基于SEAL的虹膜特征密文认证系统  被引量：6

作　　者：宋新霞 马佳敏[2] 陈智罡 陈克非 SONG Xinxia;MA Jiamin;CHEN Zhigang;CHEN Kefei(State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciencesy Beijing 100093,China;Zhejiang Wanli Universityi Ningbo Zhejiang SlSlOOt China;Department of Mathematics,Hangzhou Normal University,Hangzhou Zhejiang 311121,China)

机构地区：[1]中国科学院信息工程研究所信息安全国家重点实验室,北京100093 [2]浙江万里学院,浙江宁波315100 [3]杭州师范大学理学院,浙江杭州311121

出　　处：《信息网络安全》2018年第12期15-22,共8页Netinfo Security

基　　金：国家重点研发计划[2017YFB0802000];浙江省自然科学基金[LY17F020002];宁波市自然科学基金[2017A610120;2018A610159];浙江省科技厅公益性技术科研项目[2017C33079;LGG18F020001];信息安全国家重点实验室开放课题[2017-MS-18]

摘　　要：随着生物识别技术的应用和推广,生物特征对身份认证的影响愈加显著。为了保证用户的隐私,生物特征不能以明文形式进行存储或操作。针对此问题,文章对现有的生物特征认证系统的方案、性能做了分析和总结,采用FV方案构建并设计了一个基于全同态加密的虹膜特征密文认证系统。实现部分借助了微软的SEAL (Simple Encrypted Arithmetic Library)库。整个系统可在不对虹膜特征模板解密的情况下完成虹膜认证,且数据库中保存的是虹膜特征模板的同态密文,所以无需担心虹膜特征模板的泄露。同时该系统无需可信中心进行验证,直接通过一次性MAC认证方法在服务器端完成认证。测试表明,当系统采用海明距离比对算法等计算电路深度不高的虹膜算法时,有着不错的性能,基本满足了真实应用场景的需求。With the application and promotion of biometric technology,biometrics has become more and more important to identity authentication.In order to ensure the privacy of the user,the biometrics cannot be stored or manipulated in clear text.Aiming at this problem,this paper analyzes and summarizes the scheme and performance of the existing biometric authentication system,and proposes to construct and design an iris-like ciphertext authentication system based on full homomorphic encryption using FV scheme.SEAL(Simple Encrypted Arithmetic Library)library.The entire system can complete iris authentication without decrypting the iris feature template,and the database stores the homomorphic ciphertext of the iris feature template,so there is no need to worry about the leakage of the iris feature template.At the same time,the system does not require a trusted center for authentication,and the authentication is completed on the server side directly through the one-time MAC authentication method.Tests have shown that when the system adopts an iris algorithm with a low depth of calculation circuit such as the Hamming distance comparison algorithm,it has good performance,which basically meets the requirements of real application scenarios.

关 键 词：生物特征 全同态加密 SEAL 虹膜认证 一次性MAC认证 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]