Biometric Identity Based On Encryption Scheme

Cloud computing and artificial intelligence centered on big data play an important role in our lives.Safe and reliable data transmission and use are the most important security guarantees in the information age.However,traditional data protection mechanisms can no longer satisfy people's diverse needs.Without prior consultation,people want secret data to be transmitted in a more secure,reliable and convenient manner.At the same time,users want their public and private keys to be associated with their own identity information.In order to solve the existing problems,researchers combined biometrics with cryptography and proposed biometric identity encryption.Biometric identity encryption mainly utilizes the stability,security,uniqueness and convenience of biometrics and high security of cryptography.The two key technologies in biometric identity encryption are how to balance the ambiguity of biometrics with the accuracy of cryptography and improve the efficiency of encryption algorithms.This thesis will focus on these two directions to do some exploratory work:(1)Firstly,this thesis introduces the background and the research status of bio-key technologies and identity encryption technologies.Then,we introduce in detail the basic principles of bio-key technology and analyze their advantages and disadvantages.Finally,we introduce in detail the identity encryption based on attribute set and the identity encryption based on biometric vector and analyze their advantages and disadvantages.(2)This thesis proposes a user-centered biometric identity encryption model,and then based on the model,we realize the transformation of biometric identity encryption and dual-factor authentication identity encryption.Transformation of biometric identity encryption is an encryption scheme that uses the user's own biometrics as the biometric private key and the irreversibly transformed biometrics as the biometric public key.The scheme associates the biometric private key with the biometric public key through a secret parameter and binds the device serial number and the secret parameter through a hash function to achieve the purpose of hiding the parameter.Therefore,this method realizes the unity of biological identity,physical identity,and digital identity.Dual-factor identity encryption is a kind of encryption scheme that uses face features as biometric public keys and face and finger vein features as biometric private keys.This scheme utilizes the fuzzy vault algorithm to overcome the ambiguity of biometrics and solve the security of the key.At the same time,the model has more intuitive biometric public key and more flexible keys selection.Finally,this thesis analyzes the performance of the scheme.(3)Based on the transformation of biometric encryption schemes,this thesis proposes a new distance encryption algorithm.It uses the biometric template protection technology and the system-generated random matrix constructs to transform the biometric public key and use the Manhattan distance to associate the biometric public key with the biometric private key.The system will dynamically generate the key and decrypt the ciphertext if and only if the physical identity and the biometric identity pass.In order to reduce the expansion rate of ciphertext,this thesis proposes a new short ciphertext inner product encryption algorithm.In this algorithm,the ciphertext data only need two groups,and the length of the ciphertext data does not change with the biometric public key dimension.For example,one plaintext data on a finite field TG is transformed into two ciphertext data on a finite field TG through an encryption algorithm.Finally,through simulation,our algorithm is compared with other IPE algorithms.(4)We propose a biometric identity encryption system on the mobile terminal.The encryption system encrypts arbitrary data using the biometric public key and decrypts the corresponding ciphertext data using the user's inherent biometrics.This system is the first use of biometric encryption data in mobile terminals,and it provides users with a safer and more convenient choice for data protection in mobile terminals.