Data loss prevention with key usage limit enforcement
US-2018167220-A1 · Jun 14, 2018 · US
Fingerprint data processing method and processing apparatus
US11075759B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11075759-B2 |
| Application number | US-201816170654-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 25, 2018 |
| Priority date | Jan 25, 2017 |
| Publication date | Jul 27, 2021 |
| Grant date | Jul 27, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments of the present disclosure relate to data processing technologies, and disclose a fingerprint data processing method and a processing apparatus. In some embodiments, the fingerprint data processing method includes: receiving a first ciphertext that carries fingerprint data; decrypting the first ciphertext to obtain the fingerprint data; identifying the fingerprint data and generating an identification result; encrypting the identification result and generating a second ciphertext that carries the identification result; and sending the second ciphertext. Some embodiments of the present disclosure further provide a fingerprint data processing apparatus. With some embodiments of the present disclosure, the fingerprint data can be transmitted in a ciphertext form, thereby ensuring the confidentiality of the fingerprint data, and improving the security of the fingerprint data.
First claim
Opening claim text (preview).
What is claimed is: 1. A fingerprint data processing method, applied to a host of an electronic device, comprising: receiving a first ciphertext that carries fingerprint data; wherein the first ciphertext is sent by a fingerprint sensor of the electronic device; decrypting the first ciphertext to obtain the fingerprint data; identifying the fingerprint data and generating an identification result; encrypting the identification result, and generating a second ciphertext that carries the identification result; and sending the second ciphertext to a corresponding application proxy or application program; wherein the decrypting the first ciphertext to obtain the fingerprint data specifically comprises: decrypting the first ciphertext by using a first decryption algorithm, to obtain the fingerprint data and a first message authentication code corresponding to the fingerprint data; generating a second message authentication code corresponding to the fingerprint data by using a message authentication code algorithm; and determining that the obtained fingerprint data is valid when determining that the first message authentication code is matched with the second message authentication code; wherein, the first ciphertext is obtained after the fingerprint data and the first message authentication code are encrypted by using a first encryption algorithm; the first decryption algorithm is matched with the first encryption algorithm; wherein, the host of the electronic device runs in a trusted execution environment. 2. The fingerprint data processing method according to claim 1 , wherein parameters of the message authentication code algorithm comprise the fingerprint data and a first session key; and the method, before the receiving the first ciphertext that carries fingerprint data, further comprises: generating the first session key according to a preset shared key; and establishing a first session channel to a sender of the first ciphertext according to the first session key; wherein the first session channel is used in transmission of the first ciphertext. 3. The fingerprint data processing method according to claim 2 , wherein a preset manner of the shared key is factory presetting. 4. The fingerprint data processing method according to claim 2 , wherein parameters of the message authentication code algorithm further comprise a count value of a built-in counter. 5. The fingerprint data processing method according to claim 1 , wherein the method, before the identifying the fingerprint data and generating the identification result, further comprises: obtaining a third ciphertext that carries a fingerprint template; and decrypting the third ciphertext to obtain the fingerprint template, wherein the identifying the fingerprint data and generating the identification result is specifically: performing matching identification on the fingerprint data and the fingerprint template, and generating the identification result. 6. The fingerprint data processing method according to claim 1 , wherein the encrypting the identification result and generating the second ciphertext that carries the identification result specifically comprises: generating a message authentication code corresponding to the identification result by using a message authentication code algorithm; and encrypting the identification result and the message authentication code by using an encryption algorithm, and generating the second ciphertext. 7. The fingerprint data processing method according to claim 6 , wherein parameters of the message authentication code algorithm comprise a session key and the identification result; and the method, before the encrypting the identification result and generating the second ciphertext that carries the identification result, further comprises: generating the session key according to a DH key negotiation algorithm and an identity authentication algorithm; and establishing a session channel to a receiver of the second ciphertext according to the-session key; wherein the session channel is used in transmission of the second ciphertext. 8. A fingerprint data processing apparatus, included in an electronic device, comprising: a processor and a memory in communicative connection with the processor, wherein, the memory stores an instruction executable by the processor, and the instruction is executed by the processor to cause the processor to perform a fingerprint data processing method, wherein the fingerprint data processing method comprises: receiving a first ciphertext that carries fingerprint data; wherein, the first ciphertext is sent by a fingerprint sensor of the electronic device; decrypting the first ciphertext to obtain the fingerprint data; identifying the fingerprint data and generating an identification result; encrypting the identification result, and generating a second ciphertext that carries the identification result; and sending the second ciphertext to a corresponding application proxy or application program; wherein the decrypting the first ciphertext to obtain the fingerprint data specifically comprises: decrypting the first ciphertext by using a first decryption algorithm, to obtain the fingerprint data and a first message authentication code corresponding to the fingerprint data; generating a second message authentication code corresponding to the fingerprint data by using a message authentication code algorithm; and determining that the obtained fingerprint data is valid when it is determined that the first message authentication code is matched with the second message authentication code; wherein, the fingerprint data and the first message authentication code are encrypted by using a first encryption algorithm, to obtain the first ciphertext; the first decryption algorithm is matched with the first encryption algorithm; wherein the host of the electronic device runs in a trusted execution environment. 9. The fingerprint data processing apparatus according to claim 8 , wherein parameters of the message authentication code algorithm comprise the fingerprint data and a first session key; and, the method, before the receiving the first ciphertext that carries fingerprint data, further comprises: generating the first session key according to a preset shared key; and establishing a first session channel to a sender of the first ciphertext according to the first session key; wherein the first session channel is used in transmission of the first ciphertext. 10. The fingerprint data processing apparatus according to claim 9 , wherein a preset manner of the shared key is factory presetting. 11. The fingerprint data processing apparatus according to claim 9 , wherein the method, before the identifying the fingerprint data and generating the identification result, further comprises; obtaining a third ciphertext that carries a fingerprint template; and decrypting the third ciphertext to obtain the fingerprint template; wherein the identifying the fingerprint data and generating the identification result is specifically: performing matching identification on the fingerprint data and the fingerprint template and generating the identification result. 12. The fingerprint data processing apparatus according to claim 9 , wherein the encrypting the identification result and generating the second ciphertext that carries the identification result specifically comprises: generating a message authentication code corresponding to the identification result by using a message authentication code algorithm; and encrypting the identification result and the message authentication code by using an encryption algorithm, and generating the s
Assignees
Inventors
Classifications
- H04L63/123Primary
received data contents, e.g. message integrity · CPC title
- H04L9/3231Primary
Biological data, e.g. fingerprint, voice or retina (network architectures or network communication protocols for supporting authentication of entities using biometrical features in a packet data network H04L63/0861) · CPC title
applying further key derivation, e.g. deriving traffic keys from a pair-wise master key · CPC title
the source of the received data · CPC title
using biometrical features, e.g. fingerprint, retina-scan (cryptographic mechanisms or cryptographic arrangements for entity authentication using biological data H04L9/3231) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11075759B2 cover?
- Embodiments of the present disclosure relate to data processing technologies, and disclose a fingerprint data processing method and a processing apparatus. In some embodiments, the fingerprint data processing method includes: receiving a first ciphertext that carries fingerprint data; decrypting the first ciphertext to obtain the fingerprint data; identifying the fingerprint data and generating…
- Who is the assignee on this patent?
- Shenzhen Goodix Tech Co Ltd
- What technology area does this patent fall under?
- Primary CPC classification H04L63/123. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 27 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).