35 results about "Fuzzy extractor" patented technology

In a geo-security system, a device receives RF signals from multiple distinct classes of RF communication systems and extracts location-dependent signal parameters. A current geotag is computed from the parameters by fuzzy extractors involving quantization of the parameters and Reed-Solomon decoding to provide a reproducible unique geotag. The current geotag is compared with a stored geotag, and a geo-secured function of the device is executed based on the result of the comparison. The use of multiple signal sources of different types, combined with special fuzzy extractors provides a robust geotag that allows both lower false rejection rate and lower false acceptance rate.

The invention relates to a novel fingerprint key generation method for a digital signature, which comprises two stages and is characterized in that the first stage is fingerprint feature extraction which comprises the steps of calculating a directional diagram of a fingerprint image, positioning a reference point of the fingerprint image, calculating a sector fingerprint feature extraction region, carrying out fingerprint image normalization, performing enhancement processing on the fingerprint image, and extracting fingerprint features; and the second stage refers to fuzzy extraction technology based fingerprint key generation which comprises the steps of constructing a security model based fuzzy extractor, constructing a Hamming distance based fuzzy extractor and generating a fingerprint key. The novel fingerprint key generation method has the advantages that the fingerprint key can be cancelled or updated for multiple times, the security is enabled to be higher, and potential safety hazards brought about by external information stealing can be avoided. Meanwhile, the novel fingerprint key generation method has important theoretical and practical values, and has wide application prospects.

The invention discloses an Internet of Things security chip trusted mechanism, and relates to the technical field of Internet of Things security. The mechanism comprises the following steps: obtaininga physical unclonable function of a chip, and extracting a plurality of excitation corresponding pairs from the physical unclonable function; extracting a response part of the excitation corresponding pair as a first entropy value, and adding the first entropy value into an entropy pool; the Internet of Things equipment extracting communication protocol information in the communication process asa second entropy value and adding the second entropy value into an entropy pool; combining the first entropy value and the second entropy value in the entropy pool to obtain physical feature information; inputting the physical feature information into a fuzzy extractor, outputting auxiliary data P and a uniform random value R by the fuzzy extractor, and registering an identity by taking the auxiliary data P and the uniform random value R as registration information. The random feature physical fingerprint in the chip production and manufacturing process is used as identity registration information, the block chain is used as an identity generation and registration platform, and the safety is high.

Described is a system for biometric based security. The system converts biometric data into a cryptographic key using a reusable fuzzy extractor process. The reusable fuzzy extractor process comprises a generation process and a reconstruction process. The generation process takes as input a public parameter and a first biometric input and outputs a public helper string and a first random string. The reconstruction process takes as input a public helper string and a second biometric input and outputs a second random string. The reusable fuzzy extractor process is reusable such that multiple public helper strings do not reveal any information about the first biometric input and the first random string. Secured data is unlocked by applying the cryptographic key for biometric security of access to secured data.

A method for authenticating a first device is disclosed. In one embodiment, the method includes the steps of: receiving a helper bit string from a second device that is remote from the first device; measuring a first response bit string of a physical unclonable function of the first device with respect to a challenge bit string; subtracting the first response bit string from the helper bit string;reconstructing a random matrix using a pseudo-random number generator initialized with a seed; and decoding a result of the subtraction using the random matrix, the shared secret bit string being provided from the decoding if the helper bit string was encoded using a previously measured second response bit string that is within a threshold level of similarity to the first response bit string, thedecoding outputting an error value otherwise.

The invention relates to an unmanned aerial vehicle group key extraction and security authentication method based on a GPS signal, and belongs to the technical field of data information processing. The method is mainly divided into an information extraction stage and an equipment authentication stage, and during initialization, each node in a cluster system generates similar sequence information by using an artificial intelligence technology according to a GPS signal acquired by the node; unified information is generated through a fuzzy extractor; and finally, generating a session key according to the unified information. In the flight process, interaction information is encrypted through session keys among the aircrafts so as to ensure communication safety, and in the flight process, the aircrafts extract the keys again according to the GPS signals at set intervals so as to realize key updating. According to the scheme, the generation of the initial keys on all the unmanned aerial vehicles in the fleet can be realized only through a public channel, and the problem of insufficient randomness of the keys can be well solved. In addition, the authentication mechanism based on the GPS signal in the scheme can also be applied to other unmanned equipment ad hoc network scenes, and has good expansibility and commercial value.

Embodiments are directed to a method for securely performing biometric authentication online. The method described can be used to securely perform biometric authentication on a mobile device. For protecting the privacy of the user biometric data, a cryptographic comparison protocol can be used to perform matching of encrypted templates. For example, the cryptographic comparison protocol may involve Fuzzy Extractors (FE), Homomorphic Encryption (HE), and / or Secure Multi-Party Computation (SMPC).

The invention discloses an anti-memory leak multi-level secret sharing method for calculating safety under a standard model, which relates to the technical field of computer information safety, and comprises the following steps of: extracting the same character string which is randomly and uniformly distributed by utilizing the combined action of a physical unclonable function and a fuzzy extractor, namely generating a reliable secret share; in this way, the secret sharing method can meet the safety requirement under the environment of memory leakage. Meanwhile, according to the secret sharing method, the secret share of each participant can be used for multiple times and is used for recovering multiple secrets. According to the technical scheme, a verifiable multi-level secret sharing method which is suitable for a common access structure and is capable of resisting memory leakage is constructed instead of the idea of storing a long-term secret share in a nonvolatile memory in the prior art.

The invention discloses a trustworthy mechanism for an Internet of Things security chip, and relates to the technical field of Internet of Things security. The response part of the pair is taken as the first entropy value and added to the entropy pool; the IoT device extracts the communication protocol information of the communication process as the second entropy value and adds it to the entropy pool; the first entropy value and the second entropy value in the entropy pool are The physical feature information is obtained by combining the values; the physical feature information is input into the fuzzy extractor, the fuzzy extractor outputs the auxiliary data P and the uniform random value R, and the auxiliary data P and the uniform random value R are used as the registration information to register the identity; The random feature "physical fingerprint" in the production process is used as identity registration information, and the blockchain is used as a platform for identity generation and registration, with high security.

Methods and systems for authenticating a first device are disclosed. The method comprises the steps of measuring a first response bit string of a physical unclonable function of the first device with respect to a challenge bit string, the physical unclonable function being determined by a processor of the first device and a further physical component of the first device Provided by one of; derives a shared secret bitstring from a uniformly distributed random vector; encoded by multiplying a uniformly distributed random matrix with a uniformly distributed random vector and adding the first response bitstring to the result of the multiplication an auxiliary bit string; and transmitting the auxiliary bit string to a second device remote from the first device.

The invention discloses a signcryption method of biological features of a plurality of receivers, comprising generating system parameters; extracting features; performing user log-on; encrypting by a sender; and decrypting by receivers. The method employs fuzzy extractor technique to bind the biological features and user keys to protect keys, directly authenticates user identity through the biological features, solves the safety problems of key safety and key abuse in the conventional cryptography, adds digital signature of senders during encryption, verifies identity of senders through certification during decryption, and solves the problem of counterfeiting of senders. The method improves the safety and reliability of whole systems, has the advantages of high safety, high efficiency and no need for storing any secret information by users, and can be applied to the distributed network application field.

A method and system for authenticating a device is disclosed. The method includes the steps of: receiving a helper bit string and a first MAC; measuring a first response bit string of a physical unclonable function of the device with respect to a challenge bit string; subtracting the first response bit from the helper bit string string; decodes the result of the subtraction using a uniformly distributed random matrix, if the helper bit string is encoded using a previously measured second response bit string within a threshold level of similarity to the first response bit string , then providing the shared secret bit string from the decoding, otherwise the decoding outputs an error value; determining a second MAC based on the shared secret bit string, the uniformly distributed random matrix, and the helper bit string; and It is determined whether the second MAC matches the first MAC.

The invention relates to a novel fingerprint key generation method for a digital signature, which comprises two stages and is characterized in that the first stage is fingerprint feature extraction which comprises the steps of calculating a directional diagram of a fingerprint image, positioning a reference point of the fingerprint image, calculating a sector fingerprint feature extraction region, carrying out fingerprint image normalization, performing enhancement processing on the fingerprint image, and extracting fingerprint features; and the second stage refers to fuzzy extraction technology based fingerprint key generation which comprises the steps of constructing a security model based fuzzy extractor, constructing a Hamming distance based fuzzy extractor and generating a fingerprint key. The novel fingerprint key generation method has the advantages that the fingerprint key can be cancelled or updated for multiple times, the security is enabled to be higher, and potential safety hazards brought about by external information stealing can be avoided. Meanwhile, the novel fingerprint key generation method has important theoretical and practical values, and has wide application prospects.

Embodiments of the invention involve using biometric templates to wirelessly authenticate individuals. In one embodiment, a mobile device may generate a first biometric template and a first public value from a first biometric sample of a user and generate a first cryptographic key by passing the first biometric template to a fuzzy extractors generate function. An access device may generate a second biometric template from a second biometric sample of the user, generate a second secret cryptographic key by passing the second biometric template and the first public value to the fuzzy extractors reproduce function, encrypt the second biometric template with the second secret cryptographic key, and broadcast the encrypted template to a plurality of nearby mobile devices including the mobile device. If the mobile device is able to decrypt the encrypted template with the first cryptographic key, the access device can associate the user with the mobile device.

A biometric processing system for authentication combines multiple biometric signals using machine learning to map the different signals into a common argument space that may be processed by a similar fuzzy extractor. The different biometric signals may be given weight values related to their entropy allowing them to be blended to increase security and availability while minimizing intrusiveness.

A solid-state image pickup device 10 comprises: a pixel unit 20; a read unit 90 that reads pixel signals from the pixel unit 20; and a response data generation unit 80 that includes a fuzzy extractorand that generates response-data containing a unique key associated with pixels and / or read unit variation-information. When regenerating a key, the response data generation unit 10 generates a uniquekey using: helper data obtained when initially generating the key; variation information obtained when regenerating the key; and reliability information predicted from the variation information whenregenerating the key. Due to this configuration: it is not necessary to perform multiple instances of counting a response for obtaining reliability information, nor is it necessary to impart reliability to helper data; it is possible to prevent an increase in the data stored in the fuzzy extractor when initially generating a key; and it is possible to generate unique response-data that has high confidentiality.

A fuzzy extractor includes an initial key generating part including a true random number generator, and a key regenerating part. The true random number generator generates a true random number using a read-out signal read from the reading part or a pixel signal read from the pixels of the pixel part in a true random number generation mode. The initial key generating part generates helper data and an initial key based on the true random number generated by the true random number generator and variation information acquired as a response when the initial key is generated. The key regenerating part generates, when a key is regenerated, a unique key based on helper data acquired when the initial key is generated and variation information acquired as a response including an error when the key is regenerated.