WO2018145286A1 - Procédé d'authentification basé sur des caractéristiques biologiques, appareil d'authentification et dispositif électronique - Google Patents

Procédé d'authentification basé sur des caractéristiques biologiques, appareil d'authentification et dispositif électronique Download PDF

Info

Publication number
WO2018145286A1
WO2018145286A1 PCT/CN2017/073167 CN2017073167W WO2018145286A1 WO 2018145286 A1 WO2018145286 A1 WO 2018145286A1 CN 2017073167 W CN2017073167 W CN 2017073167W WO 2018145286 A1 WO2018145286 A1 WO 2018145286A1
Authority
WO
WIPO (PCT)
Prior art keywords
biometric
verification code
sample
feature points
feature
Prior art date
Application number
PCT/CN2017/073167
Other languages
English (en)
Chinese (zh)
Inventor
陆向远
刘和兴
Original Assignee
深圳市汇顶科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市汇顶科技股份有限公司 filed Critical 深圳市汇顶科技股份有限公司
Priority to CN201780000076.6A priority Critical patent/CN107077558B/zh
Priority to PCT/CN2017/073167 priority patent/WO2018145286A1/fr
Publication of WO2018145286A1 publication Critical patent/WO2018145286A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication

Definitions

  • the technical solution disclosed by the present invention relates to the field of communications technologies, and in particular, to a biometric-based authentication method, an authentication device, and an electronic device.
  • the biological characteristics of the human body are often used for security authentication between communication devices because they are unique and are not easily copied or stolen.
  • biometric samples transmitted during secure authentication need to be encrypted and decrypted; the implementation of encryption and decryption requires the use of a key negotiated in advance by the communication device.
  • the above technical solutions have at least the following drawbacks: (1) The encrypted and decrypted keys need to be shared by the electronic devices in advance negotiation, which makes the initial security authentication process between the electronic devices cumbersome. (2) Only biometric samples for security authentication are verified, and biometric templates for security authentication are not verified, and there is a hidden danger of communication security.
  • the technical solution disclosed by the present invention can at least solve the following technical problems: obtaining a key for encryption and decryption in a manner of non-advance negotiation; realizing two-way verification of a biometric sample and a biometric template.
  • the first authentication device includes: collecting a biometric sample; quantifying feature points of the biometric sample; calculating a key based on the quantized feature points of the biometric sample; identifying a singular point of the biometric sample; The singular point calculation assists the alignment parameter; generates a first verification code; encrypts the first verification code using the key; and sends the auxiliary alignment parameter and the encrypted first verification to a second authentication device And comparing, when the second verification code returned by the second authentication device, the second verification code and the first verification code, if the second verification code and the first verification code Consistently, the biometric samples collected by the first authentication device pass the authentication.
  • the quantizing the feature points of the biometric sample comprises: performing signal preprocessing on the biometric sample; and extracting feature points of the signal preprocessed biometric sample.
  • the biometric sample includes a fingerprint feature sample; and quantifying feature points of the fingerprint feature sample includes: quantifying a grain direction of feature points of the fingerprint feature sample to be equally spaced In the N directions, N is an integer of ⁇ 1; the position of the feature point of the fingerprint feature sample is quantized into M values with respect to the position of the singular point, and M is an integer of ⁇ 1.
  • the feature points of the fingerprint feature sample include: endpoints of the texture and/or bifurcation points of the texture.
  • the calculating a key based on the quantized feature points of the biometric sample comprises: converting the quantized feature points of the biometric sample into a numerical value; A hash value of the value or a signature value; the hash value or the signature value is the key.
  • the identifying the singular point of the biometric sample comprises: identifying a center point and/or a triangle point of the biometric sample as a singular point.
  • the calculating the auxiliary alignment parameter based on the singular point The number includes: calculating a distribution range of feature points of the biometric sample based on the singular point; and calculating a distribution range of feature points of the biometric sample as the auxiliary alignment parameter.
  • One or more embodiments of the present invention also disclose a biometric-based authentication method, which is applied to a second authentication device, including: receiving an auxiliary alignment parameter sent by a first authentication device and an encrypted first verification code; Obtaining a preset biometric template, acquiring a feature point of a corresponding position in the biometric template according to the auxiliary alignment parameter; calculating a key based on a feature point of a corresponding position in the biometric template; using the key pair Decrypting the encrypted first verification code to obtain a second verification code; transmitting the second verification code to the first authentication device; and when the second verification code passes the authentication of the first authentication device And the biometric template of the second authentication device passes the authentication.
  • the method further comprises quantifying feature points of the biometric template.
  • the auxiliary alignment parameter is: the first authentication device calculates a distribution range of feature points of the biometric sample based on the singular point of the biometric sample; Acquiring a feature point of the corresponding position in the biometric template according to the auxiliary alignment parameter includes: identifying a distribution range of feature points of the biometric sample to the biometric template; and acquiring the biometric template A feature point of a corresponding position within a distribution range of feature points of the biometric sample.
  • One or more embodiments of the present invention further disclose a first authentication device, including: a first acquisition module, configured to collect biometric samples; and a first quantization module, configured to quantize feature points of the biometric samples; a first key module, configured to calculate a key based on the quantized feature points of the biometric sample; a first singular point module, configured to identify a singular point of the biometric sample; and a first auxiliary alignment parameter module, Calculating the auxiliary alignment parameter based on the singular point; the first verification code module is configured to generate a first verification code; and the first encryption module is configured to encrypt the first verification code by using the key; a first transceiver module, configured to send the auxiliary alignment parameter and the encrypted first verification code to a second authentication device; and the first comparison module receives a second verification returned by the second authentication device And determining, by the second verification code and the first verification code, if the second verification code is consistent with the first verification code, the biometric sample of the first authentication device passes the authentication.
  • the first authentication device further includes: a first pre-processing module, configured to perform signal pre-processing on the biometric sample; and a first extraction module, configured to extract a signal Feature points of the pre-processed biometric samples.
  • the first quantization module is configured to quantize feature points of the fingerprint feature samples, including: quantizing a texture direction of the feature points of the fingerprint feature samples into N directions of equal intervals , N is an integer of ⁇ 1; the position of the feature point of the fingerprint feature sample is quantized to M values with respect to the position of the singular point, and M is an integer of ⁇ 1.
  • the first key module calculates a key based on the quantized feature points of the biometric sample, including: converting the quantized feature points of the biometric sample into a value; a hash value or a signature value of the value is calculated; the hash value or the signature value is the key.
  • the first singular point module identifying the singular point of the biometric sample comprises: identifying a center point and/or a triangle point of the biometric sample as a singular point.
  • the first auxiliary alignment parameter module calculates an auxiliary alignment parameter based on the singular point, including: calculating a distribution range of feature points of the biometric sample based on the singular point; The calculated distribution range of the feature points of the biometric sample is the auxiliary alignment parameter.
  • One or more embodiments of the present invention also disclose a second authentication apparatus, including: a sending module, configured to receive the auxiliary alignment parameter sent by the first authentication device and the encrypted first verification code; the second feature point module is configured to retrieve the preset biometric template, and obtain the a feature point corresponding to the location in the biometric template; a second key module, configured to calculate a key based on a feature point of the corresponding location in the biometric template; and a second decryption module, configured to encrypt the encryption using the key
  • the first first verification code is decrypted to obtain a second verification code; the second transceiver module is further configured to send the second verification code to the first authentication device.
  • the second authenticating apparatus further includes: the apparatus further comprising: a second quantization module, configured to quantize feature points of the biometric template.
  • the auxiliary alignment parameter is: the first authentication device calculates a distribution range of feature points of the biometric sample based on the singular point of the biometric sample; Acquiring the feature points of the corresponding positions in the biometric template according to the auxiliary alignment parameters includes: identifying a distribution range of the feature points of the biometric samples to the biometric template; acquiring the biological A feature point of a corresponding position within a distribution range of feature points of the biometric sample on the feature template.
  • the first authentication device calculates a key based on the feature point of the quantized biometric sample, encrypts the first verification code generated by the calculated key pair, and then encrypts And transmitting the encrypted first verification code and the auxiliary alignment parameter to the second authentication device.
  • the second authenticating device acquires the feature points of the quantized biometric samples from the preset quantized biometric template according to the received auxiliary alignment parameters, and then calculates a key according to the acquired feature points of the quantized biometric samples. Therefore, the first authentication device and the second authentication device can each calculate the key, that is, the first authentication device and the second authentication device can obtain the key in a non-advance negotiation manner.
  • the first authentication device sends the encrypted first authentication code to the second authentication device, Rather than the quantified feature points of the biometric sample, the first authentication device can indirectly authenticate whether the second authentication device has the correct biometric template.
  • FIG. 1 is a flowchart of a biometric-based authentication method according to an embodiment of the present invention
  • FIG. 2 is a schematic diagram of quantizing feature points of a biometric sample in an embodiment of the present invention
  • FIG. 3 is a schematic diagram showing alignment of a quantized biometric sample and a quantized biometric template in a quadrilateral region according to an embodiment of the present invention
  • FIG. 4 is a schematic diagram showing alignment of a quantized biometric sample and a quantized biometric template in a circular area according to an embodiment of the present invention
  • FIG. 5 is a schematic diagram of a workflow of mutual authentication between an electronic device X and an electronic device Y according to another embodiment of the present invention.
  • FIG. 6 is a schematic diagram of a workflow for mutually authenticating an electronic device 1 and an electronic device 2 according to still another embodiment of the present invention.
  • FIG. 7 is a schematic diagram of a biometric-based first authentication device according to an embodiment of the present invention.
  • FIG. 8 is a schematic diagram of a biometric-based second authentication device according to an embodiment of the present invention.
  • FIG. 9 is a schematic diagram of an electronic device according to another embodiment of the present invention.
  • FIG. 1 a flowchart of a biometric-based authentication method in accordance with an embodiment of the present invention.
  • the biometric-based authentication method is applied to other electronic devices having wireless and/or wired communication functions, such as smart phones, tablets, and notebook computers.
  • an identity authentication before a Bluetooth communication data transmission is established between a smartphone and a laptop, and the steps performed by the smartphone include but are not limited to the following:
  • Step 101 The smartphone collects biometric samples.
  • biometric samples collected by the smartphone include, but are not limited to, fingerprints and/or faces and/or irises.
  • Step 102 The smartphone quantizes feature points of the biometric sample; and then calculates a key based on the quantized feature points of the biometric sample.
  • Step 103 The smartphone identifies a singular point of the biometric sample; and then based on the singular point Calculate the auxiliary alignment parameters.
  • the auxiliary alignment parameter is used by the notebook computer to acquire feature points of the quantized biometric sample according to the biometric template.
  • Step 104 The smart phone generates a first verification code; and then encrypts the first verification code by using the key.
  • Step 105 The smart phone sends the auxiliary alignment parameter and the encrypted first verification code to the laptop; and when the smart phone receives the second verification code returned by the laptop, comparing the second verification And the first verification code, if the second verification code is consistent with the first verification code, the biometric sample collected by the smart phone passes the authentication.
  • the second verification code is consistent with the first verification code, and the second verification code is the same as the first verification code.
  • the second verification code and the first verification code are both 123456.
  • the quantizing the feature points of the biometric sample comprises: performing signal preprocessing on the biometric sample; and extracting feature points of the signal preprocessed biometric sample.
  • the performing signal preprocessing on the biometric sample includes: removing interference information in the biometric sample, and enhancing useful information in the biometric sample.
  • the biometric sample includes, but is not limited to, a fingerprint feature sample; quantifying feature points of the fingerprint feature sample includes: quantifying a grain direction of feature points of the fingerprint feature sample to be equally spaced In the N directions, N is an integer of ⁇ 1; the position of the feature point of the fingerprint feature sample is quantized into M values with respect to the position of the singular point, and M is an integer of ⁇ 1.
  • the feature points of the fingerprint feature sample include: endpoints of the texture and/or bifurcation points of the texture.
  • the identifying the singular point of the biometric sample comprises: identifying a center point and/or a triangle point of the biometric sample as a singular point.
  • FIG. 2 a schematic diagram of quantizing feature points of a biometric sample in an embodiment of the present invention.
  • the process of quantifying the feature points of a biometric sample is briefly summarized as follows: The feature space of the biometric sample is quantized (digitized) at an appropriate spacing. The feature points of the biometric sample are sampled. The feature points of the sampled biometric samples will be forced to the nearest quantization point. The above quantization process can ensure that the feature points of the biometric sample feature points of the same user are always the same.
  • the calculating a feature point based on the quantized feature points of the biometric sample includes: converting the quantized feature points of the biometric sample into a numerical value; calculating a hash value or a signature value of the numerical value; The hash value or the signature value is the key.
  • the biometric sample is a fingerprint feature sample
  • the quantized feature points of the fingerprint feature sample are converted into numerical values.
  • the biometric sample is a face feature sample or an iris feature sample
  • the quantized face feature sample or the iris feature sample is converted into a numerical value.
  • the converted value is then calculated to obtain a hash value or a signature value. For example, the converted value is calculated according to a hash algorithm to obtain a hash value.
  • the calculating the auxiliary alignment parameter based on the singular point includes: calculating a distribution range of the feature points of the biometric sample based on the singular point; and calculating a distribution range of the feature points of the biometric sample as a Said auxiliary alignment parameters.
  • the smart phone in the above method calculates a key based on the feature points of the quantized biometric samples, encrypts the first verification code generated by the calculated key pair, and then encrypts the encrypted
  • the first verification code and the auxiliary alignment parameters are sent to the laptop.
  • the notebook computer acquires the feature points of the quantized biometric samples from the preset quantized biometric template according to the received auxiliary alignment parameters, and then calculates a key according to the acquired feature points of the quantized biometric samples.
  • the smartphone and the laptop can each calculate the key, ie the smartphone and the laptop can obtain the key in a non-advanced negotiation.
  • the encrypted first verification code is The non-quantized feature points of the biometric sample, so that the notebook can only authenticate the biometric samples collected by the smartphone when it has the correct biometric template. That is, when the biometric sample collected by the smartphone is correct and the laptop does not have the correct biometric template (or for example, the laptop is not a legitimate laptop that matches the smartphone), the smartphone will not receive the The second verification code returned by the laptop, or the second verification code received by the smart phone is inconsistent with the first verification code. Therefore, the smartphone can also indirectly authenticate whether the laptop has the correct biometric template.
  • the steps performed by the laptop include but are not limited to the following:
  • Step 201 The notebook computer receives the auxiliary alignment parameter sent by the smart phone and the encrypted first verification code.
  • Step 202 The notebook computer retrieves a preset biometric template, and acquires feature points of corresponding positions in the biometric template according to the auxiliary alignment parameter.
  • Step 203 The notebook computer calculates a key based on feature points of corresponding positions in the biometric template.
  • Step 204 The notebook computer decrypts the encrypted first verification code by using the key to obtain a second verification code.
  • Step 205 The notebook computer sends the second verification code to the smart phone.
  • the biometric template of the notebook computer passes the authentication.
  • the method further comprises quantifying feature points of the biometric template.
  • the auxiliary alignment parameter is: the first authentication device calculates a distribution range of feature points of the biometric sample based on the singular point of the biometric sample; Acquiring the feature points of the corresponding positions in the biometric template includes: identifying a distribution range of feature points of the biometric sample to the biometric template; and acquiring the biometric sample on the biometric template Feature points of corresponding locations within the distribution of feature points.
  • the identifying the distribution range of the feature points of the biometric sample to the biometric template comprises: aligning the quantized biometric sample with the quantized biometric template.
  • FIG. 3 it is a schematic diagram of a quantized biometric sample aligned with a quantized biometric template in a quadrilateral region according to an embodiment of the invention.
  • FIG. 4 it is a schematic diagram of a quantized biometric sample aligned with a quantized biometric template in a circular area according to an embodiment of the invention.
  • the process of aligning the quantized biometric sample with the quantized biometric template is briefly summarized as follows: identifying a singular point of the quantized biometric sample, and identifying the singular point to the quantized Biometric template.
  • the feature points of the quantized biometric samples are calculated according to the auxiliary alignment parameters, and the feature points are identified to the quantized biometric template. For example, as shown in FIG. 3, the singular points and feature points of the quantized biometric samples are identified to the abcd region. It is also possible to identify the singular points and feature points of the quantized biometric samples to a circular area of radius R as shown in FIG.
  • the process of aligning the quantized biometric sample with the quantized biometric template, identifying the singular point of the quantized biometric sample and the feature point of the quantized biometric sample by using the quantized biometric template thus, the quantized biometric sample can be aligned with the quantized biometric template.
  • the notebook computer in the above method does not directly obtain the characteristics of the quantized biometric sample Point, but acquiring the feature points of the quantized biometric samples from the preset quantized biometric template according to the received auxiliary alignment parameters. Therefore, if the notebook computer in the above method does not have the correct quantized biometric template, the feature points of the quantized biometric sample cannot be obtained, and the key cannot be calculated. So for a smart phone, in the identity authentication process before the Bluetooth communication data transmission with the laptop, if the laptop does not return the correct second verification code, the laptop will most likely not have the correct biometric template. . The holder of the smartphone will be able to operate the smartphone to refuse to establish Bluetooth communication with the laptop.
  • FIG. 5 it is a schematic diagram of a workflow for mutual authentication between an electronic device X and an electronic device Y according to another embodiment of the present invention. Assuming that the electronic device X needs to transfer a certain amount of money to the electronic device Y, the electronic device X and the electronic device Y need to perform transaction security authentication for the security of the transaction.
  • the electronic device X obtains the quantized biometric sample by the steps of collecting and the like, and the electronic device Y presets the quantized biometric template.
  • the electronic device X calculates a key based on the quantized feature points of the biometric sample, and then generates a first verification code and encrypts the generated first verification code using the key, and calculates a singularity based on the singularity Auxiliary alignment parameters.
  • the electronic device X transmits the auxiliary alignment parameter and the encrypted first verification code to the electronic device Y.
  • the electronic device Y retrieves the quantized biometric template, and acquires feature points of corresponding positions in the biometric template according to the auxiliary alignment parameter. A key is then calculated based on feature points of corresponding locations in the biometric template. The electronic device Y decrypts the encrypted first verification code by using the key to obtain a second verification code.
  • the electronic device Y transmits the second verification code to the electronic device X.
  • the electronic device X compares the second verification code with the first verification code.
  • the biometric sample collected by the electronic device X passes the authentication of the electronic device Y.
  • the electronic device X also indirectly verifies whether the electronic device Y has the correct biometric template, which is beneficial to improve transaction security between the electronic device X and the electronic device Y.
  • FIG. 6 is a schematic diagram of a workflow for mutually authenticating an electronic device 1 and an electronic device 2 according to still another embodiment of the present invention. It is assumed that the electronic device 1 can copy a confidential file from the electronic device 2 and store a confidential file into the electronic device 2. At this time, for the security of the information, the electronic device 1 and the electronic device 2 need to perform mutual authentication.
  • the electronic device 2 obtains the quantized biometric sample by the steps of collecting and the like, and the electronic device 1 presets the quantized biometric template.
  • the electronic device 2 obtains the verification code B1 and the encrypted verification code B2 after performing the relevant steps in the above embodiment.
  • the electronic device 2 transmits the auxiliary alignment parameter and the encrypted verification code B2 to the electronic device 1.
  • the electronic device 1 decrypts the encrypted verification code B2, obtains the verification code B3, and then feeds back the verification code B3 to the electronic device 2.
  • the electronic device 2 compares the verification code B3 with the verification code B1. When the verification code B3 coincides with the verification code B1, the quantized biometric sample of the electronic device 2 passes the verification.
  • the electronic device 2 receives the verification code B3 fed back by the electronic device 1, and the verification code B3 is consistent with the verification code B1, the process of obtaining the verification code B3 by the electronic device 1 is not necessarily consistent with the preset, so it is necessary for the electronic device 1 to take the initiative. Initiate authentication of the quantified biometric template. A brief overview of the process is as follows:
  • the electronic device 1 obtains the verification code A1 and the encrypted verification code A2 after performing the relevant steps in the above embodiment.
  • the electronic device 1 transmits the encrypted verification code A2 to the electronic device 2.
  • the electronic device 2 decrypts the encrypted verification code A2, obtains the verification code A3, and then feeds back the verification code A3 to the electronic device 1.
  • the electronic device 1 compares the verification code A3 with the verification code A1. When the verification code A3 coincides with the verification code A1, the quantized biometric template of the electronic device 1 passes the verification.
  • the electronic device 1 will not be able to generate a new key without the quantized biometric template, that is, if the electronic device 1 does not have the quantized creature
  • the feature template will not be able to obtain the valid verification code A2. Therefore, the method for mutual authentication between the electronic device 1 and the electronic device 2 in the above embodiment improves the communication security between the electronic device 1 and the electronic device 2.
  • FIG. 7 is a schematic diagram of a biometric-based first authentication device in another embodiment of the present invention.
  • the biometric-based first authentication device includes:
  • the first collection module 701 is configured to collect biometric samples
  • a first quantization module 702 configured to quantize feature points of the biometric sample
  • a first key module 703, configured to calculate a key based on the quantized feature points of the biometric sample
  • a first singular point module 704 configured to identify a singular point of the biometric sample
  • a first auxiliary alignment parameter module 705, configured to calculate an auxiliary alignment parameter based on the singular point
  • a first verification code module 706, configured to generate a first verification code
  • a first encryption module 707 configured to encrypt the first verification code by using the key
  • the first transceiver module 708 is configured to send the auxiliary alignment parameter to the second authentication device and after the encryption The first verification code;
  • a first comparison module 709 configured to compare the second verification code with the first verification code, if the second verification code is received when the second verification code returned by the second authentication device is received Consistent with the first verification code, the biometric samples collected by the first authentication device pass the authentication.
  • the device further includes: a first pre-processing module for performing signal pre-processing on the biometric sample; and a first extracting module, configured to extract feature points of the signal-preprocessed biometric sample.
  • the first quantization module 702 is configured to quantize the feature points of the fingerprint feature samples, including: quantizing the texture direction of the feature points of the fingerprint feature samples into N directions of equal intervals, where N is an integer of ⁇ 1; The position of the feature point of the fingerprint feature sample is quantized into M values with respect to the position of the singular point, and M is an integer of ⁇ 1.
  • the calculating, by the first key module 703, the key based on the quantized feature points of the biometric sample includes: converting the quantized feature points of the biometric sample into a numerical value; calculating a hash value of the numerical value or a signature value; the key is the hash value or the signature value.
  • the first singular point module 704 identifying the singular point of the biometric sample includes: identifying a center point and/or a triangle point of the biometric sample as a singular point.
  • the calculating, by the first auxiliary alignment parameter module 705, the auxiliary alignment parameter based on the singular point includes: calculating a distribution range of feature points of the biometric sample based on the singular point; and calculating the calculated biometric sample
  • the distribution range of the feature points is the auxiliary alignment parameter.
  • the biometric-based first authentication device and the biometric-based second authentication device cooperate to implement the biometric-based authentication method in the foregoing method embodiments, which is beneficial to improving communication security.
  • FIG. 8 is a schematic diagram of a biometric-based second authentication device according to another embodiment of the present invention.
  • the biometric-based second authentication device includes:
  • the second transceiver module 801 is configured to receive the auxiliary alignment parameter sent by the first authentication device and the encrypted first verification code;
  • a second feature point module 802 configured to retrieve a preset biometric template, and acquire a feature point of a corresponding position in the biometric template according to the auxiliary alignment parameter;
  • a second key module 803, configured to calculate a key based on a feature point of a corresponding location in the biometric template
  • a second decryption module 804 configured to decrypt the encrypted first verification code by using the key, and when the decryption is successful, to obtain a second verification code
  • the second transceiver module 801 is further configured to send the second verification code to the first authentication device.
  • the apparatus also includes a second quantization module for quantizing feature points of the biometric template.
  • the auxiliary alignment parameter is: the first authentication device calculates a distribution range of feature points of the biometric sample based on the singular point of the biometric sample; the second feature point module 802 is configured according to the auxiliary alignment Obtaining a feature point of the corresponding position in the biometric template includes: identifying a distribution range of feature points of the biometric sample to the biometric template; and acquiring feature points of the biometric sample on the biometric template The feature points of the corresponding locations within the distribution range.
  • the biometric-based second authentication device and the biometric-based first authentication device cooperate to implement the biometric-based authentication method in the foregoing method embodiments, which is beneficial to improving communication security.
  • FIG. 9 a schematic diagram of an electronic device in another embodiment of the present invention.
  • An electronic device including but not limited to a smart phone, a tablet computer, a notebook computer, and the like, having other wireless and/or wired communication functions, for implementing any of the above-mentioned first authentication devices A biometric-based authentication method.
  • the electronic device includes: at least one first processor 901, and at least one first memory 902; the at least one first processor 901 is communicatively coupled to the at least one first memory 902.
  • the at least one first processor 901 shown in FIG. 9 is communicably connected to the at least one first memory 902 via a first bus 903.
  • the at least one first memory 902 stores instructions executable by the at least one first processor 901 to cause the electronic device to perform a biometric-based authentication method performed by any one of the first authentication devices described above .
  • Another embodiment of the present invention discloses another electronic device for implementing a biometric-based authentication method performed by any of the above-described second authentication devices.
  • the electronic device includes, but is not limited to, a server, a smart phone, a tablet, a notebook computer, and the like, and other electronic devices having wireless and/or wired communication functions.
  • the electronic device includes: at least one second processor, and at least one second memory; the at least one second processor communicatively coupled to the at least one second memory.
  • the at least one second memory stores instructions executable by the at least one second processor to cause the electronic device to perform a biometric-based authentication method performed by any one of the second authentication devices described above.
  • Another embodiment of the present invention discloses a steering system composed of an active pen and a terminal with a touch screen.
  • the active pen may perform a biometric-based authentication method performed by any one of the first authentication devices, and the terminal with a touch screen may perform a biometric-based authentication method performed by any one of the foregoing second authentication devices.
  • the active pen collects a biometric sample (eg, a fingerprint sample) of the user.
  • Place The terminal with the touch screen verifies the biometric sample collected by the active pen according to the preset biometric template to determine whether the active pen has the right to operate the terminal with the touch screen.
  • the active pen can also verify the biometric template in the touch screen enabled terminal when the control system supports multiple users to operate the touch screen enabled terminal through the active pen.
  • Another embodiment of the present invention discloses a non-transitory computer storage medium storing computer executable instructions for performing any of the above biometric-based authentication methods.
  • biometric-based authentication method the authentication device, the non-transitory computer storage medium, and the electronic device in the above embodiments may also be implemented in other manners.
  • Computer instructions and/or data for implementing the various embodiments described above may be stored in a computer readable medium or transmitted as one or more instructions or code on a readable medium.
  • Computer readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one location to another.
  • a storage medium can be any available media that can be stored by a computer.
  • the computer readable medium can comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, disk storage media or other magnetic storage device, or can be carried or stored in the form of an instruction or data structure.
  • any connection can suitably be a computer readable medium.
  • coaxial cable For example, if the software is transmitted from a website, server, or other remote source using coaxial cable, optical brazing, twisted pair, digital subscriber line (DSL), or wireless technologies such as infrared, radio, and microwave, then coaxial Cables, optical braces, twisted pairs, DSL, or wireless technologies such as infrared, wireless, and microwave are included in the definition of the medium to which they belong.
  • coaxial Cables, optical braces, twisted pairs, DSL, or wireless technologies such as infrared, wireless, and microwave are included in the definition of the medium to which they belong.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Collating Specific Patterns (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)

Abstract

Les modes de réalisation de la présente invention concernent un procédé d'authentification basé sur des caractéristiques biologiques, un appareil d'authentification, ainsi qu'un dispositif électronique, se rapportant au domaine technique de la communication. Le procédé comprend les étapes suivantes consistant à : prélever un échantillon à caractéristiques biologiques ; quantifier des points caractéristiques de l'échantillon à caractéristiques biologiques ; calculer une clé sur la base des points caractéristiques quantifiés de l'échantillon à caractéristiques biologiques ; marquer des points de singularité de l'échantillon à caractéristiques biologiques ; calculer des paramètres d'alignement auxiliaires sur la base des points de singularité ; générer un premier code de vérification ; utiliser la clé pour chiffrer le premier code de vérification ; envoyer les paramètres d'alignement auxiliaires et le premier code de vérification chiffré à un second appareil d'authentification ; et, lors de la réception d'un second code de vérification renvoyé par le second appareil d'authentification, comparer le second code de vérification et le premier code de vérification. Les modes de réalisation de la présente invention permettent d'acquérir une clé chiffrée et déchiffrée à l'aide d'un procédé de négociation classique, et mettent en œuvre un échantillon à caractéristiques biologiques et une vérification bidirectionnelle de modèles de caractéristiques biologiques.
PCT/CN2017/073167 2017-02-09 2017-02-09 Procédé d'authentification basé sur des caractéristiques biologiques, appareil d'authentification et dispositif électronique WO2018145286A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201780000076.6A CN107077558B (zh) 2017-02-09 2017-02-09 基于生物特征的认证方法、认证装置及电子设备
PCT/CN2017/073167 WO2018145286A1 (fr) 2017-02-09 2017-02-09 Procédé d'authentification basé sur des caractéristiques biologiques, appareil d'authentification et dispositif électronique

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/073167 WO2018145286A1 (fr) 2017-02-09 2017-02-09 Procédé d'authentification basé sur des caractéristiques biologiques, appareil d'authentification et dispositif électronique

Publications (1)

Publication Number Publication Date
WO2018145286A1 true WO2018145286A1 (fr) 2018-08-16

Family

ID=59613779

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/073167 WO2018145286A1 (fr) 2017-02-09 2017-02-09 Procédé d'authentification basé sur des caractéristiques biologiques, appareil d'authentification et dispositif électronique

Country Status (2)

Country Link
CN (1) CN107077558B (fr)
WO (1) WO2018145286A1 (fr)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109344593B (zh) * 2018-10-24 2021-01-26 三星(中国)半导体有限公司 生物信息验证方法以及验证服务器、录入和验证客户端
WO2020150892A1 (fr) * 2019-01-22 2020-07-30 深圳市汇顶科技股份有限公司 Système et procédé d'identification biométrique, et dispositif terminal

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030046589A1 (en) * 1997-06-11 2003-03-06 Gregg Richard L. System and method for securing transactions and computer resources with an untrusted network
CN101282217A (zh) * 2007-04-05 2008-10-08 华为技术有限公司 一种生物特征数据的保护方法、装置及***
CN101770567A (zh) * 2008-12-31 2010-07-07 杭州中正生物认证技术有限公司 一种识别生物特征的方法及***
CN103377333A (zh) * 2012-04-25 2013-10-30 宋嘉佑 虚实身分验证电路、***及电子消费方法
CN105225359A (zh) * 2015-09-15 2016-01-06 中国联合网络通信集团有限公司 基于二维码的无卡取款方法和指纹认证服务器

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1980374A (zh) * 2005-12-01 2007-06-13 中国科学技术大学 基于生物特征的信息加密和解密方法
JP4565015B2 (ja) * 2008-05-15 2010-10-20 シャープ株式会社 画像処理装置、画像形成装置、画像処理システム、画像処理プログラムおよびその記録媒体
CN105024819B (zh) * 2015-05-29 2019-02-12 北京中亦安图科技股份有限公司 一种基于移动终端的多因子认证方法及***
CN105553926A (zh) * 2015-06-30 2016-05-04 宇龙计算机通信科技(深圳)有限公司 一种认证方法、服务器以及终端
CN106027501B (zh) * 2016-05-06 2017-08-01 北京芯盾时代科技有限公司 一种在移动设备中进行交易安全认证的***和方法
CN106302539A (zh) * 2016-10-12 2017-01-04 广州市芯德电子技术有限公司 一种嵌入式web安全认证方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030046589A1 (en) * 1997-06-11 2003-03-06 Gregg Richard L. System and method for securing transactions and computer resources with an untrusted network
CN101282217A (zh) * 2007-04-05 2008-10-08 华为技术有限公司 一种生物特征数据的保护方法、装置及***
CN101770567A (zh) * 2008-12-31 2010-07-07 杭州中正生物认证技术有限公司 一种识别生物特征的方法及***
CN103377333A (zh) * 2012-04-25 2013-10-30 宋嘉佑 虚实身分验证电路、***及电子消费方法
CN105225359A (zh) * 2015-09-15 2016-01-06 中国联合网络通信集团有限公司 基于二维码的无卡取款方法和指纹认证服务器

Also Published As

Publication number Publication date
CN107077558A (zh) 2017-08-18
CN107077558B (zh) 2020-03-31

Similar Documents

Publication Publication Date Title
CN107113315B (zh) 一种身份认证方法、终端及服务器
CN107079034B (zh) 一种身份认证的方法、终端设备、认证服务器及电子设备
US9189612B2 (en) Biometric verification with improved privacy and network performance in client-server networks
US9218473B2 (en) Creation and authentication of biometric information
EP3132368B1 (fr) Procédé et appareil de vérification de l'aptitude à l'utilisation d'une image caractéristique biologique
EP3257194A1 (fr) Systèmes et procédés de gestion sécurisée de données biométriques
US11947650B2 (en) Biometric data security system and method
WO2018148900A1 (fr) Procédé et dispositif d'authentification basée sur une identification d'empreintes digitales, et système d'opérations
CN104751154A (zh) 基于智能移动信息设备的指纹安全加密方法
CN113971274B (zh) 一种身份识别方法及装置
WO2017000356A1 (fr) Procédé, terminal, dispositif et système de gestion d'autorisations
KR20200119788A (ko) 생체 인식 템플릿 보호 키 업데이트
WO2018145286A1 (fr) Procédé d'authentification basé sur des caractéristiques biologiques, appareil d'authentification et dispositif électronique
US11586717B2 (en) Method and electronic device for authenticating a user
CN108989331B (zh) 数据存储设备的使用鉴权方法及其设备和存储介质
WO2017016039A1 (fr) Procédé et dispositif de transfert de données commerciales entre comptes
CN113205342A (zh) 基于多端支付的用户身份验证方法及装置
CN109768969B (zh) 权限控制方法及物联网终端、电子设备
CN111275855A (zh) 一种门锁控制方法、装置、***、电子设备及存储介质
TWI675579B (zh) 網路身份驗證系統與方法
KR101500947B1 (ko) 생체 정보 생성 및 인증
CN114245374B (zh) 安全认证方法、***和相关设备
US11496469B2 (en) Apparatus and method for registering biometric information, apparatus and method for biometric authentication
WO2016150023A1 (fr) Procédé et système de décryptage d'empreinte digitale
CN113079017B (zh) 一种电子签名的指纹实名认证方法和***

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17896297

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17896297

Country of ref document: EP

Kind code of ref document: A1