A kind of electronic contract security system and method based on biological information identification

A kind of electronic contract security system and method based on biological information identification

  • CN 103,679,436 B
  • Filed: 12/17/2013
  • Issued: 08/14/2018
  • Est. Priority Date: 12/17/2013
  • Status: Active Grant
First Claim
Patent Images

1. a kind of electronic contract based on biological information identification saves Verification System from damage, which is characterized in that client includes:

  • It is biological specialLevy acquisition module, electronic contract encryption generation module, client identity authentication module;

    Server end includes:

    Server end identityAuthentication module;

    Electronics saves center from damage:

    Safety database, biological information authentication module;

    Physical characteristics collecting module:

    For acquiring and extracting client'"'"'s biological information, biometric keys R, acquisition visitor are obtainedFamily ID card information obtains ID card No. as digital signature, wherein the acquisition methods of biometric keys R include:

    It is fuzzyExtraction module classifies to the raw biometric information W of acquisition, establishes fuzzy set, determines the picture in biological informationMember belongs to the membership function μ

    of some classificationi(xk), according to formula:

    Determine fuzzy partition squareBattle array mji, all fuzzy partition matrixes composition mean vector matrixes, it is special to constitute biology for extraction diagonal element from mean vector matrixLevy key R, wherein m is sample pixel sum, xjkFor the gray value of j-th of biological information image, k-th of sample pixel, iTo participate in the classification of classification;

    Electronic contract encrypts generation module:

    Biometric keys R and digital signature are added on electronic contract first draft, generate encryptionElectronic contract is sent to electronics and saves center from damage;

    Client identity authentication module:

    Save center from damage with electronics and server end interacts, realizes client certificate agreement;

    Server end authentication module:

    Save center from damage with electronics and client interact, realizes server-side certificate agreement,Client biometric keys are received, extraction key is generated using biometric keys, electronics is provided and saves central authentication client from damageIdentity;

    Electronics saves Central Security database from damage:

    Encrypted electronic contract is received, timestamp is stamped, safety database is stored in, according to lifeObject feature key is each registration user storage information;

    Electronics saves center biological information authentication module from damage:

    It is interacted with server end authentication module, receives extraction key,According to the registration user information in extraction cipher key match safety database, corresponding encrypted electronic contract is searched;

    Electronics saves center from damage and generates systematic parameter using different system master key s, including:

    Arbitrary selection one generates member p and makeesFor system master key, call strong cipher hash function that the identity usemame of client is mapped as an element in cyclic group, structureBuild the hash function H of strong cipher hash function;

    Electronics is saved center from damage and is preserved using master key as the private key of system, and open systemParameter, in different authentication applications, certification both sides use different encryption keys pair;

    Client identity authentication module saves center biological information authentication module from damage with server end authentication module, electronicsRealization authentication protocol is interacted, server end generates the ostensible parameter of system, and client physical characteristics collecting module obtainsPrimitive organism information, Fuzzy extractor extract biometric keys and redundancy<

    R,PUB>

    , by biometric keys R andOne arbitrary character string combination server identity IDs generates server decruption key dID, it is sent into electronics and saves Central Security number from damageAccording to being preserved in library, corresponding public key is generated according to client user'"'"'s name and server decruption key<

    IDu,dID>

    , when user asksWhen authenticating identity, biological characteristic W that Fuzzy extractor is submitted according to user1It is common with the redundancy PUB of raw biometricRestore raw biometric w, and then calculate extraction key, server will be sent into electronics by the extraction key of authentication and be saved from damageCenter biological information authentication module, verifies the legitimacy of user identity, specifically includes:

    Client is according to biological characteristic W1

    PUB is authenticated decryption Rep, calls formula Rep<

    W1, PUB>

    =R1Obtain the biometric keys R of identity to be validated1, calculateCryptographic Hash H (the R of the biometric keys1), according to the random number R received1B, handle to obtain encryption information MAC by MAC Address(H(R1),RB, IDu, IDs) and it is sent to server, after server receives encryption information, with the H (R) of oneself storage, random numberRB, client identity IDu and server identity information IDs MAC (H (R), R are reconstructed by address process operationB, IDu, IDs), such asMAC (H (R), R of fruit reconstructB, IDu, IDs) with the encryption information MAC (H (R that receive1),R1B, IDu, IDs) in comprising identicalRandom number, then pass through user authentication, wherein IDu be client identity in address information, IDs be server identity in address believeBreath.

View all claims
    ×
    ×

    Thank you for your feedback

    ×
    ×