一种生物证书密钥生成算法
|
摘要
生物特征数字证书涉及的RSA公私钥对可以由近似随机信号的生物特征密钥派生,但是生物特征密钥长度较短,而基于大素数分解困难的RSA算法要求密钥较长.为了解决该问题,提出一种生物证书密钥生成算法,结合对称加密算法和大素数生成算法生成生物大素数,并采用哈希算法对生物大素数进行可用性设计,在解决密钥长度问题的同时保证生物大素数安全可用,以便用于生成生物特征数字证书中的RSA公私钥对.基于VC6.0和MIRACL大数库的实验结果表明:基于生物特征密钥生成的生物大素数满足确定性和可用性,能够应用于生物数字证书之中.本文所提算法行之有效,且具有实际应用价值.
The RSA public and private keys of biometric certificate can be generated from biometric key which can be seen as random numbers.However,the size of biometric key is shorter than the RSA public and private keys. To overcome this limitation,a biometric certificate key generation algorithm is proposed. In this method,the biometric primes is generated by the combination of symmetric key encryption algorithm and prime generation algorithm,in addition,the hashing algorithm is used to ensure the feasibility of the biometric primes. The generated biometric primes are safe and usable so that they can be applied to generate the RSA public and private keys of biometric certificate. Experimental results using VC6.0 and MIRACL show that the proposed method not only is feasible,but also has practical application value.
The RSA public and private keys of biometric certificate can be generated from biometric key which can be seen as random numbers.However,the size of biometric key is shorter than the RSA public and private keys. To overcome this limitation,a biometric certificate key generation algorithm is proposed. In this method,the biometric primes is generated by the combination of symmetric key encryption algorithm and prime generation algorithm,in addition,the hashing algorithm is used to ensure the feasibility of the biometric primes. The generated biometric primes are safe and usable so that they can be applied to generate the RSA public and private keys of biometric certificate. Experimental results using VC6.0 and MIRACL show that the proposed method not only is feasible,but also has practical application value.
引文
[1]LAKAHMI A J,KIRAN P S.PKI key generation based on multimodal biometrics[J].International Journal Of Computers&Communications,2012,1(1):9-16.
[2]KALAMA A E,IBJAOUN S,OUAHMAN A A.Biometric authentication systems based on hand pattern vein,digital certificate and smart cards[C]//Security Days,2013 National.Rabat:IEEE,2013:1-8.
[3]WANG W,LU Y,FANG Z.Biometric template protection based on biometric certificate and fuzzy fingerprint vault[C]//Advanced Data Mining and Applications.Hangzhou:Springer Berlin Heidelberg,2013:241-252.
[4]CHUNG Y,MOON K,LEE H W.Biometric certificate based biometric digital key generation with protection mechanism[C]//Frontiers in the Convergence of Bioscience and Information Technologies.Washington DC:IEEE Computer Society,2007:709-714.
[5]李超,辛阳,纽心忻,等.一种基于生物证书的身份认证方案[J].计算机工程,2007,33(20):159-161.LI Chao,XIN Yang,NIU Xinxin,et al.Identity Authentication Scheme Based on Biometric Certificate[J].computer engineering,2007,33(20):159-161.
[6]辛阳,魏景芝,李超,等.基于PKI和PMI的生物认证系统研究[J].电子与信息学报,2008,30(01):1-5.XIN Yang,WEI Jingzhi,LI Chao,et al.Research on the Telebiometric Authentication System Based on PKI and PMI[J].Journal of Electronics and Information Technology,2008,30(01):1-5.
[7]陈熙.鉴别生物特征提取及密钥生成研究[D].成都:西南交通大学,2011.CHEN Xi.Research on discriminative biometrics feature extraction and key generation[D].Chengdu:Southwest Jiaotong University,2011.
[8]RATHGEB C,UHL A.A survey on biometric cryptosystems andcancelable biometrics[J].EURASIP Journal on Information Security,2011,3(1):1-25.
[9]NANDAKUMAR K,JAIN A K,PANKANTI S.Fingerprint-based fuzzy vault:Implementation and performance[J].IEEE Transactions on Information Forensics and Security,2007,2(4):744-757.
[10]ESKANDER G S,SABOURIN R,GRANGER E.A dissimilaritybased approach for biometric fuzzy vaults-application to handwritten signature images[C]//New Trends in Image Analysis and Processing-ICIAP 2013.Naples:ICIAP 2013 International Workshops,2013:95-102.
[11]刘新星,邹潇湘,谭建龙.大数因子分解算法综述[J].计算机应用研究,2014,31(11):3201-3207.LIU Xinxing,ZOU Xiaoxiang,TAN Jianlong.Survey of large integer factorization algorithms[J].Application Research of Computers,2014,31(11):3201-3207.
[12]CONTI V,VITABILE S,SORBELLO F.Fingerprint traits and RSA algorithm fusion technique[C]//Complex,Intelligent and Software Intensive Systems(CISIS).Palermo:IEEE,2012:351-356.
[13]RSA(cryptosystem)[EB/OL].[2014.11].http://en.wikipedia.org/wiki/RSA_(cryptosystem).
[14]AGRAWAL M,KAYAL K,SAXENA N.Primes is in P[J].Annals of Mathematics,2004,160(2):781-793.
[15]龙建超.公钥算法中大素数生成方法的研究与改进[D].昆明:云南大学,2014.LONG Jianchao.Research and improvement on the method of generating large prime number in public key algorithm[D].Kunming:Yunnan University,2014.
[16]STALLINGS W.密码编码学与网络安全:原理与实践[M].王张宜,杨敏,杜瑞颖,等,译.北京:电子工业出版社,2012:104-131,236-257.STALLINGS W.Cryptography and Network Securtiy:Principles and Practice[M].Bei Jing:Electronic Industry Press,2012:104-131,236-257.
[17]NIST SP800-22.A statistical test suite for random and pseudorandom number generators for cryptographic applications[S].Gaithersburg:ITLB,2001.
[2]KALAMA A E,IBJAOUN S,OUAHMAN A A.Biometric authentication systems based on hand pattern vein,digital certificate and smart cards[C]//Security Days,2013 National.Rabat:IEEE,2013:1-8.
[3]WANG W,LU Y,FANG Z.Biometric template protection based on biometric certificate and fuzzy fingerprint vault[C]//Advanced Data Mining and Applications.Hangzhou:Springer Berlin Heidelberg,2013:241-252.
[4]CHUNG Y,MOON K,LEE H W.Biometric certificate based biometric digital key generation with protection mechanism[C]//Frontiers in the Convergence of Bioscience and Information Technologies.Washington DC:IEEE Computer Society,2007:709-714.
[5]李超,辛阳,纽心忻,等.一种基于生物证书的身份认证方案[J].计算机工程,2007,33(20):159-161.LI Chao,XIN Yang,NIU Xinxin,et al.Identity Authentication Scheme Based on Biometric Certificate[J].computer engineering,2007,33(20):159-161.
[6]辛阳,魏景芝,李超,等.基于PKI和PMI的生物认证系统研究[J].电子与信息学报,2008,30(01):1-5.XIN Yang,WEI Jingzhi,LI Chao,et al.Research on the Telebiometric Authentication System Based on PKI and PMI[J].Journal of Electronics and Information Technology,2008,30(01):1-5.
[7]陈熙.鉴别生物特征提取及密钥生成研究[D].成都:西南交通大学,2011.CHEN Xi.Research on discriminative biometrics feature extraction and key generation[D].Chengdu:Southwest Jiaotong University,2011.
[8]RATHGEB C,UHL A.A survey on biometric cryptosystems andcancelable biometrics[J].EURASIP Journal on Information Security,2011,3(1):1-25.
[9]NANDAKUMAR K,JAIN A K,PANKANTI S.Fingerprint-based fuzzy vault:Implementation and performance[J].IEEE Transactions on Information Forensics and Security,2007,2(4):744-757.
[10]ESKANDER G S,SABOURIN R,GRANGER E.A dissimilaritybased approach for biometric fuzzy vaults-application to handwritten signature images[C]//New Trends in Image Analysis and Processing-ICIAP 2013.Naples:ICIAP 2013 International Workshops,2013:95-102.
[11]刘新星,邹潇湘,谭建龙.大数因子分解算法综述[J].计算机应用研究,2014,31(11):3201-3207.LIU Xinxing,ZOU Xiaoxiang,TAN Jianlong.Survey of large integer factorization algorithms[J].Application Research of Computers,2014,31(11):3201-3207.
[12]CONTI V,VITABILE S,SORBELLO F.Fingerprint traits and RSA algorithm fusion technique[C]//Complex,Intelligent and Software Intensive Systems(CISIS).Palermo:IEEE,2012:351-356.
[13]RSA(cryptosystem)[EB/OL].[2014.11].http://en.wikipedia.org/wiki/RSA_(cryptosystem).
[14]AGRAWAL M,KAYAL K,SAXENA N.Primes is in P[J].Annals of Mathematics,2004,160(2):781-793.
[15]龙建超.公钥算法中大素数生成方法的研究与改进[D].昆明:云南大学,2014.LONG Jianchao.Research and improvement on the method of generating large prime number in public key algorithm[D].Kunming:Yunnan University,2014.
[16]STALLINGS W.密码编码学与网络安全:原理与实践[M].王张宜,杨敏,杜瑞颖,等,译.北京:电子工业出版社,2012:104-131,236-257.STALLINGS W.Cryptography and Network Securtiy:Principles and Practice[M].Bei Jing:Electronic Industry Press,2012:104-131,236-257.
[17]NIST SP800-22.A statistical test suite for random and pseudorandom number generators for cryptographic applications[S].Gaithersburg:ITLB,2001.