JP4867601B2 - User authentication method and user authentication system using biometric feature conversion device - Google Patents

Description

  The present invention relates to a method and system for authenticating an individual using biological characteristics (biological information) possessed by a person.

  A user authentication system using biometric information acquires biometric information from a user at the time of registration, and extracts and registers information called feature values. This registration information is called a template. At the time of authentication, biometric information is acquired again from the user, the feature amount is extracted, and it is verified with the template whether it is the person himself or herself. When a server authenticates a user on the client side based on biometric information via a network, the server typically holds a template. The client acquires the biometric information of the user at the time of authentication, extracts the feature value, and transmits it to the server.

  Biometric authentication has the advantage that it is difficult to forge and cannot be forgotten compared to authentication based on passwords and IC cards. However, biometric information such as fingerprints and irises is said to be lifelong, and the number of biometric information that a single user has is limited (for example, fingerprints are limited to 10 fingers), so the template registered on the server is leaked. If there is a risk of impersonation, the registration information cannot be easily discarded / updated, and there is a disadvantage that safety cannot be recovered.

  In order to solve this problem, cancelable biometric authentication in which a feature amount is converted by a certain conversion function and registered and verified in a secret state has been proposed in Patent Document 1 and the like. Specifically, the feature amount X is converted with a specific conversion function F and a secret parameter K at the time of registration, and the original information is stored in a server as a template T (= F (X, K)). At the time of authentication, the feature amount Y of the user's biometric information acquired by the client is converted by the parameter K to calculate the collation information V (= F (Y, K)) and transmitted to the server. The server collates the received collation information V with the template T. The collation process is a process of calculating a distance d (T, V) between T and V and comparing it with a threshold value t. Here, as long as the same parameter is used, the conversion function F does not greatly change the distance (or similarity) between two pieces of biological information (d (T, V) ≈d (X, Y)). At this time, if d (T, V) <t (with high probability) d (X, Y) <t, it is possible to determine whether the biometric information X of the registrant and the biometric information Y of the authentication requester match. it can. As a specific means for realizing cancelable biometric authentication, for example, a method described in Patent Document 2 for fingerprints is known.

  In the cancelable biometric authentication system, the server performs authentication without knowing any feature quantity, so even if a template or verification information is leaked from the server, the original feature quantity or biometric information is not known and is used to create a forged biometric. Threats such as

US Pat. No. 6,836,554 JP 2006-158851 A

  The method described in Japanese Patent Laid-Open No. 2004-228561 uses a combined transformation of coordinate rotation on the plane of a fingerprint feature point and symmetry transformation, rotation in the direction of the feature point, and inversion of the feature point type as transformation of the fingerprint feature amount. This conversion is an isometric conversion that does not change the distance between feature quantities, and has a feature that does not deteriorate the matching accuracy. However, the degree of freedom of the conversion parameter is small, and there is a problem with safety against brute force attacks. Actually, the target conversion and the inversion of the type are two ways of performing / not performing the conversion, and each parameter is expressed by 1 bit. Further, the coordinate rotation angle and the direction rotation angle can take one-dimensional continuous values (0 ° to 360 °) as parameters, respectively, but in practice, for example, they are discretized into 12 values in increments of 30 °, for example. This is because in consideration of the occurrence of fingerprint distortion and displacement at the time of registration and at the time of authentication, even if the coordinates and directions of feature points are slightly deviated, they are regarded as matching. It is necessary to determine the discretization width of the parameter in accordance with the deviation tolerance at the time of collation. Assuming that the two rotation angle parameters take 12 values in 30 ° increments as described above, the total number of possible conversion parameters is 2 × 2 × 12 × 12 = 576, which is about 9 bits. It is. If the converted feature value leaks and reaches the attacker's hand, the attacker creates the original feature value candidate (576 methods) using the 576 parameters as a whole, and based on this, A spoofing attack can be launched by creating a counterfeit organism and impersonating an authentication system. At this time, the probability of successful impersonation after one trial is 1/576 = 0.17%. It is possible to prevent a brute force attack by taking measures such as suspending the account after a predetermined number of consecutive failures, but the probability that a general fingerprint authentication algorithm will mistakenly match another person's fingerprint is 0.01% Since it is about ~ 0.001%, it is higher for an attacker to perform an attack by estimating the original feature amount based on the leaked converted biometric information than trying to impersonate using the fingerprint of any other person The attack will succeed with probability. For these reasons, it cannot be said that the degree of freedom of parameters by the method described in Patent Document 2 is sufficiently large, and a feature amount conversion method with a higher degree of freedom is desired.

  An object of the present invention is to provide a feature amount conversion method with a high degree of freedom without degrading the accuracy of a conventional fingerprint authentication method, and to provide a safer method, apparatus and system.

  The present invention includes a feature amount of biological information including a plurality of feature points on a plane having coordinates and directions, a symmetrical transformation bit given by 0 or 1, and a spatial rotation parameter designating rotation of a three-dimensional space. In the method of receiving a conversion parameter and converting the feature quantity according to the conversion parameter, each feature point on a plane is regarded as a point on a three-dimensional space stretched by a plane coordinate axis and a direction axis, and the symmetric conversion bit A conditional symmetric transformation step that symmetrically transforms each feature point with respect to a predetermined plane if the value is 1, and a rotation transformation step that rotates each feature point in space about the predetermined point according to the spatial rotation parameter; A feature amount conversion method is provided.

  According to the present invention, the degree of freedom of parameters can be increased by using rotational transformation in space as compared with the method of Patent Document 2 using rotational transformation on a plane. In fact, the rotational transformation on the plane has one degree of freedom, whereas the rotational transformation on the space has three degrees of freedom. In addition, the feature amount conversion of the present invention can maintain the Euclidean distance between feature points in the feature amount space, that is, the Euclidean distance between feature points. it can.

  Hereinafter, an embodiment of the present invention will be described with reference to an example of a cancelable fingerprint authentication system that performs fingerprint collation in a server while keeping fingerprint feature information secret from the server.

  FIG. 1 shows the system configuration of this embodiment. The cancelable fingerprint authentication system of the present embodiment includes a client terminal 100 that performs fingerprint acquisition, feature amount extraction, and conversion at the time of registration and authentication, a fingerprint sensor 110 that performs fingerprint imaging, and a portable recording medium carried by the user 120 and an authentication server 140 for storing and collating templates. It is assumed that the client terminal 100 is managed by the user himself / herself or a trusted third party. Further, it is assumed that the client terminal 100 and the server 140 are connected by a network such as the Internet or an intranet. The portable storage medium 120 is carried and managed by the user, and an IC card, a USB memory, a portable terminal, a floppy (registered trademark) disk, or the like can be used. For example, when Internet banking is performed from home, the client terminal 100 can be a home PC managed by the user, and the authentication server 140 can be a server machine managed by the bank.

  The client terminal 100 includes a fingerprint sensor I / F 101 that performs communication with the fingerprint sensor 110, a feature amount extraction unit 102 that extracts a feature amount from a fingerprint image, and a conversion parameter generation unit that randomly generates a conversion parameter at the time of fingerprint registration 103, a feature amount conversion unit 104 that converts the feature amount using the conversion parameter to create a converted feature amount, a recording medium I / F 105 that reads and writes data in the portable recording medium 120, the Internet, and the like And a communication I / F 106 that performs communication via the network. The conversion parameter may be stored in a storage device connected to or provided in the client terminal 100.

  The authentication server 140 includes a communication I / F 141 that performs communication via the Internet, a registration unit 142 that registers the conversion feature amount as a template, a storage device 143 that stores the template, and a newly received during authentication It is comprised from the collation part 144 which collates a conversion feature-value with the said template and calculates similarity.

  FIG. 9 shows the hardware configuration of the client terminal 100 and the authentication server 140 in this embodiment. As shown in the figure, these can be composed of a CPU 900, a memory 901, a storage device 902 such as an HDD, an input device 903 such as a keyboard and a mouse, an output device 904 such as a display, and a communication device 905. The memory 901 is also a kind of storage device, and particularly stores programs and data executed by the processing device. The feature amount extraction unit 102, the conversion parameter generation unit 103, the feature amount conversion unit 104 of the client terminal 100, the registration unit 142 of the authentication server 140, and the collation unit 144 are operated by the CPU 900 operating according to the program developed on the memory. Realized. The CPU 900 develops data to be processed in accordance with a program in the memory 901, reads / writes data on the memory 901, and executes predetermined processing.

  FIG. 2 shows a processing procedure and data flow at the time of fingerprint registration and authentication.

  First, the flow during registration will be described.

  The client terminal 100 acquires the user's fingerprint image via the fingerprint sensor 110 (S201).

  The client terminal 100 extracts the feature amount X from the fingerprint image (S202).

  The client terminal 100 randomly generates the conversion parameter K (S203).

  The client terminal 100 writes the conversion parameter K in the portable storage device 120 (S204).

  The client terminal 100 inputs the conversion parameter K and the feature amount X to the feature amount conversion unit 104, creates a registration conversion feature amount T = F (X, K), and transmits it to the authentication server 140 (S205). . Details of the data structure of the feature amount and the feature amount conversion will be described later.

  The authentication server 140 receives the registration conversion feature amount T and registers it in the storage device 123 as a template (S206).

  Note that after the registration process is completed, the client terminal 100 deletes the conversion parameter K from the internal storage device.

  Next, the flow at the time of authentication will be described.

  The client terminal 100 acquires the user's fingerprint image via the fingerprint sensor 110 (S211).

  The client terminal 100 extracts the feature amount X ′ from the fingerprint image (S212).

  The client terminal 100 reads the conversion parameter K from the portable storage device 120 (S213).

  The client terminal 100 inputs the conversion parameter K and the feature quantity X ′ to the feature quantity conversion function 104, creates a matching conversion feature quantity V = F (X ′, K), and transmits it to the authentication server 140 ( S214).

  The authentication server 140 receives the collation conversion feature value V and collates it with the template T to determine whether or not it is the fingerprint of the user (S215). After the end of the authentication process, the client terminal 100 deletes the conversion parameter K from the internal storage device.

  As described above, the authentication server 140 stores the converted feature value T = F (X, K) as a template, and receives the converted feature value V = F (X ′, K) at the time of authentication. Without the conversion parameter K, it is impossible to know X and X 'from the conversion feature values T and V. Therefore, even if the template T and the conversion feature value V for verification leak due to a server administrator's mistake or fraud The feature amount is concealed and cannot be used to create a counterfeit organism. Thus, according to the present embodiment, a highly secure server client type biometric authentication system can be realized, and the template management cost of the server can be reduced.

  In the present embodiment, the conversion parameter K is stored in the recording medium 120 possessed by the user, but may be stored in the client terminal 100 or may be dynamically generated from a password input by the user.

  FIG. 3 shows the data structure of the fingerprint feature quantity in this embodiment. As shown in the figure, the fingerprint feature amount is defined as a set of a plurality of feature points on a plane. Each feature point is given by a plane coordinate (x, y) and a direction θ. Note that each feature point is extracted as a point (branch point) and a point (end point) where a ridge (a spiral line forming a fingerprint) branches in a fingerprint image. Means the direction of the ridge. The feature point coordinates (x, y) are calculated with the fingerprint core (the center of the vortex or the point with the maximum curvature of the ridge) as the origin (0, 0).

  FIG. 4 shows the principle of fingerprint feature verification. The registered feature value (template) and the feature value acquired at the time of authentication are overlapped to search for a feature point pair (corresponding feature point pair) whose coordinates and direction are close to each other. As a scale (distance) for measuring the “closeness” between the feature point (x, y, θ) of the template and the feature point (x ′, y ′, θ ′) acquired at the time of authentication, for example, the Euclidean distance √ ( (X−X ′) ^ 2+ (Y−Y ′) ^ 2+ (θ−θ ′) ^ 2) can be used. The number of obtained feature point pairs is normalized by the total number of feature points, and the similarity is calculated.

  The data structure and the matching principle of the feature amount shown here are general ones used in several fingerprint authentication systems that are currently commercialized. The feature amount conversion of the present embodiment can be applied to such a general fingerprint feature amount data structure and collation principle.

  FIG. 5 shows a detailed flow of feature value conversion (S205, S214) in the present embodiment.

  The feature amount conversion includes a first feature amount conversion and a second feature amount conversion. The first transformation parameter K1 for determining the first feature transformation is the direction rotation angle φ, the amount of translation (Δx, Δy), the false feature point {(Xi, Yi, Θi) | i = 1,. }. The second transformation parameter K2 that determines the second feature transformation is the three-dimensional rotation parameter ψ, V = (a, b, c) (where V is the unit vector: a ^ 2 + b ^ 2 + c ^ 2 = 1) and symmetric conversion bit S (= 0 or 1). A fake feature point is a disguise of a true feature point. The false feature points are preferably generated independently of the true feature points.

  In the first feature amount conversion, first, the direction θi (i = 1, 2,...) Of all feature points is rotated by φ to θi + φ (S501). The degree of freedom of this conversion is 1.

Next, the coordinates (xi, yi) (i = 1, 2,...) Of all feature points are translated by (Δx, Δy) to (x + Δx, y + Δy), respectively, and a predetermined range (for example, Rotate the feature points that deviate from -L≤x <L, -L≤y <L) to the opposite side
((((x + Δx) + L) mod 2L) -L, (((y + Δy) + L) mod 2L) -L)
(C502) The degree of freedom of this conversion is 2.

  Finally, a predetermined number of false feature points are added (S503). However, it is easily guessed by the authentication server that a feature point that does not cause an error at the time of registration and authentication is a fake feature point. In order to prevent this, an error is randomly generated and added to the coordinates and directions of the false feature points at the time of authentication. In addition, since normal feature points may fail to be extracted due to the influence of blurring at the time of fingerprint acquisition, it is possible to estimate that feature points that always appear are fake feature points. In order to prevent this, randomly selected fake feature points are not added.

  A specific example of the above conversion processing is shown in FIG.

    In the second feature amount conversion, first, the feature point (xi, yi, θi) (i = 1, 2,...) Is regarded as a set of points in the xyθ three-dimensional space, and the direction vector V = (a , b, c) is rotated at an angle ψ about the straight line (S504). An arbitrary rotation around the origin in the three-dimensional space can be described by the unit vectors V and ψ, and the degree of freedom is 3. Actually, since the unit vector V can be expressed as V = (a, b, c) = (cos α, sin α cos β, sin α sin β), the three-dimensional rotation can be described by three independent parameters α, β, and ψ. The specific calculation of rotation is the quaternion Q = (cos (ψ / 2); a · sin (ψ / 2), b · sin (ψ / 2), c · sin (ψ / 2) ), R = (cos (ψ / 2); -a · sin (ψ / 2), -b · sin (ψ / 2), -c · sin (ψ / 2)), and the point (x, y, Using the quaternion P = (0; x, y, θ) representing θ), it can be calculated by taking the product of the quaternions as follows.

P ′ = RPQ
Next, each point is symmetrically transformed with respect to the plane θ = 0 in the three-dimensional space (S505). That is, the point (x, y, θ) is moved to (x, y, −θ). Finally, this is regarded as a feature point on the xy plane.

    FIG. 7 schematically shows the above conversion process.

    The first feature amount conversion of the present embodiment has a degree of freedom of 3 (1 (rotation in direction) +2 (cyclic parallel movement)), and the second feature amount conversion has a degree of freedom of 3 (three-dimensional rotation), for a total of 6 Has freedom. If each degree of freedom is discretized so as to take 12 values, the total number of transformation parameter combinations including symmetric transformation is 2 × 12 ^ 6 = 5971968 (about 23 bits). More resistant to brute force attacks than the conversions described. In addition, the addition of fake feature points has the effect of making brute force attacks more difficult. For example, if there are 30 normal feature points and 10 false feature points, the total number of normal feature points (30) to be selected from the template feature points (40) is 8476660528 (about 30 bits). From the above, it can be said that the feature amount conversion of the present embodiment has sufficient safety against a spoofing attack due to creation of a counterfeit organism when a template leaks.

  Further, the direction rotation, the three-dimensional rotation, and the symmetrical transformation in the present embodiment preserve the Euclidean distance between feature points, and therefore there is no accuracy degradation due to these transformations. For cyclic parallel movement, if only one of the template feature points and the feature point coordinates at the time of authentication are out of the specified range due to a shift in the coordinates, the distance will change and the feature points that should be matched will match. The problem of not doing. However, if the size of the above range (cyclic width) is sufficiently large with respect to the allowable deviation of coordinates, the probability is small and the influence of accuracy deterioration is small. As for the false feature points, in many cases, it is considered that the false feature points added at the time of registration coincide with the false feature points added at the time of authentication. Therefore, the corresponding feature point pairs are added by the number of false feature points by the false feature point addition process, and the matching similarity between the users and the matching similarity between the others are uniform (as long as the same parameter K is used). To increase. Therefore, if the threshold value for determining the person / others is appropriately set, the collation accuracy will not be greatly deteriorated. As described above, the feature amount conversion according to the present embodiment can be realized without greatly degrading the accuracy of fingerprint collation.

  If the template T is leaked, the attacker can send it to the authentication server as a matching conversion feature amount V, and can be impersonated. In order to prevent this, it is necessary to periodically change and change the conversion parameters to discard / update the template. However, if the user's biometric information input is requested at every update, the convenience is reduced. To avoid this, once the original feature value is restored from the template and converted with the new parameter, the original feature value is restored at that timing. There is a risk of leakage. Therefore, it is necessary to update without restoring the original feature amount from the template. By using the second feature amount conversion of the present embodiment, such parameters and templates can be updated.

    FIG. 8 shows a parameter and template update flow.

  The client terminal 100 randomly generates the parameter difference ΔK (S801). Here, ΔK has the same format as the second transformation parameter K2, the three-dimensional rotation parameter Δψ and ΔV = (Δa, Δb, Δc) (ΔV is a unit vector), and the symmetrical transformation bit ΔS (= 0 or 1). Consists of

  The client terminal 100 reads the conversion parameter K from the portable recording medium 120 (S802).

  The client terminal 100 updates the parameter K with the parameter difference ΔK and creates a new parameter K ′ (S803). Specifically, the update is calculated as follows. Consider the quaternion Q = (ψ; a, b, c), Q0 = (Δψ; Δa, Δb, Δc), and Q1 = (− Δψ; Δa, Δb, −Δc). If S = 0, Q '= Q Q0, and if S = 1, Q' = Q Q1. When Q ′ = (ψ ′; a ′, b ′, c ′), ψ ′ and V ′ = (a ′, b ′, c ′) are set as new three-dimensional rotation parameters. Further, S ′ = S xor ΔS (xor represents exclusive OR) is set as a new symmetric conversion bit. In this way, the second conversion parameter ψ, V, S in the conversion parameter K is replaced with ψ ', V', S 'as a new conversion parameter K'.

  The client terminal 100 writes the new conversion parameter K ′ to the portable recording medium 120 and transmits the parameter difference ΔK to the server 140 (S804).

  The server 140 reads the template T from the storage device 143 (S805).

  The server 140 updates the template T with the parameter difference ΔK, and creates a new template T ′ (S805). Specifically, for all feature points (xi, yi, θi) (i = 1, 2, ...) in the template, three-dimensional rotation (S504) and symmetrical transformation (S505) using ΔK as the second transformation parameter I do.

  The server 140 discards the old template T and writes the new template T ′ in the storage device 143 (S807).

  By creating a new conversion parameter K ′ and a new template T ′ by the above-described method, T ′ = F (X, K ′) is established, and K ′ and T ′ are used instead of K and T from the next authentication. Correct fingerprint verification processing. As described above, by using the feature amount conversion according to the present embodiment, it is possible to discard and update parameters and templates without newly acquiring biometric information of the user or restoring the original feature amounts from the template. Thereby, a spoofing attack at the time of template leakage can be prevented, and a highly secure network type biometric authentication system can be realized.

  In this embodiment, the quaternion is used for the three-dimensional rotation parameter expression and the rotation calculation. However, Euler angles, rolls, pitches, and yaw angles may be used.

  The present invention is applicable to any application that performs user authentication based on biometric information. For example, it can be applied to information access control in an in-house network, identity verification in an Internet banking system or ATM, login to a website for members, personal authentication when entering a protected area, login to a personal computer, and the like.

It is a block diagram which shows the function structure of embodiment of this invention. It is a flowchart which shows the registration process and authentication process in embodiment of this invention. It is a figure which shows the data structure of the fingerprint feature-value in embodiment of this invention. It is a figure which shows the collation principle of the fingerprint feature-value in embodiment of this invention. It is a flowchart which shows the feature-value conversion process in embodiment of this invention. It is a figure which shows the 1st feature-value conversion in embodiment of this invention. It is a figure which shows the 2nd feature-value conversion in embodiment of this invention. It is a flowchart which shows the update process of the parameter and template in embodiment of this invention. It is a block diagram which shows the hardware constitutions of embodiment of this invention.

Explanation of symbols

100 Client terminal 101 Fingerprint sensor I / F
102 feature quantity extraction unit 103 conversion parameter generation unit 104 feature quantity conversion unit 105 recording medium I / F
106 Communication I / F
110 Fingerprint sensor 120 Portable recording medium 140 Authentication server 141 Communication I / F
142 Registration Unit 143 Storage Device 144 Verification Unit 900 CPU
901 Memory 902 HDD
903 Input device 904 Output device 905 Communication device

Claims (8)

Receiving a transformation parameter including a feature amount of biological information including a plurality of feature points having coordinates and directions on a plane, a transformation bit given by 0 or 1, and a spatial rotation parameter designating rotation of a three-dimensional space; A feature value conversion device including a first processing device and a first storage device that converts the feature value according to the conversion parameter, a second processing device that collates the feature value, and a first value that stores the feature value. In a user authentication method executed by a user authentication system having a storage device of 2 and a collation device capable of communicating with the feature value conversion device ,
The first processing device includes an acquisition unit that acquires biometric information of a user, an extraction unit that extracts a feature amount from the biometric information, and a conversion unit that converts the feature amount.
The conversion means develops each feature point on a plane on the first storage device, regards each feature point on the plane as a point on a three-dimensional space spanned by a coordinate axis and a direction axis, and converts the conversion bit. Is one of predetermined 0 or 1, a symmetric transformation step for symmetric transformation of each feature point on the first storage device with respect to an arbitrary plane;
The conversion means performs a rotation conversion step of rotating each feature point after symmetrical conversion on the first storage device on the three-dimensional space around an arbitrary point according to the space rotation parameter ,
When registering a user, the extraction unit of the feature amount conversion apparatus acquires a user's biological information and extracts a registration feature amount, and the conversion unit converts the registration feature amount according to the conversion parameter. The registration conversion feature value is generated, and the registration conversion feature value is transmitted to the collation device. The collation device receives the registration conversion feature value, and the second storage device of the collation device. Remember
When authenticating the user, the acquisition unit of the feature amount conversion apparatus acquires the user's biometric information and extracts a matching feature amount, and the conversion unit converts the matching feature amount according to the conversion parameter. Then, a collation conversion feature value is created, the collation conversion feature value is transmitted to the collation device, the collation device receives the collation conversion feature value, and the second processing device A user authentication method comprising: comparing a conversion feature amount for registration with the conversion feature amount for registration and determining whether or not the user is the person himself / herself. The conversion parameter includes a direction rotation angle,
The user authentication method according to claim 1, wherein the conversion unit includes a direction rotation step of rotating the direction of each feature point on the first storage device according to the direction rotation angle. The conversion parameter includes a false feature quantity including a plurality of false feature points on a plane having coordinates and directions,
The user authentication method according to claim 2, wherein the conversion unit includes a false feature point adding step of adding each false feature point included in the false feature amount to the feature amount. The transformation parameter includes a translation parameter that specifies translation on a plane;
The converting means translates the feature points on the first storage device in accordance with the translation parameter, and the feature points that are out of a predetermined range on the plane are on the opposite side on the first storage device. 4. The user according to claim 3, further comprising a cyclic parallel movement step of moving the feature points on the first storage device so that all feature points fall within the predetermined range. Authentication method . First processing device and the first storage device and the second processing unit to match feature transformation device and the feature quantity with a having a second storage device that stores the feature quantity the feature transformation apparatus In a user authentication system provided with a communicable verification device ,
The first processing device includes an acquisition unit that acquires biometric information of a user, an extraction unit that extracts a feature amount from the biometric information, and a conversion unit that converts the feature amount.
The conversion means includes a feature amount of biological information including a plurality of feature points having coordinates and directions on a plane, a conversion bit given by 0 or 1, and a spatial rotation parameter designating rotation of a three-dimensional space. receiving a parameter, stored in the first storage device, expand each feature point on the plane in the first storage device on a three-dimensional the feature points on the plane, spanned by the coordinate axes and axis If it is regarded as a point on the space and the conversion bit is either one of 0 or 1 determined in advance, each feature point is symmetrically converted on the first storage device with respect to an arbitrary plane, and the first Rotating each feature point after symmetrical transformation on the first storage device on the three-dimensional space around an arbitrary point according to the spatial rotation parameter stored in the storage device ,
When registering a user, the extraction unit of the feature amount conversion apparatus acquires a user's biological information and extracts a registration feature amount, and the conversion unit converts the registration feature amount according to the conversion parameter. The registration conversion feature value is generated, and the registration conversion feature value is transmitted to the collation device. The collation device receives the registration conversion feature value, and the second storage device of the collation device. Remember
When authenticating the user, the acquisition unit of the feature amount conversion apparatus acquires the user's biometric information and extracts a matching feature amount, and the conversion unit converts the matching feature amount according to the conversion parameter. Then, a collation conversion feature value is created, the collation conversion feature value is transmitted to the collation device, the collation device receives the collation conversion feature value, and the second processing device A user authentication system characterized in that a conversion feature value for use is collated with the conversion feature value for registration to determine whether or not the user is the person himself / herself. The conversion parameter includes a direction rotation angle,
6. The user authentication system according to claim 5, wherein the conversion unit rotates the direction of each feature point on the first storage device according to the direction rotation angle. The conversion parameter includes a false feature quantity including a plurality of false feature points on a plane having coordinates and directions,
The user authentication system according to claim 6, wherein the conversion unit adds each false feature point included in the false feature amount to the feature amount. The transformation parameter includes a translation parameter that specifies translation on a plane;
The converting means translates the feature points on the first storage device in accordance with the parallel movement parameters, and moves the feature points out of a predetermined range on the plane to the opposite side on the first storage device. 8. The user authentication system according to claim 7, wherein the feature points are moved on the first storage device so that all the feature points fall within the predetermined range.

Images