	US 12,256,012 B2
	Method and device for privacy protection biometric authentication, and electronic device
Bingsheng Zhang, Hangzhou (CN); Zhigao Wang, Hangzhou (CN); and Kui Ren, Hangzhou (CN)
Assigned to ZHEJIANG UNIVERSITY, Hangzhou (CN); and ZJU-HANGZHOU GLOBAL SCIENTIFIC AND TECHNOLOGICAL INNOVATION CENTER, Hangzhou (CN)
Filed by ZHEJIANG UNIVERSITY, Zhejiang (CN); and ZJU-HANGZHOU GLOBAL SCIENTIFIC AND TECHNOLOGICAL INNOVATION CENTER, Zhejiang (CN)
Filed on Mar. 15, 2024, as Appl. No. 18/605,868.
Application 18/605,868 is a continuation of application No. PCT/CN2022/072506, filed on Jan. 18, 2022.
Claims priority of application No. 202210038504.7 (CN), filed on Jan. 13, 2022.
Prior Publication US 2024/0223377 A1, Jul. 4, 2024
Int. Cl. H04L 9/40 (2022.01); H04L 9/08 (2006.01); H04L 9/32 (2006.01)

CPC H04L 9/3231 (2013.01) [H04L 9/0825 (2013.01); H04L 9/3247 (2013.01)]

6 Claims

1. A method for privacy protection biometric authentication, which is applied to a client and comprising:

constructing a biological data template according to a biological information data input by a user when registering;

generating a pair of public key and private key by asymmetric cryptography technology; generating encrypted biological data by a secret sharing solution and OK VS (Oblivious Key-Value Store) technology according to the biological data template and the private key;

sending the public key and the encrypted biological data to a server;

recovering the private key by OKVS technology according to the biological information data input by the user during authentication and the encrypted biological data;

constructing a signature according to the recovered private key and the corresponding public key; and sending the signature to the server, so that the server verifies the user according to the public key and the signature;

wherein said generating encrypted biological data by the secret sharing solution and the OKVS technology according to the biological data template and the private key comprises:

sharing the private key as a corresponding number of secret shares of the private key according to a number of feature points in the biological data template; and

generating the encrypted biological data by the OKVS technology according to the biological data template and the secret shares of the corresponding private key, comprising: selecting an OKVS technology randomly, adopting biological data as a key, taking the secret shares of the private key as values for encryption, and obtaining encrypted biological data; and

wherein OKVS (Oblivious Key-Value Store) is a cryptographic protocol, and KVS (Key-Value Store) includes two algorithms: Encode algorithm and Decode algorithm, wherein an input of the Encode algorithm is a set of key-value pairs {(K_I, V_i)}, and if execution of the Encode algorithm 1s successful, an output of the Encode algorithm is a data structure S that stores key-value information; and wherein an input of the Decode algorithm is the data structure S that stores key information and a key k_i, and an output of the Decode algorithm is a value v_icorresponding to the key k_i,

where ⊥ represents a termination symbol output when execution of the Encode algorithm is failed.