認証用クライアントと、
前記位置補正テンプレートと前記位置補正用変換特徴量とを用いて、前記登録用特徴量配列と前記認証用特徴量配列との間の前記位置補正量を計算する位置補正量計算部、および前記照合テンプレートと前記照合用変換特徴量配列との距離を計算し、前記距離と所定の認証閾値との比較に基づいて、前記利用者の前記登録者との認証成否を判定する照合判定部を有する、前記登録用クライアント及び前記認証用クライアントと接続するサーバを設けることを特徴とする生体認証システム。 - 前記登録用特徴量配列および前記認証用特徴量配列の各々は、所定のサイズLのビット配列であり、
前記第1の照合用変換パラメータ作成部が生成する前記第1の照合用変換パラメータは、サイズLのランダムなマスク用ビット配列を含み、
前記照合テンプレートは、前記登録用特徴量配列と前記マスク用ビット配列との排他的論理和を求めた配列であり、
前記照合用変換特徴量配列は、前記補正特徴量配列と前記マスク用ビット配列との排他的論理和を求めた配列であり、
前記距離はハミング距離であることを特徴とする請求項15記載の生体認証システム。 - 前記登録用特徴量配列、前記補正特徴量配列、及び前記マスク用ビット配列の各々は、ドントケアビット“*”を含むビット配列であり、
前記照合テンプレートを求める前記登録用特徴量配列と前記マスク用ビット配列との排他的論理和、及び前記照合用変換特徴量配列を求める前記補正特徴量配列と前記マスク用ビット配列との排他的論理和の各々は、互いのビットの少なくとも一方がドントケアビット“*”であるならば、その排他的論理和をドントケアビット“*”とする規則に従って計算し、
前記照合テンプレートと前記照合用変換特徴量配列との前記ハミング距離は、前記照合テンプレートと前記照合用変換特徴量配列との排他的論理和を求めたビット配列に含まれるビット“1”の数であることを特徴とする請求項16記載の生体認証システム。 - 前記登録用特徴量配列および前記認証用特徴量配列の各々は、所定のサイズLのビット配列であり、
前記第1の照合用変換パラメータ作成部による前記第1の照合用変換パラメータの生成は、サイズMのランダムな連結配列の生成と、サイズ(L+M)の配列に対して、その要素同士の位置を置換する置換パターンの生成とを含み、
前記第1の照合用特徴量変換部による前記照合テンプレートの作成は、前記登録用特徴量配列と前記連結配列とを連結したサイズ(L+M)の登録用連結配列の作成と、前記置換パターンに従って前記登録用連結配列を置換した前記照合テンプレートの作成とを含み、
前記第2の照合用特徴量変換部による前記照合用変換特徴量配列の作成は、前記連結配列に対して所定のオフセットハミング距離δだけ離れたサイズMの修飾連結配列の生成と、前記認証用特徴量配列と前記修飾連結配列とを連結したサイズ(L+M)の認証用連結配列の作成と、前記置換パターンに従って前記認証用連結配列を置換した前記照合用変換特徴量配列の作成とを含み、
前記位置補正量計算部による前記照合テンプレートと前記照合用変換特徴量配列との距離の計算は、前記照合テンプレートと前記照合用変換特徴量配列とのハミング距離dから、前記オフセットハミング距離δを引いた補正ハミング距離(d-δ)の計算であり、
前記照合判定部による前記認証成否の判定のための前記距離は、前記補正ハミング距離であることを特徴とする請求項15記載の生体認証システム。 - 前記位置補正用特徴量変換部による前記位置補正テンプレートの作成は、前記登録用特徴量配列の部分を切り出した、登録用局所特徴量配列の作成を含み、
前記位置補正用特徴量変換部による前記位置補正用変換特徴量の作成は、前記認証用特徴量配列の部分を切り出た、認証用部分特徴量配列の作成を含み、
位置補正量計算部による前記位置補正量の計算は、前記登録用局所特徴量配列に対し、前記認証用部分特徴量配列を繰り返しシフトしながら距離を計算し、距離が最小となるシフト量を前記位置補正量とし、
前記補正特徴量配列の作成は、前記認証用特徴量配列を、前記位置補正量だけシフトすることを特徴とする請求項15記載の生体認証方法。 - 前記位置補正用変換パラメータ作成部は、前記登録時に前記登録用特徴量配列を変換する位置補正用変換パラメータを生成し、
前記位置補正用変換パラメータ作成部による前記位置補正テンプレートの作成は、前記登録用特徴量配列から登録用局所特徴量配列の切り出しと、前記登録用局所特徴量配列を、前記位置補正用変換パラメータを用いて変換した前記位置補正テンプレートの作成とを含み、
前記位置補正用特徴量変換部による前記位置補正用変換特徴量の作成は、前記認証用特徴量配列から認証用部分特徴量配列の切り出しと、前記認証用部分特徴量配列を、前記位置補正用変換パラメータを用いて変換した前記位置補正用変換特徴量の作成とを含むことを特徴とする、請求項15記載の生体認証システム。 - 前記位置補正用変換パラメータは、ランダムに作成した可逆なフィルタであり、
前記位置補正用変換パラメータを用いた前記登録用局所特徴量配列の変換は、前記登録用局所特徴量配列の要素の値0,1,*をそれぞれ所定の整数および実数のいずれか一方の値a,b,cに置き換える登録用符号化局所特徴量配列の作成と、前記登録用符号化局所特徴量配列の逆順に並べ替える逆順ソートと、前記逆順ソートした配列に対する前記フィルタの畳み込みとを含み、
前記位置補正用変換パラメータを用いた前記認証用部分特徴量配列の変換は、前記認証用部分特徴量配列の要素の値0,1,*をそれぞれ所定の整数および実数のいずれか一方の値a’,b’,c’に置き換える認証用符号化部分特徴量配列の作成と、前記認証用符号化部分特徴量配列に対する前記フィルタの逆畳み込みとを含み、
前記位置補正量の計算は、前記位置補正テンプレートと前記位置補正用変換特徴量とからの、前記登録用符号化部分特徴量配列と前記認証用符号化部分特徴量配列との相関配列の計算と、前記相関配列中で、最大値をとる配列要素の位置の検索と、前記位置に基づいて前記位置補正量の決定とを含むことを特徴とする請求項20に記載の生体認証システム。
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2009801307264A CN102113018B (zh) | 2008-10-31 | 2009-08-21 | 生物体认证方法及系统 |
US13/057,468 US8412940B2 (en) | 2008-10-31 | 2009-08-21 | Biometric authentication method and system |
KR1020117002750A KR101175033B1 (ko) | 2008-10-31 | 2009-08-21 | 생체 인증 방법 및 시스템 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2008-281588 | 2008-10-31 | ||
JP2008281588A JP5271669B2 (ja) | 2008-10-31 | 2008-10-31 | 生体認証方法およびシステム |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2010050104A1 true WO2010050104A1 (ja) | 2010-05-06 |
Family
ID=42128478
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2009/004022 WO2010050104A1 (ja) | 2008-10-31 | 2009-08-21 | 生体認証方法およびシステム |
Country Status (5)
Country | Link |
---|---|
US (1) | US8412940B2 (ja) |
JP (1) | JP5271669B2 (ja) |
KR (1) | KR101175033B1 (ja) |
CN (1) | CN102113018B (ja) |
WO (1) | WO2010050104A1 (ja) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105320869A (zh) * | 2014-06-27 | 2016-02-10 | 富士通株式会社 | 秘密数据匹配装置、秘密数据更新方法及记录介质 |
US20190065819A1 (en) * | 2017-08-30 | 2019-02-28 | Fujitsu Limited | Biological-image processing unit and method and program for processing biological image |
Families Citing this family (39)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2010036445A1 (en) * | 2008-07-22 | 2010-04-01 | Validity Sensors, Inc. | System, device and method for securing a device component |
US10180572B2 (en) | 2010-02-28 | 2019-01-15 | Microsoft Technology Licensing, Llc | AR glasses with event and user action control of external applications |
US9759917B2 (en) | 2010-02-28 | 2017-09-12 | Microsoft Technology Licensing, Llc | AR glasses with event and sensor triggered AR eyepiece interface to external devices |
US9366862B2 (en) | 2010-02-28 | 2016-06-14 | Microsoft Technology Licensing, Llc | System and method for delivering content to a group of see-through near eye display eyepieces |
US9097890B2 (en) | 2010-02-28 | 2015-08-04 | Microsoft Technology Licensing, Llc | Grating in a light transmissive illumination system for see-through near-eye display glasses |
US9097891B2 (en) | 2010-02-28 | 2015-08-04 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses including an auto-brightness control for the display brightness based on the brightness in the environment |
US9134534B2 (en) | 2010-02-28 | 2015-09-15 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses including a modular image source |
US9341843B2 (en) | 2010-02-28 | 2016-05-17 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with a small scale image source |
US20120249797A1 (en) | 2010-02-28 | 2012-10-04 | Osterhout Group, Inc. | Head-worn adaptive display |
US20150309316A1 (en) | 2011-04-06 | 2015-10-29 | Microsoft Technology Licensing, Llc | Ar glasses with predictive control of external device based on event input |
US9285589B2 (en) | 2010-02-28 | 2016-03-15 | Microsoft Technology Licensing, Llc | AR glasses with event and sensor triggered control of AR eyepiece applications |
US9229227B2 (en) | 2010-02-28 | 2016-01-05 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with a light transmissive wedge shaped illumination system |
US9091851B2 (en) | 2010-02-28 | 2015-07-28 | Microsoft Technology Licensing, Llc | Light control in head mounted displays |
AU2011220382A1 (en) | 2010-02-28 | 2012-10-18 | Microsoft Corporation | Local advertising content on an interactive head-mounted eyepiece |
US9129295B2 (en) | 2010-02-28 | 2015-09-08 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with a fast response photochromic film system for quick transition from dark to clear |
US9128281B2 (en) | 2010-09-14 | 2015-09-08 | Microsoft Technology Licensing, Llc | Eyepiece with uniformly illuminated reflective display |
US9223134B2 (en) | 2010-02-28 | 2015-12-29 | Microsoft Technology Licensing, Llc | Optical imperfections in a light transmissive illumination system for see-through near-eye display glasses |
US9182596B2 (en) | 2010-02-28 | 2015-11-10 | Microsoft Technology Licensing, Llc | See-through near-eye display glasses with the optical assembly including absorptive polarizers or anti-reflective coatings to reduce stray light |
JP5859953B2 (ja) * | 2010-09-30 | 2016-02-16 | パナソニック株式会社 | 生体認証システム、通信端末装置、生体認証装置、および生体認証方法 |
WO2012124115A1 (ja) | 2011-03-17 | 2012-09-20 | 富士通株式会社 | 生体情報取得装置、生体情報照合装置、及びプログラム |
FR2979727B1 (fr) * | 2011-09-06 | 2013-08-30 | Morpho | Identification par reconnaissance d'iris |
JP2013206187A (ja) * | 2012-03-28 | 2013-10-07 | Fujitsu Ltd | 情報変換装置、情報検索装置、情報変換方法、情報検索方法、情報変換プログラム、情報検索プログラム |
US8681950B2 (en) * | 2012-03-28 | 2014-03-25 | Interactive Intelligence, Inc. | System and method for fingerprinting datasets |
JP5930023B2 (ja) * | 2012-03-30 | 2016-06-08 | 富士通株式会社 | 生体認証装置、生体認証方法及び生体認証用コンピュータプログラム |
US8843759B2 (en) * | 2012-08-28 | 2014-09-23 | At&T Intellectual Property I, L.P. | Methods, systems, and computer program products for media-based authentication |
EP2933945A4 (en) | 2012-12-14 | 2016-08-03 | Nec Corp | SYSTEM, METHOD AND PROGRAM FOR MATCHING BITS CHAIN MATCHING |
FR3003061B1 (fr) * | 2013-03-11 | 2019-08-23 | Morpho | Procede de traitement securise de donnees et application a la biometrie |
CA2911719A1 (en) * | 2013-04-16 | 2014-10-23 | Imageware Systems, Inc. | Conditional and situational biometric authentication and enrollment |
JP6272499B2 (ja) * | 2014-03-21 | 2018-01-31 | コーニンクレッカ フィリップス エヌ ヴェKoninklijke Philips N.V. | 経験的ビット誤り確率に基づく生体特徴候補及び基準のソフト生成 |
FR3018934B1 (fr) * | 2014-03-24 | 2017-05-26 | Morpho | Procede d'enrolement de donnees dans une base pour la protection desdites donnees |
US9239957B2 (en) * | 2014-04-04 | 2016-01-19 | Fotonation Limited | Image processing method and apparatus |
JP6524899B2 (ja) | 2015-12-02 | 2019-06-05 | 富士通株式会社 | 秘匿データ照合装置、秘匿データ照合プログラムおよび秘匿データ照合方法 |
JP2018026046A (ja) * | 2016-08-12 | 2018-02-15 | ルネサスエレクトロニクス株式会社 | データ変換装置、検索システム、および方法 |
JP6792986B2 (ja) * | 2016-09-27 | 2020-12-02 | 株式会社日立製作所 | 生体認証装置 |
JP6712247B2 (ja) * | 2017-06-09 | 2020-06-17 | 株式会社日立製作所 | 生体署名システム及び生体署名方法 |
FR3089320B1 (fr) * | 2018-11-30 | 2021-05-14 | Idemia Identity & Security France | Vérification biométrique partagée entre un processeur et un élément sécurisé |
KR20200100481A (ko) * | 2019-02-18 | 2020-08-26 | 삼성전자주식회사 | 생체 정보를 인증하기 위한 전자 장치 및 그의 동작 방법 |
KR20200110064A (ko) | 2019-03-15 | 2020-09-23 | 삼성전자주식회사 | 변환 모델을 이용한 인증 방법 및 장치 |
JP7389446B2 (ja) * | 2019-05-13 | 2023-11-30 | 株式会社I.Meisters | 暗号化/復号化装置、暗号化/復号化方法並びに該方法を実行するためのコンピュータプログラム |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3307936B2 (ja) * | 1991-07-15 | 2002-07-29 | アイリスキャン・インコーポレーテッド | 虹彩解析に基づく生体測定学的人物識別システム |
JP2005209018A (ja) * | 2004-01-23 | 2005-08-04 | Kddi Corp | 生体認証システム及び生体認証方法 |
JP2006158851A (ja) * | 2004-12-10 | 2006-06-22 | Hitachi Ltd | 生体情報の特徴量変換方法および生体認証システム |
JP2007293807A (ja) * | 2006-03-29 | 2007-11-08 | Hitachi Information & Control Solutions Ltd | 生体認証方法およびシステム |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1997008868A1 (en) * | 1995-08-25 | 1997-03-06 | Quintet, Inc. | Method of secure communication using signature verification |
US7225338B2 (en) * | 2001-06-21 | 2007-05-29 | Sal Khan | Secure system for the identification of persons using remote searching of facial, iris and voice biometric templates |
US7006673B2 (en) * | 2001-07-25 | 2006-02-28 | Activcard Ireland Limited | Method of hash string extraction |
AU2003247364A1 (en) * | 2002-05-15 | 2003-12-02 | Bio-Key International, Inc. | Match template protection within biometric security systems |
WO2004019164A2 (en) * | 2002-08-20 | 2004-03-04 | Fusionarc, Inc. | Method of multiple algorithm processing of biometric data |
KR101163083B1 (ko) * | 2004-06-09 | 2012-07-06 | 코닌클리케 필립스 일렉트로닉스 엔.브이. | 위치 집합 사이의 대응성을 결정하는 시스템 및 방법, 및 컴퓨터 판독가능 매체 |
US7788101B2 (en) * | 2005-10-31 | 2010-08-31 | Hitachi, Ltd. | Adaptation method for inter-person biometrics variability |
WO2007069146A2 (en) * | 2005-12-13 | 2007-06-21 | Koninklijke Philips Electronics N.V. | Secure threshold decryption protocol computation |
JP4952026B2 (ja) * | 2006-03-31 | 2012-06-13 | 株式会社日立製作所 | 生体情報認証装置および認証方法 |
US8417960B2 (en) * | 2006-09-06 | 2013-04-09 | Hitachi, Ltd. | Method for generating an encryption key using biometrics authentication and restoring the encryption key and personal authentication system |
JP4996904B2 (ja) * | 2006-10-04 | 2012-08-08 | 株式会社日立製作所 | 生体認証システム、登録端末、認証端末、及び認証サーバ |
JP2008097438A (ja) * | 2006-10-13 | 2008-04-24 | Hitachi Ltd | ユーザ認証システム、認証サーバ、端末、及び耐タンパデバイス |
JP5011987B2 (ja) * | 2006-12-04 | 2012-08-29 | 株式会社日立製作所 | 認証システムの管理方法 |
WO2009041963A1 (en) * | 2007-09-24 | 2009-04-02 | University Of Notre Dame Du Lac | Iris recognition using consistency information |
-
2008
- 2008-10-31 JP JP2008281588A patent/JP5271669B2/ja active Active
-
2009
- 2009-08-21 KR KR1020117002750A patent/KR101175033B1/ko not_active IP Right Cessation
- 2009-08-21 US US13/057,468 patent/US8412940B2/en active Active
- 2009-08-21 WO PCT/JP2009/004022 patent/WO2010050104A1/ja active Application Filing
- 2009-08-21 CN CN2009801307264A patent/CN102113018B/zh not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3307936B2 (ja) * | 1991-07-15 | 2002-07-29 | アイリスキャン・インコーポレーテッド | 虹彩解析に基づく生体測定学的人物識別システム |
JP2005209018A (ja) * | 2004-01-23 | 2005-08-04 | Kddi Corp | 生体認証システム及び生体認証方法 |
JP2006158851A (ja) * | 2004-12-10 | 2006-06-22 | Hitachi Ltd | 生体情報の特徴量変換方法および生体認証システム |
JP2007293807A (ja) * | 2006-03-29 | 2007-11-08 | Hitachi Information & Control Solutions Ltd | 生体認証方法およびシステム |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105320869A (zh) * | 2014-06-27 | 2016-02-10 | 富士通株式会社 | 秘密数据匹配装置、秘密数据更新方法及记录介质 |
US20190065819A1 (en) * | 2017-08-30 | 2019-02-28 | Fujitsu Limited | Biological-image processing unit and method and program for processing biological image |
US10755073B2 (en) * | 2017-08-30 | 2020-08-25 | Fujitsu Limited | Biological-image processing unit and method and program for processing biological image |
Also Published As
Publication number | Publication date |
---|---|
JP2010108365A (ja) | 2010-05-13 |
KR20110039322A (ko) | 2011-04-15 |
US20110185176A1 (en) | 2011-07-28 |
JP5271669B2 (ja) | 2013-08-21 |
US8412940B2 (en) | 2013-04-02 |
CN102113018A (zh) | 2011-06-29 |
KR101175033B1 (ko) | 2012-08-17 |
CN102113018B (zh) | 2013-07-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5271669B2 (ja) | 生体認証方法およびシステム | |
Lee et al. | Biometric key binding: Fuzzy vault based on iris images | |
Tulyakov et al. | Symmetric hash functions for secure fingerprint biometric systems | |
Hao et al. | Combining cryptography with biometrics effectively | |
TWI479427B (zh) | 在樣板保護系統中定義分類臨限值 | |
JP4929136B2 (ja) | 生体認証方法、装置およびシステム | |
US20070031009A1 (en) | Method and system for string-based biometric authentication | |
WO2012097362A2 (en) | Protecting codes, keys and user credentials with identity and patterns | |
JP2010039890A (ja) | 認証端末、認証サーバ、認証システム、認証方法および認証プログラム | |
US11741263B1 (en) | Systems and processes for lossy biometric representations | |
Suresh et al. | Two-factor-based RSA key generation from fingerprint biometrics and password for secure communication | |
Aanjanadevi et al. | Face Attribute Convolutional Neural Network System for Data Security with Improved Crypto Biometrics. | |
Aeloor et al. | Securing biometric data with visual cryptography and steganography | |
EP2159759B1 (en) | Shaping classification boundaries in template protection systems | |
Gupta et al. | A model for biometric security using visual cryptography | |
CN114065169B (zh) | 一种隐私保护生物认证方法和装置、电子设备 | |
Xi et al. | FE-SViT: A SViT-based fuzzy extractor framework | |
Li et al. | Fingerprint authentication based on fuzzy extractor in the mobile device | |
JP2009129210A (ja) | チャレンジ・レスポンス生体認証方法 | |
Venkatachalam et al. | Cryptography key generation using biometrics | |
Cimato et al. | Biometrics and privacy | |
Jegede et al. | Face recognition and template protection with shielding function | |
Zhou et al. | Attacks and Improvement of Unlinkability of Biometric Template Protection Scheme Based on Bloom Filters | |
Cimato et al. | A biometric verification system addressing privacy concerns | |
US20220391327A1 (en) | Methods for enrolling data in order to verify the authenticity of a security datum or for verifying the authenticity of a security datum |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 200980130726.4 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 09823221 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 20117002750 Country of ref document: KR Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 13057468 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 09823221 Country of ref document: EP Kind code of ref document: A1 |