35 results about "Fuzzy vault" patented technology

The invention relates to a novel fuzzy vault method based on fingerprint characteristic data and a matching algorithm. A locking process in the method comprises the following steps: firstly, carrying out cyclic redundancy check (CRC) coding to random secret key data; then, constructing an associated polynomial; adding a farraginous point; carrying out a characteristic quantization process to each point in an assembly; and disorganizing the sequence of each point in the assembly; and generating a registered Hash table by the assembly. An unlocking process comprises the following steps: firstly, extracting input minutia characteristic data; then, quantizing each minutia characteristics data; generating a verification Hash table; comparing the verification Hash table with the registered Hash table by a matching algorithm to obtain a subset; carrying out a Lagrange interpolation reconstruction polynomial; and finally, carrying out a CRC verification process to the coefficient data of the polynomial obtained by reconstruction. According to the novel fuzzy vault method based on the fingerprint characteristic data and the matching algorithm, the secret key information and the fingerprint characteristic data are organically combined to effectively protect a secret key and simultaneously conceal the fingerprint characteristic template information of a user.

Provided is a method for polynomial reconstruction in a fuzzy vault system, which includes receiving a set of matching minutiae to select a minutiae combination to be used for the polynomial reconstruction; generating a simultaneous equation using the selected minutiae combination; determining whether a root of the simultaneous equation exists; and reconstructing the polynomial using the selected minutiae combination when the root of the simultaneous equation exists. The high-speed processing polynomial reconstruction method may perform polynomial reconstruction in real time, without using a separate key of a user, and thus may be applicable to various types of fuzzy vault systems.

The invention provides a method for enhancing safety of a finger print Fuzzy Vault system. The method binds the unique minutia of a finger print, a secret password and a key. When the key is encrypted by the Fuzzy Vault system, the user needs to provide self finger print characteristic information as well as randomly to choose a secret password. The finger print characteristic information is converted through the secret password, thereby the finger print template is protected. When decryption the user also needs to provide self finger print and the chosen secret password, only when the two are all right, the protected key can be correctly calculated, or else the key is not correctly calculated at any conditions. Because the user can choose different passwords to protect the finger print characteristic information under different applications, the encryption and decryption of the Fuzzy Vault operates the finger print information after convention. Thus the method of the invention can effectively prevent the cross-validation security vulnerability inherent in the original Fuzzy Vault system and the safety and application value are improved.

Provided is a method for polynomial reconstruction in a fuzzy vault system, which includes receiving a set of matching minutiae to select a minutiae combination to be used for the polynomial reconstruction; generating simultaneous equations using the selected minutiae combination; determining whether a root of the simultaneous equations exists; and reconstructing the polynomial using the selected minutiae combination when the root of the simultaneous equations exists. The high-speed processing polynomial reconstruction method may perform polynomial reconstruction in real time, without using a separate key of a user, and thus may be applicable to various types of fuzzy vault systems.

The invention provides a Fuzzy Vault encrypting method based on secrete sharing. The method combines Fuzzy Vault and a secrete-sharing system to protect messages. In the process of encryption, the sender generates a master encryption key and a master decryption key; the master encryption key encrypts a message and makes use of the master decryption key to produce n sub decryption keys via the secrete sharing system; and n receivers sharing messages respectively provide a group of fingerprint minutiae information sets and construct n Fuzzy Vault systems to bind the sub decryption key. In the process of decryption, when m receivers sharing messages provide fingerprint minutiae information sets used in the process of encryption and input the minutiae information sets into the corresponding Fuzzy Vault systems in encryption to decrypt and recover m sub decryption keys, the secrete sharing system uses the m sub decryption keys to recover the master decryption key. The Fuzzy Vault encrypting method solves the problem of message deadlock in Fuzzy Vault systems of single biological trait, realizes the indirect protection over fingerprint minutiae information, and effectively protects the safety of shared information.

A secure computer system architecture can be comprised of network-enabled end-user devices, services available to the end-user devices, and a biometric authentication gateway. Each service can be provided via one or more appropriately-configured servers meeting a predefined minimum level of computer and network security and / or a blockchain network. The biometric authentication gateway can control access to the services based upon validation of a user's biometric vector against a pre-established biometric vector. The architecture can utilize an improved public key infrastructure (PKI) approach that segments a private encryption key into three parts and distributes the three parts between the end-user device and the biometric authentication gateway. Two of the three parts can be encased within fuzzy vaults based upon the user's biometric vector. Retrieving the key parts from the fuzzy vaults cannot be performed without successful biometric authentication of the user, ensuring that only the user can execute the services.

The invention discloses a unified account information management method based on biological characteristic encryption. The management method particularly includes the steps: 1 acquiring user account information; 2 performing crypto-binding on biologic characteristic information and secret keys by the aid of a fuzzy vault algorithm; 3 encrypting plain text files of the account information by the aid of a symmetric encryption algorithm; 4 generating encryption data and auxiliary information; 5 logging user accounts. According to the management method, user fingerprint characteristics and user secret keys are bound by the aid of fuzzy vault technology, the user secret keys and fingerprint security are greatly protected, the plain text files of the account information are encrypted by the aid of the symmetric encryption algorithm, and the security of the user account information is effectively ensured by the aid of a dual-protection mechanism. By the management method, user account information is integrally managed, and user convenience is achieved while security of the account information is ensured.

The invention discloses a finger vein fusion fuzzy vault realization method. The finger vein fusion fuzzy vault realization method comprises following steps: step 1, finger vein skeleton information of an image of a finger vein A and finger vein skeleton information of an image of a finger vein B are fused to acquire a vein skeleton image C, and characteristic points are extracted to acquire a characteristic information set, and the characteristic information set is extracted; step 2, by adopting a locking algorithm, a cipher key required to be protected is bound up with the characteristic information set of the step 1, and then a finger vein fusion fuzzy vault is generated; step 3, finger vein skeleton information of a verified query finger vein A' and finger vein skeleton information of a verified query finger vein B' are fused to acquire a vein skeleton image C', and characteristic information is extracted, and the cipher key is extracted from the finger vein fusion fuzzy vault by adopting an unlocking algorithm. The fuzzy vault generated by using the finger vein image fusion is used to realize cipher key protection, and therefore safety performance is strong, realization efficiency is high; only a valid user is capable of extracting the cipher key having a CRC verification function by using a valid finger vein, and therefore confidentiality, integrity, and availability of cipher key safe storage are guaranteed.

A biometric register includes: a feature extraction unit for performing preprocessing for a fingerprint to extract a feature point m for the fingerprint; a transformation function generation unit for generating a transformation function which is composed of an arbitrary rotation matrix and an arbitrary vector; and a template generation unit for transforming a coordinate of the feature point m using the generated transformation function, and organizing a fuzzy vault using a randomly generated fake feature point and a feature point m1 applied by the transformed coordinate, thereby generating a one-time template.

Embodiments of the invention disclose an authentication method for a subscriber identity module card. The method comprises the following steps of collecting biological characteristic information of a user and extracting minutiae of biological characteristics from the biological characteristic information; carrying out binding calculation on the minutiae and a generated authentication key to obtain a fuzzy vault; and writing the fuzzy vault and an international mobile subscriber identification number (IMSI) into an SIM card. The embodiments of the invention disclose an authentication device for the subscriber identity module card.

The invention relates to a fingerprint fuzzy vault method based on a threshold secret sharing scheme. The method comprises a shared key distribution phase and a shared key reconstruction phase. The shared key distribution phase further comprises a binding process of the fingerprint fuzzy vault and a user subkey, and a shared key binding process. The shared key reconstruction phase further comprises a releasing process of partial user subkeys and a releasing process of the shared key. When the fingerprint fuzzy vault method is used to protect the shared key, the shared key is safely and conveniently released through fingerprint characteristics of the user. The releasing process of the key is very simple, and thus the key sharing scheme is more practical.

The invention provides a lightweight back-up and efficient restoration method of health block chain data encryption keys.Body area networks achieve physiological parameters acquisition of healthy body health, health block chains are produced by a group of credible IT devices appointed by multiple health institutions and used for receiving and storing health data of the body area networks, the health block chain data encryption keys are produced by utilizing a fuzzy technology fuzzy vault and physiological signals acquired by the body area networks, human physiological data acquired in different time periods is encrypted by utilizing different data encryption keys and then is saved in the block chains of the IT devices without storage of historical data encryption keys; historical secret keys are restored by utilizing the health data acquired by the body area networks in real time.The lightweight back-up and efficient restoration method integrates the body area networks with the health block chains, avoids huge burden brought by secret key splitting related in a traditional secret key restoration method and safe storage and retrieval of shadow secret keys and greatly reduces management complexity of the health block chain data encryption keys.

The invention relates to methods and devices for enabling authentication of a user based on biometric data. In an aspect of the invention, a method performed by a client device (100) of enabling authentication of user (200) of the client device (100) with a network node over a secure communication channel based on biometric data is provided. Further, an enrollment set is provided by the client device, which is used for the authentication, where said enrollment set comprises a fuzzy vault, which contains registered biometric data and a first secret key. The enrollment set also comprises transformed non-invertible biometric data, a second secret key and a secret random number.

The invention provides a Fuzzy Vault encryption method based on secret sharing. This method combines Fuzzy Vault and secret sharing system to protect messages. In the encryption process, the sender generates a pair of master encryption key and master decryption key, the master encryption key encrypts the message, and then uses the master decryption key to generate n sub-decryption keys through the secret sharing system, and the n sub-decryption keys shared by the message Each receiver provides a set of its fingerprint detail point information set and constructs n Fuzzy Vault system binding sub-decryption keys. During the decryption process, when the recipients of m shared messages provide the fingerprint minutiae information sets used in the encryption process, and input the respective minutiae information sets into the corresponding Fuzzy Vault system for encryption, m sub-decryption keys are decrypted by The secret sharing system uses m sub-decryption keys to recover the master decryption key. The invention overcomes the message deadlock problem of the Fuzzy Vault system of a single biometric feature; realizes the indirect protection of fingerprint minutiae information; and effectively protects the safety of shared information.

The invention belongs to the technical field of software system account key management application, and specifically discloses a method and system for online information trusteeship that integrates biometric encryption technology, including the following steps, confirming the availability of a user account through a mobile phone number or email account and a verification code; Collect user biometrics; use biometric fuzzy vault algorithm to encrypt escrow information; upload and store encrypted escrow information; download encrypted escrow information; collect combined timing actions to complete live detection; use biometric fuzzy vault algorithm to complete escrow information reverse decryption; Supports automatic destruction of download information. The beneficial effects of the online information trusteeship method and system of the fusion biometric feature encryption technology of the present invention are: 1. Increase the amount of data supported by the fuzzy vault algorithm through the fusion of multiple biometric features; 2. Effectively fight against hackers through the action sequence live detection Imitation of a living body; 3. To ensure information security without requiring the user to enter a password.

The invention relates to an identity authentication method based on a fuzzy vault and a digital certificate, wherein the digital certificate and fingerprint identification are combined in a smart card, so that the digital identity and the physical identity of a user correspond to realize the identity authentication with high safety. The method comprises the following steps of: firstly generating an RSA key pair in a user UK, and sending a public key and relevant registration information to an RA for auditing by the user UK; when the auditing is passed, transferring user information to a CA for verification by the RA; after the verification is successful, generating the digital certificate for the user and sending to the user to be stored in the UK by the CA; and inputting a fingerprint in the UK by the registered user, extracting the true detail points in the fingerprint, dispensing the true detail points into the UK and a fingerprint server, and locking the PIN of the UK by the true detail points of the user, so that the digital certificate stored in the UK and a corresponding private key can be safely protected. In order to reduce the calculation amount of the smart card, a secret sharing method is introduced, so that only when the information in both the smart card and the server can be obtained, the PIN of the smart card can be recovered to release the digital certificate containing the private key.

The invention discloses a credibility detection method based on password hash and biometric feature recognition. The method mainly solves the problems that existing computer information detection codes are likely to be reversely calculated and computers cannot recognize physical identities of users. According to the technical scheme, the method includes the steps that 1, software and hardware information of a computer is obtained, and biological feature information of a user is collected; 2, a device code is generated according to the software and hardware information, a fuzzy vault is generated through the biological feature information, and a user code is generated through the device code and the fuzzy vault; 3, the fuzzy vault and the user code serve as computer integrity check codes to be stored; 4, software and hardware information of the computer is obtained again, biological feature information of the user is recollected, and a new user code is generated; 5, the new user code is compared with the stored user code, if the new user code is identical with the stored user code, credibility verification passes, and otherwise, verification fails. The integrity check codes can be prevented from being changed and replaced, the physical identity of the user can be recognized, and the method can be used for protecting computer security.

The invention discloses a method for realizing a finger vein fusion fuzzy vault. The present invention specifically includes the following steps: Step 1, fusing finger vein skeleton information on finger vein A and finger vein B images to obtain vein skeleton image C, extracting feature points to obtain a feature information set and extracting the feature information set. Step 2. Use the locking algorithm to bind the key to be protected with the feature set in the first step to generate a finger vein fusion fuzzy vault. Step 3. Using the verified query finger veins A' and B', fuse their finger vein skeleton information to obtain a vein skeleton image C', extract feature information, and use an unlocking algorithm to extract a key from the finger vein fuzzy vault. The present invention uses the fuzzy vault generated by finger vein image fusion to realize key protection, which has strong security and high implementation efficiency, and ensures that only legitimate users can extract the key with CRC verification function under the legal finger vein, ensuring the key Confidentiality, integrity, availability of secure storage.

The present invention relates to a fuzzy control method, a storage medium and a computer device of a bench control system, mainly comprising: collecting historical data sets; clustering the historical data sets by using the FCM algorithm, and obtaining the data-intensive areas in the clustered historical data subsets value as the maximum value of the membership function, and use the membership function to divide the subset of historical data into fuzzy sets; construct a fuzzy control model based on Wang-Mendel algorithm; obtain expert experience data as training data, and use supervised learning methods to train fuzzy control model; input the fuzzy set into the trained fuzzy control model to obtain the fuzzy rule set; define the fuzzy rules with different conditions in the fuzzy rule set as adjacent rules, use the adjacent rules to complement the incomplete fuzzy rules in the fuzzy library, and obtain new Fuzzy rule set; input a new fuzzy rule set to the bench control system for PID parameter self-tuning.