[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN102004872A - Fingerprint encryption-based identity authentication system and implementation method thereof - Google Patents

Fingerprint encryption-based identity authentication system and implementation method thereof Download PDF

Info

Publication number
CN102004872A
CN102004872A CN2010105244911A CN201010524491A CN102004872A CN 102004872 A CN102004872 A CN 102004872A CN 2010105244911 A CN2010105244911 A CN 2010105244911A CN 201010524491 A CN201010524491 A CN 201010524491A CN 102004872 A CN102004872 A CN 102004872A
Authority
CN
China
Prior art keywords
module
processing unit
fingerprint
password
image
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2010105244911A
Other languages
Chinese (zh)
Other versions
CN102004872B (en
Inventor
杨莹
徐念龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan European Micro Technology Co ltd
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN2010105244911A priority Critical patent/CN102004872B/en
Publication of CN102004872A publication Critical patent/CN102004872A/en
Application granted granted Critical
Publication of CN102004872B publication Critical patent/CN102004872B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Collating Specific Patterns (AREA)

Abstract

The invention discloses a fingerprint encryption-based identity authentication system. The system comprises a user interface, a key interface, a database, a password processing unit, a fingerprint processing unit, a conversion processing unit, a decryption processing unit and an encryption processing unit, wherein the user interface is connected with the password processing unit and the fingerprint processing unit respectively; the password processing unit, the fingerprint processing unit, the decryption processing unit and the encryption processing unit are connected with the conversion processing unit respectively; and the decryption processing unit and the encryption processing unit are connected with the database and the key interface respectively. The invention also discloses an implementation method of the fingerprint encryption-based identity authentication system, which comprises the steps of encryption and decryption. The system and the method have the advantages that: a biological characteristic password can be allowed to be cancelled and can be reset for unlimited times, the safety is high, cross-comparison bugs are prevented, and the like.

Description

A kind of identity authorization system and its implementation based on encrypting fingerprint
Technical field
The present invention relates to technical fields such as bio signal encryption, a kind of especially identity authorization system and its implementation based on encrypting fingerprint.
Background technology
In recent years, because the appearance of identity authorization system and universal day by day, we are home-confined just can to carry out ecommerce by modes such as authentification of user, phone-payments, participate in the efficient modern life such as remote information management, shopping at network, more and more individual and enterprise got used to sensitive data and trade secret through safety certification system carry out Network Transmission.Yet also there is shortcomings such as using inconvenience and memory difficulty in these traditional encryption systems.Typical encryption key all is at random and sufficiently long, and people are difficult to these tediously long character strings at random of memory, and therefore such key often is stored on certain medium, and then is protected the security of key by password.Like this, the security of whole cipher key system just is based on password.
With online transaction safety is example, and in order to ensure aspects such as data confidentiality in the whole communication process, data integrity, legal identity authentication and non-repudiation, the main flow authentication techniques of taking are divided into:
(1) SFA (authentication of Single-factor authentication single-factor): only by proving that a people's identity is referred to as the single-factor authentication meeting of a condition.The ID authentication mechanism of " user name+password " that everybody knows in fact is exactly a kind of single-factor authentication mode, because user name is easy to know.
(2) MFA (authentication of Multi-factor authentication multiple-factor): prove that by making up two kinds and two or more different condition a people's identity is referred to as the multiple-factor authentication.Common multiple-factor authentication mode is the method that combining cipher and material object conditions such as (credit card, SMS mobile phone, tokens) authenticate the user.
Because being static password (user name+password), the authentication of traditional single-factor has been considered to the authentication means that are in extreme danger for the technology of representative, therefore progressively develop the authentication that based on USB key in recent years, it is considered to a kind of convenience and reliable and secure identity identifying technology.It adopts the double factor authentication pattern of one-time pad, has solved the reliability problems of authentication well, and USB interface and advanced computer expert's usefulness are provided.It is built-in CPU, storer, chip operating systems (COS) etc. can be stored user's key or digital certificate, utilize the built-in cryptographic algorithm of USB to realize authentication for user identity.
Because each USB Key has the protection of hardware PIN code.PIN code and hardware have constituted two necessary factors that the user uses USB Key.The user has only and has obtained USB Key and user's PIN code simultaneously, just can login system, even user's USB key loses, the person of picking up is not owing to know user's PIN code, identity that yet can't counterfeit validated user.
Yet along with the upgrading layer by layer of the all-pervasive and hack tool of encoding and decoding technique, fishing technology and trojan horse, the security of adopting USB KEY mode to carry out network ID authentication will face the challenge of a new round.Especially at present the application of maximum-norm: on-line payment function.
The USB Key (being the U shield) that sells with bank gives an example, and has several big security breaches in current widespread use and practical operation:
1. utilize the crime of PIN code and mistiming
The PIN code of the USB Key that present most of banks use is all imported from computer, so the hacker can directly intercept and capture the PIN code of USB Key by trojan horse program, and this also is the leak that present most of USB Key exists.After having known PIN code, if the user forgets USB Key is taken out from computer, the hacker can also further operate USB Key by PIN code so.One very opposite extreme situations be: when personal user's computer by hacker's Long-distance Control, i.e. the operation of keyboard or screen is in hacker's monitoring, guarantee Secure Transaction with present USB Key function? answer is negated! Because this moment, the PIN code of USBKey was in the environment that can be intercepted by the hacker, as long as USB Key is not taken out after having been operated by the user at once, the hacker can forge once transaction by manually-operated or bogusware in this of short duration intermittent phase fully so, and this moment USB Key and PIN code all be in checking and pass through state.In fact, this is not simple what-if, but comes from many real cases.
2. read the key in the Key from the outside
The key of USB Key can't directly read from the outside from " theory ", this " theory " is based upon on the hypothesis that is perfectly safe of design, if design and the people who writes USB Key operating system COS are not intended to or have stayed the back door at COS artificially, deviser and hacker just can easily read the key of Key inside from the outside so.
Take any technology could improve and solve and become the research topic of quite being paid close attention in recent years such as above-mentioned potential safety hazard.Wherein, based on the encryption technology of biological characteristic the most the researchist pay attention to.It combines biometrics identification technology with conventional encryption technique, for encryption system provides a kind of mechanism of utilizing biological information protection key, solved the variety of problems that the current key protection mechanism exists well.When the user must obtain a protected key, as long as provide the biometric sample of oneself to system, if verify sample and enrollment coupling, then key was released immediately, has promptly realized the enciphering/deciphering data.Because key and biological information are not kept in the system memory space after finishing encryption, key and biological information all can't directly get access to from system.When and the characteristic information of just thinking correct living body biological could regenerating key when being submitted to system.Therefore; the biological characteristic encryption technology is as taking user's physical identity to encrypt key protection mechanism with the novelty of managing keys; not only from having solved the deficiency of intercepting and capturing user password (PIN code) by fishing software in essence; because biological characteristic is not easy victim and knows that security is higher.
The most classical practical algorithm in encrypted biometric field is a Fuzzy Vault scheme, and it has solved the contradiction between the accuracy of the ambiguity of biological characteristic and cipher mechanism well.This method is encoded key to be protected with biological template after; the biological template data hidden in a group random disturbance data; constitute Vault data with interfering data, be difficult to isolate True Data from these blended datas, True Data is considered to " locking ".The field samples that real user is shown then is used for " release " True Data.It relatively is suitable for the protection of the biological attribute data of authentication result and unique point sequence independence, even can tolerate the variation of unique point number.But also there are some safety defects in it:
(1) for different application, same user's primeval life template can be used for binding a plurality of keys, generates a plurality of vault.If but the assailant reaches out for two vault of same user, compare the primary template that just can obtain the user by intersecting simply, and then obtain key.Therefore primary template and key all have been subjected to threat.
(2) uniqueness of biometric templates has caused template irrevocable.As everyone knows, password can change at any time, in case running into safety problem, password originally just can solve problem by cancelling the old password enter new password, yet for same fingerprint, characteristic information is fixing unalterable, just can't reuse in case this fingerprint of safety problem occurs.
Summary of the invention
One of purpose of the present invention be to overcome current based on password encryption technology and key protection mechanism in the shortcoming and defect that exists, a kind of identity authorization system based on encrypting fingerprint is provided.The present invention have allow to cancel, can unlimited replacement biological characteristic password, safe and prevent to intersect the advantages such as leak of comparison.
Two of purpose of the present invention is to provide a kind of implementation method of the identity authorization system based on encrypting fingerprint.
One of purpose of the present invention is achieved through the following technical solutions: a kind of identity authorization system based on encrypting fingerprint, comprise user interface, cipher key interface and database, also comprise password processing unit, fingerprint processing unit, conversion processing unit, decryption processing unit and cryptographic processing unit;
Described user interface is connected with password processing unit, fingerprint processing unit respectively, and password processing unit, fingerprint processing unit, decryption processing unit and cryptographic processing unit are connected with conversion processing unit respectively; Described decryption processing unit is connected with database respectively with cryptographic processing unit, and described decryption processing unit links to each other with cipher key interface respectively with cryptographic processing unit.
To better implement the present invention, described password processing unit comprises password read module, password matrix generation module and the matrix deformation module that links to each other successively, described password read module also is connected with user interface, and described matrix deformation module also is connected with conversion processing unit.
Preferably, described fingerprint processing unit comprises the fingerprint read module that links to each other successively, level and smooth filtering module, field of direction evaluation module, active domain detecting module, crestal line detecting module, refinement module and minutiae point locating module, wherein said fingerprint read module also links to each other with user interface, and described minutiae point locating module also is connected with conversion processing unit.
Preferably, described conversion processing unit comprises template extraction module, division module and the template modular converter that links to each other successively, described template extraction module also is connected with the fingerprint processing unit, and described cryptographic processing unit, decryption processing unit and password processing unit are connected with the template modular converter respectively.
Preferably, described decryption processing unit comprises data read module, fractionation module, filtering module, grouping module, reconstructed module and the verification module that links to each other successively, described data read module also is connected with database, described filtering module also is connected with conversion processing unit, and described verification module also is connected with cipher key interface.
Preferably, described cryptographic processing unit comprises the key read module, the polynomial expression composition module, obscure module, pretreatment module, true dot generation module, locking module and data writing module, described key read module, the polynomial expression composition module, obscure module, locking module links to each other successively with the data writing module, described polynomial expression composition module, pretreatment module links to each other with true dot generation module respectively with locking module, described pretreatment module links to each other with conversion processing unit, described key read module links to each other with cipher key interface, and described data writing module links to each other with database.
Two of purpose of the present invention is achieved through the following technical solutions: a kind of implementation method of the identity authorization system based on encrypting fingerprint comprises secret key encryption and secret key decryption;
Wherein secret key encryption specifically may further comprise the steps:
S1, user are by fingerprint image, the password of user interactive module input oneself and the key information that needs encipherment protection;
S2, the user fingerprint image of fingerprint processing unit from user interface read step S1, the fingerprint processing unit is handled fingerprint image, and the fingerprint image after will handling passes to conversion processing unit;
S3, the user password of password processing unit from user interface read step S1 generate the password matrix and carry out conversion process, obtain transformation matrix and send to conversion processing unit;
Fingerprint image among S4, the conversion processing unit receiving step S2 generates primary template and also carries out subregion, carries out irreversible conversion according to the primary template of the transformation matrix among the step S3 after to subregion, obtains conversion module and is sent to cryptographic processing unit;
S5, cryptographic processing unit from cipher key interface read step S1 key information and make up a n rank polynomial expression, the conversion module among the receiving step S4 also carries out pre-service; Carry out calculation process according to pretreated conversion module and n rank polynomial expression, finally generate a new point set V and it is stored into database; Wherein n is a positive integer;
Wherein secret key decryption specifically may further comprise the steps:
G1, user conciliate password by the fingerprint image of user interactive module input deciphering;
G2, the deciphering fingerprint image of fingerprint processing unit from user interface read step G1, the fingerprint processing unit is handled fingerprint image, and the fingerprint image after will handling passes to conversion processing unit;
G3, password processing unit are separated password from user interface read step G1, generate the password matrix and also carry out conversion process, obtain transformation matrix and send to conversion processing unit;
Fingerprint image among G4, the conversion processing unit receiving step G2 generates primary template and also carries out subregion, carries out irreversible conversion according to the primary template of the transformation matrix among the step G3 after to subregion, obtains conversion module and sends to the decryption processing unit;
G5, decryption processing unit read the point set V that is stored in the database, and to its split, filtration, permutation and combination, polynomial expression reconstruct and checking treatment, if by verification, then recover key; If not by verification, step G1 is returned in then deciphering failure.
To better implement the present invention, described step S2 specifically may further comprise the steps:
S2.1 fingerprint processing unit reads user fingerprint image by the fingerprint read module from user interface, and carries out smoothing processing in level and smooth filtering module, allows entire image obtain the chiaroscuro effect of uniformity;
S2.2 field of direction estimation module is calculated it after receiving the fingerprint image that sends from level and smooth filtering module, obtains the field of direction;
S2.3 active domain detecting module carries out the locking of active domain to it after receiving the fingerprint image that transmits from field of direction estimation module, remove useless null field and the image of handling is sent to the crestal line detecting module;
S2.4 crestal line detecting module carries out binary conversion treatment to receiving image, obtains the fingerprint ridge line image;
S2.5 refinement module is behind the fingerprint ridge line image that receives from the crestal line detecting module, the width of crestal line is made as the width of single pixel, obtain the skeleton image of crestal line, thereby sharpening the form of crestal line, and needs carried out the crestal line skeleton image that minutiae point extracts send the minutiae point locating module to;
S2.6 minutiae point locating module carries out the detection and the location of bifurcation and breakpoint to the image that receives, and finally obtains the minutiae point image;
S2.7 minutiae point locating module is given conversion processing unit with the minutiae point image transfer;
Described step S3 specifically may further comprise the steps:
S3.1 password read module reads user password and is sent to password matrix generation module from user interface;
S3.2 password matrix generation module carries out following processing to the user password that step S3.1 passes over:
The user password W of 8bytes is divided into 8 unit, wherein w 1~w 8The ASC sign indicating number of representing each unit successively;
W=w 1|w 2|w 3|w 4|w 5|w 6|w 7|w 8
With w 1~w 8Be converted into binary code, wherein m I1~m I8Expression w iEverybody on binary code, i=1 wherein, 2 ... 8;
w i=m i1|m i2|m i3|m i4|m i5|m i6|m i7|m i8
Generate 8 * 8 password matrix M and send it to matrix deformation module:
M = m 11 m 12 m 13 m 14 m 15 m 16 m 17 m 18 m 21 m 22 m 23 m 24 m 25 m 26 m 27 m 28 m 31 m 32 m 33 m 34 m 35 m 36 m 37 m 38 m 41 m 42 m 43 m 44 m 45 m 46 m 47 m 48 m 51 m 52 m 53 m 54 m 55 m 56 m 57 m 58 m 61 m 62 m 63 m 64 m 65 m 66 m 67 m 68 m 71 m 72 m 73 m 74 m 75 m 76 m 77 m 78 m 81 m 82 m 83 m 84 m 85 m 86 m 87 m 88
S3.3 matrix deformation module is carried out following calculation process to the matrix that receives:
Carry out matrix computations, obtain intermediary matrix C t, wherein
Figure BSA00000324047000062
Expression C tElement; Wherein C represents initial matrix, i.e. [1 234567 8];
C t = CM = c 1 t c 2 t c 3 t c 4 t c 5 t c 6 t c 7 t c 8 t
Carry out modular arithmetic, obtain transformation matrix C ' and send to conversion processing unit; Wherein
Figure BSA00000324047000071
Represent C tI element,
Figure BSA00000324047000072
Represent i the element of C ';
c i ′ = c i t mod 8 + 1 ( i = 1,2 . . . 8 )
C ′ = c 1 ′ c 2 ′ c 3 ′ c 4 ′ c 5 ′ c 6 ′ c 7 ′ c 8 ′
Described step S4 specifically may further comprise the steps:
S4.1 template extraction module receives the minutiae point image from the minutiae point locating module of fingerprint processing unit, extracts the three-dimensional coordinate of minutiae point and generates a unordered point set T, is sent in the division module as primary template with unordered point set T, wherein x iThe horizontal ordinate of expression minutiae point i, y iThe ordinate of expression minutiae point i, θ iThe angle of expression minutiae point i, r represents the number of minutiae point;
T={(x i,y i,θ i)|i=1,2……r}
Minutiae point coordinate information in the read step S4.1 of the S4.2 division module elder generation primary template is divided into them in 8 different zones according to the coordinate in-scope then, and at last that subregion is good primary template is sent to the template modular converter;
After S4.3 template modular converter receives the transformation matrix of step S3, the primary template that comes from division module among the step S4.2 is carried out irreversible conversion, former regional minutiae point i is moved to the zone
Figure BSA00000324047000075
Coordinate is by (x i, y i, θ i) be transformed into
Figure BSA00000324047000076
Finally obtain conversion module T ' and send it to cryptographic processing unit, wherein r represents the number of minutiae point;
T ′ = { ( x i ′ , y i ′ , θ i ′ ) | i = 1,2 . . . . . . r }
Described step S5 specifically comprises:
S5.1 key read module reads from cipher key interface needs protected key information, and key information is sent to the polynomial expression composition module;
The S5.2 pretreatment module is carried out pre-service to the conversion module that comes among the step S4, the horizontal ordinate of template mid point is merged into one, wherein d iCoordinate after expression merges,
Figure BSA00000324047000078
Conversion module after expression merges;
d i = x i ′ | y i ′
T C ′ = { d i | i = 1,2 . . . . . . r }
S5.3 polynomial expression composition module utilizes the key information of step S5.1, makes up a n rank polynomial expression:
With length is the unit that 16n bit key K resolves into n long 16bit; K wherein nRepresent n the subelement of K;
K=k n|k n-1…|k 1
Utilize IBM CRC-16 cyclic redundancy check (CRC) to make up n rank polynomial expression P (x), wherein k 0It is the CRC sign indicating number of key K; k nN the subelement of expression K;
P(x)=k nx n+k n-1x n-1+…+k 0
N rank polynomial expression P (x) that make up are sent to true dot generation module and obscure module;
The polynomial expression P (x) that the true dot generation module of S5.4 utilizes step S5.3 to pass over handles the information that step S5.2 passes over, and generates a new point set, and the point set that this is new is called true some point set R and sends to locking module, wherein
R={(d i,p(d i))|i=1,2…r}
S5.5 obscures the polynomial expression P (x) that module passes over according to step S5.3, generates one and disturbs point set C and be sent to locking module, and wherein N is the number of noise spot, e jAnd f jBe produce at random and the p (e that satisfies condition j) ≠ f j
C={(e j,f j)|j=1,2…N}
The set that S5.6 locking module integration step S5.4 and step S5.5 pass over generates a new point set V and it is stored into database; a iRepresent horizontal ordinate, b iRepresent ordinate, ∪ represents to merge;
V=R∪C
V={(a i,b i)|i=1,2…r+N}
Preferably, described step G2 specifically may further comprise the steps:
G2.1 fingerprint processing unit reads user fingerprint image by the fingerprint read module from user interface, and carries out smoothing processing in level and smooth filtering module, allows entire image obtain the chiaroscuro effect of uniformity;
G2.2 field of direction estimation module is calculated it after receiving the fingerprint image that sends from level and smooth filtering module, obtains the field of direction;
G2.3 active domain detecting module carries out the locking of active domain to it after receiving the fingerprint image that transmits from field of direction estimation module, remove useless null field and the image of handling is sent to the crestal line detecting module;
G2.4 crestal line detecting module carries out binary conversion treatment to receiving image, obtains the fingerprint ridge line image;
G2.5 refinement module is behind the fingerprint ridge line image that receives from the crestal line detecting module, the width of crestal line is made as the width of single pixel, obtain the skeleton image of crestal line, thereby sharpening the form of crestal line, and needs carried out the crestal line skeleton image that minutiae point extracts send the minutiae point locating module to;
G2.6 minutiae point locating module carries out the detection and the location of bifurcation and breakpoint to the image that receives, and finally obtains the minutiae point image;
G2.7 minutiae point locating module is given conversion processing unit with the minutiae point image transfer;
Described step G3 specifically may further comprise the steps:
G3.1 password read module reads the user from user interface and separates password and send to password matrix generation module;
The user that G3.2 password matrix generation module passes over step S3.1 separates password and handles, and obtains one 8 * 8 password matrix and sends it to matrix deformation module;
The user of 8bytes is separated password W qBe divided into 8 unit, wherein
Figure BSA00000324047000091
The ASC sign indicating number of representing each unit successively;
W q = w 1 q | w 2 q | w 3 q | w 4 q w 5 q | w 6 q w 7 q | w 8 q
Will
Figure BSA00000324047000093
Be converted into binary code, wherein
Figure BSA00000324047000094
Expression
Figure BSA00000324047000095
Everybody on binary code, i=1 wherein, 2 ... 8;
w 1 q = m i 1 q | m i 2 q | m i 3 q | m i 4 q | m i 5 q | m i 6 q m i 7 q | m i 8 q
Generate 8 * 8 password matrix M qAnd send it to matrix deformation module:
M q = m 11 q m 12 q m 13 q m 14 q m 15 q m 16 q m 17 q m 18 q m 21 q m 22 q m 23 q m 24 q m 25 q m 26 q m 27 q m 28 q m 31 q m 32 q m 33 q m 34 q m 35 q m 36 q m 37 q m 38 q m 41 q m 42 q m 43 q m 44 q m 45 q m 46 q m 47 q m 48 q m 51 q m 52 q m 53 q m 54 q m 55 q m 56 q m 57 q m 58 q m 61 q m 62 q m 63 q m 64 q m 65 q m 66 q m 67 q m 68 q m 71 q m 72 q m 73 q m 74 q m 75 q m 76 q m 77 q m 78 q m 81 q m 82 q m 83 q m 84 q m 85 q m 86 q m 87 q m 88 q
The matrix M of G3.3 matrix deformation module to receiving qCarry out following computing;
Carry out matrix computations, obtain intermediary matrix C Qt, wherein
Figure BSA00000324047000102
Expression C QtElement; Wherein C represents initial matrix, i.e. [1 234567 8]
C qt = CM q = c 1 qt c 2 qt c 3 qt c 4 qt c 5 qt c 6 qt c 7 qt c 8 qt
Carry out modular arithmetic, obtain transformation matrix C QtAnd send to conversion processing unit; Wherein
Figure BSA00000324047000104
Represent C QtI element,
Figure BSA00000324047000105
Represent C qI element:
c i q = c i qt mod 8 + 1 ( i = 1,2 . . . 8 )
C q = c 1 q c 2 q c 3 q c 4 q c 5 q c 6 q c 7 q c 8 q
Described step G4 specifically may further comprise the steps:
G4.1 template extraction module receives the minutiae point image from the minutiae point locating module of fingerprint processing unit, extracts the three-dimensional coordinate of minutiae point and generates a unordered point set Q, is sent in the division module as primary template with unordered point set Q; X wherein iThe horizontal ordinate of expression minutiae point i, y iThe ordinate of expression minutiae point i, θ iThe angle of expression minutiae point i, r represents the number of minutiae point;
Q={(x i,y i,θ i)|i=1,2……r}
Minutiae point coordinate information in the read step G4.1 of the G4.2 division module elder generation primary template is divided into them in 8 different zones according to the coordinate in-scope, and at last that subregion is good primary template is sent to location conversion module;
After G4.3 template modular converter receives the transformation matrix of step G3, the primary template that comes from division module among the step G4.2 is carried out irreversible conversion, finally obtain conversion module Q ' and it is transmitted the decryption processing unit;
Q ′ = { ( x i ′ , y i ′ ) | i = 1,2 . . . r }
Described step G5 specifically may further comprise the steps:
The G5.1 data read module reads the point set V that is stored in the database, and sends it to the fractionation module;
G5.2 splits the horizontal ordinate a of module with the point in the point set V iBe sent to filtering module after splitting into two parts, suppose a iLength is 16bit, then
Figure BSA00000324047000112
8bit before the representative,
Figure BSA00000324047000113
Represent back 8bit, wherein With
Figure BSA00000324047000115
Part after expression splits, the point set V after the fractionation is expressed as:
a i = x i * | y i *
V = { ( x i * , y i * ) | i = 1,2 . . . r + N }
Wherein N represents the number of noise spot;
The conversion module that the G5.3 filtering module utilizes step G4.3 to pass over filters splitting back point set V, and the point that does not satisfy restrictive condition is disallowable, obtain candidate's point set U and send it to grouping module, wherein E represents the number of candidate point, and restrictive condition is expressed as inequality, wherein
Figure BSA00000324047000118
The expression point
Figure BSA00000324047000119
And the point
Figure BSA000003240470001110
Distance, D is distance threshold, j=1,2 ... r, k=1,2 ... r+N;
dis ( ( x j ′ , y j ′ ) , ( x k * , y k * ) ) ≤ D
U={(a i,b i)|i=1,2……E}
The point that the G5.4 grouping module is concentrated candidate point carries out permutation and combination, obtains all subclass U c, wherein the element number of subclass is n+1, the number of subclass is
Figure BSA000003240470001112
U c = { ( g i , h i ) } i = 1 n + 1
c=1,2…Z
The G5.5 reconstructed module utilizes the Lagrange's interpolation principle that each subclass is carried out polynomial expression reconstruct, if the polynomial expression number that reconstructs is 0, then deciphering failure need be re-entered and be separated password and fingerprint; If the polynomial expression number of reconstruct is not 0, then the polynomial expression that reconstructs is sent to the verification module;
G5.5 verification module is carried out verification to the polynomial expression that each comes from reconstructed module, the polynomial expression correct to verification calculates, recover key and discharge by cipher key interface, if all polynomial expression does not all have verification correct, then deciphering failure, need the user to re-enter and separate password and fingerprint, return step G1.
The present invention has following advantage and effect with respect to prior art:
(1) for different application, the user can select different passwords to come the intrinsic constant fingerprint characteristic information of conversion, and the encryption and decryption process of vault all is the fingerprint characteristic information of utilizing after the conversion, therefore can prevent to intersect the leak of comparison effectively.
(2) transfer algorithm of the present invention is irreversible, even known the fingerprint template information that finger print information after the conversion and transformation equation also can't be derived the user, security is improved.
(3) allow to cancel, can unlimited replacement biological characteristic password.If vault reveals, can regenerate new Vault by revising password, therefore effectively solved the irrevocable problem of template of former fuzzy vault, using value is improved.
(4) Chuan Xin encrypting fingerprint algorithm, user's fingerprint characteristic information has also been protected in protection key the time.
(5) different with simple encipherment protection in the past, substitute and improve the security of current identity authorization system based on the password verification, the present invention combines traditional cryptographic algorithm with biological characteristic validation.
Description of drawings
Fig. 1 is the structural representation of a kind of identity authorization system based on encrypting fingerprint in the present embodiment;
Fig. 2 is the structural representation of password processing unit in the present embodiment;
Fig. 3 is the structural representation of fingerprint processing unit in the present embodiment;
Fig. 4 is the structural representation of conversion processing unit in the present embodiment;
Fig. 5 is the structural representation of decryption processing unit in the present embodiment;
Fig. 6 is the structural representation of cryptographic processing unit in the present embodiment;
Fig. 1 is the structural representation of a kind of identity authorization system based on encrypting fingerprint in the present embodiment;
Specific implementation method
The present invention is described in further detail below in conjunction with embodiment and accompanying drawing, but embodiments of the present invention are not limited thereto.
Embodiment
A kind of identity authorization system based on encrypting fingerprint, it is by user interactive module and user interactions fingerprint image, password and key information;
As shown in Figure 1, native system comprises user interface, cipher key interface and database, also comprises password processing unit, fingerprint processing unit, conversion processing unit, decryption processing unit and cryptographic processing unit;
Described user interface is connected with password processing unit, fingerprint processing unit respectively, and password processing unit, fingerprint processing unit, decryption processing unit and cryptographic processing unit are connected with conversion processing unit respectively; Described decryption processing unit is connected with database respectively with cryptographic processing unit, and described decryption processing unit links to each other with cipher key interface respectively with cryptographic processing unit.
User interface sends user's password to the password processing unit, perhaps sends finger print information to the fingerprint processing unit.
The key that the cipher key interface transmission needs encipherment protection is perhaps accepted the protection key that discharges from the decryption processing unit to cryptographic processing unit.
As shown in Figure 2, described password processing unit comprises password read module, password matrix generation module and the matrix deformation module that links to each other successively, described password read module also is connected with user interface, and described matrix deformation module also is connected with conversion processing unit.Described password processing unit adopts the general-purpose chip STM32f103 by the ARM3 series of STC Corporation to realize.
As shown in Figure 3, described fingerprint processing unit comprises the fingerprint read module that links to each other successively, level and smooth filtering module, field of direction evaluation module, active domain detecting module, crestal line detecting module, refinement module and minutiae point locating module, wherein said fingerprint read module also links to each other with user interface, and described minutiae point locating module also is connected with conversion processing unit.Described fingerprint processing unit adopts the Touch fingerprint recognition chip AES3500 by Authentek company to realize.
As shown in Figure 4, described conversion processing unit comprises template extraction module, division module and the template modular converter that links to each other successively, described template extraction module also is connected with the fingerprint processing unit, and described cryptographic processing unit, decryption processing unit and password processing unit are connected with the template modular converter respectively.Described conversion processing unit adopts the general-purpose chip STM32f103 of the ARM3 series of STC Corporation to realize.
As shown in Figure 5, described decryption processing unit comprises data read module, fractionation module, filtering module, grouping module, reconstructed module and the verification module that links to each other successively, described data read module also is connected with database, described filtering module also is connected with conversion processing unit, and described verification module also is connected with cipher key interface.Described decryption processing unit adopts the general-purpose chip STM32f103 of the ARM3 series of STC Corporation to realize.
As shown in Figure 6, described cryptographic processing unit comprises the key read module, the polynomial expression composition module, obscure module, pretreatment module, true dot generation module, locking module and data writing module, described key read module, the polynomial expression composition module, obscure module, locking module links to each other successively with the data writing module, described polynomial expression composition module, pretreatment module links to each other with true dot generation module respectively with locking module, described pretreatment module links to each other with conversion processing unit, described key read module links to each other with cipher key interface, and described data writing module links to each other with database.Described cryptographic processing unit adopts the general-purpose chip STM32f103 of the ARM3 series of STC Corporation to realize.
The workflow of above-mentioned a kind of identity authorization system based on encrypting fingerprint comprises secret key encryption and secret key decryption;
Wherein secret key encryption specifically may further comprise the steps:
S1, user are by fingerprint image, the password (8byte) of user interactive module input oneself and the key information (16n bit) that needs encipherment protection;
S2, the user fingerprint image of fingerprint processing unit from user interface read step S1, the fingerprint processing unit is handled fingerprint image, and the fingerprint image after will handling passes to conversion processing unit;
S3, the user password of password processing unit from user interface read step S1 generate the password matrix and carry out conversion process, obtain transformation matrix and send to conversion processing unit;
Fingerprint image among S4, the conversion processing unit receiving step S2 generates primary template and also carries out subregion, carries out irreversible conversion according to the primary template of the transformation matrix among the step S3 after to subregion, obtains conversion module and is sent to cryptographic processing unit;
S5, cryptographic processing unit from cipher key interface read step S1 key information and make up a n rank polynomial expression, the conversion module among the receiving step S4 also carries out pre-service; Carry out calculation process according to pretreated conversion module and n rank polynomial expression, finally generate a new point set V and it is stored into database.
Described step S2 specifically may further comprise the steps:
S2.1 fingerprint processing unit reads user fingerprint image by the fingerprint read module from user interface, and carries out smoothing processing in level and smooth filtering module, allows entire image obtain the chiaroscuro effect of uniformity;
S2.2 field of direction estimation module is calculated it after receiving the fingerprint image that sends from level and smooth filtering module, obtains the field of direction;
S2.3 active domain detecting module carries out the locking of active domain to it after receiving the fingerprint image that transmits from field of direction estimation module, remove useless null field and the image of handling is sent to the crestal line detecting module;
S2.4 crestal line detecting module carries out binary conversion treatment to receiving image, obtains the fingerprint ridge line image;
S2.5 refinement module is behind the fingerprint ridge line image that receives from the crestal line detecting module, the width of crestal line is made as the width of single pixel, obtain the skeleton image of crestal line, thereby sharpening the form of crestal line, and needs carried out the crestal line skeleton image that minutiae point extracts send the minutiae point locating module to;
S2.6 minutiae point locating module carries out the detection and the location of bifurcation and breakpoint to the image that receives, and finally obtains the minutiae point image;
S2.7 minutiae point locating module is given conversion processing unit with the minutiae point image transfer;
Described step S3 specifically may further comprise the steps:
S3.1 password read module reads user password and is sent to password matrix generation module from user interface;
S3.2 password matrix generation module carries out following processing to the user password that step S3.1 passes over:
The user password W of 8bytes is divided into 8 unit, wherein w 1~w 8The ASC sign indicating number of representing each unit successively;
W=w 1|w 2|w 3|w 4|w 5|w 6|w 7|w 8
With w 1~w 8Be converted into binary code, wherein m I1~m I8Expression w iEverybody on binary code;
w i=m i1|m i2|m i3|m i4|m i5|m i6|m i7|m i8 (i=1,2……8)
Generate 8 * 8 password matrix M and send it to matrix deformation module:
M = m 11 m 12 m 13 m 14 m 15 m 16 m 17 m 18 m 21 m 22 m 23 m 24 m 25 m 26 m 27 m 28 m 31 m 32 m 33 m 34 m 35 m 36 m 37 m 38 m 41 m 42 m 43 m 44 m 45 m 46 m 47 m 48 m 51 m 52 m 53 m 54 m 55 m 56 m 57 m 58 m 61 m 62 m 63 m 64 m 65 m 66 m 67 m 68 m 71 m 72 m 73 m 74 m 75 m 76 m 77 m 78 m 81 m 82 m 83 m 84 m 85 m 86 m 87 m 88
S3.3 matrix deformation module is carried out following calculation process to the matrix that receives:
Carry out matrix computations, obtain intermediary matrix C t, wherein
Figure BSA00000324047000152
Expression C tElement; Wherein C represents initial matrix, i.e. [1 234567 8];
C t = CM = c 1 t c 2 t c 3 t c 4 t c 5 t c 6 t c 7 t c 8 t
Carry out modular arithmetic, obtain transformation matrix C ' and send to conversion processing unit; Wherein
Figure BSA00000324047000161
Representing matrix C tI element,
Figure BSA00000324047000162
I the element of representing matrix C ';
c i ′ = c i t mod 8 + 1 ( i = 1,2 . . . 8 )
C ′ = c 1 ′ c 2 ′ c 3 ′ c 4 ′ c 5 ′ c 6 ′ c 7 ′ c 8 ′
Described step S4 specifically may further comprise the steps:
S4.1 template extraction module receives the minutiae point image from the minutiae point locating module of fingerprint processing unit, extracts the three-dimensional coordinate of minutiae point and generates a unordered point set T, is sent in the division module as primary template with unordered point set T, wherein x iThe horizontal ordinate of expression minutiae point i, y iThe ordinate of expression minutiae point i, θ iThe angle of expression minutiae point i, r represents the number of minutiae point;
T={(x i,y i,θ i)|i=1,2……r}
Minutiae point coordinate information in the read step S4.1 of the S4.2 division module elder generation primary template is divided into them in 8 different zones according to the coordinate in-scope, and at last that subregion is good primary template is sent to the template modular converter;
After S4.3 template modular converter receives the transformation matrix of step S3, the primary template that comes from division module among the step S4.2 is carried out irreversible conversion, former regional minutiae point i is moved to the zone
Figure BSA00000324047000165
Coordinate is by (x i, y i, θ i) be transformed into
Figure BSA00000324047000166
Finally obtain conversion module T ' and send it to cryptographic processing unit, wherein r represents the number of minutiae point;
T ′ = { ( x i ′ , y i ′ , θ i ′ ) | i = 1,2 . . . . . . r }
Described step S5 specifically comprises:
S5.1 key read module reads from cipher key interface needs protected key information, and key information is sent to the polynomial expression composition module;
Conversion module carries out pre-service to the S5.2 pretreatment module among the step S4 to coming from, and the horizontal ordinate of template mid point is merged into one, wherein d iCoordinate after expression merges,
Figure BSA00000324047000168
Conversion module after expression merges;
d i = x i ′ | y i ′
T C ′ = { d i | i = 1,2 . . . . . . r }
S5.3 polynomial expression composition module utilizes the key information of step S5.1, makes up a n rank polynomial expression:
With length is the unit that 16n bit key K resolves into n long 16bit; K wherein nThe n subelement of expression K;
K=k n|k n-1…|k 1
Utilize IBM CRC-16 (IBM CRC-16 is a kind of method in the cyclic redundancy check (CRC)) cyclic redundancy school verification to make up n rank polynomial expression P (x), wherein k 0It is the CRC sign indicating number of key K; k nN the subelement of expression K;
P(x)=k nx n+k n-1x n-1+…+k 0
N rank polynomial expression P (x) that make up are sent to true dot generation module and obscure module;
The polynomial expression P (x) that the true dot generation module of S5.4 utilizes step S5.3 to pass over handles the information that step S5.2 passes over, and generates a new point set, and the point set that this is new is called true some point set R and sends to locking module, wherein
Figure BSA00000324047000172
R={(d i,p(d i))|i=1,2…r}
S5.5 obscures the polynomial expression P (x) that module passes over according to step S5.3, generates one and disturbs point set C and be sent to locking module, and wherein N is the number of noise spot, e jAnd f jBe produce at random and the p (e that satisfies condition j) ≠ f j
C={(e j,f j)|j=1,2…N}
The set that S5.6 locking module integration step S5.4 and step S5.5 pass over generates a new point set V and it is stored into database; a iRepresent horizontal ordinate, b iRepresent ordinate, ∪ represents to merge;
V=R∪C
V={(a i,b i)|i=1,2…r+N}
Wherein secret key decryption specifically may further comprise the steps:
G1, user conciliate password by the fingerprint image of user interactive module input deciphering;
G2, the deciphering fingerprint image of fingerprint processing unit from user interface read step G1, the fingerprint processing unit is handled fingerprint image, and the fingerprint image after will handling passes to conversion processing unit;
G3, password processing unit are separated password from user interface read step G1, generate the password matrix and also carry out conversion process, obtain transformation matrix and send to conversion processing unit;
Fingerprint image among G4, the conversion processing unit receiving step G2 generates primary template and also carries out subregion, carries out irreversible conversion according to the primary template of the transformation matrix among the step G3 after to subregion, obtains conversion module and sends to the decryption processing unit;
G5, decryption processing unit read the point set V that is stored in the database, and it is split, after filtration, permutation and combination, polynomial expression reconstruct and the checking treatment, if by verification, then recovers key; If not by verification, step G1 is returned in then deciphering failure.
Described step G2 specifically may further comprise the steps:
G2.1 fingerprint processing unit reads user fingerprint image by the fingerprint read module from user interface, and carries out smoothing processing in level and smooth filtering module, allows entire image obtain the chiaroscuro effect of uniformity;
G2.2 field of direction estimation module is calculated it after receiving the fingerprint image that sends from level and smooth filtering module, obtains the field of direction;
G2.3 active domain detecting module carries out the locking of active domain to it after receiving the fingerprint image that transmits from field of direction estimation module, remove useless null field and the image of handling is sent to the crestal line detecting module;
G2.4 crestal line detecting module carries out binary conversion treatment to receiving image, obtains the fingerprint ridge line image;
G2.5 refinement module is behind the fingerprint ridge line image that receives from the crestal line detecting module, the width of crestal line is made as the width of single pixel, obtain the skeleton image of crestal line, thereby sharpening the form of crestal line, and needs carried out the crestal line skeleton image that minutiae point extracts send the minutiae point locating module to;
G2.6 minutiae point locating module carries out the detection and the location of bifurcation and breakpoint to the image that receives, and finally obtains the minutiae point image;
G2.7 minutiae point locating module is given conversion processing unit with the minutiae point image transfer;
Described step G3 specifically may further comprise the steps:
G3.1 password read module reads the user from user interface and separates password and send to password matrix generation module;
The user that G3.2 password matrix generation module passes over step S3.1 separates password and handles, and obtains one 8 * 8 password matrix and sends it to matrix deformation module;
The user of 8bytes is separated password W qBe divided into 8 unit, wherein
Figure BSA00000324047000191
The ASC sign indicating number of representing each unit successively;
W q = w 1 q | w 2 q | w 3 q | w 4 q w 5 q | w 6 q w 7 q | w 8 q
Will
Figure BSA00000324047000193
Be converted into binary code, wherein
Figure BSA00000324047000194
Expression
Figure BSA00000324047000195
Everybody on binary code;
w 1 q = m i 1 q | m i 2 q | m i 3 q | m i 4 q | m i 5 q | m i 6 q m i 7 q | m i 8 q ( i = 1,2 . . . . . . 8 )
Generate 8 * 8 password matrix M qAnd send it to matrix deformation module:
M q = m 11 q m 12 q m 13 q m 14 q m 15 q m 16 q m 17 q m 18 q m 21 q m 22 q m 23 q m 24 q m 25 q m 26 q m 27 q m 28 q m 31 q m 32 q m 33 q m 34 q m 35 q m 36 q m 37 q m 38 q m 41 q m 42 q m 43 q m 44 q m 45 q m 46 q m 47 q m 48 q m 51 q m 52 q m 53 q m 54 q m 55 q m 56 q m 57 q m 58 q m 61 q m 62 q m 63 q m 64 q m 65 q m 66 q m 67 q m 68 q m 71 q m 72 q m 73 q m 74 q m 75 q m 76 q m 77 q m 78 q m 81 q m 82 q m 83 q m 84 q m 85 q m 86 q m 87 q m 88 q
The matrix M of G3.3 matrix deformation module to receiving qCarry out following calculation process;
Carry out matrix computations, obtain intermediary matrix C Qt, wherein
Figure BSA00000324047000198
Expression C QtElement; Wherein C represents initial matrix, i.e. [1 234567 8]
C qt = CM q = c 1 qt c 2 qt c 3 qt c 4 qt c 5 qt c 6 qt c 7 qt c 8 qt
Carry out modular arithmetic, obtain transformation matrix C QtAnd send to conversion processing unit; Wherein Represent C QtI element,
Figure BSA000003240470001911
Represent C qI element:
c i q = c i qt mod 8 + 1 ( i = 1,2 . . . 8 )
C q = c 1 q c 2 q c 3 q c 4 q c 5 q c 6 q c 7 q c 8 q
Described step G4 specifically may further comprise the steps:
G4.1 template extraction module receives the minutiae point image from the minutiae point locating module of fingerprint processing unit, extracts the three-dimensional coordinate of minutiae point and generates a unordered point set Q, is sent in the division module as primary template with unordered point set Q; X wherein iThe horizontal ordinate of expression minutiae point i, y iThe ordinate of expression minutiae point i, θ iThe angle of expression minutiae point i, r represents the number of minutiae point;
Q={(x i,y i,θ i)|i=1,2……r}
Minutiae point coordinate information in the read step G4.1 of the G4.2 division module elder generation primary template is divided into them in 8 different zones according to the coordinate in-scope, and at last that subregion is good primary template is sent to location conversion module;
After G4.3 template modular converter receives the transformation matrix of step G3, the primary template that comes from division module among the step G4.2 is carried out irreversible conversion, finally obtain conversion module Q ' and it is transmitted the decryption processing unit;
Q ′ = { ( x i ′ , y i ′ ) | i = 1,2 . . . r }
Described step G5 specifically may further comprise the steps:
The G5.1 data read module reads the point set V that is stored in the database, and sends it to the fractionation module;
G5.2 splits the horizontal ordinate a of module with the point in the point set V iBe sent to filtering module after splitting into two parts, suppose a iLength is 16bit, then
Figure BSA00000324047000202
8bit before the representative,
Figure BSA00000324047000203
Represent back 8bit, wherein
Figure BSA00000324047000204
With
Figure BSA00000324047000205
Part after expression splits, the point set V after the fractionation is expressed as:
V = { ( x i * , y i * ) | i = 1,2 . . . r + N }
a i = x i * | y i *
Wherein N represents the number of noise spot;
The conversion module that the G5.3 filtering module utilizes step G4.3 to pass over filters splitting back point set V, and the point that does not satisfy restrictive condition is disallowable, obtain candidate's point set U and send it to grouping module, wherein E represents the number of candidate point, and restrictive condition is expressed as inequality, wherein
Figure BSA00000324047000208
The expression point
Figure BSA00000324047000209
And the point
Figure BSA000003240470002010
Distance, D is distance threshold;
dis ( ( x j ′ , y j ′ ) , ( x k * , y k * ) ) ≤ D ( j = 1,2 . . . r , k = 1,2 . . r + N )
U={(a i,b i)|i=1,2……E}
The point that the G5.4 grouping module is concentrated candidate point carries out permutation and combination, obtains all subclass U c, wherein the element number of subclass is n+1, the number of subclass is Z, wherein
Figure BSA00000324047000211
U c = { ( g i , h i ) } i = 1 n + 1
c=1,2…Z
The G5.5 reconstructed module utilizes the Lagrange's interpolation principle that each subclass is carried out polynomial expression reconstruct, if the polynomial expression number that reconstructs is 0, then deciphering failure need be re-entered and be separated password and fingerprint; If the polynomial expression number of reconstruct is not 0, then the polynomial expression that reconstructs is sent to the verification module;
G5.5 verification module is carried out verification to the polynomial expression that each comes from reconstructed module, and the polynomial expression correct to verification calculates, and supposes that the correct polynomial expression of verification is
Figure BSA00000324047000213
The key that then recovers is K c=k c n| k c N-1| k 1 c, key K cDischarge by cipher key interface, if all polynomial expression does not all have verification correct, then deciphering failure needs the user to re-enter and separates password and fingerprint, returns step G1.
The foregoing description is a preferred implementation of the present invention; but embodiments of the present invention are not limited by the examples; other any do not deviate from change, the modification done under spirit of the present invention and the principle, substitutes, combination, simplify; all should be the substitute mode of equivalence, be included within protection scope of the present invention.

Claims (9)

1. the identity authorization system based on encrypting fingerprint comprises user interface, cipher key interface and database, it is characterized in that, also comprises password processing unit, fingerprint processing unit, conversion processing unit, decryption processing unit and cryptographic processing unit;
Described user interface is connected with password processing unit, fingerprint processing unit respectively, and password processing unit, fingerprint processing unit, decryption processing unit and cryptographic processing unit are connected with conversion processing unit respectively; Described decryption processing unit is connected with database respectively with cryptographic processing unit, and described decryption processing unit links to each other with cipher key interface respectively with cryptographic processing unit.
2. according to the described a kind of identity authorization system of claim 1 based on encrypting fingerprint, it is characterized in that, described password processing unit comprises password read module, password matrix generation module and the matrix deformation module that links to each other successively, described password read module also is connected with user interface, and described matrix deformation module also is connected with conversion processing unit.
3. according to the described a kind of identity authorization system of claim 1 based on encrypting fingerprint, it is characterized in that, described fingerprint processing unit comprises the fingerprint read module that links to each other successively, level and smooth filtering module, field of direction evaluation module, active domain detecting module, crestal line detecting module, refinement module and minutiae point locating module, wherein said fingerprint read module also links to each other with user interface, and described minutiae point locating module also is connected with conversion processing unit.
4. according to the described a kind of identity authorization system of claim 1 based on encrypting fingerprint, it is characterized in that, described conversion processing unit comprises template extraction module, division module and the template modular converter that links to each other successively, described template extraction module also is connected with the fingerprint processing unit, and described cryptographic processing unit, decryption processing unit and password processing unit are connected with the template modular converter respectively.
5. according to the described a kind of identity authorization system of claim 1 based on encrypting fingerprint, it is characterized in that, described decryption processing unit comprises data read module, fractionation module, filtering module, grouping module, reconstructed module and the verification module that links to each other successively, described data read module also is connected with database, described filtering module also is connected with conversion processing unit, and described verification module also is connected with cipher key interface.
6. according to the described a kind of identity authorization system of claim 1 based on encrypting fingerprint, it is characterized in that, described cryptographic processing unit comprises the key read module, the polynomial expression composition module, obscure module, pretreatment module, true dot generation module, locking module and data writing module, described key read module, the polynomial expression composition module, obscure module, locking module links to each other successively with the data writing module, described polynomial expression composition module, pretreatment module links to each other with true dot generation module respectively with locking module, described pretreatment module links to each other with conversion processing unit, described key read module links to each other with cipher key interface, and described data writing module links to each other with database.
7. the implementation method based on the identity authorization system of encrypting fingerprint is characterized in that, comprises secret key encryption and secret key decryption;
Wherein secret key encryption specifically may further comprise the steps:
S1, user are by fingerprint image, the password of user interactive module input oneself and the key information that needs encipherment protection;
S2, the user fingerprint image of fingerprint processing unit from user interface read step S1, the fingerprint processing unit is handled fingerprint image, and the fingerprint image after will handling passes to conversion processing unit;
S3, the user password of password processing unit from user interface read step S1 generate the password matrix and carry out conversion process, obtain transformation matrix and send to conversion processing unit;
Fingerprint image among S4, the conversion processing unit receiving step S2 generates primary template and also carries out subregion, carries out irreversible conversion according to the primary template of the transformation matrix among the step S3 after to subregion, obtains conversion module and is sent to cryptographic processing unit;
S5, cryptographic processing unit from cipher key interface read step S1 key information and make up a n rank polynomial expression, the conversion module among the receiving step S4 also carries out pre-service; Carry out calculation process according to pretreated conversion module and n rank polynomial expression, finally generate a new point set V and it is stored into database; Wherein n is a positive integer;
Wherein secret key decryption specifically may further comprise the steps:
G1, user conciliate password by the fingerprint image of user interactive module input deciphering;
G2, the deciphering fingerprint image of fingerprint processing unit from user interface read step G1, the fingerprint processing unit is handled fingerprint image, and the fingerprint image after will handling passes to conversion processing unit;
G3, password processing unit are separated password from user interface read step G1, generate the password matrix and also carry out conversion process, obtain transformation matrix and send to conversion processing unit;
Fingerprint image among G4, the conversion processing unit receiving step G2 generates primary template and also carries out subregion, carries out irreversible conversion according to the primary template of the transformation matrix among the step G3 after to subregion, obtains conversion module and sends to the decryption processing unit;
G5, decryption processing unit read the point set V that is stored in the database, and to its split, filtration, permutation and combination, polynomial expression reconstruct and checking treatment, if by verification, then recover key; If not by verification, step G1 is returned in then deciphering failure.
8. according to the implementation method of the described a kind of identity authorization system based on encrypting fingerprint of claim 7, it is characterized in that,
Described step S2 specifically may further comprise the steps:
S2.1 fingerprint processing unit reads user fingerprint image by the fingerprint read module from user interface, and carries out smoothing processing in level and smooth filtering module, allows entire image obtain the chiaroscuro effect of uniformity;
S2.2 field of direction estimation module is calculated it after receiving the fingerprint image that sends from level and smooth filtering module, obtains the field of direction;
S2.3 active domain detecting module carries out the locking of active domain to it after receiving the fingerprint image that transmits from field of direction estimation module, remove useless null field and the image of handling is sent to the crestal line detecting module;
S2.4 crestal line detecting module carries out binary conversion treatment to receiving image, obtains the fingerprint ridge line image;
S2.5 refinement module is behind the fingerprint ridge line image that receives from the crestal line detecting module, the width of crestal line is made as the width of single pixel, obtain the skeleton image of crestal line, thereby sharpening the form of crestal line, and needs carried out the crestal line skeleton image that minutiae point extracts send the minutiae point locating module to;
S2.6 minutiae point locating module carries out the detection and the location of bifurcation and breakpoint to the image that receives, and finally obtains the minutiae point image;
S2.7 minutiae point locating module is given conversion processing unit with the minutiae point image transfer;
Described step S3 specifically may further comprise the steps:
S3.1 password read module reads user password and is sent to password matrix generation module from user interface;
S3.2 password matrix generation module carries out following processing to the user password that step S3.1 passes over:
The user password W of 8bytes is divided into 8 unit, wherein w 1~w 8The ASC sign indicating number of representing each unit successively;
W=w 1|w 2|w 3|w 4|w 5|w 6|w 7|w 8
With w 1~w 8Be converted into binary code, wherein m I1~m I8Expression w iEverybody on binary code, i=1 wherein, 2 ... 8;
w i=m i1|m i2|m i3|m i4|m i5|m i6|m i7|m i8
Generate 8 * 8 password matrix M and send it to matrix deformation module:
M = m 11 m 12 m 13 m 14 m 15 m 16 m 17 m 18 m 21 m 22 m 23 m 24 m 25 m 26 m 27 m 28 m 31 m 32 m 33 m 34 m 35 m 36 m 37 m 38 m 41 m 42 m 43 m 44 m 45 m 46 m 47 m 48 m 51 m 52 m 53 m 54 m 55 m 56 m 57 m 58 m 61 m 62 m 63 m 64 m 65 m 66 m 67 m 68 m 71 m 72 m 73 m 74 m 75 m 76 m 77 m 78 m 81 m 82 m 83 m 84 m 85 m 86 m 87 m 88
S3.3 matrix deformation module is carried out following calculation process to the matrix that receives:
Carry out matrix computations, obtain intermediary matrix C t, wherein
Figure FSA00000324046900042
Expression C tElement; Wherein C represents initial matrix, i.e. [1 234567 8];
C t = CM = c 1 t c 2 t c 3 t c 4 t c 5 t c 6 t c 7 t c 8 t
Carry out modular arithmetic, obtain transformation matrix C ' and send to conversion processing unit; Wherein
Figure FSA00000324046900044
Represent C tI element,
Figure FSA00000324046900045
Represent i the element of C ', i=1 wherein, 2 ... 8;
c i ′ = c i t mod 8 + 1
C ′ = c 1 ′ c 2 ′ c 3 ′ c 4 ′ c 5 ′ c 6 ′ c 7 ′ c 8 ′
Described step S4 specifically may further comprise the steps:
S4.1 template extraction module receives the minutiae point image from the minutiae point locating module of fingerprint processing unit, extracts the three-dimensional coordinate of minutiae point and generates a unordered point set T, is sent in the division module as primary template with unordered point set T, wherein x iThe horizontal ordinate of expression minutiae point i, y iThe ordinate of expression minutiae point i, θ iThe angle of expression minutiae point i, r represents the number of minutiae point;
T={(x i,y i,θ i)|i=1,2……r}
Minutiae point coordinate information in the read step S4.1 of the S4.2 division module elder generation primary template is divided into them in 8 different zones according to the coordinate in-scope then, and at last that subregion is good primary template is sent to the template modular converter;
After S4.3 template modular converter receives the transformation matrix of step S3, the primary template that comes from division module among the step S4.2 is carried out irreversible conversion, former regional minutiae point i is moved to the zone
Figure FSA00000324046900051
Coordinate is by (x i, y i, θ i) be transformed into Finally obtain conversion module T ' and send it to cryptographic processing unit, wherein r represents the number of minutiae point;
T ′ = { ( x i ′ , y i ′ , θ i ′ ) | i = 1,2 . . . . . . r }
Described step S5 specifically comprises:
S5.1 key read module reads from cipher key interface needs protected key information, and key information is sent to the polynomial expression composition module;
The S5.2 pretreatment module is carried out pre-service to the conversion module that comes among the step S4, the horizontal ordinate of template mid point is merged into one, wherein d iCoordinate after expression merges,
Figure FSA00000324046900054
Conversion module after expression merges;
d i = x i ′ | y i ′
T C ′ = { d i | i = 1,2 . . . . . . r }
S5.3 polynomial expression composition module utilizes the key information of step S5.1, makes up a n rank polynomial expression:
With length is the unit that 16n bit key K resolves into n long 16bit; K wherein nRepresent n the subelement of K;
K=k n|k n-1…|k 1
Utilize IBM CRC-16 cyclic redundancy check (CRC) to make up n rank polynomial expression P (x), wherein k 0It is the CRC sign indicating number of key K; k nN the subelement of expression K;
P(x)=k nx n+k n-1x n-1+…+k 0
N rank polynomial expression P (x) that make up are sent to true dot generation module and obscure module;
The polynomial expression P (x) that the true dot generation module of S5.4 utilizes step S5.3 to pass over handles the information that step S5.2 passes over, and generates a new point set, and the point set that this is new is called true some point set R and sends to locking module, wherein
Figure FSA00000324046900057
R={(d i,p(d i))|i=1,2…r}
S5.5 obscures the polynomial expression P (x) that module passes over according to step S5.3, generates one and disturbs point set C and be sent to locking module, and wherein N is the number of noise spot, e jAnd f jBe produce at random and the p (e that satisfies condition j) ≠ f j
C={(e j,f j)|j=1,2…N}
The set that S5.6 locking module integration step S5.4 and step S5.5 pass over generates a new point set V and it is stored into database; a iRepresent horizontal ordinate, b iRepresent ordinate, ∪ represents to merge;
V=R∪C
V={(a i,b i)|i=1,2…r+N}。
9. the implementation method of described according to Claim 8 a kind of identity authorization system based on encrypting fingerprint is characterized in that,
Described step G2 specifically may further comprise the steps:
G2.1 fingerprint processing unit reads user fingerprint image by the fingerprint read module from user interface, and carries out smoothing processing in level and smooth filtering module, allows entire image obtain the chiaroscuro effect of uniformity;
G2.2 field of direction estimation module is calculated it after receiving the fingerprint image that sends from level and smooth filtering module, obtains the field of direction;
G2.3 active domain detecting module carries out the locking of active domain to it after receiving the fingerprint image that transmits from field of direction estimation module, remove useless null field and the image of handling is sent to the crestal line detecting module;
G2.4 crestal line detecting module carries out binary conversion treatment to receiving image, obtains the fingerprint ridge line image;
G2.5 refinement module is behind the fingerprint ridge line image that receives from the crestal line detecting module, the width of crestal line is made as the width of single pixel, obtain the skeleton image of crestal line, thereby sharpening the form of crestal line, and needs carried out the crestal line skeleton image that minutiae point extracts send the minutiae point locating module to;
G2.6 minutiae point locating module carries out the detection and the location of bifurcation and breakpoint to the image that receives, and finally obtains the minutiae point image;
G2.7 minutiae point locating module is given conversion processing unit with the minutiae point image transfer;
Described step G3 specifically may further comprise the steps:
G3.1 password read module reads the user from user interface and separates password and send to password matrix generation module;
The user that G3.2 password matrix generation module passes over step S3.1 separates password and handles, and obtains one 8 * 8 password matrix and sends it to matrix deformation module;
The user of 8bytes is separated password W qBe divided into 8 unit, wherein The ASC sign indicating number of representing each unit successively;
W q = w 1 q | w 2 q | w 3 q | w 4 q w 5 q | w 6 q w 7 q | w 8 q
Will
Figure FSA00000324046900073
Be converted into binary code, wherein Expression
Figure FSA00000324046900075
Everybody on binary code, i=1 wherein, 2 ... 8;
w 1 q = m i 1 q | m i 2 q | m i 3 q | m i 4 q | m i 5 q | m i 6 q m i 7 q | m i 8 q
Generate 8 * 8 password matrix M qAnd send it to matrix deformation module:
M q = m 11 q m 12 q m 13 q m 14 q m 15 q m 16 q m 17 q m 18 q m 21 q m 22 q m 23 q m 24 q m 25 q m 26 q m 27 q m 28 q m 31 q m 32 q m 33 q m 34 q m 35 q m 36 q m 37 q m 38 q m 41 q m 42 q m 43 q m 44 q m 45 q m 46 q m 47 q m 48 q m 51 q m 52 q m 53 q m 54 q m 55 q m 56 q m 57 q m 58 q m 61 q m 62 q m 63 q m 64 q m 65 q m 66 q m 67 q m 68 q m 71 q m 72 q m 73 q m 74 q m 75 q m 76 q m 77 q m 78 q m 81 q m 82 q m 83 q m 84 q m 85 q m 86 q m 87 q m 88 q
The matrix M of G3.3 matrix deformation module to receiving qCarry out following computing; Carry out matrix computations, obtain intermediary matrix C Qt, wherein
Figure FSA00000324046900078
Expression C QtElement; Wherein C represents initial matrix, i.e. [1 234567 8]
C qt = CM q = c 1 qt c 2 qt c 3 qt c 4 qt c 5 qt c 6 qt c 7 qt c 8 qt
Carry out modular arithmetic, obtain transformation matrix C QtAnd send to conversion processing unit; Wherein
Figure FSA000003240469000710
Represent C QtI element,
Figure FSA000003240469000711
Represent C qI element, i=1 wherein, 2 ... 8:
c i q = c i qt mod 8 + 1
C q = c 1 q c 2 q c 3 q c 4 q c 5 q c 6 q c 7 q c 8 q
Described step G4 specifically may further comprise the steps:
G4.1 template extraction module receives the minutiae point image from the minutiae point locating module of fingerprint processing unit, extracts the three-dimensional coordinate of minutiae point and generates a unordered point set Q, is sent in the division module as primary template with unordered point set Q; X wherein iThe horizontal ordinate of expression minutiae point i, y iThe ordinate of expression minutiae point i, θ iThe angle of expression minutiae point i, r represents the number of minutiae point;
Q={(x i,y i,θ i)|i=1,2……r}
Minutiae point coordinate information in the read step G4.1 of the G4.2 division module elder generation primary template is divided into them in 8 different zones according to the coordinate in-scope, and at last that subregion is good primary template is sent to location conversion module;
After G4.3 template modular converter receives the transformation matrix of step G3, the primary template that comes from division module among the step G4.2 is carried out irreversible conversion, finally obtain conversion module Q ' and it is transmitted the decryption processing unit;
Q ′ = { ( x i ′ , y i ′ ) | i = 1,2 . . . r }
Described step G5 specifically may further comprise the steps:
The G5.1 data read module reads the point set V that is stored in the database, and sends it to the fractionation module;
G5.2 splits the horizontal ordinate a of module with the point in the point set V iBe sent to filtering module after splitting into two parts, wherein
Figure FSA00000324046900084
With
Figure FSA00000324046900085
Part after expression splits, the point set V after the fractionation is expressed as:
V = { ( x i * , y i * ) | i = 1,2 . . . r + N }
a i = x i * | y i *
Wherein N represents the number of noise spot;
The conversion module that the G5.3 filtering module utilizes step G4.3 to pass over filters splitting back point set V, and the point that does not satisfy restrictive condition is disallowable, obtain candidate's point set U and send it to grouping module, wherein E represents the number of candidate point, and restrictive condition is expressed as inequality, wherein The expression point
Figure FSA00000324046900089
And the point
Figure FSA000003240469000810
Distance, D is distance threshold, j=1,2 ... r, k=1,2 ... r+N;
dis ( ( x j ′ , y j ′ ) , ( x k * , y k * ) ) ≤ D
U={(a i,b i)|i=1,2……E}
The point that the G5.4 grouping module is concentrated candidate point carries out permutation and combination, obtains all subclass U c, wherein the element number of subclass is n+1, the number of subclass is Z, wherein
Figure FSA00000324046900092
U c = { ( g i , h i ) } i = 1 n + 1
c=1,2…Z
The G5.5 reconstructed module utilizes the Lagrange's interpolation principle that each subclass is carried out polynomial expression reconstruct, if the polynomial expression number that reconstructs is 0, then deciphering failure need be re-entered and be separated password and fingerprint; If the polynomial expression number of reconstruct is not 0, then the polynomial expression that reconstructs is sent to the verification module;
G5.5 verification module is carried out verification to the polynomial expression that each comes from reconstructed module, the polynomial expression correct to verification calculates, recover key and discharge by cipher key interface, if all polynomial expression does not all have verification correct, then deciphering failure, need the user to re-enter and separate password and fingerprint, return step G1.
CN2010105244911A 2010-10-27 2010-10-27 Fingerprint encryption-based identity authentication system and implementation method thereof Expired - Fee Related CN102004872B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2010105244911A CN102004872B (en) 2010-10-27 2010-10-27 Fingerprint encryption-based identity authentication system and implementation method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2010105244911A CN102004872B (en) 2010-10-27 2010-10-27 Fingerprint encryption-based identity authentication system and implementation method thereof

Publications (2)

Publication Number Publication Date
CN102004872A true CN102004872A (en) 2011-04-06
CN102004872B CN102004872B (en) 2013-04-24

Family

ID=43812227

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2010105244911A Expired - Fee Related CN102004872B (en) 2010-10-27 2010-10-27 Fingerprint encryption-based identity authentication system and implementation method thereof

Country Status (1)

Country Link
CN (1) CN102004872B (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103152157A (en) * 2013-02-04 2013-06-12 快车科技有限公司 Secure encrypted method and relevant device
CN103186761A (en) * 2011-12-28 2013-07-03 宇龙计算机通信科技(深圳)有限公司 Fingerprint encryption method of private file and communication terminal
CN103297238A (en) * 2013-05-14 2013-09-11 成都天钥科技有限公司 Identity authentication system
CN103368744A (en) * 2013-07-16 2013-10-23 北京旋极信息技术股份有限公司 Method and system for outputting password in dynamic token
CN104200363A (en) * 2014-08-11 2014-12-10 济南曼维信息科技有限公司 Fingerprint-encryption-based electronic purse system payment method
CN106341227A (en) * 2016-10-27 2017-01-18 北京瑞卓喜投科技发展有限公司 Protective password resetting method, device and system based on decryption cryptograph of server
CN107133603A (en) * 2017-05-24 2017-09-05 努比亚技术有限公司 Method, mobile terminal and the computer-readable recording medium for preventing fingerprint from leaking
CN107305624A (en) * 2016-04-20 2017-10-31 厦门中控智慧信息技术有限公司 A kind of person recognition method and device based on multi-mode biometric information
CN110175444A (en) * 2019-05-28 2019-08-27 吉林无罔生物识别科技有限公司 Iris-encoding and verification method, system and computer readable storage medium
CN112464261A (en) * 2020-11-26 2021-03-09 深圳市迪安杰智能识别科技有限公司 Fingerprint data encryption method, fingerprint chip and intelligent terminal
CN114731280A (en) * 2022-02-25 2022-07-08 百果园技术(新加坡)有限公司 Identity authentication method, device, terminal, storage medium and program product
CN114827671A (en) * 2022-03-21 2022-07-29 慧之安信息技术股份有限公司 Stream media encryption transmission method based on hardware fingerprint

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101227269A (en) * 2007-01-18 2008-07-23 中国科学院自动化研究所 Method for binding and publishing digital information or cryptographic key based on fingerprint frequency domain
CN101753304A (en) * 2008-12-17 2010-06-23 中国科学院自动化研究所 Method for binding biological specificity and key
CN101751576A (en) * 2009-09-02 2010-06-23 中国科学院自动化研究所 Protection method of fingerprint minutiae feature templates
CN101777115A (en) * 2009-11-25 2010-07-14 中国科学院自动化研究所 Safe fingerprint verification method and system
CN101814131A (en) * 2009-02-25 2010-08-25 中国科学院自动化研究所 Method for improving security of fuzzy fingerprint safe

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101227269A (en) * 2007-01-18 2008-07-23 中国科学院自动化研究所 Method for binding and publishing digital information or cryptographic key based on fingerprint frequency domain
CN101753304A (en) * 2008-12-17 2010-06-23 中国科学院自动化研究所 Method for binding biological specificity and key
CN101814131A (en) * 2009-02-25 2010-08-25 中国科学院自动化研究所 Method for improving security of fuzzy fingerprint safe
CN101751576A (en) * 2009-09-02 2010-06-23 中国科学院自动化研究所 Protection method of fingerprint minutiae feature templates
CN101777115A (en) * 2009-11-25 2010-07-14 中国科学院自动化研究所 Safe fingerprint verification method and system

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103186761B (en) * 2011-12-28 2017-06-20 宇龙计算机通信科技(深圳)有限公司 The fingerprint encryption method and its communication terminal of secret file
CN103186761A (en) * 2011-12-28 2013-07-03 宇龙计算机通信科技(深圳)有限公司 Fingerprint encryption method of private file and communication terminal
CN103152157A (en) * 2013-02-04 2013-06-12 快车科技有限公司 Secure encrypted method and relevant device
CN103297238A (en) * 2013-05-14 2013-09-11 成都天钥科技有限公司 Identity authentication system
CN103297238B (en) * 2013-05-14 2015-10-28 成都天钥科技有限公司 Identity authorization system
CN103368744A (en) * 2013-07-16 2013-10-23 北京旋极信息技术股份有限公司 Method and system for outputting password in dynamic token
CN104200363B (en) * 2014-08-11 2017-07-04 济南曼维信息科技有限公司 A kind of method of payment of the electronic purse system based on encrypting fingerprint
CN104200363A (en) * 2014-08-11 2014-12-10 济南曼维信息科技有限公司 Fingerprint-encryption-based electronic purse system payment method
CN107305624A (en) * 2016-04-20 2017-10-31 厦门中控智慧信息技术有限公司 A kind of person recognition method and device based on multi-mode biometric information
CN106341227A (en) * 2016-10-27 2017-01-18 北京瑞卓喜投科技发展有限公司 Protective password resetting method, device and system based on decryption cryptograph of server
CN107133603A (en) * 2017-05-24 2017-09-05 努比亚技术有限公司 Method, mobile terminal and the computer-readable recording medium for preventing fingerprint from leaking
CN110175444A (en) * 2019-05-28 2019-08-27 吉林无罔生物识别科技有限公司 Iris-encoding and verification method, system and computer readable storage medium
CN112464261A (en) * 2020-11-26 2021-03-09 深圳市迪安杰智能识别科技有限公司 Fingerprint data encryption method, fingerprint chip and intelligent terminal
CN114731280A (en) * 2022-02-25 2022-07-08 百果园技术(新加坡)有限公司 Identity authentication method, device, terminal, storage medium and program product
CN114731280B (en) * 2022-02-25 2024-02-09 百果园技术(新加坡)有限公司 Identity authentication method, device, terminal and storage medium
CN114827671A (en) * 2022-03-21 2022-07-29 慧之安信息技术股份有限公司 Stream media encryption transmission method based on hardware fingerprint
CN114827671B (en) * 2022-03-21 2023-04-25 慧之安信息技术股份有限公司 Streaming media encryption transmission method based on hardware fingerprint

Also Published As

Publication number Publication date
CN102004872B (en) 2013-04-24

Similar Documents

Publication Publication Date Title
CN102004872B (en) Fingerprint encryption-based identity authentication system and implementation method thereof
US11803633B1 (en) Method and system for securing user access, data at rest and sensitive transactions using biometrics for mobile devices with protected, local templates
US11824991B2 (en) Securing transactions with a blockchain network
RU2747947C2 (en) Systems and methods of personal identification and verification
US20180144114A1 (en) Securing Blockchain Transactions Against Cyberattacks
Aydar et al. Private key encryption and recovery in blockchain
CN101013943B (en) Method for binding/recovering key using fingerprint details
US9648015B1 (en) Systems and methods for facilitating secure authentication using a biometric-enabled transitory password authentication device
CN111915306B (en) Service data verification method and verification platform
US9906525B1 (en) Systems and methods for facilitating secure authentication of third-party applications and/or websites using a biometric-enabled transitory password authentication device
CN101369892A (en) Method for reinforcing fingerprint Fuzzy Vault system security
WO2013044192A2 (en) Securing transactions against cyberattacks
JP2010165323A (en) Biometric authentication method and system
Nandakumar et al. Secure one-time biometrie tokens for non-repudiable multi-party transactions
CN107257283B (en) Fingerprint verification method based on quantum figure state
CN103297237A (en) Identity registration method, identity authentication method, identity registration system, identity authentication system, personal authentication equipment and authentication server
Cavoukian et al. Keynote paper: Biometric encryption: Technology for strong authentication, security and privacy
CN111917695B (en) Registration method and registration system of service registration data
Srinivas et al. Lightweight security protocols for blockchain technology
Kukwase et al. Blockchain based e-voting system
CN201965619U (en) Identity authentication system based on fingerprint encryption
Jayapriya et al. Biometrics with Blockchain: A Better Secure Solution for Template Protection
JP5574005B2 (en) Biometric authentication method and system
US20240169350A1 (en) Securing transactions with a blockchain network
Fowora et al. Towards the Integration of Iris Biometrics in Automated Teller Machines (ATM)

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20151021

Address after: 430000 Hubei city of Wuhan Province, mountain zone East Lake Avenue Optics Valley Software Park, Optics Valley Exhibition Center D Optics Valley Joint Building 3 floor

Patentee after: Wuhan wood Creative Technology Co.,Ltd.

Address before: 510660 Guangdong city of Guangzhou province Tianhe District Dongpu Tianli in real B1-906

Patentee before: Yang Ying

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20171220

Address after: 430074 1 3 building, Huashi Science Park, Wuhan East Lake Development Zone, Hubei Province

Patentee after: Wuhan European Micro Technology Co.,Ltd.

Address before: 430000 Hubei city of Wuhan Province, mountain zone East Lake Avenue Optics Valley Software Park, Optics Valley Exhibition Center D Optics Valley Joint Building 3 floor

Patentee before: Wuhan wood Creative Technology Co.,Ltd.

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20130424