WO2018072061A1 - Method and device for encrypting electronic file - Google Patents

Method and device for encrypting electronic file Download PDF

Info

Publication number
WO2018072061A1
WO2018072061A1 PCT/CN2016/102270 CN2016102270W WO2018072061A1 WO 2018072061 A1 WO2018072061 A1 WO 2018072061A1 CN 2016102270 W CN2016102270 W CN 2016102270W WO 2018072061 A1 WO2018072061 A1 WO 2018072061A1
Authority
WO
WIPO (PCT)
Prior art keywords
biometric information
electronic file
feature data
data corresponding
terminal
Prior art date
Application number
PCT/CN2016/102270
Other languages
French (fr)
Chinese (zh)
Inventor
曾国坤
叶伟雄
Original Assignee
哈尔滨工业大学深圳研究生院
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 哈尔滨工业大学深圳研究生院 filed Critical 哈尔滨工业大学深圳研究生院
Priority to PCT/CN2016/102270 priority Critical patent/WO2018072061A1/en
Publication of WO2018072061A1 publication Critical patent/WO2018072061A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Definitions

  • the present invention relates to the field of information security technologies, and in particular, to an encryption method and apparatus for an electronic file.
  • the main object of the present invention is to provide an encryption method and device for an electronic file, which aims to solve the technical problem that the security of the electronic file is not high.
  • the present invention provides an encryption method for an electronic file, and the method for encrypting the electronic file includes the following steps:
  • the first biometric information group sent by the first terminal, feature data corresponding to each biometric information in the first biometric information group, wherein the first biometric information group is the a plurality of biometric information of a user collected by the first terminal;
  • the generated digital watermark is embedded in an electronic file to be encrypted to encrypt the electronic file.
  • the first biometric information group includes user voice information, user palm information, and user handwritten signature information.
  • the method further includes:
  • the steps of matching the feature data corresponding to the watermark include:
  • the method when receiving the second biometric information group sent by the second terminal, verifying feature data corresponding to each biometric information in the second biometric information group and a number embedded in the electronic file before the step of matching the feature data corresponding to the watermark, the method further includes:
  • the first biometric information group and the second biometric information group include user voice information, user palm information, and user handwritten signature information.
  • the biometric information in the second biometric information group is verified when the second biometric information set sent by the second terminal is received.
  • the step of matching the corresponding feature data with the feature data corresponding to the digital watermark embedded in the electronic file includes:
  • the method further includes:
  • the present invention also provides an encryption device for an electronic file, and the encryption device for the electronic file includes:
  • an extraction module configured to: when receiving the first biometric information group sent by the first terminal, extract feature data corresponding to each biometric information in the first biometric information group, where the first biometric feature
  • the information group is a plurality of biometric information of a user collected by the first terminal;
  • a generating module configured to fuse the extracted plurality of feature data according to a preset fusion algorithm to generate a corresponding digital watermark
  • a processing module configured to embed the generated digital watermark into an electronic file to be encrypted, to encrypt the electronic file.
  • the first biometric information group includes user voice information, user palm information, and user handwritten signature information.
  • the encryption device of the electronic file further includes:
  • a verification module configured to verify feature data corresponding to each biometric information in the second biometric information group and a number embedded in the electronic file when receiving the second biometric information set sent by the second terminal Whether the feature data corresponding to the watermark matches;
  • An authorization module configured to authorize the second terminal to acquire the feature data corresponding to each biometric information in the second biometric information group and the feature data corresponding to the digital watermark embedded in the electronic file The content of the electronic file.
  • the verification module comprises:
  • an extracting unit configured to: when receiving the second biometric information group sent by the second terminal, extract feature data corresponding to each biometric information in the second biometric information group;
  • a verification unit configured to compare feature data corresponding to each biometric information in the second biometric information group with feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verify Whether the second biometric information group matches the digital watermark embedded in the electronic file, wherein, for each biometric information, corresponding feature data and the electronic file in the second biometric information group When the feature data corresponding to the embedded digital watermark is matched, the feature data corresponding to each biometric information in the second biometric information group is verified to match the feature data corresponding to the digital watermark embedded in the electronic file.
  • the encryption device of the electronic file further includes:
  • a sending module configured to send a user identity verification command to the second terminal when the second terminal receives the electronic file acquisition request sent by the second terminal, where the second terminal collects the second biometric information group of the user, and feeds back The collected second biometric information set.
  • the first biometric information group and the second biometric information group include user voice information, user palm information, and user handwritten signature information.
  • the verification module is further configured to:
  • the extracting module is further configured to: when receiving the second biometric information group sent by the second terminal, extract feature data corresponding to each biometric information in the second biometric information group;
  • the generating module is further configured to fuse the feature data corresponding to each biometric information in the second biometric information group according to a preset fusion algorithm to generate a corresponding digital watermark;
  • the encryption device of the electronic file further includes:
  • an authorization module configured to authorize the second terminal to acquire content of the electronic file when the generated digital watermark matches the digital watermark embedded in the electronic file.
  • the method and device for encrypting an electronic file when the user needs to encrypt an electronic file, extract feature data corresponding to the plurality of biometric information of the user, and fuse the extracted plurality of feature data to generate a corresponding
  • the digital watermark is then embedded into the electronic file to be encrypted to encrypt the electronic file. Since each person's biometric information is unique, others cannot copy the biometric information of the user, and the encryption method of the present invention is more secure than the existing encryption method by the secret key, and the electronic file is improved. safety.
  • FIG. 1 is a schematic flow chart of a first embodiment of an encryption method for an electronic file according to the present invention
  • FIG. 2 is a schematic flow chart of a second embodiment of an encryption method for an electronic file according to the present invention.
  • FIG. 3 is a schematic diagram of functional modules of a first embodiment of an encryption device for an electronic file according to the present invention.
  • FIG. 4 is a schematic diagram of functional modules of a second embodiment of an encryption device for an electronic file according to the present invention.
  • FIG. 1 is a schematic flowchart diagram of a first embodiment of an encryption method for an electronic file according to the present invention.
  • the method for encrypting the electronic file includes the following steps:
  • Step S10 When receiving the first biometric information group sent by the first terminal, extract feature data corresponding to each biometric information in the first biometric information group, where the first biometric information group a plurality of biometric information of a user collected for the first terminal;
  • an encryption system of an electronic file is formed by a terminal such as a smart phone or a PAD (tablet computer) and a corresponding server.
  • a terminal such as a smart phone or a PAD (tablet computer) and a corresponding server.
  • the electronic file is encrypted by the server. Specifically, first, the user collects the user's own first biometric information group through the first terminal.
  • the first biometric information group includes multiple biometric information of the user, for example, including user voice information, user palm information, user handwritten signature information, and user face information. After the user collects the first biometric information group of the user by using the first terminal, the first biometric information group collected by the first terminal is sent to the server.
  • the first biometric information group may also have interference information, such as other voice information in the environment.
  • the watermarking capacity of the digital watermarking algorithm is small. Therefore, when the server receives the first biometric information group sent by the first terminal, the feature data corresponding to each biometric information in the first biometric information group is extracted. For example, using improved SIFT (Scale-invariant Feature Transform, extract local feature algorithm) The algorithm extracts the feature information of the user's palm, and obtains the feature data corresponding to the user's palm information through operations such as rotation angle correction and image contrast enhancement.
  • SIFT Scale-invariant Feature Transform, extract local feature algorithm
  • the user voice information is first subjected to pre-processing such as voice denoising and endpoint detection, for example, performing WT denoising. Then, based on the short-time energy speech effective component extraction algorithm, the pre-processed speech information is extracted, and the feature data corresponding to the user speech information is obtained. Based on DTW (Dynamic Time Warping (dynamic time rounding) algorithm extracts the feature of the user's handwritten signature information, and obtains the feature data corresponding to the user's handwritten signature information.
  • DTW Dynamic Time Warping
  • Step S20 merging the extracted plurality of feature data according to a preset fusion algorithm to generate a corresponding digital watermark
  • the server fuses the extracted plurality of the feature data according to a preset fusion algorithm. For example, combining the data layer image fusion technology, the feature layer image fusion technology, the matching layer image fusion technology, and the decision layer image fusion technology to fuse the extracted plurality of feature data.
  • data layer image fusion is image fusion, which is a process of merging multiple input images into a single image in a certain way. Input images can be acquired from different sensors and different channels.
  • Feature layer image fusion refers to the feature extraction of different images, and then the feature vectors of the image are fused to obtain a new feature vector.
  • the feature layer fusion Compared with the data layer fusion, the feature layer fusion not only retains enough feature information in the image, but also achieves compression of the image, requiring less storage space.
  • the feature vectors of each biological image need to be extracted, and the feature matching operations are performed independently, and then the feature matching scores of each single-modal biological feature can be obtained, and then the multiple feature matching scores are merged.
  • identity is the decision layer image fusion process for each single-modal biological image after the feature extraction and classification has been completed, according to the credibility of each decision. Decision-making fusion is to identify first, and then to correlate the results of each decision, and finally to achieve the best results.
  • the server fuses the plurality of feature data, the digital watermark corresponding to the first biometric information group is generated according to the merged feature data.
  • Step S30 embedding the generated digital watermark into an electronic file to be encrypted to encrypt the electronic file.
  • the server After generating the digital watermark corresponding to the first biometric information group by step S20, according to the watermark embedding algorithm, the server embeds the generated digital watermark into the electronic file to be encrypted by the user.
  • the watermark embedding algorithm includes a time domain watermarking algorithm and a frequency domain watermarking algorithm.
  • the time domain watermarking algorithm directly embeds the watermark into the spatial domain of the digital carrier, and utilizes the redundancy of the signal in the time domain, which is usually invisible, but the Lubang is poor.
  • the frequency domain watermarking algorithm first transforms the carrier signal from the time domain to the frequency domain, embeds the watermark in the frequency domain subband, and then transforms the watermarked frequency domain signal into the time domain.
  • the algorithm has good robustness and poor invisibility.
  • the electronic file is encrypted by embedding a digital watermark corresponding to the biometric information of the user in the electronic file.
  • the feature corresponding to each biometric information in the first biometric information group is extracted.
  • a second embodiment of the encryption method of the electronic file of the present invention is proposed based on the first embodiment.
  • the method further includes:
  • Step S40 when receiving the second biometric information group sent by the second terminal, verifying that the feature data corresponding to each biometric information in the second biometric information group corresponds to the digital watermark embedded in the electronic file. Whether the feature data matches;
  • Step S50 When the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file, the second terminal is authorized to acquire the electronic The content of the file.
  • the user when the user wants to obtain the content of the encrypted electronic file, the user collects the second biometric information group through the second terminal.
  • the second biometric information group is the same as the biometric information included in the first biometric information group, and includes, for example, user voice information, user palm information, user handwritten signature information, etc., the second terminal may be the first The terminals are the same terminal or different terminals.
  • the collected second biometric information group is sent to the server.
  • the server receives the second set of biometric information sent by the second terminal, it is verified whether the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file.
  • the step S40 includes:
  • Step a when receiving the second biometric information group sent by the second terminal, extracting feature data corresponding to each biometric information in the second biometric information group;
  • Step b comparing feature data corresponding to each biometric information in the second biometric information group with feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verifying the Whether the second biometric information group matches the digital watermark embedded in the electronic file, wherein for each biometric information, corresponding feature data in the second biometric information group is embedded in the electronic file
  • the feature data corresponding to the digital watermark is matched, the feature data corresponding to each biometric information in the second biometric information group is verified to match the feature data corresponding to the digital watermark embedded in the electronic file.
  • the server receives the second set of biometric information sent by the second terminal, the feature data corresponding to each biometric information in the second biometric information set is extracted according to the manner described in the first embodiment.
  • the method further includes:
  • the server extracts the feature data corresponding to each biometric information in the second biometric information group, or before extracting the feature data corresponding to each biometric information in the second biometric information group. And extracting a plurality of feature data corresponding to the digital watermark embedded in the electronic file, that is, extracting feature data corresponding to the first set of biometric data.
  • the server After the server extracts the feature data corresponding to each biometric information in the second biometric information group and extracts the plurality of feature data corresponding to the digital watermark embedded in the electronic file, the server will each of the second biometric information groups Comparing the feature data corresponding to the biometric information with the feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verifying whether the second biometric information set and the digital watermark embedded in the electronic file are verified by the comparison result match. When the biometric information matches the corresponding feature data in the second biometric information group and the feature data corresponding to the digital watermark embedded in the electronic file, the server verifies each of the second biometric information groups.
  • the feature data corresponding to the biometric information matches the feature data corresponding to the digital watermark embedded in the electronic file, that is, the user identity authentication succeeds.
  • the server verifies that the feature data corresponding to the user voice information in the second group of biological information matches the feature data of the user voice information corresponding to the digital watermark embedded in the electronic file, and the feature corresponding to the user's palm information in the second group of biological information
  • the data is matched with the feature data of the user's palm information corresponding to the digital watermark embedded in the electronic file, and the feature data corresponding to the user's handwritten signature information in the second set of biological information and the user's handwritten signature information corresponding to the digital watermark embedded in the electronic file
  • the feature data corresponding to each biometric information in the second biometric information group is verified to match the feature data corresponding to the digital watermark embedded in the electronic file, that is, the user identity authentication is successful.
  • the feature data corresponding to the user's same biometric information may be different at different times.
  • the feature data corresponding to the user's voice information in the case of a cold is corresponding to the user's voice information in the case that the user does not have a cold.
  • the characteristic data is different. Therefore, a preset number may also be set, the preset number of values being smaller than the number of biometric information included in the second biometric information group.
  • the server verifies that the feature data corresponding to the user palm information in the second group of biometric information matches the feature data of the user palm information corresponding to the digital watermark embedded in the electronic file, and the second group of creatures If the feature data corresponding to the user's handwritten signature information in the information matches the feature data of the user's handwritten signature information corresponding to the digital watermark embedded in the electronic file, whether the feature data corresponding to the user voice information in the second group of biological information is related to the electronic file The feature data matching of the user voice information corresponding to the digital watermark embedded in the digital resource is verified to match that the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file.
  • the method further includes:
  • Step c when receiving the second biometric information group sent by the second terminal, extracting feature data corresponding to each biometric information in the second biometric information group;
  • Step d merging feature data corresponding to each biometric information in the second biometric information group according to a preset fusion algorithm to generate a corresponding digital watermark;
  • step e when the generated digital watermark matches the digital watermark embedded in the electronic file, the second terminal is authorized to acquire the content of the electronic file.
  • the server when the server receives the second biometric information group sent by the second terminal, extracting, according to the first embodiment, corresponding to each biometric information in the second biometric information group. Feature data, and then, the feature data corresponding to each biometric information in the second biometric information group is fused according to a preset fusion algorithm to generate a corresponding digital watermark. After generating the digital watermark corresponding to the second biometric information group, the server verifies whether the digital watermark corresponding to the generated second biometric information group matches the digital watermark embedded in the electronic file. And when the generated digital watermark corresponding to the second biometric information group matches the digital watermark embedded in the electronic file, the second terminal is authorized to acquire the content of the electronic file.
  • the step S40 includes:
  • Step f when receiving the second biometric information group sent by the second terminal, verifying whether the digital watermark corresponding feature data exists in the plurality of digital watermarks embedded in the electronic file and the second biometric information group Matching feature data corresponding to each biometric information, wherein the second data is verified when the feature data corresponding to the digital watermark matches the feature data corresponding to each biometric information in the second biometric information group
  • the feature data corresponding to each biometric information in the biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file.
  • a digital watermark corresponding to the biometric information of the plurality of users may be embedded in the electronic file.
  • the server compares the feature data corresponding to the second biometric information group with the feature data corresponding to each digital watermark embedded in the electronic file, and verifies whether there is a digital watermark corresponding to The feature data matches the feature data corresponding to each of the biometric information in the second biometric information group.
  • the server authorizes the second terminal to acquire the content of the electronic file.
  • the method further includes:
  • Step g when receiving the electronic file acquisition request sent by the second terminal, sending a user identity verification command to the second terminal, where the second terminal collects the second biometric information group of the user, and collects the feedback The second biometric information set.
  • the user when the user wants to obtain the content of the encrypted electronic file, the user sends an electronic file acquisition request to the server through the second terminal.
  • the server receives the electronic file acquisition request sent by the second terminal, the server sends a user identity verification command to the second terminal.
  • the second terminal receives the user identity verification command sent by the server, the second terminal collects the second biometric information group of the user. And performing an operation of transmitting the collected second biometric information group to the server.
  • the server when receiving the second biometric information group sent by the second terminal, the server verifies whether the second biometric information group matches the digital watermark embedded in the electronic file, only in the second biometric information group.
  • the second terminal is authorized to acquire the content of the electronic file, thereby improving the security of the electronic file.
  • FIG. 3 is a schematic diagram of functional modules of a first embodiment of an encryption apparatus for an electronic file according to the present invention.
  • the encryption device of the electronic file includes:
  • the extracting module 10 is configured to: when receiving the first biometric information set sent by the first terminal, extract feature data corresponding to each biometric information in the first biometric information group, where the first biometric The feature information group is a plurality of biometric information of a user collected by the first terminal;
  • an encryption system for an electronic file is formed by a terminal such as a smart phone or a PAD (tablet computer) and a corresponding server, and an encryption device for an electronic file is disposed on the server side.
  • the electronic file is encrypted by the encryption device of the electronic file.
  • the user collects the user's own first biometric information group through the first terminal.
  • the first biometric information group includes multiple biometric information of the user, for example, including user voice information, user palm information, user handwritten signature information, and user face information. After the user collects the first biometric information group of the user by using the first terminal, the first biometric information group collected by the first terminal is sent to the server.
  • the extraction module 10 extracts feature data corresponding to each biometric information in the first biometric information group. For example, using improved SIFT (Scale-invariant Feature Transform, extract local feature algorithm) The algorithm extracts the feature information of the user's palm, and obtains the feature data corresponding to the user's palm information through operations such as rotation angle correction and image contrast enhancement.
  • SIFT Scale-invariant Feature Transform, extract local feature algorithm
  • the user voice information is first subjected to pre-processing such as voice denoising and endpoint detection, for example, performing WT denoising. Then, based on the short-time energy speech effective component extraction algorithm, the pre-processed speech information is extracted, and the feature data corresponding to the user speech information is obtained.
  • DTW Dynamic Time Warping (dynamic time rounding) algorithm extracts the feature of the user's handwritten signature information, and obtains the feature data corresponding to the user's handwritten signature information.
  • the generating module 20 is configured to fuse the extracted plurality of feature data according to a preset fusion algorithm to generate a corresponding digital watermark;
  • the generating module 20 fuses the extracted plurality of the feature data according to a preset fusion algorithm. For example, combining the data layer image fusion technology, the feature layer image fusion technology, the matching layer image fusion technology, and the decision layer image fusion technology to fuse the extracted plurality of feature data. After the merging of the plurality of feature data, the generating module 20 generates a digital watermark corresponding to the first biometric information group according to the fused feature data.
  • the processing module 30 is configured to embed the generated digital watermark into an electronic file to be encrypted to encrypt the electronic file.
  • the processing module 30 embeds the generated digital watermark into the electronic file to be encrypted by the user according to the watermark embedding algorithm.
  • the watermark embedding algorithm includes a time domain watermarking algorithm and a frequency domain watermarking algorithm.
  • the time domain watermarking algorithm directly embeds the watermark into the spatial domain of the digital carrier, and utilizes the redundancy of the signal in the time domain, which is usually invisible, but the Lubang is poor.
  • the frequency domain watermarking algorithm first transforms the carrier signal from the time domain to the frequency domain, embeds the watermark in the frequency domain subband, and then transforms the watermarked frequency domain signal into the time domain.
  • the algorithm has good robustness and poor invisibility.
  • the processing module 30 encrypts the electronic file by embedding a digital watermark corresponding to the biometric information of the user in the electronic file.
  • the extraction module 10 extracts each biometric information in the first biometric information group when receiving the first biometric information group sent by the first terminal.
  • the generating module 20 fuses the extracted plurality of feature data to generate a corresponding digital watermark, and then the processing module 30 embeds the generated digital watermark into the electronic file to be encrypted to encrypt the electronic file. Since each person's biometric information is unique, only the user can decrypt the electronic file, and others cannot decrypt it. Compared with the existing method of encrypting the key, the security of the electronic file is improved.
  • the encryption device of the electronic file further includes:
  • the verification module 40 is configured to verify feature data corresponding to each biometric information in the second biometric information group and embedded in the electronic file when receiving the second biometric information group sent by the second terminal Whether the feature data corresponding to the digital watermark matches;
  • the authorization module 50 is configured to authorize the second terminal to acquire when the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file. The content of the electronic file.
  • the user when the user wants to obtain the content of the encrypted electronic file, the user collects the second biometric information group through the second terminal.
  • the second biometric information group is the same as the biometric information included in the first biometric information group, and includes, for example, user voice information, user palm information, user handwritten signature information, etc., the second terminal may be the first The terminals are the same terminal or different terminals.
  • the collected second biometric information group is sent to the server.
  • the verification module 40 verifies the feature data corresponding to each biometric information in the second biometric information group and the feature data corresponding to the digital watermark embedded in the electronic file. Whether it matches.
  • the verification module 40 includes:
  • an extracting unit configured to: when receiving the second biometric information group sent by the second terminal, extract feature data corresponding to each biometric information in the second biometric information group;
  • a verification unit configured to compare feature data corresponding to each biometric information in the second biometric information group with feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verify Whether the second biometric information group matches the digital watermark embedded in the electronic file, wherein, for each biometric information, corresponding feature data and the electronic file in the second biometric information group When the feature data corresponding to the embedded digital watermark is matched, the feature data corresponding to each biometric information in the second biometric information group is verified to match the feature data corresponding to the digital watermark embedded in the electronic file.
  • the extracting unit extracts the feature data corresponding to each biometric information in the second biometric information group according to the manner described in the first embodiment.
  • the extraction module 10 is further configured to:
  • the extraction module 10 extracts a plurality of feature data corresponding to the digital watermark embedded in the electronic file, that is, extracts feature data corresponding to the first set of biometric data.
  • the verification unit After extracting the feature data corresponding to each biometric information in the second biometric information group and extracting the plurality of feature data corresponding to the digital watermark embedded in the electronic file, the verification unit will each of the second biometric information groups Comparing the feature data corresponding to the biometric information with the feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verifying whether the second biometric information set and the digital watermark embedded in the electronic file are verified by the comparison result match.
  • the verification unit verifies the second biometric information group.
  • the feature data corresponding to each biometric information matches the feature data corresponding to the digital watermark embedded in the electronic file, that is, the user identity authentication succeeds.
  • the feature data corresponding to the user's same biometric information may be different at different times.
  • the feature data corresponding to the user's voice information in the case of a cold is corresponding to the user's voice information in the case that the user does not have a cold.
  • the characteristic data is different. Therefore, a preset number may also be set, the preset number of values being smaller than the number of biometric information included in the second biometric information group.
  • the verification unit verifies that the feature data corresponding to the user palm information in the second group of biometric information matches the feature data of the user palm information corresponding to the digital watermark embedded in the electronic file, and the second group
  • the feature data corresponding to the user's handwritten signature information in the biometric information matches the feature data of the user's handwritten signature information corresponding to the digital watermark embedded in the electronic file, and whether the feature data corresponding to the user's voice information in the second set of biometric information is related to the electronic
  • the feature data matching of the user voice information corresponding to the digital watermark embedded in the file matches that the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file.
  • the extracting module 10 is further configured to: when receiving the second biometric information group sent by the second terminal, extract feature data corresponding to each biometric information in the second biometric information group;
  • the generating module 20 is further configured to fuse the feature data corresponding to each biometric information in the second biometric information group according to a preset fusion algorithm to generate a corresponding digital watermark;
  • the authorization module 50 is further configured to authorize the second terminal to acquire the content of the electronic file when the generated digital watermark matches the digital watermark embedded in the electronic file.
  • the extraction module 10 extracts each biometric feature in the second biometric information group according to the manner in the first embodiment.
  • the feature data corresponding to the information is then fused by the generating module 20 to the feature data corresponding to each biometric information in the second biometric information group according to a preset fusion algorithm to generate a corresponding digital watermark.
  • the verification module 40 verifies whether the digital watermark corresponding to the generated second biometric information group matches the digital watermark embedded in the electronic file.
  • the authorization module 50 authorizes the second terminal to acquire the content of the electronic file.
  • the verification module 40 is further configured to:
  • a digital watermark corresponding to the biometric information of the plurality of users may be embedded in the electronic file.
  • the verification module 40 compares the feature data corresponding to the second biometric information group with the feature data corresponding to each digital watermark embedded in the electronic file, and verifies whether a digital watermark exists.
  • the corresponding feature data matches the feature data corresponding to each of the biometric information in the second biometric information group.
  • the authorization module 50 authorizes the second terminal to acquire the content of the electronic file.
  • the encryption device of the electronic file further includes:
  • a sending module configured to send a user identity verification command to the second terminal when the second terminal receives the electronic file acquisition request sent by the second terminal, where the second terminal collects the second biometric information group of the user, and feeds back The collected second biometric information set.
  • the user when the user wants to obtain the content of the encrypted electronic file, the user sends an electronic file acquisition request to the server through the second terminal.
  • the sending module sends the user identity verification command to the second terminal.
  • the second terminal receives the user identity verification command sent by the server, the second terminal collects the second biometric information group of the user. And performing an operation of transmitting the collected second biometric information group to the server.
  • the verification module 40 verifies whether the second biometric information group matches the digital watermark embedded in the electronic file, only in the second biometric feature.
  • the authorization module 50 authorizes the second terminal to acquire the content of the electronic file, thereby improving the security of the electronic file.

Abstract

Provided are a method and device for encrypting an electronic file. The method for encrypting an electronic file comprises the following steps: upon receiving a first biometric information set sent by a first terminal, extracting, from the first biometric information set, a characteristic data item corresponding to each biometric information item, wherein the first biometric information set comprises multiple biometric information items of a user collected by the first terminal (S10); performing, according to a preset fusion algorithm, fusion on multiple extracted characteristic data items to generate a corresponding digital watermark (S20); and embedding the digital watermark in an electronic file to be encrypted to perform encryption on the electronic file (S30). The invention increases security for an electronic file.

Description

电子文件的加密方法及装置  Electronic file encryption method and device
技术领域Technical field
本发明涉及信息安全技术领域,尤其涉及一种电子文件的加密方法及装置。The present invention relates to the field of information security technologies, and in particular, to an encryption method and apparatus for an electronic file.
背景技术Background technique
随着计算机网络和信息技术的发展,电子邮件、电子合同、电子文档、音视频等电子文件的安全问题日益突出。现有技术中,为了保护这些电子文件不被攻击者非法窃取,通常采用秘钥对其进行加密处理。但是,攻击者可以通过相应手段破解秘钥,当秘钥一旦被破解后,电子文件就可以被人任意拷贝、修改等,电子文件的安全性不高。With the development of computer networks and information technology, the security of electronic documents such as e-mail, electronic contracts, electronic documents, audio and video has become increasingly prominent. In the prior art, in order to protect these electronic files from being illegally stolen by an attacker, they are usually encrypted by using a secret key. However, the attacker can crack the secret key by means of corresponding means. Once the secret key is cracked, the electronic file can be arbitrarily copied, modified, etc., and the security of the electronic file is not high.
发明内容Summary of the invention
本发明的主要目的在于提供一种电子文件的加密方法和装置,旨在解决电子文件安全性不高的技术问题。The main object of the present invention is to provide an encryption method and device for an electronic file, which aims to solve the technical problem that the security of the electronic file is not high.
为实现上述目的,本发明提供一种电子文件的加密方法,所述电子文件的加密方法包括以下步骤:To achieve the above object, the present invention provides an encryption method for an electronic file, and the method for encrypting the electronic file includes the following steps:
在接收到第一终端发送的第一生物特征信息组时,提取所述第一生物特征信息组中的每种生物特征信息对应的特征数据,其中,所述第一生物特征信息组为所述第一终端采集的一个用户的多种生物特征信息;And acquiring, according to the first biometric information group sent by the first terminal, feature data corresponding to each biometric information in the first biometric information group, wherein the first biometric information group is the a plurality of biometric information of a user collected by the first terminal;
按照预设的融合算法对提取的多个所述特征数据进行融合,生成对应的数字水印;And extracting the extracted plurality of feature data according to a preset fusion algorithm to generate a corresponding digital watermark;
将生成的所述数字水印嵌入到待加密的电子文件中,以对所述电子文件进行加密。The generated digital watermark is embedded in an electronic file to be encrypted to encrypt the electronic file.
优选地,所述第一生物特征信息组中包括用户语音信息、用户手掌信息以及用户手写签名信息。Preferably, the first biometric information group includes user voice information, user palm information, and user handwritten signature information.
优选地,所述将生成的所述数字水印嵌入到待加密的电子文件中的步骤之后,还包括:Preferably, after the step of embedding the generated digital watermark in an electronic file to be encrypted, the method further includes:
在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配;When receiving the second biometric information group sent by the second terminal, verifying feature data corresponding to each biometric information in the second biometric information group and feature data corresponding to the digital watermark embedded in the electronic file Whether it matches;
在所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配时,授权所述第二终端获取所述电子文件的内容。Authorizing, by the second terminal, the content of the electronic file when the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file .
优选地,所述在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配的步骤包括:Preferably, when receiving the second biometric information group sent by the second terminal, verifying feature data corresponding to each biometric information in the second biometric information group and a number embedded in the electronic file The steps of matching the feature data corresponding to the watermark include:
在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;And acquiring feature data corresponding to each biometric information in the second biometric information group when receiving the second biometric information group sent by the second terminal;
将所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的每种生物特征信息的特征数据进行比对,验证所述第二生物特征信息组与所述电子文件中嵌入的数字水印是否匹配,其中,对于每种生物特征信息,在所述第二生物特征信息组中对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据均匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。Comparing the feature data corresponding to each biometric information in the second biometric information group with the feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verifying the second biometric Whether the feature information group matches the digital watermark embedded in the electronic file, wherein, for each biometric information, the corresponding feature data in the second biometric information group corresponds to the digital watermark embedded in the electronic file When the feature data is matched, the feature data corresponding to each biometric information in the second biometric information group is verified to match the feature data corresponding to the digital watermark embedded in the electronic file.
优选地,所述在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配的步骤之前,还包括:Preferably, when receiving the second biometric information group sent by the second terminal, verifying feature data corresponding to each biometric information in the second biometric information group and a number embedded in the electronic file Before the step of matching the feature data corresponding to the watermark, the method further includes:
在接收到第二终端发送的电子文件获取请求时,发送用户身份验证指令至所述第二终端,以供所述第二终端采集用户的第二生物特征信息组,并反馈采集到的所述第二生物特征信息组。Receiving a user identity verification command to the second terminal, where the second terminal collects the second biometric information group of the user, and feeds back the collected Second biometric information set.
优选地,所述第一生物特征信息组和所述第二生物特征信息组中包括用户语音信息、用户手掌信息以及用户手写签名信息。Preferably, the first biometric information group and the second biometric information group include user voice information, user palm information, and user handwritten signature information.
优选地,当所述电子文件中嵌入多个数字水印时,所述在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配的步骤包括:Preferably, when a plurality of digital watermarks are embedded in the electronic file, the biometric information in the second biometric information group is verified when the second biometric information set sent by the second terminal is received. The step of matching the corresponding feature data with the feature data corresponding to the digital watermark embedded in the electronic file includes:
在接收到第二终端发送的第二生物特征信息组时,验证所述电子文件中嵌入的多个数字水印中是否存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配,其中,在存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。When receiving the second biometric information group sent by the second terminal, verifying whether the digital watermark corresponding feature data and the second biometric information group are present in the plurality of digital watermarks embedded in the electronic file Matching the feature data corresponding to the biometric information, wherein the second biometric information is verified when the feature data corresponding to the digital watermark matches the feature data corresponding to each biometric information in the second biometric information group The feature data corresponding to each biometric information in the group matches the feature data corresponding to the digital watermark embedded in the electronic file.
优选地,所述将生成的所述数字水印嵌入到待加密的电子文件中的步骤之后,还包括:Preferably, after the step of embedding the generated digital watermark in an electronic file to be encrypted, the method further includes:
在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;And acquiring feature data corresponding to each biometric information in the second biometric information group when receiving the second biometric information group sent by the second terminal;
按照预设的融合算法对所述第二生物特征信息组中的每种生物特征信息对应的特征数据进行融合,生成对应的数字水印;Generating, according to a preset fusion algorithm, feature data corresponding to each biometric information in the second biometric information group to generate a corresponding digital watermark;
在生成的所述数字水印与所述电子文件中嵌入的数字水印匹配时,授权所述第二终端获取所述电子文件的内容。And when the generated digital watermark matches the digital watermark embedded in the electronic file, authorizing the second terminal to acquire the content of the electronic file.
此外,为实现上述目的,本发明还提出一种电子文件的加密装置,所述电子文件的加密装置包括:In addition, in order to achieve the above object, the present invention also provides an encryption device for an electronic file, and the encryption device for the electronic file includes:
提取模块,用于在接收到第一终端发送的第一生物特征信息组时,提取所述第一生物特征信息组中的每种生物特征信息对应的特征数据,其中,所述第一生物特征信息组为所述第一终端采集的一个用户的多种生物特征信息;And an extraction module, configured to: when receiving the first biometric information group sent by the first terminal, extract feature data corresponding to each biometric information in the first biometric information group, where the first biometric feature The information group is a plurality of biometric information of a user collected by the first terminal;
生成模块,用于按照预设的融合算法对提取的多个所述特征数据进行融合,生成对应的数字水印;a generating module, configured to fuse the extracted plurality of feature data according to a preset fusion algorithm to generate a corresponding digital watermark;
处理模块,用于将生成的所述数字水印嵌入到待加密的电子文件中,以对所述电子文件进行加密。And a processing module, configured to embed the generated digital watermark into an electronic file to be encrypted, to encrypt the electronic file.
优选地,所述第一生物特征信息组中包括用户语音信息、用户手掌信息以及用户手写签名信息。Preferably, the first biometric information group includes user voice information, user palm information, and user handwritten signature information.
优选地,所述电子文件的加密装置还包括:Preferably, the encryption device of the electronic file further includes:
验证模块,用于在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配;a verification module, configured to verify feature data corresponding to each biometric information in the second biometric information group and a number embedded in the electronic file when receiving the second biometric information set sent by the second terminal Whether the feature data corresponding to the watermark matches;
授权模块,用于在所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配时,授权所述第二终端获取所述电子文件的内容。An authorization module, configured to authorize the second terminal to acquire the feature data corresponding to each biometric information in the second biometric information group and the feature data corresponding to the digital watermark embedded in the electronic file The content of the electronic file.
优选地,所述验证模块包括:Preferably, the verification module comprises:
提取单元,用于在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;And an extracting unit, configured to: when receiving the second biometric information group sent by the second terminal, extract feature data corresponding to each biometric information in the second biometric information group;
验证单元,用于将所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的每种生物特征信息的特征数据进行比对,验证所述第二生物特征信息组与所述电子文件中嵌入的数字水印是否匹配,其中,对于每种生物特征信息,在所述第二生物特征信息组中对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据均匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。a verification unit, configured to compare feature data corresponding to each biometric information in the second biometric information group with feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verify Whether the second biometric information group matches the digital watermark embedded in the electronic file, wherein, for each biometric information, corresponding feature data and the electronic file in the second biometric information group When the feature data corresponding to the embedded digital watermark is matched, the feature data corresponding to each biometric information in the second biometric information group is verified to match the feature data corresponding to the digital watermark embedded in the electronic file.
优选地,所述电子文件的加密装置还包括:Preferably, the encryption device of the electronic file further includes:
发送模块,用于在接收到第二终端发送的电子文件获取请求时,发送用户身份验证指令至所述第二终端,以供所述第二终端采集用户的第二生物特征信息组,并反馈采集到的所述第二生物特征信息组。a sending module, configured to send a user identity verification command to the second terminal when the second terminal receives the electronic file acquisition request sent by the second terminal, where the second terminal collects the second biometric information group of the user, and feeds back The collected second biometric information set.
优选地,所述第一生物特征信息组和所述第二生物特征信息组中包括用户语音信息、用户手掌信息以及用户手写签名信息。Preferably, the first biometric information group and the second biometric information group include user voice information, user palm information, and user handwritten signature information.
优选地,当所述电子文件中嵌入多个数字水印时,所述验证模块还用于:Preferably, when a plurality of digital watermarks are embedded in the electronic file, the verification module is further configured to:
在接收到第二终端发送的第二生物特征信息组时,验证所述电子文件中嵌入的多个数字水印中是否存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配,其中,在存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。When receiving the second biometric information group sent by the second terminal, verifying whether the digital watermark corresponding feature data and the second biometric information group are present in the plurality of digital watermarks embedded in the electronic file Matching the feature data corresponding to the biometric information, wherein the second biometric information is verified when the feature data corresponding to the digital watermark matches the feature data corresponding to each biometric information in the second biometric information group The feature data corresponding to each biometric information in the group matches the feature data corresponding to the digital watermark embedded in the electronic file.
优选地,所述提取模块,还用于在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;Preferably, the extracting module is further configured to: when receiving the second biometric information group sent by the second terminal, extract feature data corresponding to each biometric information in the second biometric information group;
所述生成模块,还用于按照预设的融合算法对所述第二生物特征信息组中的每种生物特征信息对应的特征数据进行融合,生成对应的数字水印;The generating module is further configured to fuse the feature data corresponding to each biometric information in the second biometric information group according to a preset fusion algorithm to generate a corresponding digital watermark;
所述电子文件的加密装置还包括:The encryption device of the electronic file further includes:
授权模块,用于在生成的所述数字水印与所述电子文件中嵌入的数字水印匹配时,授权所述第二终端获取所述电子文件的内容。And an authorization module, configured to authorize the second terminal to acquire content of the electronic file when the generated digital watermark matches the digital watermark embedded in the electronic file.
本发明提出的电子文件的加密方法及装置,当用户需要对某一电子文件加密时,通过提取用户的多种生物特征信息对应的特征数据,并将提取的多个特征数据进行融合,生成对应的数字水印,然后将生成的数字水印嵌入到待加密的电子文件中,以实现对电子文件加密。由于每个人的生物特征信息都是唯一的,其他人无法复制该用户的生物特征信息,相比于现有通过秘钥加密的方式,本发明的加密方式安全性更高,提高了电子文件的安全性。The method and device for encrypting an electronic file according to the present invention, when the user needs to encrypt an electronic file, extract feature data corresponding to the plurality of biometric information of the user, and fuse the extracted plurality of feature data to generate a corresponding The digital watermark is then embedded into the electronic file to be encrypted to encrypt the electronic file. Since each person's biometric information is unique, others cannot copy the biometric information of the user, and the encryption method of the present invention is more secure than the existing encryption method by the secret key, and the electronic file is improved. safety.
附图说明DRAWINGS
图1为本发明电子文件的加密方法第一实施例的流程示意图;1 is a schematic flow chart of a first embodiment of an encryption method for an electronic file according to the present invention;
图2为本发明电子文件的加密方法第二实施例的流程示意图;2 is a schematic flow chart of a second embodiment of an encryption method for an electronic file according to the present invention;
图3为本发明电子文件的加密装置第一实施例的功能模块示意图;3 is a schematic diagram of functional modules of a first embodiment of an encryption device for an electronic file according to the present invention;
图4为本发明电子文件的加密装置第二实施例的功能模块示意图。4 is a schematic diagram of functional modules of a second embodiment of an encryption device for an electronic file according to the present invention.
具体实施方式detailed description
应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
本发明提供一种电子文件的加密方法。参照图1,图1为本发明电子文件的加密方法第一实施例的流程示意图。在本实施例中,所述电子文件的加密方法包括以下步骤:The invention provides an encryption method for an electronic file. Referring to FIG. 1, FIG. 1 is a schematic flowchart diagram of a first embodiment of an encryption method for an electronic file according to the present invention. In this embodiment, the method for encrypting the electronic file includes the following steps:
步骤S10,在接收到第一终端发送的第一生物特征信息组时,提取所述第一生物特征信息组中的每种生物特征信息对应的特征数据,其中,所述第一生物特征信息组为所述第一终端采集的一个用户的多种生物特征信息;Step S10: When receiving the first biometric information group sent by the first terminal, extract feature data corresponding to each biometric information in the first biometric information group, where the first biometric information group a plurality of biometric information of a user collected for the first terminal;
本实施例中,为了保护重要图片、文档、视频等电子文件的安全性,需要对这些电子文件进行安全性加密。例如,当用户保存一份电子合同时,为了保证该合同的安全性,避免该合同被攻击者非法窃取,用户对该合同进行安全性加密。本实施例中,通过智能手机、PAD(平板电脑)等终端与相应服务器组成电子文件的加密系统。当用户需要对某一个电子文件进行安全性加密时,通过该服务器对电子文件进行加密处理。具体地,首先用户通过第一终端采集用户自己的第一生物特征信息组。其中,第一生物特征信息组中包括用户的多种生物特征信息,例如,包括用户语音信息、用户手掌信息、用户手写签名信息以及用户人脸信息等等。当用户通过第一终端采集到用户的第一生物特征信息组后,通过第一终端将采集的第一生物特征信息组发送至服务器。In this embodiment, in order to protect the security of important electronic files such as pictures, documents, videos, etc., it is necessary to securely encrypt these electronic files. For example, when a user saves an electronic contract, in order to ensure the security of the contract, the contract is prevented from being illegally stolen by the attacker, and the user securely encrypts the contract. In this embodiment, an encryption system of an electronic file is formed by a terminal such as a smart phone or a PAD (tablet computer) and a corresponding server. When a user needs to securely encrypt an electronic file, the electronic file is encrypted by the server. Specifically, first, the user collects the user's own first biometric information group through the first terminal. The first biometric information group includes multiple biometric information of the user, for example, including user voice information, user palm information, user handwritten signature information, and user face information. After the user collects the first biometric information group of the user by using the first terminal, the first biometric information group collected by the first terminal is sent to the server.
由于第一终端在采集用户的第一生物特征信息组时,会受到周围环境的影响,第一生物特征信息组中还可能存在干扰信息,比如存在环境中的其他语音信息。并且,数字水印算法的水印容量较小,因此,当服务器接收到第一终端发送的第一生物特征信息组时,提取第一生物特征信息组中的每种生物特征信息对应的特征数据。例如,采用改进SIFT(Scale-invariant feature transform,提取局部特征算法)算法对用户手掌信息进行特征提取,并通过旋转角度矫正、图像对比度增强等操作,获取用户手掌信息对应的特征数据。对于用户语音信息,首先对用户语音信息进行语音去噪、端点检测等预处理,例如,进行WT去噪。然后基于短时能量的语音有效成分提取算法对预处理后的语音信息进行特征提取,获取用户语音信息对应的特征数据。基于DTW(Dynamic Time Warping,动态时间归整)算法对用户手写签名信息进行特征提取,获取用户手写签名信息对应的特征数据等。Since the first terminal is affected by the surrounding environment when collecting the first biometric information group of the user, the first biometric information group may also have interference information, such as other voice information in the environment. Moreover, the watermarking capacity of the digital watermarking algorithm is small. Therefore, when the server receives the first biometric information group sent by the first terminal, the feature data corresponding to each biometric information in the first biometric information group is extracted. For example, using improved SIFT (Scale-invariant Feature Transform, extract local feature algorithm) The algorithm extracts the feature information of the user's palm, and obtains the feature data corresponding to the user's palm information through operations such as rotation angle correction and image contrast enhancement. For the user voice information, the user voice information is first subjected to pre-processing such as voice denoising and endpoint detection, for example, performing WT denoising. Then, based on the short-time energy speech effective component extraction algorithm, the pre-processed speech information is extracted, and the feature data corresponding to the user speech information is obtained. Based on DTW (Dynamic Time Warping (dynamic time rounding) algorithm extracts the feature of the user's handwritten signature information, and obtains the feature data corresponding to the user's handwritten signature information.
步骤S20,按照预设的融合算法对提取的多个所述特征数据进行融合,生成对应的数字水印;Step S20: merging the extracted plurality of feature data according to a preset fusion algorithm to generate a corresponding digital watermark;
当提取到第一生物特征信息组中的每种生物特征信息对应的特征数据时,服务器按照预设的融合算法对提取的多个所述特征数据进行融合。例如,结合数据层图像融合技术、特征层图像融合技术、匹配层图像融合技术和决策层图像融合技术对提取到的多个特征数据进行融合。其中,数据层图像融合即是图像融合,是将多个输入图像通过一定的方式融合成一个单一的图像的过程。输入图像可以由不同的传感器、不同的通道采集而来。特征层图像融合是指对不同图像进行特征提取以后,再对图像的特征向量进行融合,得到成一个新的特征向量。特征层融合相比于数据层融合来说,既保留了图像中足够的特征信息,又实现了对图像的压缩,需要的存储空间更少。在匹配层融合之前,需要提取每个生物图像的特征向量,并分别独立地进行特征匹配操作,然后可以得到每个单模态生物特征的特征匹配分数,之后把多个特征匹配分数进行融合,最终实现身份识别。决策层图像融合是每一个单模态的生物图像在已经完成特征提取和分类之后,根据每个决策的可信度做出决策融合处理。决策融合是先进行识别,再对各决策结果进行关联,最终使识别结果达到最优。服务器对多个特征数据进行融合后,根据融合后的特征数据生成第一生物特征信息组对应的数字水印。When the feature data corresponding to each biometric information in the first biometric information group is extracted, the server fuses the extracted plurality of the feature data according to a preset fusion algorithm. For example, combining the data layer image fusion technology, the feature layer image fusion technology, the matching layer image fusion technology, and the decision layer image fusion technology to fuse the extracted plurality of feature data. Among them, data layer image fusion is image fusion, which is a process of merging multiple input images into a single image in a certain way. Input images can be acquired from different sensors and different channels. Feature layer image fusion refers to the feature extraction of different images, and then the feature vectors of the image are fused to obtain a new feature vector. Compared with the data layer fusion, the feature layer fusion not only retains enough feature information in the image, but also achieves compression of the image, requiring less storage space. Before the matching layer is merged, the feature vectors of each biological image need to be extracted, and the feature matching operations are performed independently, and then the feature matching scores of each single-modal biological feature can be obtained, and then the multiple feature matching scores are merged. Ultimately achieve identity. Decision layer image fusion is the decision fusion process for each single-modal biological image after the feature extraction and classification has been completed, according to the credibility of each decision. Decision-making fusion is to identify first, and then to correlate the results of each decision, and finally to achieve the best results. After the server fuses the plurality of feature data, the digital watermark corresponding to the first biometric information group is generated according to the merged feature data.
步骤S30,将生成的所述数字水印嵌入到待加密的电子文件中,以对所述电子文件进行加密。Step S30, embedding the generated digital watermark into an electronic file to be encrypted to encrypt the electronic file.
当通过步骤S20生成第一生物特征信息组对应的数字水印后,根据水印嵌入算法,服务器将生成的该数字水印嵌入到用户待加密的电子文件中。水印嵌入算法包括时域水印算法和频域水印算法。时域水印算法是直接将水印嵌入到数字载体的空间域中,利用信号在时域中的信号的冗余性,通常不可见性好,但鲁邦性差。频域水印算法首先将载体信号由时域变换到频域,在频域子带嵌入水印,然后将嵌入水印后的频域信号变换到时域,算法鲁棒性好,不可见性差。通过对电子文件中嵌入用户的生物特征信息对应的数字水印,对电子文件进行加密处理。After generating the digital watermark corresponding to the first biometric information group by step S20, according to the watermark embedding algorithm, the server embeds the generated digital watermark into the electronic file to be encrypted by the user. The watermark embedding algorithm includes a time domain watermarking algorithm and a frequency domain watermarking algorithm. The time domain watermarking algorithm directly embeds the watermark into the spatial domain of the digital carrier, and utilizes the redundancy of the signal in the time domain, which is usually invisible, but the Lubang is poor. The frequency domain watermarking algorithm first transforms the carrier signal from the time domain to the frequency domain, embeds the watermark in the frequency domain subband, and then transforms the watermarked frequency domain signal into the time domain. The algorithm has good robustness and poor invisibility. The electronic file is encrypted by embedding a digital watermark corresponding to the biometric information of the user in the electronic file.
本实施例提供的方案,当用户需要对某一电子文件加密,在接收到第一终端发送的第一生物特征信息组时,提取第一生物特征信息组中的每种生物特征信息对应的特征数据,并将提取的多个特征数据进行融合,生成对应的数字水印,然后将生成的数字水印嵌入到待加密的电子文件中,以对电子文件进行加密。由于每个人的生物特征信息都是唯一的,因此只有用户本人能对电子文件解密,其他人是无法解密的,相比于现有通过秘钥加密的方式,提高了电子文件的安全性。In this embodiment, when the user needs to encrypt an electronic file, when the first biometric information group sent by the first terminal is received, the feature corresponding to each biometric information in the first biometric information group is extracted. Data, and extracting the extracted plurality of feature data to generate a corresponding digital watermark, and then embedding the generated digital watermark into the electronic file to be encrypted to encrypt the electronic file. Since each person's biometric information is unique, only the user can decrypt the electronic file, and others cannot decrypt it. Compared with the existing method of encrypting the key, the security of the electronic file is improved.
进一步地,如图2所示,基于第一实施例提出本发明电子文件的加密方法第二实施例。在第二实施例中,所述步骤S30之后,还包括:Further, as shown in FIG. 2, a second embodiment of the encryption method of the electronic file of the present invention is proposed based on the first embodiment. In the second embodiment, after the step S30, the method further includes:
步骤S40,在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配;Step S40, when receiving the second biometric information group sent by the second terminal, verifying that the feature data corresponding to each biometric information in the second biometric information group corresponds to the digital watermark embedded in the electronic file. Whether the feature data matches;
步骤S50,在所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配时,授权所述第二终端获取所述电子文件的内容。Step S50: When the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file, the second terminal is authorized to acquire the electronic The content of the file.
本实施例中,当用户想要获取加密的电子文件的内容时,用户通过第二终端采集第二生物特征信息组。其中,第二生物特征信息组与第一生物特征信息组中包括的生物特征信息的种类相同,例如都包括用户语音信息、用户手掌信息、用户手写签名信息等,该第二终端可以与第一终端为同一个终端,也可以为不同的终端。当第二终端采集到第二生物特征信息组后,将采集到的第二生物特征信息组发送至服务器。当服务器接收到第二终端发送的第二组生物信息时,验证该第二生物特征信息组中的每种生物特征信息对应的特征数据与电子文件中嵌入的数字水印对应的特征数据是否匹配。具体地,本实施例中,所述步骤S40包括:In this embodiment, when the user wants to obtain the content of the encrypted electronic file, the user collects the second biometric information group through the second terminal. The second biometric information group is the same as the biometric information included in the first biometric information group, and includes, for example, user voice information, user palm information, user handwritten signature information, etc., the second terminal may be the first The terminals are the same terminal or different terminals. After the second terminal collects the second biometric information group, the collected second biometric information group is sent to the server. When the server receives the second set of biometric information sent by the second terminal, it is verified whether the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file. Specifically, in this embodiment, the step S40 includes:
步骤a,在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;Step a, when receiving the second biometric information group sent by the second terminal, extracting feature data corresponding to each biometric information in the second biometric information group;
步骤b,将所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的每种生物特征信息的特征数据进行比对,验证所述第二生物特征信息组与所述电子文件中嵌入的数字水印是否匹配,其中,对于每种生物特征信息,在所述第二生物特征信息组中对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据均匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。Step b, comparing feature data corresponding to each biometric information in the second biometric information group with feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verifying the Whether the second biometric information group matches the digital watermark embedded in the electronic file, wherein for each biometric information, corresponding feature data in the second biometric information group is embedded in the electronic file When the feature data corresponding to the digital watermark is matched, the feature data corresponding to each biometric information in the second biometric information group is verified to match the feature data corresponding to the digital watermark embedded in the electronic file.
当服务器接收到第二终端发送的第二组生物信息时,按照第一实施例中所述的方式,提取第二生物特征信息组中的每种生物特征信息对应的特征数据。本实施例中,所述步骤b之前,还包括:When the server receives the second set of biometric information sent by the second terminal, the feature data corresponding to each biometric information in the second biometric information set is extracted according to the manner described in the first embodiment. In this embodiment, before the step b, the method further includes:
提取所述电子文件中嵌入的数字水印对应的多个特征数据。Extracting a plurality of feature data corresponding to the digital watermark embedded in the electronic file.
为了对用户身份进行识别,服务器在提取第二生物特征信息组中的每种生物特征信息对应的特征数据后,或者在提取第二生物特征信息组中的每种生物特征信息对应的特征数据之前,提取电子文件嵌入的数字水印对应的多个特征数据,也即提取第一组生物特征数据对应的特征数据。In order to identify the user identity, the server extracts the feature data corresponding to each biometric information in the second biometric information group, or before extracting the feature data corresponding to each biometric information in the second biometric information group. And extracting a plurality of feature data corresponding to the digital watermark embedded in the electronic file, that is, extracting feature data corresponding to the first set of biometric data.
当服务器提取了第二生物特征信息组中的每种生物特征信息对应的特征数据,并提取电子文件中嵌入的数字水印对应的多个特征数据后,服务器将第二生物特征信息组中的每种生物特征信息对应的特征数据与电子文件中嵌入的数字水印对应的每种生物特征信息的特征数据进行比对,通过比对结果验证第二生物特征信息组与电子文件中嵌入的数字水印是否匹配。当每种生物特征信息在第二生物特征信息组中对应的特征数据与该生物特征信息在电子文件中嵌入的数字水印对应的特征数据均匹配时,服务器验证第二生物特征信息组中的每种生物特征信息对应的特征数据与电子文件中嵌入的数字水印对应的特征数据匹配,也即用户身份认证成功。例如,当服务器验证第二组生物信息中的用户语音信息对应的特征数据与电子文件中嵌入的数字水印对应的用户语音信息的特征数据匹配、第二组生物信息中的用户手掌信息对应的特征数据与电子文件中嵌入的数字水印对应的用户手掌信息的特征数据匹配、且第二组生物信息中的用户手写签名信息对应的特征数据与电子文件中嵌入的数字水印对应的用户手写签名信息的特征数据匹配时,验证第二生物特征信息组中的每种生物特征信息对应的特征数据与电子文件中嵌入的数字水印对应的特征数据匹配,也即用户身份认证成功。After the server extracts the feature data corresponding to each biometric information in the second biometric information group and extracts the plurality of feature data corresponding to the digital watermark embedded in the electronic file, the server will each of the second biometric information groups Comparing the feature data corresponding to the biometric information with the feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verifying whether the second biometric information set and the digital watermark embedded in the electronic file are verified by the comparison result match. When the biometric information matches the corresponding feature data in the second biometric information group and the feature data corresponding to the digital watermark embedded in the electronic file, the server verifies each of the second biometric information groups. The feature data corresponding to the biometric information matches the feature data corresponding to the digital watermark embedded in the electronic file, that is, the user identity authentication succeeds. For example, when the server verifies that the feature data corresponding to the user voice information in the second group of biological information matches the feature data of the user voice information corresponding to the digital watermark embedded in the electronic file, and the feature corresponding to the user's palm information in the second group of biological information The data is matched with the feature data of the user's palm information corresponding to the digital watermark embedded in the electronic file, and the feature data corresponding to the user's handwritten signature information in the second set of biological information and the user's handwritten signature information corresponding to the digital watermark embedded in the electronic file When the feature data is matched, the feature data corresponding to each biometric information in the second biometric information group is verified to match the feature data corresponding to the digital watermark embedded in the electronic file, that is, the user identity authentication is successful.
可以理解的是,用户的同一种生物特征信息在不同时刻对应的特征数据可能不同,比如,用户在感冒情况下的用户语音信息对应的特征数据与用户在没感冒的情况下的用户语音信息对应的特征数据就不同。因此,也可以设置预设数目,预设数目的值小于第二生物特征信息组中包括的生物特征信息的种数。当第二生物特征信息组中存在预设数目的生物特征信息对应的特征数据与电子文件嵌入的数字水印对应的特征数据匹配时,则验证第二生物特征信息组中的每种生物特征信息对应的特征数据与电子文件中嵌入的数字水印对应的特征数据匹配。比如,当预设数目为2时,若服务器验证第二组生物信息中的用户手掌信息对应的特征数据与电子文件中嵌入的数字水印对应的用户手掌信息的特征数据匹配、且第二组生物信息中的用户手写签名信息对应的特征数据与电子文件中嵌入的数字水印对应的用户手写签名信息的特征数据匹配,则不论第二组生物信息中的用户语音信息对应的特征数据是否与电子文件中嵌入的数字水印对应的用户语音信息的特征数据匹配,都验证第二生物特征信息组中的每种生物特征信息对应的特征数据与电子文件中嵌入的数字水印对应的特征数据匹配。It can be understood that the feature data corresponding to the user's same biometric information may be different at different times. For example, the feature data corresponding to the user's voice information in the case of a cold is corresponding to the user's voice information in the case that the user does not have a cold. The characteristic data is different. Therefore, a preset number may also be set, the preset number of values being smaller than the number of biometric information included in the second biometric information group. When the feature data corresponding to the preset number of biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file, verifying that each biometric information in the second biometric information group corresponds to The feature data matches the feature data corresponding to the digital watermark embedded in the electronic file. For example, when the preset number is 2, if the server verifies that the feature data corresponding to the user palm information in the second group of biometric information matches the feature data of the user palm information corresponding to the digital watermark embedded in the electronic file, and the second group of creatures If the feature data corresponding to the user's handwritten signature information in the information matches the feature data of the user's handwritten signature information corresponding to the digital watermark embedded in the electronic file, whether the feature data corresponding to the user voice information in the second group of biological information is related to the electronic file The feature data matching of the user voice information corresponding to the digital watermark embedded in the digital resource is verified to match that the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file.
进一步地,所述步骤S30之后,还包括:Further, after the step S30, the method further includes:
步骤c,在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;Step c, when receiving the second biometric information group sent by the second terminal, extracting feature data corresponding to each biometric information in the second biometric information group;
步骤d,按照预设的融合算法对所述第二生物特征信息组中的每种生物特征信息对应的特征数据进行融合,生成对应的数字水印;Step d: merging feature data corresponding to each biometric information in the second biometric information group according to a preset fusion algorithm to generate a corresponding digital watermark;
步骤e,在生成的所述数字水印与所述电子文件中嵌入的数字水印匹配时,授权所述第二终端获取所述电子文件的内容。In step e, when the generated digital watermark matches the digital watermark embedded in the electronic file, the second terminal is authorized to acquire the content of the electronic file.
在另外一种实现方式中,当服务器接收到第二终端发送的第二生物特征信息组时,按照第一实施例中的方式,提取第二生物特征信息组中的每种生物特征信息对应的特征数据,然后,按照预设的融合算法对所述第二生物特征信息组中的每种生物特征信息对应的特征数据进行融合,生成对应的数字水印。在生成第二生物特征信息组对应的数字水印后,服务器验证生成的第二生物特征信息组对应的数字水印与电子文件中嵌入的数字水印是否匹配。当生成的第二生物特征信息组对应的数字水印与电子文件中嵌入的数字水印匹配时,授权所述第二终端获取所述电子文件的内容。In another implementation manner, when the server receives the second biometric information group sent by the second terminal, extracting, according to the first embodiment, corresponding to each biometric information in the second biometric information group. Feature data, and then, the feature data corresponding to each biometric information in the second biometric information group is fused according to a preset fusion algorithm to generate a corresponding digital watermark. After generating the digital watermark corresponding to the second biometric information group, the server verifies whether the digital watermark corresponding to the generated second biometric information group matches the digital watermark embedded in the electronic file. And when the generated digital watermark corresponding to the second biometric information group matches the digital watermark embedded in the electronic file, the second terminal is authorized to acquire the content of the electronic file.
进一步地,当电子文件中嵌入有多个数字水印时,所述步骤S40包括:Further, when a plurality of digital watermarks are embedded in the electronic file, the step S40 includes:
步骤f,在接收到第二终端发送的第二生物特征信息组时,验证所述电子文件中嵌入的多个数字水印中是否存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配,其中,在存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。Step f: when receiving the second biometric information group sent by the second terminal, verifying whether the digital watermark corresponding feature data exists in the plurality of digital watermarks embedded in the electronic file and the second biometric information group Matching feature data corresponding to each biometric information, wherein the second data is verified when the feature data corresponding to the digital watermark matches the feature data corresponding to each biometric information in the second biometric information group The feature data corresponding to each biometric information in the biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file.
为了使得多个用户都能获取电子文件的内容,电子文件中可嵌入多个用户的生物特征信息对应的数字水印。当电子文件中嵌入了多个数字水印时,服务器将第二生物特征信息组对应的特征数据与电子文件中嵌入的每个数字水印对应的特征数据进行比对,验证是否存在一数字水印对应的特征数据与第二生物特征信息组中的每种生物特征信息对应的特征数据匹配。当存在一数字水印对应的特征数据与第二生物特征信息组中的每种生物特征信息对应的特征数据匹配时,也即验证存在与第二生物特征信息组匹配的数字水印。此时,服务器授权第二终端获取电子文件的内容。In order to enable a plurality of users to obtain the content of the electronic file, a digital watermark corresponding to the biometric information of the plurality of users may be embedded in the electronic file. When multiple digital watermarks are embedded in the electronic file, the server compares the feature data corresponding to the second biometric information group with the feature data corresponding to each digital watermark embedded in the electronic file, and verifies whether there is a digital watermark corresponding to The feature data matches the feature data corresponding to each of the biometric information in the second biometric information group. When the feature data corresponding to a digital watermark matches the feature data corresponding to each biometric information in the second biometric information group, that is, the digital watermark matching the second biometric information group is verified to exist. At this time, the server authorizes the second terminal to acquire the content of the electronic file.
进一步地,本实施例中,所述步骤S40之前,还包括:Further, in this embodiment, before the step S40, the method further includes:
步骤g,在接收到第二终端发送的电子文件获取请求时,发送用户身份验证指令至所述第二终端,以供所述第二终端采集用户的第二生物特征信息组,并反馈采集到的所述第二生物特征信息组。Step g, when receiving the electronic file acquisition request sent by the second terminal, sending a user identity verification command to the second terminal, where the second terminal collects the second biometric information group of the user, and collects the feedback The second biometric information set.
本实施例中,当用户想要获取加密的电子文件的内容时,用户通过第二终端发送电子文件获取请求至服务器。当服务器接收到第二终端发送的电子文件获取请求时,服务器发送用户身份验证指令至第二终端。当第二终端接收到服务器发送的用户身份验证指令时,第二终端采集用户的第二生物特征信息组。并执行将采集的第二生物特征信息组发送至服务器的操作。In this embodiment, when the user wants to obtain the content of the encrypted electronic file, the user sends an electronic file acquisition request to the server through the second terminal. When the server receives the electronic file acquisition request sent by the second terminal, the server sends a user identity verification command to the second terminal. When the second terminal receives the user identity verification command sent by the server, the second terminal collects the second biometric information group of the user. And performing an operation of transmitting the collected second biometric information group to the server.
本实施例提出的方案,服务器在接收到第二终端发送的第二生物特征信息组时,验证第二生物特征信息组与电子文件中嵌入的数字水印是否匹配,只有在第二生物特征信息组与电子文件中嵌入的数字水印匹配时,才授权第二终端获取电子文件的内容,因此,提高了电子文件的安全性。In the solution provided by the embodiment, when receiving the second biometric information group sent by the second terminal, the server verifies whether the second biometric information group matches the digital watermark embedded in the electronic file, only in the second biometric information group. When the digital watermark embedded in the electronic file is matched, the second terminal is authorized to acquire the content of the electronic file, thereby improving the security of the electronic file.
本发明进一步提供一种电子文件的加密装置。参照图3,图3为本发明电子文件的加密装置第一实施例的功能模块示意图。The invention further provides an encryption device for an electronic file. Referring to FIG. 3, FIG. 3 is a schematic diagram of functional modules of a first embodiment of an encryption apparatus for an electronic file according to the present invention.
在本实施例中,所述电子文件的加密装置包括:In this embodiment, the encryption device of the electronic file includes:
提取模块10,用于在接收到第一终端发送的第一生物特征信息组时,提取所述第一生物特征信息组中的每种生物特征信息对应的特征数据,其中,所述第一生物特征信息组为所述第一终端采集的一个用户的多种生物特征信息;The extracting module 10 is configured to: when receiving the first biometric information set sent by the first terminal, extract feature data corresponding to each biometric information in the first biometric information group, where the first biometric The feature information group is a plurality of biometric information of a user collected by the first terminal;
本实施例中,通过智能手机、PAD(平板电脑)等终端与相应服务器组成电子文件的加密系统,服务器侧设置有电子文件的加密装置。当用户需要对某一个电子文件进行安全性加密时,通过电子文件的加密装置对电子文件进行加密处理。具体地,首先用户通过第一终端采集用户自己的第一生物特征信息组。其中,第一生物特征信息组中包括用户的多种生物特征信息,例如,包括用户语音信息、用户手掌信息、用户手写签名信息以及用户人脸信息等等。当用户通过第一终端采集到用户的第一生物特征信息组后,通过第一终端将采集的第一生物特征信息组发送至服务器。In this embodiment, an encryption system for an electronic file is formed by a terminal such as a smart phone or a PAD (tablet computer) and a corresponding server, and an encryption device for an electronic file is disposed on the server side. When the user needs to securely encrypt an electronic file, the electronic file is encrypted by the encryption device of the electronic file. Specifically, first, the user collects the user's own first biometric information group through the first terminal. The first biometric information group includes multiple biometric information of the user, for example, including user voice information, user palm information, user handwritten signature information, and user face information. After the user collects the first biometric information group of the user by using the first terminal, the first biometric information group collected by the first terminal is sent to the server.
当服务器接收到第一终端发送的第一生物特征信息组时,提取模块10提取第一生物特征信息组中的每种生物特征信息对应的特征数据。例如,采用改进SIFT(Scale-invariant feature transform,提取局部特征算法)算法对用户手掌信息进行特征提取,并通过旋转角度矫正、图像对比度增强等操作,获取用户手掌信息对应的特征数据。对于用户语音信息,首先对用户语音信息进行语音去噪、端点检测等预处理,例如,进行WT去噪。然后基于短时能量的语音有效成分提取算法对预处理后的语音信息进行特征提取,获取用户语音信息对应的特征数据。基于DTW(Dynamic Time Warping,动态时间归整)算法对用户手写签名信息进行特征提取,获取用户手写签名信息对应的特征数据等。When the server receives the first biometric information group sent by the first terminal, the extraction module 10 extracts feature data corresponding to each biometric information in the first biometric information group. For example, using improved SIFT (Scale-invariant Feature Transform, extract local feature algorithm) The algorithm extracts the feature information of the user's palm, and obtains the feature data corresponding to the user's palm information through operations such as rotation angle correction and image contrast enhancement. For the user voice information, the user voice information is first subjected to pre-processing such as voice denoising and endpoint detection, for example, performing WT denoising. Then, based on the short-time energy speech effective component extraction algorithm, the pre-processed speech information is extracted, and the feature data corresponding to the user speech information is obtained. Based on DTW (Dynamic Time Warping (dynamic time rounding) algorithm extracts the feature of the user's handwritten signature information, and obtains the feature data corresponding to the user's handwritten signature information.
生成模块20,用于按照预设的融合算法对提取的多个所述特征数据进行融合,生成对应的数字水印;The generating module 20 is configured to fuse the extracted plurality of feature data according to a preset fusion algorithm to generate a corresponding digital watermark;
当提取模块10提取到第一生物特征信息组中的每种生物特征信息对应的特征数据时,生成模块20按照预设的融合算法对提取的多个所述特征数据进行融合。例如,结合数据层图像融合技术、特征层图像融合技术、匹配层图像融合技术和决策层图像融合技术对提取到的多个特征数据进行融合。生成模块20对多个特征数据进行融合后,根据融合后的特征数据生成第一生物特征信息组对应的数字水印。When the extraction module 10 extracts the feature data corresponding to each biometric information in the first biometric information group, the generating module 20 fuses the extracted plurality of the feature data according to a preset fusion algorithm. For example, combining the data layer image fusion technology, the feature layer image fusion technology, the matching layer image fusion technology, and the decision layer image fusion technology to fuse the extracted plurality of feature data. After the merging of the plurality of feature data, the generating module 20 generates a digital watermark corresponding to the first biometric information group according to the fused feature data.
处理模块30,用于将生成的所述数字水印嵌入到待加密的电子文件中,以对所述电子文件进行加密。The processing module 30 is configured to embed the generated digital watermark into an electronic file to be encrypted to encrypt the electronic file.
当通过生成模块20生成第一生物特征信息组对应的数字水印后,处理模块30根据水印嵌入算法,将生成的该数字水印嵌入到用户待加密的电子文件中。水印嵌入算法包括时域水印算法和频域水印算法。时域水印算法是直接将水印嵌入到数字载体的空间域中,利用信号在时域中的信号的冗余性,通常不可见性好,但鲁邦性差。频域水印算法首先将载体信号由时域变换到频域,在频域子带嵌入水印,然后将嵌入水印后的频域信号变换到时域,算法鲁棒性好,不可见性差。处理模块30通过对电子文件中嵌入用户的生物特征信息对应的数字水印,对电子文件进行加密处理。After the digital watermark corresponding to the first biometric information group is generated by the generating module 20, the processing module 30 embeds the generated digital watermark into the electronic file to be encrypted by the user according to the watermark embedding algorithm. The watermark embedding algorithm includes a time domain watermarking algorithm and a frequency domain watermarking algorithm. The time domain watermarking algorithm directly embeds the watermark into the spatial domain of the digital carrier, and utilizes the redundancy of the signal in the time domain, which is usually invisible, but the Lubang is poor. The frequency domain watermarking algorithm first transforms the carrier signal from the time domain to the frequency domain, embeds the watermark in the frequency domain subband, and then transforms the watermarked frequency domain signal into the time domain. The algorithm has good robustness and poor invisibility. The processing module 30 encrypts the electronic file by embedding a digital watermark corresponding to the biometric information of the user in the electronic file.
本实施例提供的方案,当用户需要对某一电子文件加密,在接收到第一终端发送的第一生物特征信息组时,提取模块10提取第一生物特征信息组中的每种生物特征信息对应的特征数据,生成模块20将提取的多个特征数据进行融合,生成对应的数字水印,然后处理模块30将生成的数字水印嵌入到待加密的电子文件中,以对电子文件进行加密。由于每个人的生物特征信息都是唯一的,因此只有用户本人能对电子文件解密,其他人是无法解密的,相比于现有通过秘钥加密的方式,提高了电子文件的安全性。In this embodiment, when the user needs to encrypt an electronic file, the extraction module 10 extracts each biometric information in the first biometric information group when receiving the first biometric information group sent by the first terminal. Corresponding feature data, the generating module 20 fuses the extracted plurality of feature data to generate a corresponding digital watermark, and then the processing module 30 embeds the generated digital watermark into the electronic file to be encrypted to encrypt the electronic file. Since each person's biometric information is unique, only the user can decrypt the electronic file, and others cannot decrypt it. Compared with the existing method of encrypting the key, the security of the electronic file is improved.
进一步地,如图4所示,基于第一实施例提出本发明电子文件的加密装置第二实施例。在第二实施例中,所述电子文件的加密装置还包括:Further, as shown in FIG. 4, a second embodiment of an encryption apparatus for an electronic document of the present invention is proposed based on the first embodiment. In the second embodiment, the encryption device of the electronic file further includes:
验证模块40,用于在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配;The verification module 40 is configured to verify feature data corresponding to each biometric information in the second biometric information group and embedded in the electronic file when receiving the second biometric information group sent by the second terminal Whether the feature data corresponding to the digital watermark matches;
授权模块50,用于在所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配时,授权所述第二终端获取所述电子文件的内容。The authorization module 50 is configured to authorize the second terminal to acquire when the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file. The content of the electronic file.
本实施例中,当用户想要获取加密的电子文件的内容时,用户通过第二终端采集第二生物特征信息组。其中,第二生物特征信息组与第一生物特征信息组中包括的生物特征信息的种类相同,例如都包括用户语音信息、用户手掌信息、用户手写签名信息等,该第二终端可以与第一终端为同一个终端,也可以为不同的终端。当第二终端采集到第二生物特征信息组后,将采集到的第二生物特征信息组发送至服务器。当服务器接收到第二终端发送的第二组生物信息时,验证模块40验证该第二生物特征信息组中的每种生物特征信息对应的特征数据与电子文件中嵌入的数字水印对应的特征数据是否匹配。具体地,本实施例中,所述验证模块40包括:In this embodiment, when the user wants to obtain the content of the encrypted electronic file, the user collects the second biometric information group through the second terminal. The second biometric information group is the same as the biometric information included in the first biometric information group, and includes, for example, user voice information, user palm information, user handwritten signature information, etc., the second terminal may be the first The terminals are the same terminal or different terminals. After the second terminal collects the second biometric information group, the collected second biometric information group is sent to the server. When the server receives the second set of biometric information sent by the second terminal, the verification module 40 verifies the feature data corresponding to each biometric information in the second biometric information group and the feature data corresponding to the digital watermark embedded in the electronic file. Whether it matches. Specifically, in this embodiment, the verification module 40 includes:
提取单元,用于在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;And an extracting unit, configured to: when receiving the second biometric information group sent by the second terminal, extract feature data corresponding to each biometric information in the second biometric information group;
验证单元,用于将所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的每种生物特征信息的特征数据进行比对,验证所述第二生物特征信息组与所述电子文件中嵌入的数字水印是否匹配,其中,对于每种生物特征信息,在所述第二生物特征信息组中对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据均匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。a verification unit, configured to compare feature data corresponding to each biometric information in the second biometric information group with feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verify Whether the second biometric information group matches the digital watermark embedded in the electronic file, wherein, for each biometric information, corresponding feature data and the electronic file in the second biometric information group When the feature data corresponding to the embedded digital watermark is matched, the feature data corresponding to each biometric information in the second biometric information group is verified to match the feature data corresponding to the digital watermark embedded in the electronic file.
当服务器接收到第二终端发送的第二组生物信息时,提取单元按照第一实施例中所述的方式,提取第二生物特征信息组中的每种生物特征信息对应的特征数据。本实施例中,所述提取模块10还用于:When the server receives the second set of biometric information sent by the second terminal, the extracting unit extracts the feature data corresponding to each biometric information in the second biometric information group according to the manner described in the first embodiment. In this embodiment, the extraction module 10 is further configured to:
提取所述电子文件中嵌入的数字水印对应的多个特征数据。Extracting a plurality of feature data corresponding to the digital watermark embedded in the electronic file.
为了对用户身份进行识别,在提取第二生物特征信息组中的每种生物特征信息对应的特征数据后,或者在提取第二生物特征信息组中的每种生物特征信息对应的特征数据之前,提取模块10提取电子文件嵌入的数字水印对应的多个特征数据,也即提取第一组生物特征数据对应的特征数据。In order to identify the user identity, after extracting the feature data corresponding to each biometric information in the second biometric information group, or before extracting the feature data corresponding to each biometric information in the second biometric information group, The extraction module 10 extracts a plurality of feature data corresponding to the digital watermark embedded in the electronic file, that is, extracts feature data corresponding to the first set of biometric data.
当提取了第二生物特征信息组中的每种生物特征信息对应的特征数据,并提取电子文件中嵌入的数字水印对应的多个特征数据后,验证单元将第二生物特征信息组中的每种生物特征信息对应的特征数据与电子文件中嵌入的数字水印对应的每种生物特征信息的特征数据进行比对,通过比对结果验证第二生物特征信息组与电子文件中嵌入的数字水印是否匹配。当每种生物特征信息在第二生物特征信息组中对应的特征数据与该生物特征信息在电子文件中嵌入的数字水印对应的特征数据均匹配时,验证单元验证第第二生物特征信息组中的每种生物特征信息对应的特征数据与电子文件中嵌入的数字水印对应的特征数据匹配,也即用户身份认证成功。After extracting the feature data corresponding to each biometric information in the second biometric information group and extracting the plurality of feature data corresponding to the digital watermark embedded in the electronic file, the verification unit will each of the second biometric information groups Comparing the feature data corresponding to the biometric information with the feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verifying whether the second biometric information set and the digital watermark embedded in the electronic file are verified by the comparison result match. When the biometric information matches the feature data corresponding to the digital watermark embedded in the electronic file in the second biometric information group, the verification unit verifies the second biometric information group. The feature data corresponding to each biometric information matches the feature data corresponding to the digital watermark embedded in the electronic file, that is, the user identity authentication succeeds.
可以理解的是,用户的同一种生物特征信息在不同时刻对应的特征数据可能不同,比如,用户在感冒情况下的用户语音信息对应的特征数据与用户在没感冒的情况下的用户语音信息对应的特征数据就不同。因此,也可以设置预设数目,预设数目的值小于第二生物特征信息组中包括的生物特征信息的种数。当第二生物特征信息组中存在预设数目的生物特征信息对应的特征数据与电子文件嵌入的数字水印对应的特征数据匹配时,则验证第二生物特征信息组中的每种生物特征信息对应的特征数据与电子文件中嵌入的数字水印对应的特征数据匹配。比如,当预设数目为2时,若验证单元验证第二组生物信息中的用户手掌信息对应的特征数据与电子文件中嵌入的数字水印对应的用户手掌信息的特征数据匹配、且第二组生物信息中的用户手写签名信息对应的特征数据与电子文件中嵌入的数字水印对应的用户手写签名信息的特征数据匹配,则不论第二组生物信息中的用户语音信息对应的特征数据是否与电子文件中嵌入的数字水印对应的用户语音信息的特征数据匹配,都验证第二生物特征信息组中的每种生物特征信息对应的特征数据与电子文件中嵌入的数字水印对应的特征数据匹配。It can be understood that the feature data corresponding to the user's same biometric information may be different at different times. For example, the feature data corresponding to the user's voice information in the case of a cold is corresponding to the user's voice information in the case that the user does not have a cold. The characteristic data is different. Therefore, a preset number may also be set, the preset number of values being smaller than the number of biometric information included in the second biometric information group. When the feature data corresponding to the preset number of biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file, verifying that each biometric information in the second biometric information group corresponds to The feature data matches the feature data corresponding to the digital watermark embedded in the electronic file. For example, when the preset number is 2, if the verification unit verifies that the feature data corresponding to the user palm information in the second group of biometric information matches the feature data of the user palm information corresponding to the digital watermark embedded in the electronic file, and the second group The feature data corresponding to the user's handwritten signature information in the biometric information matches the feature data of the user's handwritten signature information corresponding to the digital watermark embedded in the electronic file, and whether the feature data corresponding to the user's voice information in the second set of biometric information is related to the electronic The feature data matching of the user voice information corresponding to the digital watermark embedded in the file matches that the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file.
进一步地,所述提取模块10,还用于在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;Further, the extracting module 10 is further configured to: when receiving the second biometric information group sent by the second terminal, extract feature data corresponding to each biometric information in the second biometric information group;
所述生成模块20,还用于按照预设的融合算法对所述第二生物特征信息组中的每种生物特征信息对应的特征数据进行融合,生成对应的数字水印;The generating module 20 is further configured to fuse the feature data corresponding to each biometric information in the second biometric information group according to a preset fusion algorithm to generate a corresponding digital watermark;
所述授权模块50,还用于在生成的所述数字水印与所述电子文件中嵌入的数字水印匹配时,授权所述第二终端获取所述电子文件的内容。The authorization module 50 is further configured to authorize the second terminal to acquire the content of the electronic file when the generated digital watermark matches the digital watermark embedded in the electronic file.
在另外一种实现方式中,当服务器接收到第二终端发送的第二生物特征信息组时,按照第一实施例中的方式,提取模块10提取第二生物特征信息组中的每种生物特征信息对应的特征数据,然后,生成模块20按照预设的融合算法对所述第二生物特征信息组中的每种生物特征信息对应的特征数据进行融合,生成对应的数字水印。在生成第二生物特征信息组对应的数字水印后,验证模块40验证生成的第二生物特征信息组对应的数字水印与电子文件中嵌入的数字水印是否匹配。当生成的第二生物特征信息组对应的数字水印与电子文件中嵌入的数字水印匹配时,授权模块50授权所述第二终端获取所述电子文件的内容。In another implementation manner, when the server receives the second biometric information group sent by the second terminal, the extraction module 10 extracts each biometric feature in the second biometric information group according to the manner in the first embodiment. The feature data corresponding to the information is then fused by the generating module 20 to the feature data corresponding to each biometric information in the second biometric information group according to a preset fusion algorithm to generate a corresponding digital watermark. After generating the digital watermark corresponding to the second biometric information group, the verification module 40 verifies whether the digital watermark corresponding to the generated second biometric information group matches the digital watermark embedded in the electronic file. When the generated digital watermark corresponding to the second biometric information group matches the digital watermark embedded in the electronic file, the authorization module 50 authorizes the second terminal to acquire the content of the electronic file.
进一步地,当电子文件中嵌入有多个数字水印时,所述验证模块40还用于:Further, when a plurality of digital watermarks are embedded in the electronic file, the verification module 40 is further configured to:
在接收到第二终端发送的第二生物特征信息组时,验证所述电子文件中嵌入的多个数字水印中是否存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配,其中,在存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。When receiving the second biometric information group sent by the second terminal, verifying whether the digital watermark corresponding feature data and the second biometric information group are present in the plurality of digital watermarks embedded in the electronic file Matching the feature data corresponding to the biometric information, wherein the second biometric information is verified when the feature data corresponding to the digital watermark matches the feature data corresponding to each biometric information in the second biometric information group The feature data corresponding to each biometric information in the group matches the feature data corresponding to the digital watermark embedded in the electronic file.
为了使得多个用户都能获取电子文件的内容,电子文件中可嵌入多个用户的生物特征信息对应的数字水印。当电子文件中嵌入了多个数字水印时,验证模块40将第二生物特征信息组对应的特征数据与电子文件中嵌入的每个数字水印对应的特征数据进行比对,验证是否存在一数字水印对应的特征数据与第二生物特征信息组中的每种生物特征信息对应的特征数据匹配。当存在一数字水印对应的特征数据与第二生物特征信息组中的每种生物特征信息对应的特征数据匹配时,也即验证存在与第二生物特征信息组匹配的数字水印。此时,授权模块50授权第二终端获取电子文件的内容。In order to enable a plurality of users to obtain the content of the electronic file, a digital watermark corresponding to the biometric information of the plurality of users may be embedded in the electronic file. When a plurality of digital watermarks are embedded in the electronic file, the verification module 40 compares the feature data corresponding to the second biometric information group with the feature data corresponding to each digital watermark embedded in the electronic file, and verifies whether a digital watermark exists. The corresponding feature data matches the feature data corresponding to each of the biometric information in the second biometric information group. When the feature data corresponding to a digital watermark matches the feature data corresponding to each biometric information in the second biometric information group, that is, the digital watermark matching the second biometric information group is verified to exist. At this time, the authorization module 50 authorizes the second terminal to acquire the content of the electronic file.
进一步地,本实施例中,所述电子文件的加密装置还包括:Further, in this embodiment, the encryption device of the electronic file further includes:
发送模块,用于在接收到第二终端发送的电子文件获取请求时,发送用户身份验证指令至所述第二终端,以供所述第二终端采集用户的第二生物特征信息组,并反馈采集到的所述第二生物特征信息组。a sending module, configured to send a user identity verification command to the second terminal when the second terminal receives the electronic file acquisition request sent by the second terminal, where the second terminal collects the second biometric information group of the user, and feeds back The collected second biometric information set.
本实施例中,当用户想要获取加密的电子文件的内容时,用户通过第二终端发送电子文件获取请求至服务器。当服务器接收到第二终端发送的电子文件获取请求时,发送模块发送用户身份验证指令至第二终端。当第二终端接收到服务器发送的用户身份验证指令时,第二终端采集用户的第二生物特征信息组。并执行将采集的第二生物特征信息组发送至服务器的操作。In this embodiment, when the user wants to obtain the content of the encrypted electronic file, the user sends an electronic file acquisition request to the server through the second terminal. When the server receives the electronic file acquisition request sent by the second terminal, the sending module sends the user identity verification command to the second terminal. When the second terminal receives the user identity verification command sent by the server, the second terminal collects the second biometric information group of the user. And performing an operation of transmitting the collected second biometric information group to the server.
本实施例提出的方案,在接收到第二终端发送的第二生物特征信息组时,验证模块40验证第二生物特征信息组与电子文件中嵌入的数字水印是否匹配,只有在第二生物特征信息组与电子文件中嵌入的数字水印匹配时,授权模块50才授权第二终端获取电子文件的内容,因此,提高了电子文件的安全性。In the solution provided by the embodiment, when receiving the second biometric information group sent by the second terminal, the verification module 40 verifies whether the second biometric information group matches the digital watermark embedded in the electronic file, only in the second biometric feature. When the information group matches the digital watermark embedded in the electronic file, the authorization module 50 authorizes the second terminal to acquire the content of the electronic file, thereby improving the security of the electronic file.
以上仅为本发明的优选实施例,并非因此限制本发明的专利范围,凡是利用本发明说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本发明的专利保护范围内。The above are only the preferred embodiments of the present invention, and are not intended to limit the scope of the invention, and the equivalent structure or equivalent process transformations made by the description of the present invention and the drawings are directly or indirectly applied to other related technical fields. The same is included in the scope of patent protection of the present invention.

Claims (20)

  1. 一种电子文件的加密方法,其特征在于,所述电子文件的加密方法包括以下步骤: An encryption method for an electronic file, characterized in that the encryption method of the electronic file comprises the following steps:
    在接收到第一终端发送的第一生物特征信息组时,提取所述第一生物特征信息组中的每种生物特征信息对应的特征数据,其中,所述第一生物特征信息组为所述第一终端采集的一个用户的多种生物特征信息;And acquiring, according to the first biometric information group sent by the first terminal, feature data corresponding to each biometric information in the first biometric information group, wherein the first biometric information group is the a plurality of biometric information of a user collected by the first terminal;
    按照预设的融合算法对提取的多个所述特征数据进行融合,生成对应的数字水印;And extracting the extracted plurality of feature data according to a preset fusion algorithm to generate a corresponding digital watermark;
    将生成的所述数字水印嵌入到待加密的电子文件中,以对所述电子文件进行加密。The generated digital watermark is embedded in an electronic file to be encrypted to encrypt the electronic file.
  2. 如权利要求1所述的电子文件的加密方法,其特征在于,所述第一生物特征信息组中包括用户语音信息、用户手掌信息以及用户手写签名信息。The method for encrypting an electronic file according to claim 1, wherein the first biometric information group includes user voice information, user palm information, and user handwritten signature information.
  3. 如权利要求1所述的电子文件的加密方法,其特征在于,所述将生成的所述数字水印嵌入到待加密的电子文件中的步骤之后,还包括:The method of encrypting an electronic file according to claim 1, wherein after the step of embedding the generated digital watermark in an electronic file to be encrypted, the method further comprises:
    在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配;When receiving the second biometric information group sent by the second terminal, verifying feature data corresponding to each biometric information in the second biometric information group and feature data corresponding to the digital watermark embedded in the electronic file Whether it matches;
    在所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配时,授权所述第二终端获取所述电子文件的内容。Authorizing, by the second terminal, the content of the electronic file when the feature data corresponding to each biometric information in the second biometric information group matches the feature data corresponding to the digital watermark embedded in the electronic file .
  4. 如权利要求3所述的电子文件的加密方法,其特征在于,所述在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配的步骤包括:The method of encrypting an electronic file according to claim 3, wherein said verifying each biometric feature in said second biometric information group upon receiving said second biometric information set transmitted by said second terminal The step of matching the feature data corresponding to the information with the feature data corresponding to the digital watermark embedded in the electronic file includes:
    在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;And acquiring feature data corresponding to each biometric information in the second biometric information group when receiving the second biometric information group sent by the second terminal;
    将所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的每种生物特征信息的特征数据进行比对,验证所述第二生物特征信息组与所述电子文件中嵌入的数字水印是否匹配,其中,对于每种生物特征信息,在所述第二生物特征信息组中对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据均匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。Comparing the feature data corresponding to each biometric information in the second biometric information group with the feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verifying the second biometric Whether the feature information group matches the digital watermark embedded in the electronic file, wherein, for each biometric information, the corresponding feature data in the second biometric information group corresponds to the digital watermark embedded in the electronic file When the feature data is matched, the feature data corresponding to each biometric information in the second biometric information group is verified to match the feature data corresponding to the digital watermark embedded in the electronic file.
  5. 如权利要求3所述的电子文件的加密方法,其特征在于,所述在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配的步骤之前,还包括:The method of encrypting an electronic file according to claim 3, wherein said verifying each biometric feature in said second biometric information group upon receiving said second biometric information set transmitted by said second terminal Before the step of matching the feature data corresponding to the information with the feature data corresponding to the digital watermark embedded in the electronic file, the method further includes:
    在接收到第二终端发送的电子文件获取请求时,发送用户身份验证指令至所述第二终端,以供所述第二终端采集用户的第二生物特征信息组,并反馈采集到的所述第二生物特征信息组。Receiving a user identity verification command to the second terminal, where the second terminal collects the second biometric information group of the user, and feeds back the collected Second biometric information set.
  6. 如权利要求3所述的电子文件的加密方法,其特征在于,所述第一生物特征信息组和所述第二生物特征信息组中包括用户语音信息、用户手掌信息以及用户手写签名信息。The method of encrypting an electronic file according to claim 3, wherein the first biometric information group and the second biometric information group include user voice information, user palm information, and user handwritten signature information.
  7. 如权利要求3所述的电子文件的加密方法,其特征在于,当所述电子文件中嵌入多个数字水印时,所述在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配的步骤包括:The method for encrypting an electronic file according to claim 3, wherein when the plurality of digital watermarks are embedded in the electronic file, the verification unit receives the second biometric information group transmitted by the second terminal The step of matching the feature data corresponding to each biometric information in the second biometric information group with the feature data corresponding to the digital watermark embedded in the electronic file includes:
    在接收到第二终端发送的第二生物特征信息组时,验证所述电子文件中嵌入的多个数字水印中是否存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配,其中,在存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。When receiving the second biometric information group sent by the second terminal, verifying whether the digital watermark corresponding feature data and the second biometric information group are present in the plurality of digital watermarks embedded in the electronic file Matching the feature data corresponding to the biometric information, wherein the second biometric information is verified when the feature data corresponding to the digital watermark matches the feature data corresponding to each biometric information in the second biometric information group The feature data corresponding to each biometric information in the group matches the feature data corresponding to the digital watermark embedded in the electronic file.
  8. 如权利要求4所述的电子文件的加密方法,其特征在于,所述在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配的步骤之前,还包括:The method for encrypting an electronic file according to claim 4, wherein said each biometric feature in said second biometric information set is verified when said second biometric information set transmitted by said second terminal is received Before the step of matching the feature data corresponding to the information with the feature data corresponding to the digital watermark embedded in the electronic file, the method further includes:
    在接收到第二终端发送的电子文件获取请求时,发送用户身份验证指令至所述第二终端,以供所述第二终端采集用户的第二生物特征信息组,并反馈采集到的所述第二生物特征信息组。Receiving a user identity verification command to the second terminal, where the second terminal collects the second biometric information group of the user, and feeds back the collected Second biometric information set.
  9. 如权利要求1所述的电子文件的加密方法,其特征在于,所述将生成的所述数字水印嵌入到待加密的电子文件中的步骤之后,还包括:The method of encrypting an electronic file according to claim 1, wherein after the step of embedding the generated digital watermark in an electronic file to be encrypted, the method further comprises:
    在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;And acquiring feature data corresponding to each biometric information in the second biometric information group when receiving the second biometric information group sent by the second terminal;
    按照预设的融合算法对所述第二生物特征信息组中的每种生物特征信息对应的特征数据进行融合,生成对应的数字水印;Generating, according to a preset fusion algorithm, feature data corresponding to each biometric information in the second biometric information group to generate a corresponding digital watermark;
    在生成的所述数字水印与所述电子文件中嵌入的数字水印匹配时,授权所述第二终端获取所述电子文件的内容。And when the generated digital watermark matches the digital watermark embedded in the electronic file, authorizing the second terminal to acquire the content of the electronic file.
  10. 如权利要求9所述的电子文件的加密方法,其特征在于,所述在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据的步骤之前,还包括:The method for encrypting an electronic file according to claim 9, wherein when the second biometric information set transmitted by the second terminal is received, each biometric feature in the second biometric information set is extracted. Before the step of the feature data corresponding to the information, the method further includes:
    在接收到第二终端发送的电子文件获取请求时,发送用户身份验证指令至所述第二终端,以供所述第二终端采集用户的第二生物特征信息组,并反馈采集到的所述第二生物特征信息组。Receiving a user identity verification command to the second terminal, where the second terminal collects the second biometric information group of the user, and feeds back the collected Second biometric information set.
  11. 一种电子文件的加密装置,其特征在于,所述电子文件的加密装置包括:An encryption device for an electronic file, characterized in that the encryption device of the electronic file comprises:
    提取模块,用于在接收到第一终端发送的第一生物特征信息组时,提取所述第一生物特征信息组中的每种生物特征信息对应的特征数据,其中,所述第一生物特征信息组为所述第一终端采集的一个用户的多种生物特征信息;And an extraction module, configured to: when receiving the first biometric information group sent by the first terminal, extract feature data corresponding to each biometric information in the first biometric information group, where the first biometric feature The information group is a plurality of biometric information of a user collected by the first terminal;
    生成模块,用于按照预设的融合算法对提取的多个所述特征数据进行融合,生成对应的数字水印;a generating module, configured to fuse the extracted plurality of feature data according to a preset fusion algorithm to generate a corresponding digital watermark;
    处理模块,用于将生成的所述数字水印嵌入到待加密的电子文件中,以对所述电子文件进行加密。And a processing module, configured to embed the generated digital watermark into an electronic file to be encrypted, to encrypt the electronic file.
  12. 如权利要求11所述的电子文件的加密装置,其特征在于,所述第一生物特征信息组中包括用户语音信息、用户手掌信息以及用户手写签名信息。The encryption device for an electronic document according to claim 11, wherein the first biometric information group includes user voice information, user palm information, and user handwritten signature information.
  13. 如权利要求11所述的电子文件的加密装置,其特征在于,所述电子文件的加密装置还包括:The encryption device for an electronic file according to claim 11, wherein the encryption device of the electronic file further comprises:
    验证模块,用于在接收到第二终端发送的第二生物特征信息组时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据是否匹配;a verification module, configured to verify feature data corresponding to each biometric information in the second biometric information group and a number embedded in the electronic file when receiving the second biometric information set sent by the second terminal Whether the feature data corresponding to the watermark matches;
    授权模块,用于在所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配时,授权所述第二终端获取所述电子文件的内容。An authorization module, configured to authorize the second terminal to acquire the feature data corresponding to each biometric information in the second biometric information group and the feature data corresponding to the digital watermark embedded in the electronic file The content of the electronic file.
  14. 如权利要求13所述的电子文件的加密装置,其特征在于,所述验证模块包括:The encryption device for an electronic file according to claim 13, wherein the verification module comprises:
    提取单元,用于在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;And an extracting unit, configured to: when receiving the second biometric information group sent by the second terminal, extract feature data corresponding to each biometric information in the second biometric information group;
    验证单元,用于将所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的每种生物特征信息的特征数据进行比对,验证所述第二生物特征信息组与所述电子文件中嵌入的数字水印是否匹配,其中,对于每种生物特征信息,在所述第二生物特征信息组中对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据均匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。a verification unit, configured to compare feature data corresponding to each biometric information in the second biometric information group with feature data of each biometric information corresponding to the digital watermark embedded in the electronic file, and verify Whether the second biometric information group matches the digital watermark embedded in the electronic file, wherein, for each biometric information, corresponding feature data and the electronic file in the second biometric information group When the feature data corresponding to the embedded digital watermark is matched, the feature data corresponding to each biometric information in the second biometric information group is verified to match the feature data corresponding to the digital watermark embedded in the electronic file.
  15. 如权利要求13所述的电子文件的加密装置,其特征在于,所述电子文件的加密装置还包括:The encryption device for an electronic file according to claim 13, wherein the encryption device of the electronic file further comprises:
    发送模块,用于在接收到第二终端发送的电子文件获取请求时,发送用户身份验证指令至所述第二终端,以供所述第二终端采集用户的第二生物特征信息组,并反馈采集到的所述第二生物特征信息组。a sending module, configured to send a user identity verification command to the second terminal when the second terminal receives the electronic file acquisition request sent by the second terminal, where the second terminal collects the second biometric information group of the user, and feeds back The collected second biometric information set.
  16. 如权利要求13所述的电子文件的加密装置,其特征在于,所述第一生物特征信息组和所述第二生物特征信息组中包括用户语音信息、用户手掌信息以及用户手写签名信息。The encryption device for an electronic document according to claim 13, wherein the first biometric information group and the second biometric information group include user voice information, user palm information, and user handwritten signature information.
  17. 如权利要求13所述的电子文件的加密装置,其特征在于,当所述电子文件中嵌入多个数字水印时,所述验证模块还用于:The encryption device for an electronic file according to claim 13, wherein when the plurality of digital watermarks are embedded in the electronic file, the verification module is further configured to:
    在接收到第二终端发送的第二生物特征信息组时,验证所述电子文件中嵌入的多个数字水印中是否存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配,其中,在存在数字水印对应的特征数据与所述第二生物特征信息组中的每种生物特征信息对应的特征数据匹配时,验证所述第二生物特征信息组中的每种生物特征信息对应的特征数据与所述电子文件中嵌入的数字水印对应的特征数据匹配。When receiving the second biometric information group sent by the second terminal, verifying whether the digital watermark corresponding feature data and the second biometric information group are present in the plurality of digital watermarks embedded in the electronic file Matching the feature data corresponding to the biometric information, wherein the second biometric information is verified when the feature data corresponding to the digital watermark matches the feature data corresponding to each biometric information in the second biometric information group The feature data corresponding to each biometric information in the group matches the feature data corresponding to the digital watermark embedded in the electronic file.
  18. 如权利要求14所述的电子文件的加密装置,其特征在于,所述电子文件的加密装置还包括:The encryption device for an electronic file according to claim 14, wherein the encryption device of the electronic file further comprises:
    发送模块,用于在接收到第二终端发送的电子文件获取请求时,发送用户身份验证指令至所述第二终端,以供所述第二终端采集用户的第二生物特征信息组,并反馈采集到的所述第二生物特征信息组。a sending module, configured to send a user identity verification command to the second terminal when the second terminal receives the electronic file acquisition request sent by the second terminal, where the second terminal collects the second biometric information group of the user, and feeds back The collected second biometric information set.
  19. 如权利要求13所述的电子文件的加密装置,其特征在于,所述提取模块,还用于在接收到第二终端发送的第二生物特征信息组时,提取所述第二生物特征信息组中的每种生物特征信息对应的特征数据;The apparatus for encrypting an electronic file according to claim 13, wherein the extracting module is further configured to: when the second biometric information group sent by the second terminal is received, extract the second biometric information group Characteristic data corresponding to each biometric information in the medium;
    所述生成模块,还用于按照预设的融合算法对所述第二生物特征信息组中的每种生物特征信息对应的特征数据进行融合,生成对应的数字水印;The generating module is further configured to fuse the feature data corresponding to each biometric information in the second biometric information group according to a preset fusion algorithm to generate a corresponding digital watermark;
    所述授权模块,还用于在生成的所述数字水印与所述电子文件中嵌入的数字水印匹配时,授权所述第二终端获取所述电子文件的内容。The authorization module is further configured to authorize the second terminal to acquire content of the electronic file when the generated digital watermark matches the digital watermark embedded in the electronic file.
  20. 如权利要求19所述的电子文件的加密装置,其特征在于,所述电子文件的加密装置还包括:The encryption device for an electronic file according to claim 19, wherein the encryption device of the electronic file further comprises:
    发送模块,用于在接收到第二终端发送的电子文件获取请求时,发送用户身份验证指令至所述第二终端,以供所述第二终端采集用户的第二生物特征信息组,并反馈采集到的所述第二生物特征信息组。 a sending module, configured to send a user identity verification command to the second terminal when the second terminal receives the electronic file acquisition request sent by the second terminal, where the second terminal collects the second biometric information group of the user, and feeds back The collected second biometric information set.
PCT/CN2016/102270 2016-10-17 2016-10-17 Method and device for encrypting electronic file WO2018072061A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2016/102270 WO2018072061A1 (en) 2016-10-17 2016-10-17 Method and device for encrypting electronic file

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2016/102270 WO2018072061A1 (en) 2016-10-17 2016-10-17 Method and device for encrypting electronic file

Publications (1)

Publication Number Publication Date
WO2018072061A1 true WO2018072061A1 (en) 2018-04-26

Family

ID=62018396

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/102270 WO2018072061A1 (en) 2016-10-17 2016-10-17 Method and device for encrypting electronic file

Country Status (1)

Country Link
WO (1) WO2018072061A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117116275A (en) * 2023-10-23 2023-11-24 浙江华创视讯科技有限公司 Multi-mode fused audio watermarking method, device and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1527585A (en) * 2003-03-05 2004-09-08 刘瑞祯 Safe digital information transmitting and applying method
CN1910534A (en) * 2004-01-20 2007-02-07 皇家飞利浦电子股份有限公司 Method and apparatus for protection of content using biometric watermarks
CN105550879A (en) * 2015-07-01 2016-05-04 南京酷派软件技术有限公司 Encryption method and apparatus

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1527585A (en) * 2003-03-05 2004-09-08 刘瑞祯 Safe digital information transmitting and applying method
CN1910534A (en) * 2004-01-20 2007-02-07 皇家飞利浦电子股份有限公司 Method and apparatus for protection of content using biometric watermarks
CN105550879A (en) * 2015-07-01 2016-05-04 南京酷派软件技术有限公司 Encryption method and apparatus

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117116275A (en) * 2023-10-23 2023-11-24 浙江华创视讯科技有限公司 Multi-mode fused audio watermarking method, device and storage medium
CN117116275B (en) * 2023-10-23 2024-02-20 浙江华创视讯科技有限公司 Multi-mode fused audio watermarking method, device and storage medium

Similar Documents

Publication Publication Date Title
WO2019033904A1 (en) Login authentication method and system, and computer-readable storage medium
WO2013189231A1 (en) Image-based face recognition unlocking method, system and electronic device
WO2016192270A1 (en) Method and device for rapid opencast of media file
WO2017071352A1 (en) Password push method, push system, and terminal device
WO2019227557A1 (en) Key management method, device, storage medium and apparatus
WO2015172684A1 (en) Ap connection method, terminal, and server
WO2016108468A1 (en) User terminal, service providing apparatus, driving method of user terminal, driving method of service providing apparatus, and encryption indexing-based search system
WO2014139406A1 (en) Method and system for safely downloading terminal master key (tmr)
WO2018098881A1 (en) Access processing method and device for application
WO2019100604A1 (en) Account inquiry method, apparatus, device, and computer readable storage medium
WO2021075867A1 (en) Method for storing and recovering key for blockchain-based system, and device therefor
WO2017148112A1 (en) Fingerprint entry method, and terminal
WO2018166091A1 (en) Method, system, and terminal for face-to-face loan signing, and computer-readable storage medium
WO2019144526A1 (en) Method, device, and system for debit card activation, and computer-readable storage medium
WO2019090995A1 (en) Self-service account opening and card issuing method, self-service terminal, and computer-readable storage medium
WO2017012200A1 (en) Electronic diagnosis letter-based medical institution identification method and network hospital platform
WO2018034491A1 (en) A primary device, an accessory device, and methods for processing operations on the primary device and the accessory device
WO2019100531A1 (en) Digital signature generation method and device thereof, verification method and device thereof, and storage medium
WO2015139594A1 (en) Security verification method, apparatus, and system
WO2012028079A1 (en) Method and device for importing backup data of mobile terminal
WO2016090652A1 (en) Video compression method and device
WO2019134218A1 (en) Vtm-based transfer method and device, server, and storage medium
WO2019164281A1 (en) Electronic device and control method thereof
WO2015158032A1 (en) Method and system for unlocking screen of mobile terminal by means of retina information matching
WO2017012419A1 (en) Stream media decryption method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16919561

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16919561

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 27/01/2020)

122 Ep: pct application non-entry in european phase

Ref document number: 16919561

Country of ref document: EP

Kind code of ref document: A1