Research And Design Of Identity Authentication Scheme Based On Biometric Cryptography

In recent years,the development of emerging internet technologies such as big data,cloud storage and machine learning has made the network environment more and more complex.In such complex network environment,identity authentication technology,as the bottom link of security service system,plays an important role in network security.With the features of uniqueness and convenience,biometrics are widely used in the field of identity authentication,which also puts forward new requirements for privacy protection.Through the organic combination of biometric identification technology and cryptography technology,biometric cryptography technology can solve the protection problem of biometric template while protecting the secret information,and provide security guarantee for identity authentication system.The common biometric cryptographic technologies include key binding(fuzzy vault)and key generation(fuzzy extractor),and some innovative work has been made about these two aspects respectively in this thesis.The main contents are as follows:1.Identity Authentication Scheme Based on Two Fingerprint Fusion Fuzzy VaultIn the identity authentication scheme based on the fuzzy vault,the locking phase corresponds to the registration in identity authentication,and the unlocking phase corresponds to the authentication in identity authentication.We extract two fingerprints respectively,and then carry out biometric fusion at the feature level for fuzzy vault generation.In addition,a key transformation scheme is proposed.Firstly,the key is encoded into a polynomial,and then two polynomials with the same degree are randomly generated.The original key is linearly represented by the two polynomials and stored in two fuzzy vaults respectively to further improve the security of the fuzzy vault.Finally,a polynomial recovery verification method,namely interference point generation and verification scheme,is proposed.It overcomes the problem that the traditional fuzzy vault is vulnerable to hybrid replacement attack and CRC collision attack.2.Identity Authentication Scheme Based on Fuzzy Extractor and BlockchainCompared with the fuzzy vault based on key binding technology,the fuzzy extractor using key generation technology can generate the key according to the users' biological characteristics,without setting and memorizing the password by themselves,and the system does not need to save the key.In order to improve the security of data storage in the identity authentication system and prevent the server data from being tampered by malicious attackers,a method using blockchain is proposed.Firstly,an identity chain ID-Chain based on alliance chain is designed,and an identity authentication scheme based on fuzzy extractor and ID-Chain is proposed.Meanwhile,considering the combination of more mature blockchain architecture to improve the scalability,deployment convenience and platform compatibility of the scheme,the second scheme based on Fabric framework is designed and simulated.It avoids the risk of database leakage,terminal loss and user information tampering in traditional identity authentication.On the other hand,different service providers use the same alliance chain for identity authentication,which can enable users to complete authentication on all service providers of the alliance chain members at one registration and effectively reduce the cooperation cost between different service providers.