KR20160016522A - Device and method for encrypting/decrypting content - Google Patents

Abstract

A device and method for encrypting / decrypting a content using biometric information are provided. A device for decrypting content using biometric information, comprising: a memory for storing encrypted content using first biometric information of a user; And a control unit for obtaining the second biometric information of the user different from the first biometric information according to the execution request of the content and decrypting the encrypted content using the obtained second biometric information, . ≪ / RTI >

Description

[0001] DEVICE AND METHOD FOR ENCRYPTING / DECRYPTING CONTENT FOR ENCODING /

This disclosure relates to a device and method for encrypting / decrypting content, and more particularly, to a device and method for encrypting / decrypting content using biometric information.

Biometrics is an authentication method that extracts individual unique biometric information such as fingerprint, voice, face, iris, sweat gland structure, and blood vessel for each individual and informs them. Personal characteristics such as face shape, voice, fingerprint, eyeball, etc. can not be used by theft or duplication of another person like a key or a password.

Recently, biometric information technology has been developed for user authentication.

Accordingly, research on a method of encrypting and decrypting contents using biometric information effectively has been demanded.

An embodiment of the present invention provides a device and a method capable of encrypting / decrypting a content using a plurality of pieces of biometric information.

The technical objects to be achieved by the present invention are not limited to the technical matters mentioned above, and other technical subjects which are not mentioned can be clearly understood by those skilled in the art from the following description. There will be.

According to an aspect of the present invention, there is provided a device for decoding content using biometric information, the device comprising: a memory for storing encrypted content using first biometric information of a user; And a control unit for obtaining the second biometric information of the user different from the first biometric information according to the execution request of the content and decrypting the encrypted content using the obtained second biometric information .

Further, the memory may store the encrypted content using the first encryption key generated based on the first biometric information, and store the encrypted second authentication information using the second encryption key generated based on the second biometric information, Wherein the control unit stores the first encryption key, and when the encrypted content is decrypted using the obtained second biometric information, using the second encryption key generated based on the obtained second biometric information, Decrypt the encrypted first encryption key, and decrypt the encrypted content using the decrypted first encryption key.

The control unit may determine one biometric information to be acquired from among the first biometric information and the second biometric information according to an execution request of the content, and when the second biometric information is determined, And decrypt the encrypted content using the obtained second biometric information.

Further, the device according to an embodiment may further include a communication unit, and at least one of the first biometric information and the second biometric information may be acquired from the at least one external device through the communication unit.

Further, the device according to an embodiment may further include at least one biometric module for recognizing biometric information of a user, wherein at least one of the first biometric information and the second biometric information includes at least one of the at least one living body May be obtained from the recognition module.

According to another aspect of the present invention, there is provided a method of decrypting content using biometric information, the method comprising: storing encrypted content using first biometric information of a user; Acquiring second biometric information of the user different from the first biometric information according to the execution request of the content; And decrypting the encrypted content using the obtained second biometric information.

According to another embodiment of the present invention, there is provided a method of decrypting content, the method comprising: storing a first encryption key encrypted using a second encryption key generated based on the second biometric information, The step of storing the encrypted content using the biometric information includes the step of storing the encrypted content using the first encryption key generated based on the first biometric information, Decrypting the encrypted content using the second encryption key generated based on the obtained second biometric information, decrypting the encrypted first encryption key, decrypting the decrypted first encryption key, And decrypting the encrypted content using the encrypted content.

The step of acquiring the second biometric information of the user different from the first biometric information in response to the execution request of the content may further include a step of acquiring the first biometric information and the second biometric information, Determining one biometric information to be acquired from the information; And acquiring second biometric information of the user different from the first biometric information when the second biometric information is determined.

In order to achieve the above object, a user terminal for logging in to a server using biometric information according to an embodiment of the present invention includes: a communication unit for communicating with a server located outside the user terminal; And acquiring second biometric information of the user of a different kind from the first biometric information after log-in to the server is released based on user authentication using the first biometric information, 2 authentication information request related to biometric information to the server through the communication unit and log-in to the server based on user authentication using the authentication request information.

The control unit may generate second biometric authentication information from the obtained second biometric information when transmitting the authentication request information related to the obtained second biometric information to the server through the communication unit, The password obtained based on the second biometric authentication information or the second biometric authentication information may be transmitted to the server.

When the authentication request information related to the obtained second biometric information is transmitted to the server through the communication unit, the control unit may transmit at least one of identification information of the user terminal and identification information of a user using the user terminal Can be transmitted.

According to another aspect of the present invention, there is provided a method for logging in a server using biometric information, the method comprising the steps of: logging in to a server based on user authentication using first biometric information; Acquiring second biometric information of the user different from the first biometric information after the login with the server is released; Transmitting authentication request information related to the acquired second biometric information to the server; And re-logging in to the server based on user authentication using the authentication request information.

Also, The step of transmitting the authentication request information related to the obtained second biometric information to the server includes: generating second biometric authentication information from the obtained second biometric information; And transmitting the password obtained based on the generated second biometric authentication information or the second biometric authentication information to the server.

The transmitting of the authentication request information related to the acquired second biometric information to the server may include transmitting at least one of identification information of the user terminal and identification information of a user using the user terminal .

1 is a view for explaining a first embodiment of the present invention.
2 is a flowchart illustrating an encryption / decryption method according to a first embodiment of the present invention.
3 to 4C are flowcharts for explaining an encryption method according to the first embodiment of the present invention.
5A to 7 are diagrams for explaining a step of encrypting a content in the encryption method according to the first embodiment of the present invention.
8 to 10 are diagrams for explaining a step of encrypting an encryption key in the encryption method according to the first embodiment of the present invention.
11 is a view for explaining an example of a database unit according to the first embodiment of the present invention.
12 is a flowchart for explaining a decoding method using second biometric information according to the first embodiment of the present invention.
13A to 15 are diagrams for explaining a method of decoding using biometric information according to the first embodiment of the present invention.
16 is a flowchart for explaining a method of decoding using first biometric information according to the first embodiment of the present invention.
17A to 19 are diagrams for explaining a method of decoding using first biometric information according to the first embodiment of the present invention.
20 is a table for explaining a decoding method according to the first embodiment of the present invention.
21 is a view for explaining a second embodiment of the present invention.
22 is a flowchart for explaining an encryption method according to the second embodiment of the present invention.
23 to 25 are views for explaining a method of encrypting biometric information of a first user according to a second embodiment of the present invention.
26 to 30 are diagrams for explaining an encryption method for sharing contents according to the second embodiment of the present invention.
31 to 32 are diagrams for explaining a decoding method according to a second embodiment of the present invention.
33 is a table for explaining a decoding method according to the second embodiment of the present invention.
34 is a flowchart for explaining a method for changing encryption according to the second embodiment of the present invention.
35 is a diagram for explaining a method for changing encryption according to the second embodiment of the present invention.
36 is a flowchart for explaining an encryption method according to the third embodiment of the present invention.
37 to 38 are flowcharts for explaining a decoding method according to the third embodiment of the present invention.
39 is a table for explaining a decoding method according to the third embodiment of the present invention.
40 to 42 are flowcharts for explaining the encryption method according to the fourth embodiment of the present invention.
43 to 45 are flowcharts for explaining a decoding method according to the fourth embodiment of the present invention.
46 is a table for explaining a decoding method according to the fourth embodiment of the present invention.
47 to 48 are flowcharts for explaining the encryption method according to the fifth embodiment of the present invention.
49 to 51 are flowcharts for explaining a decoding method according to a fifth embodiment of the present invention.
52 is a table for explaining a decoding method according to the fifth embodiment of the present invention.
53 to 54 are flowcharts for explaining the encryption method according to the sixth embodiment of the present invention.
55 to 56 are flowcharts for explaining a decoding method according to the sixth embodiment of the present invention.
57 is a table for explaining a decoding method according to the sixth embodiment of the present invention.
58 to 59 are flowcharts for explaining the encryption method according to the seventh embodiment of the present invention.
60 to 61 are flowcharts for explaining a decoding method according to a seventh embodiment of the present invention.
62 is a table for explaining a decoding method according to the seventh embodiment of the present invention.
64 explains a method of registering biometric information in order for a device 100 according to an eighth embodiment of the present invention to log in to the server 200 Fig.
65 is a flowchart for explaining another method of registering biometric information in order for a device 100 according to an eighth embodiment of the present invention to log in to a server.
66 to 69 are views for explaining a process of registering biometric information in a server according to an eighth embodiment of the present invention.
70A and 70B are flowcharts for explaining a method of connecting a device 100 according to an eighth embodiment of the present invention to a server.
71 to 72B are views for explaining a process of registering biometric information in a server according to an eighth embodiment of the present invention.
73 is a flowchart for explaining another method of registering biometric information for connection to the server 300 by the device 100 according to the eighth embodiment of the present invention.
74 to 78 are diagrams for explaining a process of registering biometric information in a server according to an eighth embodiment of the present invention.
79A is a flowchart for explaining a method of connecting a device 100 according to an eighth embodiment of the present invention to a server.
80 to 81B are views for explaining a process of registering biometric information in a server according to an eighth embodiment of the present invention.
82 is a table for explaining a decoding method according to the eighth embodiment of the present invention.
83 and 84 are block diagrams of a device related to an embodiment of the present invention.
83 and 84 are block diagrams of a device related to an embodiment of the present invention.
85 is a block diagram of a server related to an embodiment of the present invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings, which will be readily apparent to those skilled in the art. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.

The above objects, features and advantages of the present invention will become more apparent from the following detailed description taken in conjunction with the accompanying drawings. It is to be understood, however, that the invention is not limited to the disclosed embodiments, but, on the contrary, is intended to cover various modifications and similarities. Like reference numerals designate like elements throughout the specification. In the following description, well-known functions or constructions are not described in detail since they would obscure the invention in unnecessary detail. In addition, numerals (e.g., first, second, etc.) used in the description of the present invention are merely an identifier for distinguishing one component from another.

Hereinafter, a device related to the present invention will be described in more detail with reference to the drawings. The suffix "module" and " part "for the components used in the following description are given or mixed in consideration of ease of specification, and do not have their own meaning or role.

The devices described herein may include a mobile phone, a smart phone, a tablet PC, a laptop computer, a digital broadcasting terminal, a PDA (Personal Digital Assistants), a PMP (Portable Multimedia Player) . However, it will be understood by those skilled in the art that the configuration according to the embodiments described herein may be applied to a fixed terminal such as a digital TV, a desktop computer, and the like, unless the configuration is applicable only to a mobile terminal.

Throughout the specification, when a part is referred to as being "connected" to another part, it includes not only "directly connected" but also "electrically connected" with another part in between . Also, when an element is referred to as "comprising ", it means that it can include other elements as well, without departing from the other elements unless specifically stated otherwise.

<Figs. 1 to 2>

Hereinafter, terms used in this specification will be described first, together with a brief description of the present invention.

The device 100 according to an embodiment of the present invention can encrypt contents using biometric information. The device 100 encrypts the content using predetermined biometric information (first biometric information), and uses other biometric information (second biometric information) different from the biometric information (first biometric information) used for the encryption So that the encrypted content can be decrypted.

In the entire specification, biometric information may mean information that can identify each individual such as a fingerprint or an iris that can be extracted from a human body.

For example, the biometric information can be a fingerprint, a voice, a face, an iris, a palm, a vein distribution, a movement pattern such as a retina, a voice or a gait, an electrocardiogram (ECG), a long text, and the like.

Throughout the specification, the content may include text (e.g., work related documents, memos, emails, text messages, e-books, etc.), still images But are not limited to, program images, User-Created Contents (UCC), YouTube videos, music video images, movie files, etc.), application executables, voice files, web pages, For example, the content may be a bundle of predetermined files stored in the device, and may be a folder indicating a location where files are classified and stored. The folder may include other folders or files. That is, the content may have a broad meaning including predetermined data, files, and the like.

Throughout the specification, encryption may refer to the conversion of certain information into a meaningless form (i.e., a ciphertext). The ciphertext may be a form in which the original text is converted using a predetermined algorithm for data security.

More specifically, encryption is a process of converting predetermined information into ciphertext using an encryption key (e.g., a specific bit string), and decryption using a decryption key , And may mean restoring the converted information into pre-conversion information.

Throughout the specification, the encryption key may refer to data (e.g., a specific bit string) in which biometric information is processed, not biometric information itself, which is used to encrypt a predetermined content.

According to an embodiment of the present invention, a cryptographic scheme used when a device encrypts and decrypts a content may be a secret key cryptographic scheme that uses the same key for encryption and decryption.

The second biometric information distinguished from the first biometric information in the entire specification may be of a different kind from the first biometric information (for example, the first biometric information may be fingerprint information and the second biometric information may be iris information). The second biometric information distinguished from the first biometric information is information indicating the same kind of biometric information as the first biometric information (for example, the same fingerprint information, fingerprint information obtained from different fingers of the same user, Fingerprint information obtained from another user's finger).

In addition, the second biometric information distinguished from the first biometric information may refer to biometric information obtained from a biometric module provided in different apparatuses. The second biometric information distinguished from the first biometric information may be biometric information obtained from different biometric modules provided in the same device. The second biometric information distinguished from the first biometric information may mean biometric information obtained from the same biometric module provided in the same device.

In the entire specification, the biometric module may refer to a module capable of acquiring predetermined biometric information from a person's body. The biometric module may include a sensor capable of sensing biometric information of a person. For example, the biometric module may include a fingerprint sensor and a long-range sensor, but the present invention is not limited thereto.

For example, the biometric module may include a camera. For example, the biometric module may be a camera capable of photographing a face of a person. The biometric module may be an iris recognition camera capable of photographing a human iris.

In addition, the biometric module may include a microphone capable of acquiring a human voice. It is needless to say that the above-described example of the biometric module is an embodiment of the present invention and is not limited thereto.

According to an embodiment of the present invention, when a predetermined content is encrypted using fingerprint information, the device can decrypt the encrypted content using the fingerprint information, and can also use the iris information, which is another biometric information, The encrypted content can be decrypted.

Accordingly, even in a situation where the device can not acquire the fingerprint information used for content encryption (for example, a situation where the biometric module obtained by acquiring fingerprint information due to theft, loss, malfunction, etc. can not be used) The content can be decrypted using a biometric module capable of acquiring information (for example, iris information).

That is, according to one embodiment of the present invention, when a specific content is encrypted using fingerprint information, if the user has lost the device equipped with the biometric module for which the fingerprint information is obtained, It is possible to prevent the inconvenience that the encrypted content can not be accessed even if the same user is encrypted.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described in detail with reference to the accompanying drawings.

1 is a view for explaining a first embodiment of the present invention. 2 is a flowchart illustrating an encryption / decryption method according to a first embodiment of the present invention.

According to the first embodiment of the present invention, a user can have a plurality of devices such as a smart phone 100, a watch-type wearable device 401, and a glass-type wearable device 402. At this time, the wearable wearable device 401 may include a module for obtaining fingerprint information. The glass-like wearable device 402 may include a module for acquiring iris information. The smartphone 100 of the user can receive fingerprint information, iris information, etc. of the user from the wearable devices 401 and 402 that are paired with the smartphone 100 through the communication unit.

The user may want to encrypt the resident registration card c10 using the user's own fingerprint information 10 in order to protect the content (e.g., a resident registration card) c10 stored in the smartphone 100. [

The smartphone 100 of the user encrypts and stores the resident registration card c10 using the fingerprint information 10 obtainable from the wearable wearable device 401 and then transmits the fingerprint information c10 to the wearable wearable device 401 (10) and decrypt the resident registration card (c10). That is, the encrypted resident registration card c10 can be decrypted with the biometric information obtained from the biometric module used for encryption.

However, even in a situation where the user can not use the wearable wearable device 401, a method of decrypting the user's own identification card (c10) may be required.

According to the first embodiment of the present invention, even when the user can not use the wearable wearable device 401 (for example, theft, loss, malfunction, etc.), the user can decrypt the encrypted private identification card c10 .

That is, the first embodiment of the present invention can bring about the effect of decrypting the encrypted resident registration card using the iris information 12 obtainable from the glass-like wearable device 402, which is another device possessed by the user.

The above effect can be achieved by previously setting the iris information 12 to be used for decryption, in addition to the fingerprint information 10 used when the user encrypts the resident registration card c10. The smartphone 100 of the user according to the first embodiment of the present invention performs the step of encrypting the first encryption key generated in the fingerprint information 10 by using the iris information 12 previously set by the user The above effect of the present invention can be obtained.

That is, the smartphone 100 of the user can decrypt the first encryption key using the iris information 12 and decrypt the resident registration card c10 using the decrypted first encryption key.

An implementation method of encryption and decryption according to the first embodiment of the present invention will be described in detail with reference to FIGS. 2 to 20.

2 is a flowchart for explaining that different biometric information can be used when encrypting a content and decrypting a content, respectively.

Referring to FIG. 2, in step S101, the controller 130 of the device 100 according to an embodiment of the present invention can encrypt content using first biometric information.

1, the control unit 130 of the device 100 according to an exemplary embodiment of the present invention encrypts (encrypts) a predetermined content c10 using fingerprint information 10 obtained from the external device 401, can do. For example, the predetermined content c10 may be data related to the user's personal information (e.g., a resident registration card), but is not limited thereto.

The external device 401 may be a device having a module capable of acquiring biometric information (hereinafter referred to as a biometric module). For example, referring to FIG. 1, the external device (e.g., watch wearable device) 401 may include a module for recognizing a fingerprint of a finger.

On the other hand, referring to FIG. 2, in step S102, the control unit 130 of the device 100 can decrypt the encrypted content using the second biometric information.

1, the control unit 130 of the device 100 transmits iris information 12 obtained from an external device (for example, a glass-type wearable device) 402 to the encrypted predetermined content c10 It is possible to decode it. This means that the control unit 130 can decrypt the encrypted content using the iris information 12 instead of the fingerprint information 10 used when encrypting the content c10.

A specific method for the control unit 130 to decrypt the encrypted content using the iris information 12 will be described later.

1 shows an embodiment in which the device 100 acquires the fingerprint information 10 and the iris information 12 from the external devices 401 and 402. According to another embodiment of the present invention, May obtain at least one of the fingerprint information (10) and the iris information (12) from at least one biometric module mounted on the device (100). For example, the device 100 can acquire both the fingerprint information 10 and the iris information 12 from a biometric module provided in the device 100, rather than an external device.

<Figs. 3 to 10>

3 to 4C are flowcharts for explaining an encryption method according to the first embodiment of the present invention. That is, Figs. 3 to 4C are flowcharts for explaining an encryption method for decrypting contents using biometric information different from biometric information used in encrypting the contents described in Figs. 1 and 2.

In step S111 of Fig. 3, the control unit 130 of the device 100 can acquire the first biometric information of the user.

According to one embodiment, the control unit 130 can receive the first biometric information from the external device through the communication unit 150. [ Also, the controller 130 may acquire the first biometric information from the biometric module installed in the device 100. [

In step S112 of FIG. 3, the control unit 130 of the device 100 can generate the first encryption key using the first biometric information.

According to an embodiment of the present invention, a method by which the controller 130 generates an encryption key using biometric information may include a step described later.

The control unit 130 may generate biometric information (e.g., fingerprint image of the user) as a template using a predetermined mathematical algorithm. The template may be data (bit string) obtained by coding biometric information extracted through a predetermined sensor.

According to one embodiment, the controller 180 may extract the feature information from the fingerprint image and generate the template using the extracted feature information. The feature information extracted from the fingerprint image may include coordinate values of the feature points extracted from the fingerprint image.

In addition, according to one embodiment, the controller 130 may acquire the fingerprint image a plurality of times, and extract the feature information from each of the obtained plurality of fingerprint images. The feature information extracted from the fingerprint image may include coordinate values of the feature points extracted from the fingerprint image. The control unit 130 may calculate an average value of the extracted feature information. At this time, the feature points extracted from the first fingerprint image may be matched to the feature points extracted from the second fingerprint image, respectively. Also, the controller 130 may correct the average value of the feature information according to a preset reference. The control unit 130 can generate a template using the average value of the feature information.

Accordingly, in the case of the same type of biometric information of the same user, the same template can be generated each time biometric information is acquired for encryption and decryption. The above process is not limited to this embodiment.

On the other hand, the control unit 130 may set the template as a factor of a predetermined function (e.g., a cryptographic hash function, etc.), and set the generated result as an encryption key. In addition, some of the templates may be used as a function argument. This is an example of generating an encryption key using biometric information, but not limited thereto, and various methods for generating an encryption key can be applied.

For example, a predetermined operation (e.g., XOR) process may be applied to the template using a predetermined value of a predetermined length (e.g., 128 bits), and a value corresponding to a specific length of the resultant value may be determined to be an encryption key. In addition, a Password Based Key Derivation Function (PBKDF2) may be utilized.

That is, if the function arguments (templates) are different, the result of the function is different, and a function having a condition that can not deduce a function argument (template) from the result of the function can be applied as a function for generating an encryption key.

In step S113 of Fig. 3, the control unit 130 of the device 100 can encrypt the content using the first encryption key generated in step S112.

On the other hand, in step S114 of FIG. 3, the control unit 130 of the device 100 can acquire the second biometric information of the user.

The second biometric information is biometric information distinguished from the first biometric information. According to one embodiment, the control unit 130 can receive second biometric information from the external device through the communication unit 150. [ In addition, the control unit 130 may acquire second biometric information from the biometric module installed in the device 100. [

3, the control unit 130 of the device 100 can generate the second encryption key using the second biometric information of the user obtained in step S114. The method of generating the encryption key using the biometric information has been described above, and therefore will not be described.

In step S116 of Fig. 3, the control unit 130 of the device 100 can encrypt the first encryption key using the second encryption key generated in step S115.

According to one embodiment, the device 100 may encrypt the first encryption key used when encrypting the content, separately from content encryption (step S113). Accordingly, in order to decrypt the encrypted content, the device 100 may first decrypt the encrypted first encryption key, and then decrypt the content using the decrypted first encryption key.

<Figs. 4A to 4C>

4A and 4B illustrate an example in which the host device 100 acquires biometric information from the first and second external devices 401 and 402. FIG.

For example, the host device 100 may be a smart phone. The first and second external devices 401 and 402 may be a wearable device having a biometric module. For example, the external devices 401 and 402 may be a watch-type wearable device, a glass-type wearable device, a head mounted display device, a band-type wearable device, and the like.

Each of the external devices 401 and 402 includes a biometric module capable of acquiring fingerprint information of a user, a biometric module capable of acquiring iris information, a biometric module capable of extracting face information, A biometric module capable of extracting voice information, a biometric module capable of measuring heart rate, and a biometric module capable of identifying a user's gait pattern. The biometric module provided in each of the above-described devices is an example, and the present invention is not limited thereto.

In step S151 of FIG. 4A, the first external device 401 can acquire the first biometric information of the user.

In step S152 of Fig. 4A, the control unit 130 of the host device 100 can receive the first biometric information from the first external device 401. Fig. That is, the first external device 401 can transmit the acquired first biometric information to the host device 100. [

In step 153 of Fig. 4A, the control unit 130 of the host device 100 can generate the first encryption key using the first biometric information. The method of generating the encryption key using the biometric information has been described in detail with reference to FIG. 3, and therefore, the description is omitted.

In step S154, the control unit 130 of the host device 100 can encrypt the content using the generated first encryption key.

In step S155, the control unit 130 of the host device 100 may store the encrypted content in the host device 100. [

On the other hand, in step S156 of FIG. 4A, the second external device 402 can acquire the second biometric information of the user.

In step S157 of Fig. 4A, the control unit 130 of the host device 100 can receive the second biometric information from the second external device 402. Fig. That is, the second external device 402 can transmit the acquired second biometric information to the host device 100. [

In step S158 of FIG. 4A, the control unit 130 of the host device 100 can generate the second encryption key using the second biometric information. The method of generating the encryption key using the biometric information has been described in detail with reference to FIG. 3, and therefore, the description is omitted.

In step S159, the control unit 130 of the host device 100 can encrypt the first encryption key using the generated second encryption key.

In step S160, the control unit 130 may store the encrypted first encryption key in the host device 100. [

As described above, referring to FIG. 4A, the host device 100 may store the encrypted content in the memory 170. FIG. In addition, the host device 100 may store the encrypted first encryption key in the memory 170.

In the embodiment described above with reference to FIG. 4A, the biometric information obtained by the external device is transmitted to the host device, and then the encryption key is generated using the biometric information received by the host device. However, According to another embodiment, the encryption key may be generated using the biometric information obtained by the external device, and then the generated encryption key may be transmitted to the host device.

4B shows an example in which the device 100 stores the encrypted content and the encrypted first encryption key in the external server 200. [ 4A shows an example in which the device 100 acquires biometric information from an external device, and a detailed description of each step will be omitted.

In step S161 of FIG. 4B, the first external device 401 can acquire the first biometric information of the user. In step S162, the host device 100 can receive the first biometric information from the first external device 401. [ That is, the first external device 401 can transmit the acquired first biometric information to the host device 100. [ In step S163, the host device 100 can generate the first encryption key using the first biometric information. The method of generating the encryption key using the biometric information has been described in detail with reference to FIG. 3, and therefore, the description is omitted. In step S164, the host device 100 can encrypt the content using the generated first encryption key.

On the other hand, in step S165 of FIG. 4B, the second external device 402 can acquire the second biometric information of the user. In step S166, the host device 100 may receive the second biometric information from the second external device 402. [ That is, the second external device 402 can transmit the acquired second biometric information to the host device 100. [ In step S167, the host device 100 can generate the second encryption key using the second biometric information. In step S168, the host device 100 can encrypt the first encryption key using the generated second encryption key.

In step S169 of Fig. 4B, the host device 100 may transmit the encrypted content to the server 200. Fig. In step S170 of FIG. 4B, the host device 100 may transmit the encrypted first encryption key to the server 200. FIG.

In step S171 of FIG. 4B, the server 200 may store the encrypted content. In step S172, the server 200 may store the encrypted first encryption key.

4B, the host device 100 may transmit the encrypted content to the external server 200 via the communication unit 150, and may store the encrypted content in the external server 200 . In addition, the host device 100 may store the encrypted first encryption key in the external server 200. [

The encrypted content stored in the external server 200 and the encrypted first encryption key may be set to be accessible when the host device 100 or the specific authority is granted.

4B, the biometric information obtained by the external device is transmitted to the host device, and then the encryption key is generated using the biometric information received by the host device. However, in the present invention, According to another embodiment, the encryption key may be generated using the biometric information obtained by the external device, and then the generated encryption key may be transmitted to the host device.

4C shows an example in which the host device 100 acquires the first biometric information and acquires the second biometric information from the external device 406. [

Referring to FIG. 4C, in step S201, the host device 100 can acquire the first biometric information of the user. For example, the host device 100 can acquire fingerprint information of a user through a fingerprint recognition module included in the host device 100. [

In step S202 of Fig. 4C, the host device 100 can generate the first encryption key using the first biometric information. For example, the host device 100 can generate the first encryption key using the fingerprint information acquired from the host device 100. [ The method of generating the encryption key using the biometric information has been described in detail with reference to FIG. 3, and therefore, the description is omitted. In step S203 of Fig. 4C, the host device 100 can encrypt the content using the generated first encryption key.

On the other hand, in step S204, the external device 406 can acquire the second biometric information of the user. For example, the glass-like wearable device 406 can acquire the iris information of the user.

In step S205, the host device 100 can receive the second biometric information. For example, the host device 100 may receive iris information of the user from the glass-like wearable device 406. [

In step S206, the control unit 130 of the device 100 can generate the second encryption key using the second biometric information. For example, the host device 100 can generate the second encryption key using the iris information received from the glass-type wearable device 406. [ The method of generating the encryption key using the biometric information has been described in detail with reference to FIG. 3, and therefore, the description is omitted.

In step S207, the control unit 130 of the device 100 can encrypt the first encryption key using the second encryption key generated in step S206.

According to an embodiment of the present invention, the host device 100 can decrypt the content when the second biometric information can be obtained later by encrypting the first encryption key using the second biometric information . That is, the control unit 130 can first decrypt the first encryption key using the second biometric information, and then decrypt the content using the decrypted first encryption key.

4C, the biometric information obtained by the external device is transmitted to the host device, and then the encryption key is generated using the biometric information received by the host device. However, in the present invention, According to another embodiment, the encryption key may be generated using the biometric information obtained by the external device, and then the generated encryption key may be transmitted to the host device.

It is to be understood that the above-described embodiments are illustrative and non-restrictive. Further, it is to be understood that the present invention is not limited to the order of operations shown in the above-described flowcharts, and that according to various embodiments of the present invention, it is to be understood that some steps may be omitted or added, .

&Lt; Figures 5A to 7 &

5A and 5B show examples of a user interface provided for setting a lock on contents.

5A, when the control unit 130 receives an input for selecting a button 201 for setting a lock with the user's finger f11 or the like, It can be determined that the user input is received.

5A, the control unit 130 can receive an input for selecting the screen 203 for setting the lock using the biometric information with the user's finger f11-1 or the like .

5B, the controller 130 may display a menu screen 201-1 for setting a lock using the biometric information on the display unit 121. In this case,

Also, the control unit 130 may display an icon (not shown) for setting the lock using the biometric information on the display unit 121. [

As shown in Fig. 5B, the control unit 130 can receive an input for selecting the screen 203-1 requesting the input of the biometric information by the user's finger f11-3 or the like. 5A and 5B illustrate an example of a user interface for locking a predetermined content, but the present invention is not limited thereto.

6A, the first external device 401 (e.g., a watch-type wearable device) can acquire the fingerprint information 14 of the user's finger and transmit it to the device 100. Fig.

The device 100 can receive the fingerprint information 14 from the first external device 401. [ The control unit 130 may display on the display unit 121 a notification screen 205 indicating that the biometric information for locking the content has been received. This is an example of a user interface for informing a user that biometric information is received and a content is locked, but the present invention is not limited to this. As another example, the control unit 130 may display on the display unit 121 a screen showing the type of the received biometric information (for example, 'fingerprint information').

6B is a diagram for explaining an example in which the device 100 acquires biometric information through a biometric module mounted on the device 100. FIG. For example, the device 100 may include a module 405 for recognizing the fingerprint, and may acquire fingerprint information of the user through an input for touching the finger f12 of the user.

7, the control unit 130 may generate the first encryption key k10 (e.g., key_A) using the fingerprint information 16 acquired from the first external device 401. [ The control unit 130 determines whether the content c16 is encrypted using the first encryption key k10 to indicate that the content c16 has been encrypted using the first encryption key k10, for example, E [content] key_A, Display).

<Figs. 8 to 10>

8 to 10 are diagrams for explaining a step of encrypting an encryption key according to the first embodiment of the present invention.

Referring to FIG. 8, the control unit 130 may display, on the display unit 121, a screen 206 for additionally registering other biometric information to be used when releasing the content lock.

FIG. 8 shows an example of an interface provided to a user, and a user may set biometric information other than the biometric information used in encrypting the content in advance. As a result, the user can later use the additional biometric information set by the user when decrypting the content.

Referring to FIG. 9, the controller 130 may acquire the iris information 18 of the user from the second external device 402 (for example, a glass-type wearable device).

The control unit 130 may display the screen 207 indicating that biometric information has been received on the display unit 121. [ The control unit 130 may display on the display unit 121 a screen 207-1 indicating that the received biometric information is registered as biometric information capable of releasing the content lock. This may be achieved by using the biometric information (for example, fingerprint information, see FIG. 6A) used by the device 100 in encrypting the content, and other biometric information (e.g., iris information 18) To the user.

10, the controller 130 may generate the second encryption key k12 (for example, key_B) using the iris information 20 acquired from the second external device 402. [ The control unit 130 encrypts the first encryption key (k10) (Key_A) (see FIG. 7) (k14) (for example, E [key_A] key_B, quot; key_A &quot; is encrypted using &quot; key_B &quot;).

It is to be understood that the above-described embodiments are illustrative and non-restrictive. Further, it is to be understood that the present invention is not limited to the order of operations shown in the above-described flowcharts, and that according to various embodiments of the present invention, it is to be understood that some steps may be omitted or added, .

11)

11 is a view for explaining an example of a database unit according to the first embodiment of the present invention.

The device 100 according to an embodiment of the present invention may include a database unit d1. The database unit d1 in Fig. 11 may also refer to a database unit d1 provided in the server 200. Fig.

The database unit d1 may include a content database unit d2 and a key database unit d3.

The content database unit d2 may store the encrypted content. For example, the content database unit d2 may store &quot; E [content] key_A &quot; "E [content] key_A" is an indication to indicate that the predetermined content 'content' has been encrypted using 'key_A' corresponding to the encryption key. Hereinafter, the display of &quot; E [aaa] bbb &quot; is an indication to indicate that "aaa" is encrypted using the encryption key "bbb", and a description thereof will be omitted.

The key database unit d3 may store the encrypted key. For example, the key database unit d3 may store &quot; E [key_A] key_B &quot; 911.

That is, the encrypted content and the encrypted key may be stored separately in the content database unit d2 and the key database unit d3, respectively.

According to an embodiment of the present invention, when the device 200 transmits the encrypted content and the encrypted key to the server 200 through the communication unit 150, And store the encrypted key in the content database unit d2 and the key database unit d3, respectively.

According to another embodiment of the present invention, when the server 200 encrypts the content or encrypts the encryption key, the server 200 transmits the encrypted content or the encrypted encryption key to the content database d2, And the database unit d3, respectively.

The encrypted content and the encrypted key may be stored in a database unit provided in either the server 200 or the device 100, respectively. For example, the encrypted content may be stored in a database unit provided in the server 200, and the encrypted key may be stored in a database unit provided in the device 100. [ As another example, the encrypted content may be stored in a database unit provided in the device 100, and the encrypted key may be stored in a database unit provided in the server 200. [

12 to 15,

12 is a flowchart for explaining a method of decrypting contents using second biometric information according to the first embodiment of the present invention. 13A to 15 are diagrams for explaining a method of decrypting contents using second biometric information according to the first embodiment of the present invention.

The method of decrypting a content using the second biometric information according to the first embodiment means a method of decrypting the content using the second biometric information when the content is encrypted using the first biometric information.

12, in step S191, the control unit 130 of the device 100 can acquire the second biometric information of the user.

13A, when the controller 130 receives an input for selecting the encrypted content c21 by the user's finger f24 or the like (Fig. 13A), the controller 130 inputs the biometric information for unlocking the content On the display unit 121 (Fig. 13 (b)). The control unit 130 may display on the display unit 121 lists of devices 216 and 218 capable of acquiring biometric information for decrypting the encrypted content c21. In one embodiment, the control unit 130 may receive a user input for selecting 'Glass' 216 as a device for acquiring biometric information, such as finger f26.

13B, when the controller 130 receives an input for selecting the encrypted content c21 by the user's finger f24-1 or the like (Fig. 13B (a)), the controller 130 displays biometric information The screen 214-1 requesting input of the screen 214 can be displayed on the display unit 121 (Fig. 13B (b)). The control unit 130 may display the types of biometric information 216-1 and 218-1 for decrypting the encrypted content c21 on the display unit 121. [ In one embodiment, the control unit 130 may receive a user input for selecting the 'iris' 216-1 with the finger f26-1 or the like.

13A and 13B illustrate an example of a user interface for requesting input of biometric information for unlocking when the device 100 receives a user input for accessing locked (encrypted) contents, But is not limited thereto. For example, the device 100 may not display a list of biometric information or devices capable of decrypting the encrypted content, but may display only a screen requesting authentication information input.

14, the device 100 may receive the iris information 26 from the glass-like wearable device 402. As shown in Fig. The control unit 130 may display the screen 220 indicating that the authentication information has been received on the display unit 121. [

14 shows an example of a screen showing that the device 100 has received the authentication information from the external device, but the present invention is not limited thereto. For example, the control unit 130 may display the type of the received biometric information (for example, 'iris information') on the display unit 121. Also, the control unit 130 may display a device (e.g., a glass-type wearable device) that has acquired biometric information on the display unit 121. [

12, in step S192, the control unit 130 of the device 100 can generate a decryption key using the second biometric information obtained in step S191.

Throughout the specification, a decryption key according to an embodiment of the present invention means a key generated using biometric information for decrypting contents.

For example, referring to FIG. 12, in the case of using the second biometric information for content decryption, the key generated using the second biometric information may be a decryption key. In this case, the decryption key may be the same as the second encryption key generated using the second biometric information shown in Fig.

As another example, when the first biometric information is used for content decryption as shown in FIG. 19 to be described later, the key generated using the first biometric information may be a decryption key. In this case, the decryption key may be the same as the first encryption key generated using the first biometric information shown in Fig.

In step S193 of Fig. 12, the control unit 130 can decrypt the encrypted first encryption key (see step S116 in Fig. 3) using the decryption key generated in step S192.

In step S194 of Fig. 12, the control unit 130 may decrypt the encrypted content (see step S113 of Fig. 3) using the first encryption key decrypted in step S193.

Hereinafter, with reference to Fig. 15, a method of decrypting contents using the second biometric information shown in Figs. 12 to 14 will be described. The control unit 130 can generate the decryption key key_B (k18) using the acquired iris information 28. [ The control unit 130 can decrypt the encrypted first encryption key E [Key_A] key_B (k20) using the generated decryption key key_B (k18). The control unit 130 can decrypt the encrypted content c22 using the decrypted Key_A (k22) (c23).

It is to be understood that the above-described embodiments are illustrative and non-restrictive. Further, it is to be understood that the present invention is not limited to the order of operations shown in the above-described flowcharts, and that according to various embodiments of the present invention, it is to be understood that some steps may be omitted or added, .

<Figs. 16 to 19>

16 is a flowchart for explaining a method of decoding using first biometric information according to the first embodiment of the present invention. 17A to 19 are diagrams for explaining a method of decoding using first biometric information according to the first embodiment of the present invention. The method of decrypting using the first biometric information means a method of decrypting the encrypted content using the biometric information used in encrypting the content.

Referring to FIG. 16, in step S181, the control unit 130 of the device 100 can acquire biometric information of a user.

As shown in Fig. 17A, when the control unit 130 receives an input for selecting the encrypted content c18 with the user's finger f18-1 (Fig. 17A (a)), A screen 208 requesting input of biometric information can be displayed on the display unit 121 (Fig. 17 (b)). For example, the control unit 130 may display the list of external devices 209 and 210 on the display unit 121 for decrypting the encrypted content c18. As an example, the control unit 130 may receive a user input for selecting 'Watch' 210 as a device to acquire biometric information with a finger (f20) or the like.

17A shows an example of a user interface for requesting input of biometric information for unlocking when the device 100 receives a user input for accessing a locked content (i.e., encrypted content) But is not limited thereto.

17B shows another example of a user interface requesting input of biometric information for unlocking.

17B, when the control unit 130 receives an input for selecting the encrypted content c18 by the user's finger f18-2 or the like (Fig. 17B (a)), A screen 208-2 for requesting input of biometric information can be displayed on the display unit 121 (Fig. 17B (b)). The control unit 130 may display the types of biometric information 209-2 and 210-2 for decrypting the encrypted content c18 on the display unit 121. [

As an example, the control unit 130 may receive a user input for selecting the fingerprint 210-2 as the type of the biometric information using the finger f20-2 or the like.

Referring to FIG. 18, the device 100 can receive the fingerprint information 22 from the wearable wearable device 401. FIG. The control unit 130 may display the screen 212 indicating that the authentication information has been received on the display unit 121. [ 18 shows an example of a screen showing that the device 100 has received the authentication information from the external device, but the present invention is not limited thereto.

For example, the control unit 130 may display the type of the received biometric information (for example, 'fingerprint information') on the display unit 121. Also, the control unit 130 may display the device (e.g., 'watch type wearable device') that has acquired the biometric information on the display unit 121. [

On the other hand, in step S182 of Fig. 16, the control unit 130 of the device 100 can determine whether the biometric information obtained in step S181 is the same as the biometric information that has been encrypted with the content.

In step S183 of Fig. 16, when it is determined in step S182 that the acquired biometric information has the same biometric information as the encrypted content, the control unit 130 generates a decryption key for decrypting the content using the obtained biometric information . In step S184 of Fig. 16, the control unit 130 can decrypt the encrypted content using the decryption key generated in step S183.

For example, if the biometric information in which the content is encrypted is the first biometric information (e.g., fingerprint information) and the obtained biometric information is fingerprint information, the content can be decrypted using the decryption key generated from the obtained biometric information .

On the other hand, in step S185 of Fig. 16, when it is determined in step S182 that the biometric information obtained by encrypting the content is not the same as the biometric information obtained, the control unit 130 uses the obtained biometric information to encrypt the content It is possible to generate a decryption key for decryption.

In step S186 of Fig. 16, the control unit 130 can decrypt the encryption key using the generated decryption key. In step S187, the control unit 130 can decrypt the encrypted content using the decrypted encryption key.

For example, if the biometric information obtained by encrypting the content is first biometric information (e.g., fingerprint information) and the obtained biometric information is second biometric information (e.g., iris information), the generated biometric information It is possible to decrypt the content using the decryption key, and then decrypt the content using the decrypted encryption key.

Hereinafter, referring to Fig. 19, a method of decrypting contents using the first biometric information shown in Figs. 16 to 18 will be described.

Referring to FIG. 19, the control unit 130 can generate a decryption key Key_A (k16) using the acquired fingerprint information 24. The controller 130 can decrypt the encrypted content c19 using the generated decryption key key_A (k16) (c20).

That is, the device 100 according to the embodiment of the present invention can decrypt the encrypted content using the biometric information (fingerprint information, see FIG. 7) used when encrypting the content.

20,

20 is a table for explaining a decoding method according to the first embodiment of the present invention.

That is, FIG. 20 is a table for explaining a method for decrypting encrypted content after content encryption according to the embodiment described with reference to FIG. 1 to FIG.

The control unit 130 can decrypt the content using the second biometric information.

More specifically, the control unit 130 can generate a decryption key (Key_B) using the second biometric information. The control unit 130 can decrypt the encrypted first encryption key E [key_A] key_B using the decryption key (Key_B). The control unit 130 can decrypt the encrypted content E [content] key_A using the decrypted first encryption key Key_A.

Also, the control unit 130 may decrypt the content using the first biometric information.

More specifically, the control unit 130 can generate the decryption key (Key_A) using the first biometric information. The control unit 130 can decrypt the encrypted content E [content] key_A using the decryption key (Key_A).

It is to be understood that the above-described embodiments are illustrative and non-restrictive. Further, it is to be understood that the present invention is not limited to the order of operations shown in the above-described flowcharts, and that according to various embodiments of the present invention, it is to be understood that some steps may be omitted or added, .

[Second Embodiment]

Figs. 21 to 36 are diagrams for explaining the second embodiment of the present invention.

Fig. 21 shows an example in which a plurality of users can share contents. As shown in Fig. 21, for example, when the first user encrypts the content using the biometric information of the first user, the second and third users use the biometric information of the second and third users to encrypt the content Can be decoded.

According to the second embodiment of the present invention, the first user can have the smartphone 100, the glass-like wearable device 801, and the like. The glass-like wearable device 801 may include a biometric module capable of acquiring the iris information 34. [ The smartphone 100 of the first user can acquire the iris information by receiving the iris information 34 obtained from the paired glass-like wearable device 801 through the communication unit.

And the second user can hold the watch type wearable device 802. [ The wearable wearable device 802 may have a microphone capable of acquiring voice information of the user. The third user may have a smartphone 803. The smartphone 803 may include a biometric module capable of recognizing the user's face information.

With respect to the second embodiment of the present invention, in order for a plurality of users to collaborate on the document c26, a plurality of users who are allowed to access must each be able to decrypt the encrypted document. When the first user user 1 generates the document c26, the first user may wish to allow the second user user 2 and the third user user 3 to access the document c26. In this case, the first user can encrypt the document c26 using his / her biometric information, and then set the second user and the third user to decrypt the document c26 using their biometric information .

For example, the smartphone 100 of the first user encrypts the document c26 using the iris information 34 of the first user, encrypts the voice information 36 of the second user, the face information 38 of the third user ) Can be used to set the document c26 to be decoded.

According to the second embodiment of the present invention, the encryption key generated by the iris information 34 is encrypted using the audio information 36 of the second user, and subsequently the audio information 36 of the second user is used The encryption key can be decrypted, and the document c26 can be decrypted using the decrypted encryption key.

The encryption key generated by the iris information 34 is encrypted using the face information 38 of the third user and the encryption key can be decrypted later using the face information 38 of the third user , The document c26 can be decrypted using the decrypted encryption key.

Although FIG. 21 shows an example in which the smartphone 100 as the device of the first user acquires the biometric information of the first user from the glass-like wearable device 801, which is an external device, the present invention is not limited thereto. According to another embodiment of the present invention, the smartphone 100 of the first user may directly acquire the biometric information of the user from the biometric information recognition module provided in the smartphone 100.

A concrete implementation method of encryption and decryption according to the second embodiment of the present invention will be described in more detail with reference to FIGS. 22 to 35, which will be described later.

22 is a flowchart for explaining an encryption method according to the second embodiment of the present invention.

23 to 25 are diagrams for explaining a method of encrypting contents according to the second embodiment of the present invention. 26 to 28 are diagrams for explaining the step of encrypting the first encryption key using the biometric information of the second user according to the second embodiment of the present invention.

29A to 30 are diagrams for explaining a step of encrypting a first encryption key using biometric information of a third user according to the second embodiment of the present invention.

In FIG. 22, for example, the device 100 of the first user according to the second embodiment of the present invention may be a smartphone (see FIG. 21). The device 802 of the second user may be a wearable wearable device (see FIG. 21). The third user's device 803 may be a smartphone (see FIG. 21). In the description of FIG. 22, for convenience of explanation with reference to FIG. 21, one example of each device is described, but the present invention is not limited thereto.

Referring to FIG. 22, in step S241, the device 100 of the first user can acquire biometric information of the first user. The device 100 of the first user may acquire the first biometric information from the biometric module provided in the device 100 of the first user. As another example, the device 100 of the first user may acquire the first biometric information from the external device of the first user.

In step S242, the control unit 130 of the device 100 of the first user can generate the first encryption key using the biometric information of the first user. The method of generating the encryption key using the biometric information has been described in detail with reference to FIG. 3, and therefore, the description is omitted.

In step S243, the device 100 of the first user can encrypt the content using the first encryption key generated in step S242.

23 (a), the control unit 130 of the device 100 transmits a button 228 for locking the content (e.g., document data) c27 to the user's finger f32 or the like And can receive an input to select.

Referring to FIG. 23 (b), the control unit 130 of the device 100 displays on the display unit 121 a selection screen 230 for locking (i.e., encrypting) the content using biometric information .

As shown in Fig. 24, the device 100 of the first user can receive the iris information 40 of the first user from the external device 801 of the first user. The controller 130 of the first user device 100 may display the screen 232-1 on the display unit 121 indicating that biometric information has been received. The controller 130 of the device 100 of the first user may display the screen 232-2 on the display unit 121 indicating that the content is locked. This is an example of a user interface of a device that has received biometric information for content lock setting from an external device, but is not limited thereto.

The controller 130 of the device 100 uses the iris information 42 acquired from the first external device 801 to generate the first encryption key k26 (e.g., key_C) Lt; / RTI &gt; The control unit 130 decrypts the content c28 using the first encryption key k26 to indicate that the content c28 has been encrypted using the first content key c and the second content key c Display).

26 to 30 are diagrams for explaining a method of sharing contents encrypted by a device 100 according to an embodiment of the present invention with other users.

Referring to Fig. 26A, the device 100 can display a menu window 234-1 for sharing setting on the execution screen of a content (e.g., document data). Referring to FIG. 26B, when the device 100 receives a user input for selecting the menu 234-1 for sharing setting with the finger f36-1 or the like, The contact list 234-2 of the acquaintances can be displayed. The device 100 can determine that it is a selection signal for sharing the content with the selected specific acquaintance when receiving the input for selecting the contact 234-2 of the specific acquaintance by the finger f36-2 or the like.

The contents sharing setting via the contact list of the acquaintances described in FIG. 26 is not limited to this embodiment as one embodiment of the present invention. For example, the device 100 may set the content sharing using the extracted acquaintance information by extracting the acquaintance information from the predetermined image through the face recognition of the person. In addition, the device 100 may set content sharing with the acquaintances through the recent call list.

On the other hand, referring to FIG. 22, in step S244, the device 802 of the second user can acquire the biometric information of the second user. In step S245, the device 802 of the second user can generate the second encryption key using the biometric information of the second user.

In step S246, the device 100 of the first user may receive the second encryption key from the device 802 of the second user. That is, the device 802 of the second user can transmit the generated second encryption key to the device 100 of the first user.

The device 802 of the second user according to another embodiment of the present invention may transmit the biometric information of the second user to the device 100 of the first user. The device 100 of the first user receiving the biometric information of the second user may generate the second encryption key using the biometric information of the second user.

Data transmission (e.g., transmission of biometric information, transmission of an encryption key, transmission of a decryption key, etc.) between a transmitting device and a receiving device according to an embodiment of the present invention may be performed using a secure channel. The secure channel means a channel having high security of communication contents between the transmitting device and the receiving device. That is, the secure channel can be configured using protocols such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS), which are protocols for securely transmitting and receiving data. For example, the secure channel may refer to https (hypertext transfer protocol over Secure Sockets Layer) configured by applying a protocol such as SSL or TLS.

On the other hand, in step S247 of FIG. 22, the device 100 of the first user can encrypt the first encryption key using the second encryption key generated using the biometric information of the second user.

As a result, the device 802 of the second user can decrypt the encrypted first encryption key (see step S247) by using the biometric information of the second user. When the first encryption key is decrypted, the device 802 of the second user can decrypt the encrypted content (see step S243) using the first encryption key.

FIG. 27 shows an example of acquiring biometric information from a second user.

As shown in Fig. 27, the device 100 of the first user can receive the voice information 46 of the second user from the device 802 of the second user.

The controller 130 of the device 100 of the first user may display the screen 236-1 on the display unit 121 indicating that the voice information of the second user has been extracted.

For example, the device 100 of the first user may receive the voice information of the second user from the contents of the conversation with the second user through the call connection with the device 802 of the second user, 46 can be extracted.

Also, the device 100 may receive a voice file in which the voice of the second user is recorded, from the device 100 of the second user. The device 100 can extract the voice information 46 of the second user from the received voice file.

The controller 130 of the device 100 of the first user may display the screen 236-2 on the display unit 121 indicating that the second user is allowed to release the content lock. This is an example of a user interface of a device that has received biometric information for releasing a content lock from a device of a second user, but is not limited thereto.

FIG. 28 is a view for explaining the step of encrypting the first encryption key (Key_C) using the second encryption key (Key_D).

The control unit 130 of the device 100 may generate the second encryption key k28 (e.g., key_D) using the voice information 48 obtained from the device 802 of the second user. The control unit 130 encrypts the first encryption key k30 (key_C) (for example, E [key_C] key_D, which uses 'key_D'Quot; is an indication to indicate that the encryption has been performed).

Further, steps for sharing content with another user (third user) will be described.

Referring to FIG. 22, in step S248, the device 803 of the third user can acquire biometric information of the third user. In step S249, the device 803 of the third user can generate the third encryption key using the biometric information of the third user.

In step S250, the device 100 of the first user may receive the third encryption key from the device 803 of the third user. That is, the third user's device 803 can transmit the third encryption key generated in step S249 to the device 100 of the first user.

The device 803 of the third user according to another embodiment of the present invention may transmit the biometric information of the third user to the device 100 of the first user. The device 100 of the first user who has received the biometric information of the third user can generate the third encryption key using the biometric information of the third user.

In step S251, the device 100 of the first user can encrypt the first encryption key using the third encryption key. That is, the device 100 of the first user can encrypt the first encryption key using the third encryption key generated using the biometric information of the third user.

As a result, the device 803 of the third user can decrypt the encrypted first encryption key (see step S247) by using the biometric information of the third user. When the first encryption key is decrypted, the device 803 of the third user can decrypt the encrypted content (see step S243) using the decrypted first encryption key.

29A shows an example of acquiring biometric information from a third user.

29A, the device 100 of the first user can receive the face information 50-1 of the third user from the device 803 of the third user.

The controller 130 of the device 100 of the first user may display the screen 237-1 on the display unit 121 indicating that the biometric information of the third user has been received.

For example, the device 100 of the first user may receive the image data 50 from the device 802 of the third user who wants to share the content. The device 100 of the first user may extract the face information 50-1 from the image data 50. [

The controller 130 of the device 100 of the first user may display a screen 237-2 on the display unit 121 indicating that the third user is allowed to release the content lock. This is an example of a user interface of a device that has received biometric information for releasing a content lock from a device of a third user, but is not limited thereto.

As another example, referring to FIG. 29B, the device 100 of the first user may extract face information from image data already stored in the device 100. The device 100 of the first user can display the images 238 stored in the memory on the display unit 121, as shown in (a) of FIG. The device 100 may receive a user input for selecting the displayed image 51 with the finger f37 or the like.

The control unit 130 can extract the face information 51-2 of the user included in the image data 51-1 as shown in (b) of FIG.

The control unit 130 can display on the display unit 121 a screen 238-1 indicating that the face information of the third user has been extracted, as shown in (c) of FIG.

The controller 130 of the device 100 of the first user may display the screen 238-2 on the display unit 121 indicating that the third user is allowed to release the content lock. This is an example of a user interface of a device that has received biometric information for releasing a content lock from a device of a third user, but is not limited thereto.

30 is a view for explaining a step of encrypting a first encryption key (Key_C) using a third encryption key (Key_E). Referring to FIG. 30, the control unit 130 of the device 100 generates a third encryption key (For example, key_E) using the face information 52 obtained from the device 803 of the first encryption key k32. The control unit 130 encrypts the first encryption key k34 (key_C) (for example, E [key_C] key_E, which uses 'key_E' Quot; is an indication to indicate that the encryption has been performed).

It is to be understood that the above-described embodiments are illustrative and non-restrictive. Further, it is to be understood that the present invention is not limited to the order of operations shown in the above-described flowcharts, and that according to various embodiments of the present invention, it is to be understood that some steps may be omitted or added, .

31 to 32 are diagrams for explaining a decoding method according to a second embodiment of the present invention.

Referring to FIG. 31, in step S261, the device 100 of the first user may store the encrypted content. In step S262, the device 100 of the first user may store the encrypted first encryption key. 31 is an embodiment in which the device 100 of the first user stores the encrypted content and the encrypted first encryption key.

In step S263, the device 802 of the second user can request the content of the device of the first user. That is, the device 802 of the second user who wants to access the encrypted content can request the content of the device 100 of the first user that stored the encrypted content.

In step S264, the device 100 of the first user may transmit the encrypted content to the device of the second user. In step S265, the device 100 of the first user may transmit the encrypted first encryption key to the device 802 of the second user.

As described above, data transmission (for example, transmission of contents, transmission of biometric information, transmission of an encryption key, transmission of a decryption key, etc.) between a transmitting device and a receiving device according to an embodiment of the present invention, . &Lt; / RTI &gt; The secure channel means a channel having high security of communication contents between the transmitting device and the receiving device. That is, the secure channel can be configured using protocols such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS), which are protocols for securely transmitting and receiving data. For example, the secure channel may refer to https (hypertext transfer protocol over Secure Sockets Layer) configured by applying a protocol such as SSL or TLS.

On the other hand, in step S266, the device 802 of the second user can acquire the biometric information of the second user. In step S267, the device 802 of the second user can generate the decryption key using the biometric information of the second user. 31, the decryption key may be the same as the second encryption key generated using the biometric information of the second user.

In step S268, the second user's device 802 can decrypt the first encryption key received in step S265 using the decryption key generated in step S267.

In step S269, the device 802 of the second user can decrypt the content received in step S264 using the decrypted first encryption key.

According to one embodiment, the device 802 of the second user can decrypt the content using the biometric information of the second user, thereby bringing about the effect of sharing the content of the first user.

32 is a diagram for explaining an embodiment in which the server 200 stores the encrypted content and the encrypted first encryption key.

Referring to FIG. 32, in step S271, a device 100 of a first user according to an embodiment of the present invention may transmit encrypted content to the server 200. FIG. In step S272, the device 100 of the first user may transmit the encrypted first encryption key to the server 200. [ In step S273, the server 200 according to an embodiment of the present invention can store the encrypted content. In step S274, the server 200 may store the encrypted first encryption key.

In step S275, the device 802 of the second user can request the content from the server 200. [ That is, the device 802 of the second user who wants to access the encrypted content can request the content 200 from the server 200 that stores the encrypted content.

In step S276, the server 200 may transmit the encrypted content to the device 802 of the second user. In step S277, the server 200 may transmit the encrypted first encryption key to the device 802 of the second user.

On the other hand, in step S278, the device 802 of the second user can acquire the biometric information of the second user. In step S279, the device 802 of the second user can generate the decryption key using the biometric information of the second user. 32, the decryption key may be the same as the second encryption key generated using the biometric information of the second user.

In step S280, the device 802 of the second user can decrypt the first encryption key received in step S277 using the decryption key generated in step S279. In step S281, the device 802 of the second user can decrypt the content received in step S276 using the decrypted first encryption key.

According to one embodiment, the device 802 of the second user can decrypt the content using the biometric information of the second user, thereby bringing about the effect of sharing the content of the first user.

33 is a table for explaining a decoding method according to the second embodiment of the present invention.

That is, FIG. 33 is a table for explaining a method for decrypting encrypted content after content encryption according to the embodiment described in FIGS. 21 to 32.

The control unit 130 can decode the content using the biometric information of the second user.

Specifically, the control unit 130 can generate a decryption key (Key_D) using the biometric information of the second user. The control unit 130 can decrypt the encrypted key E [key_C] key_D using the decryption key (Key_D). The control unit 130 can decrypt the encrypted content E [content] key_C using the decrypted encryption key Key_C.

Also, the control unit 130 may decode the contents using the biometric information of the third user.

Specifically, the control unit 130 can generate a decryption key (Key_E) using the biometric information of the third user. The control unit 130 can decrypt the encrypted key E [key_C] key_E using the decryption key (Key_E). The control unit 130 can decrypt the encrypted content E [content] key_C using the decrypted encryption key Key_C.

Also, the control unit 130 may decode the contents using the biometric information of the first user.

More specifically, the control unit 130 can generate the decryption key (Key_C) using the first biometric information. The control unit 130 can decrypt the encrypted content E [content] key_C using the decryption key (Key_C).

34 is a flowchart for explaining a method for changing encryption according to the second embodiment of the present invention. 34 is a diagram for explaining a method of changing encryption according to the second embodiment of the present invention.

For example, as in the embodiment of Figs. 21 to 33, after the first user encrypts the content, the content can be shared with the second user and the third user. That is, the first user can grant the second user and the third user the authority to access the encrypted content, respectively.

A method for sharing a content, the method comprising the steps of: a first user device configured to encrypt a first encryption key (the content is encrypted using a first encryption key, a second encryption key, The encryption key used for encryption).

According to an embodiment of the present invention, the first user may release the contents access right of the second user and the third user.

A method for releasing content sharing, wherein a device of a first user can encrypt and store content using an encryption key generated using new biometric information. In this case, the second user and the third user generate a decryption key using their biometric information, and decrypt the content (encrypted with the new encryption key) even if the first encryption key is obtained using the generated decryption key Can not.

Referring to FIG. 34, in step S301, the device 100 of the first user may store the encrypted content using the first encryption key. In step S302, the device 100 of the first user can store the encrypted first encryption key using the second encryption key (the encryption key generated using the biometric information of the second user). In step S303, the device 100 of the first user may store the encrypted first encryption key using the third encryption key (the encryption key generated using the biometric information of the third user).

By steps S302 and S303, the content can be shared by the second user and the third user. That is, the second encryption key may be generated from the biometric information of the second user. The first encryption key can be decrypted by the second encryption key, and the content can be decrypted by the first encryption key.

Further, the third encryption key may be generated from the biometric information of the third user. The first encryption key can be decrypted by the third encryption key, and the content can be decrypted by the first encryption key.

On the other hand, in step S304, the device 100 of the first user can acquire the biometric information of the first user. In step S305, the device 100 of the first user can generate the decryption key using the biometric information of the first user. In step S306, the device 100 of the first user can decrypt the encrypted content using the decryption key. That is, the device 100 of the first user can obtain the decrypted content.

In step S307, the device 100 of the first user may delete the encrypted content using the first encryption key. As a result, the effect of content sharing by the second user and the third user can be released.

Further, in step S308, the device 100 of the first user may acquire other biometric information of the first user. That is, the device 100 of the first user can acquire biometric information other than the biometric information obtained in step S304.

In step S309, the device 100 of the first user can generate the fourth encryption key using the other biometric information of the first user. In step S310, the device 100 of the first user can encrypt the content using the fourth encryption key.

As a result, since the content encrypted using the fourth encryption key can not be decrypted by the second and third encryption keys generated from the biometric information of the second and third users, the second and third users can decrypt the content .

34 shows an embodiment in which the device 100 of the first user stores the encrypted content. However, according to another embodiment of the present invention, the encrypted content is stored in the external server, The device 100 of the content server 100 may request and receive the encrypted content from the external server and perform steps S304 to S310.

The device 100 of the first user may store the encrypted content using the fourth encryption key. As another example, the device 100 of the first user may transmit the encrypted content to the external server using the fourth encryption key.

35A, the control unit 130 of the device 100 receives a user input for selecting the button 240 for changing the lock setting of the locked content c30 with the finger f38 or the like can do.

Referring to FIG. 35B, the control unit 130 may display a screen 242 for requesting the input of new biometric information on the display unit 121 to change the lock setting.

35 shows an example of a user interface for decrypting the content locked by the device 100 (i.e., encrypted) and re-encrypting it using new biometric information, but is not limited thereto.

[Third Embodiment]

36 is a flowchart for explaining an encryption method according to the third embodiment of the present invention.

In step S311, the device 100 of the first user may generate a content encryption key.

The content encryption key may refer to a key that is randomly generated by a system that encrypts the content (i.e., the device 100 of the first user).

In step S312, the user device 100 may transmit the content encryption key to the device 1001 of the second user.

The transmission of the content encryption key may be performed using a secure channel. As described above, the secure channel means a channel having high security of communication contents between the transmitting device and the receiving device. That is, the secure channel can be configured using protocols such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS), which are protocols for securely transmitting and receiving data. For example, the secure channel may refer to https (hypertext transfer protocol over Secure Sockets Layer) configured by applying a protocol such as SSL or TLS.

In step S313, the device 100 of the first user can encrypt the content using the content encryption key.

In step S314, the device 100 of the first user can acquire biometric information of the first user. In step S315, the device 100 of the first user can generate the first encryption key using the biometric information of the first user. In step S316, the device 100 of the first user can encrypt the content encryption key using the first encryption key. In step S317, the device 100 of the first user may store the content encryption key encrypted using the first encryption key.

Meanwhile, in step S312, the device 1001 of the second user according to an embodiment of the present invention may receive the content encryption key from the device of the first user.

In step S318, the device 1001 of the second user can acquire the biometric information of the second user. In step S319, the device 1001 of the second user can generate the second encryption key using the biometric information of the second user. In step S320, the device 1001 of the second user can encrypt the content encryption key using the second encryption key. In step S321, the device 1001 of the second user can store the content encryption key encrypted using the second encryption key.

As a result, the device 1001 of the second user can decrypt the content encryption key using the biometric information of the second user, and then decrypt the encrypted content using the decrypted content encryption key.

It is to be understood that the above-described embodiments are illustrative and non-restrictive. Further, it is to be understood that the present invention is not limited to the order of operations shown in the above-described flowcharts, and that according to various embodiments of the present invention, it is to be understood that some steps may be omitted or added, .

37 to 38 are flowcharts for explaining a decoding method according to the third embodiment of the present invention.

In step S331, the device 100 of the first user may store the encrypted content. In step S332, the device 100 of the first user may store the encrypted content encryption key using the first encryption key.

In step S333, the device 2001 of the second user may store the encrypted content encryption key using the second encryption key.

In step S334, the device 2001 of the second user can request the content of the device of the first user. That is, the device 2001 of the second user who wants to access the encrypted content can request the content of the device of the first user.

In step S335, the device 100 of the first user may transmit the encrypted content to the device 2001 of the second user.

In step S336, the device 2001 of the second user can acquire the biometric information of the second user. In step S337, the device 2001 of the second user can generate the decryption key using the biometric information of the second user. The decryption key generated using the biometric information of the second user may be the same as the second encryption key.

In step S338, the device 2001 of the second user can decrypt the content encryption key using the decryption key generated in step S337. In step S339, the device 2001 of the second user can decrypt the content using the decrypted content encryption key.

38 shows an embodiment in which the server 200 stores encrypted contents.

In step S342, the server 200 according to an embodiment of the present invention may store the encrypted content. In step S343, the device 2001 of the second user may store the encrypted content encryption key using the second encryption key.

In step S344, the device 2001 of the second user can request content from the server. That is, the device 2001 of the second user who wants to access the encrypted content can request the content to the server 200.

In step S345, the server 200 may transmit the encrypted content to the device 2001 of the second user.

In step S346, the device 2001 of the second user can acquire the biometric information of the second user. In step S347, the device 2001 of the second user can generate the decryption key using the biometric information of the second user. The decryption key generated using the biometric information of the second user may be the same as the second encryption key. In step S348, the device 2001 of the second user can decrypt the content encryption key using the generated decryption key. In step S349, the device 2001 of the second user can decrypt the content using the decrypted content encryption key.

It is to be understood that the above-described embodiments are illustrative and non-restrictive. Further, it is to be understood that the present invention is not limited to the order of operations shown in the above-described flowcharts, and that according to various embodiments of the present invention, it is to be understood that some steps may be omitted or added, .

39 is a table for explaining a decoding method according to the third embodiment of the present invention.

That is, FIG. 39 is a table for explaining a method for decrypting the encrypted content after the content encryption according to the embodiment described in FIG. 34 to FIG.

The control unit 130 can decode the contents using the biometric information of the first user.

Specifically, the control unit 130 can generate a decryption key (Key_A) using the biometric information of the first user. The control unit 130 can decrypt the encrypted key E [key_con] key_A using the decryption key (Key_A). The controller 130 can decrypt the encrypted content E [content] key_con using the decrypted encryption key Key_con.

Also, the control unit 130 may decrypt the content using the biometric information of the second user.

Specifically, the control unit 130 can generate a decryption key (Key_B) using the biometric information of the second user. The control unit 130 can decrypt the encrypted key E [key_con] key_B using the decryption key (Key_B). The controller 130 can decrypt the encrypted content E [content] key_con using the decrypted encryption key Key_con.

[Fourth Embodiment]

40 to 42 are flowcharts for explaining the encryption method according to the fourth embodiment of the present invention.

Referring to FIG. 40, in step S351, the first device 100 according to an embodiment of the present invention may acquire the first biometric information of the user. In step S352, the first device 100 can generate the first encryption key using the first biometric information of the user. In step S353, the first device 100 can encrypt the content using the generated first encryption key.

Meanwhile, in step S354, the second device 2002 according to the embodiment of the present invention can acquire the second biometric information of the user. In step S355, the second device 2002 can generate the second encryption key using the second biometric information of the user.

In step S356, the first device 100 may receive the second encryption key from the second device 2002. [ In step S357, the first device 100 can double-encrypt the encrypted content using the second encryption key. In step S358, the first device 100 may store the double encrypted content.

That is, according to an embodiment of the present invention, the first device 100 may encrypt the content using the first biometric information, and then double-encrypt the content using the second biometric information.

The first device 100 and the second device 2002 may be devices of the same user. Also, the first device 100 and the second device 2002 may be devices of different users.

41 shows an example in which the first device acquires the first biometric information from an external device (third device) in the encryption method according to the fourth embodiment of the present invention.

Referring to FIG. 41, in step S351-1, the third device 2006 according to an embodiment of the present invention can acquire the first biometric information of the user. In step S351-2, the third device 2006 can transmit the first biometric information to the first device 100. [

In step S352-1, the first device 100 can generate the first encryption key using the first biometric information of the user. In step S353-1, the first device 100 can encrypt the content using the first encryption key generated in step S352-1.

According to another embodiment of the present invention, after the third device 2006 acquires the first biometric information to generate the first encryption key, the generated first encryption key is transmitted to the first device 100 . The first device 100 may encrypt the content using the received first encryption key.

Meanwhile, in step S354-1, the second device 2002 according to the embodiment of the present invention can acquire the second biometric information of the user. In step S355-1, the second device 2002 can generate the second encryption key using the second biometric information of the user.

In step S356-1, the first device 100 may receive the second encryption key from the second device 2002. [ In step S357-1, the first device 100 can double-encrypt the encrypted content using the second encryption key. In step S358-1, the first device 100 may store the double encrypted content.

That is, according to an embodiment of the present invention, the first device 100 may encrypt the content using the first biometric information, and then double-encrypt the content using the second biometric information.

The first device 100 and the second device 2002 may be devices of the same user. Also, the first device 100 and the second device 2002 may be devices of different users.

As another embodiment, Fig. 42 shows an example in which a single device 100 uses a plurality of pieces of biometric information to double-encrypt content.

In step S361, the device 100 according to an embodiment of the present invention can acquire the first biometric information of the user. In step S362, the device 100 can generate the first encryption key using the first biometric information of the user. In step S363, the device 100 can encrypt the content using the generated first encryption key.

In step S364, the device 100 can acquire the second biometric information of the user. In step S365, the device 100 can generate the second encryption key using the second biometric information of the user. In step S366, the device 100 can double-encrypt the encrypted content using the second encryption key. In step S367, the device 100 may store the double encrypted content.

43 to 45 are flowcharts for explaining a decoding method according to the fourth embodiment of the present invention.

FIG. 43 shows an embodiment of a decoding method corresponding to the encryption method described in FIG.

In step S371, the first device 100 according to an embodiment of the present invention may store the double encrypted content.

In step S372, the first device 100 can acquire the first biometric information of the user. In step S373, the first device 100 can generate the first decryption key using the first biometric information of the user.

Meanwhile, in step S374, the first device 100 may request the second device 2002 for a second decryption key. That is, the first device 100 may request a second decryption key from the second device 200 to decrypt the content.

Further, in step S375, the second device 2002 can acquire the second biometric information of the user. In step S376, the second device 2002 can generate the second decryption key using the second biometric information of the user.

In step S377, the first device 100 may receive the second decryption key from the second device. That is, the second device 2002 can transmit the generated second decryption key to the first device 100. [

In step S378, the first device 100 may decrypt the double-encrypted content using the first and second decryption keys. That is, the first device 100 encrypts the encrypted content (e.g., encrypted content) using the generated first decryption key (e.g., Key_A) and the second decryption key (e.g., Key_B) received from the second device For example, E [E [content] Key_A] Key_B.

44 is an embodiment of a decoding method corresponding to the encryption method explained in Fig.

In step S371-1, the first device 100 according to an embodiment of the present invention may store the double encrypted content.

On the other hand, in step S372-1, the third device 2006 can acquire the first biometric information of the user. In step S372-2, the third device 2006 can transmit the first biometric information to the first device 100. [ That is, the first device 100 can receive the first biometric information of the user from an external device (e.g., third device) 2006. [

In step S373-1, the first device 100 can generate the first decryption key using the first biometric information.

According to another embodiment of the present invention, the third device 2006 acquires the first biometric information to generate a first decryption key, and then transmits the generated first decryption key to the first device 100 .

Meanwhile, in step S374-1, the first device 100 may request the second device 2002 for the second decryption key. That is, the first device 100 may request a second decryption key from the second device 200 to decrypt the content.

In step S375-1, the second device 2002 can acquire the second biometric information of the user. In step S376-1, the second device 2002 can generate the second decryption key using the second biometric information of the user.

In step S377-1, the first device 100 can receive the second decryption key from the second device. That is, the second device 2002 can transmit the generated second decryption key to the first device 100. [

In step S378-1, the first device 100 can decrypt the double-encrypted content using the first and second decryption keys. That is, the first device 100 encrypts the encrypted content (e.g., encrypted content) using the generated first decryption key (e.g., Key_A) and the second decryption key (e.g., Key_B) received from the second device For example, E [E [content] Key_A] Key_B.

45 shows an embodiment in which the first device 100 requests the second device 2002 to decrypt content.

In step S381, the first device 100 according to an embodiment of the present invention may store the double encrypted content.

In step S382, the first device 100 may transmit the double-encrypted content to the second device 2002 and request decryption.

In step S385, the second device 2002 can acquire the second biometric information of the user. In step S386, the second device 2002 can generate the second decryption key using the second biometric information of the user. In step S387, the second device 2002 can first decrypt the double-encrypted content using the second decryption key. That is, the second device 2002 can decode the double-encrypted content using the second biometric information obtainable from the second device.

In step S388, the first device 100 may receive the first decrypted content. That is, the second device 2002 may transmit the first decrypted content to the first device 100. [

On the other hand, in step S383, the first device 100 can acquire the first biometric information of the user. In step S384, the first device 100 can generate the first decryption key using the first biometric information of the user.

In step S389, the first device 100 can second decrypt the first decrypted content received from the second device 2002 using the first decryption key. That is, the first device 100 uses the generated first decryption key (e.g., Key_A) to decrypt the first decrypted content (for example, E [content] Key_A) received from the second device It can be decoded.

It is to be understood that the above-described embodiments are illustrative and non-restrictive. Further, it is to be understood that the present invention is not limited to the order of operations shown in the above-described flowcharts, and that according to various embodiments of the present invention, it is to be understood that some steps may be omitted or added, .

46 is a table for explaining a decoding method according to the fourth embodiment of the present invention.

That is, FIG. 46 is a table for explaining a method for decrypting encrypted content after content encryption according to the embodiment described in FIGS. 40 to 45.

The control unit 130 can decrypt the content using the first biometric information and the second biometric information.

More specifically, the control unit 130 can generate a decryption key (Key_A) using the first biometric information. Also, the control unit 130 can generate a decryption key (Key_B) using the second biometric information.

The control unit 130 can decrypt the encrypted content E [E [content] key_A] Key_B using the decryption keys (Key_A) and (Key_B).

As another example, the encrypted content E [E [content] Key_B] Key_A may be decrypted using the decryption key key_A and the decryption key key_B.

[Fifth Embodiment]

47 to 48 are flowcharts for explaining the encryption method according to the fifth embodiment of the present invention. 47 to 48 show an example of encrypting a content using an encryption key generated by combining a plurality of encryption keys using a plurality of pieces of biometric information.

Referring to Fig. 47, in step S391, the first device 100 can acquire the first biometric information of the user. In step S392, the first device 100 can generate the first encryption key using the first biometric information of the user.

On the other hand, in step S393, the second device 2002 can acquire the second biometric information of the user. In step S394, the second device 2002 can generate the second encryption key using the second biometric information of the user.

In step S395, the first device 100 may receive the second encryption key. That is, the second device 2002 may transmit the second encryption key to the first device 100. [

In step S396, the first device 100 can generate the third encryption key by combining the first encryption key and the second encryption key. In step S397, the first device 100 transmits the third encryption key

The first decryption key can be generated using the biometric information.

Further, according to another embodiment of the present invention, the third device 2006 may acquire the first biometric information to generate the first encryption key, and then encrypt the content using the generated encryption key. In step S398, the first device 100 may store the encrypted content.

48 shows an example of how the first device acquires the first biometric information from the external device (third device) in the encryption method according to the fifth embodiment of the present invention.

Referring to FIG. 48, the first device 100 can receive the first biometric information of the user from the external device (third device) 2006. [

In step S391-1, the third device 2006 can acquire the first biometric information of the user. In step S391-2, the first device 100 can receive the first biometric information from the third device 2006. [

In step S392-1, the first device 100 may transmit the first first encryption key to the first device 100. [

On the other hand, in step S393-1, the second device 2002 can acquire the second biometric information of the user. In step S394-1, the second device 2002 can generate the second encryption key using the second biometric information of the user.

In step S395-1, the first device 100 may receive the second encryption key from the second device 2002. [ That is, the second device 2002 may transmit the second encryption key to the first device 100. [

In step S396-1, the first device 100 can generate the third encryption key by combining the first encryption key and the second encryption key. In step S397-1, the first device 100 can encrypt the content using the third encryption key. In step S398-1, the first device 100 may store the encrypted content.

49 to 51 are flowcharts for explaining a decoding method according to a fifth embodiment of the present invention.

 FIG. 49 is a flowchart for explaining a decoding method corresponding to the encryption method described in FIG. 47; FIG.

In step S401, the first device 100 according to an embodiment of the present invention may store the encrypted content. In step S402, the first device 100 can acquire the first biometric information of the user. In step S403, the first device 100 can generate the first decryption key using the first biometric information of the user.

Meanwhile, in step S404, the first device 100 may request the second device 2002 for a second decryption key. That is, the first device 100 may request a second decryption key from the second device 2002 to decrypt the double encrypted content.

In step S405, the second device 2002 can acquire the second biometric information of the user. In step S406, the second device 2002 can generate the second decryption key using the second biometric information of the user.

In step 407, the first device 100 may receive the second decryption key from the second device 2002. [ That is, the second device 2002 can transmit the second decryption key to the first device 100. [

In step S408, the first device 100 can generate the third decryption key by combining the first and second decryption keys. In step S409, the first device 100 can decrypt the content using the third decryption key.

50 is a flowchart for explaining a decoding method corresponding to the encryption method described in Fig.

The first device 100 according to an embodiment of the present invention may receive first biometric information of a user from an external device (third device) 2006. [

In step S402-1, the third device 2006 according to an embodiment of the present invention can acquire the first biometric information of the user. In step S402-2, the third device 2006 can transmit the first biometric information to the first device 100. [

On the other hand, in step S401-1, the first device 100 can store the encrypted content. In step S402-2, the first device 100 can receive the first biometric information of the user from the third device 2006. [ In step S403-1, the first device 100 can generate the first decryption key using the first biometric information of the user.

According to another embodiment of the present invention, the third device 2006 acquires the first biometric information to generate a first decryption key, and then transmits the generated first decryption key to the first device 100 In step S404-1, the first device 100 may request the second device 2002 for a second decryption key. That is, the first device 100 may request a second decryption key from the second device 2002 to decrypt the double encrypted content.

In step S405-1, the second device 2002 can acquire the second biometric information of the user. In step S406-1, the second device 2002 can generate the second decryption key using the second biometric information of the user.

In step S407-1, the first device 100 may receive the second decryption key from the second device 2002. [ That is, the second device 2002 can transmit the second decryption key to the first device 100. [

In step S408-1, the first device 100 can generate the third decryption key by combining the first and second decryption keys. In step S409-1, the first device 100 can decrypt the content using the third decryption key.

51 shows an example in which the second device decrypts the encrypted content.

In step S411, the first device 100 according to an embodiment of the present invention may store the encrypted content.

On the other hand, in step S412, the second device 2002 can request the content from the first device. That is, the second device 2002, which wants to access the encrypted content, can request the content to the first device 100. In step S413, the second device 2002 may transmit the encrypted content to the first device.

In step S414, the second device 2002 may request the first device 100 for the first decryption key. That is, the second device 2002 may request the first device 100 to decrypt the encrypted content using the first decryption key.

In step S415, the first device 100 can acquire the first biometric information of the user. In step S416, the first device 100 can generate the first decryption key using the first biometric information of the user. In step S417, the first device 100 may transmit the first decryption key to the second device 2002. [

In step S420, the second device 2002 can generate the third decryption key by combining the first and second decryption keys. In step S421, the second device 2002 can decrypt the content using the third decryption key.

It is to be understood that the above-described embodiments are illustrative and non-restrictive. Further, it is to be understood that the present invention is not limited to the order of operations shown in the above-described flowcharts, and that according to various embodiments of the present invention, it is to be understood that some steps may be omitted or added, .

52 is a table for explaining a decoding method according to the fifth embodiment of the present invention.

That is, FIG. 52 is a table for explaining a method for decrypting encrypted content after content encryption according to the embodiment described in FIGS. 47 to 51.

The control unit 130 can decrypt the content using the first biometric information and the second biometric information.

More specifically, the control unit 130 can generate a decryption key (Key_A) using the first biometric information. Also, the control unit 130 can generate a decryption key (Key_B) using the second biometric information.

The control unit 130 uses the encryption key generated by combining Key_A and Key_B in the encrypted contents E [content] key_A + Key_B (E [content] Key_A + Key_B) using the decryption keys Key_A and Key_B Quot; encrypted content &quot;).

[Sixth Embodiment]

53 to 54 are flowcharts for explaining the encryption method according to the sixth embodiment of the present invention.

Figures 53 to 54 illustrate an embodiment in which content can be decrypted by all of a plurality of users (e.g., N users) when a plurality of users (e.g., N users) have encrypted the content Fig.

Referring to FIG. 53, in step S431, the device 2003 of the first user can acquire biometric information of the first user. In step S432, the device 2003 of the first user can generate the first encryption key using the biometric information of the first user.

On the other hand, in step S433, the device 2004 of the second user can acquire the biometric information of the second user. In step S434, the device 2004 of the second user can generate the second encryption key using the biometric information of the second user.

Further, in step S436, the device 2005 of the third user can acquire the biometric information of the third user. In step S437, the device 2005 of the third user can generate the third encryption key using the biometric information of the third user.

In step S435, the device 2003 of the first user may receive the second encryption key.

In step S438, the device 2003 of the first user may receive the third encryption key.

In step S439, the device 2003 of the first user can generate the fourth encryption key by combining the first, second, and third encryption keys. In step S440, the device 2003 of the first user can encrypt the content using the generated fourth encryption key. In step S441, the device 2003 of the first user can store the encrypted content.

That is, the device 2003 of the first user according to the embodiment of the present invention can encrypt the contents using the biometric information of the first, second, and third users.

54 is a flowchart for explaining an example in which a server encrypts contents.

In step S451, the device 2003 of the first user can acquire the biometric information of the first user. In step S452, the device 2003 of the first user can generate the first encryption key using the biometric information of the first user.

On the other hand, in step S454, the device 2004 of the second user can acquire the biometric information of the second user. In step S455, the device 2004 of the second user can generate the second encryption key using the biometric information of the second user.

Further, in step S457, the device 2005 of the third user can acquire the biometric information of the third user. In step S458, the device 2005 of the third user can generate the third encryption key using the biometric information of the third user.

In step S453, the server 200 may receive the first encryption key from the device 2003 of the first user. In step S456, the server 200 may receive the second encryption key from the device 2004 of the second user. In step S459, the server 200 may receive the third encryption key from the device 2005 of the third user.

In step S460, the server 200 can generate the fourth encryption key by combining the first, second, and third encryption keys. In step S461, the server 200 can encrypt the content using the generated fourth encryption key. In step S462, the server 200 may store the encrypted content.

55 to 56 are flowcharts for explaining a decoding method according to the sixth embodiment of the present invention.

55 shows an example in which the device of the first user decrypts the content.

In step S471, the device 2003 of the first user according to an embodiment of the present invention may store the encrypted content. In step S472, the device 2003 of the first user can acquire the first biometric information of the user. In step S473, the device 2003 of the first user can generate the first decryption key using the first biometric information of the user.

In step S474, the first user's device 2003 may request the second user's device 2004 for a second decryption key. That is, the first user's device 2003 may request the second user's device 2004 to decrypt the encrypted content using the second decryption key.

In step S475, the device 2004 of the second user can acquire the second biometric information of the user. In step S476, the device 2004 of the second user can generate the second decryption key using the second biometric information of the user. In step S477, the device 2003 of the first user can receive the second decryption key from the device of the second user.

Meanwhile, in step S478, the device 2003 of the first user may request a third decryption key to the device 2005 of the third user. That is, the device 2003 of the first user may request the third user's device 2005 to decrypt the encrypted content using the third decryption key.

In step S479, the device 2005 of the third user can acquire biometric information of the third user. In step S480, the device 2005 of the third user can generate the third encryption key using the biometric information of the third user.

In step S481, the device 2003 of the first user can receive the third decryption key from the device 2005 of the third user.

In step S482, the device 2003 of the first user can generate the fourth decryption key by combining the first, second, and third decryption keys. In step S483, the device 2003 of the first user can decrypt the content using the fourth decryption key.

56 shows an example in which the server decrypts the content.

In step S491, the server 200 according to an embodiment of the present invention can store the encrypted content.

In step S492, the server 200 may request the first user's device 2003 for the first decryption key. That is, the server 200 may request the first user's device 2003 to decrypt the encrypted content using the first decryption key.

In step S493, the device 2003 of the first user can acquire biometric information of the first user. In step S494, the device 2003 of the first user can generate the first decryption key using the biometric information of the first user. In step S495, the server 200 may receive the first decryption key from the device 2003 of the first user.

On the other hand, in step S496, the server 200 may request a second decryption key from the device 2004 of the second user. That is, the server 200 may request the second user's device 2004 to decrypt the encrypted content using the second decryption key.

In step S497, the device 2004 of the second user can acquire the biometric information of the second user. In step S498, the device 2004 of the second user can generate the second encryption key using the biometric information of the second user. In step S499, the server 200 may receive the second decryption key from the device 2004 of the second user.

Meanwhile, in step S500, the server 200 may request the third user's device 2005 for the third decryption key. That is, the server 200 may request a third decryption key from the third user's device 2005 to decrypt the encrypted content.

In step S501, the device 2005 of the third user can acquire biometric information of the third user. In step S502, the device 2005 of the third user can generate the third encryption key using the biometric information of the third user. In step S503, the server 200 may receive the third decryption key from the device of the third user.

In step S504, the server 200 may generate the fourth decryption key by combining the first, second, and third decryption keys. In step S505, the server 200 can decrypt the content using the fourth decryption key.

It is to be understood that the above-described embodiments are illustrative and non-restrictive. Further, it is to be understood that the present invention is not limited to the order of operations shown in the above-described flowcharts, and that according to various embodiments of the present invention, it is to be understood that some steps may be omitted or added, .

57 is a table for explaining a decoding method according to the sixth embodiment of the present invention.

That is, FIG. 57 is a table for explaining a method for decrypting encrypted content after content encryption according to the embodiment described in FIGS. 53 to 56.

The control unit 130 can decrypt the content using the biometric information of the first user, the biometric information of the second user, and the biometric information of the third user.

Specifically, the control unit 130 can generate a decryption key (Key_1) using the biometric information of the first user. The control unit 130 may generate a decryption key (Key_2) using the biometric information of the second user. Also, the controller 130 may generate a decryption key (Key_3) using the biometric information of the third user.

In addition, the control unit 130 can generate Key_4 by combining Key_1, Key_2, and Key_3.

The encrypted content (for example, content encrypted using E [content] Key_4, Key_4) can be decrypted using the decryption key key_4.

[Seventh Embodiment]

58 to 61 are flowcharts for explaining the encryption method according to the seventh embodiment of the present invention.

58 to 61 illustrate how content can be decrypted by some of a plurality of users (e.g., k of N users) when a plurality of users (e.g., N users) Fig. 6 is a flowchart for explaining an embodiment. Fig.

58, in step S511, the device 2007 of the first user may generate a content encryption key. The content encryption key may refer to a key randomly generated by the system for encrypting the content (i.e., the device 2007 of the first user). In step S512, the device 2007 of the first user can encrypt the content using the content encryption key.

In step S513, the device 2007 of the first user can acquire the biometric information of the first user. In step S514, the device 2007 of the first user can generate the first encryption key using the biometric information of the first user.

On the other hand, in step S515, the device 2008 of the second user can acquire the biometric information of the second user. In step S516, the device 2008 of the second user can generate the second encryption key using the biometric information of the second user. In step S517, the device 2007 of the first user can receive the second encryption key from the device of the second user.

Further, in step S518, the device 2009 of the third user can acquire the biometric information of the third user. In step S519, the device 2009 of the third user can generate the third encryption key using the biometric information of the third user. In step S520, the device 2007 of the first user may receive the third encryption key from the device of the third user.

In step S521, the device 2007 of the first user can generate a fourth encryption key by combining some of the first, second, and third encryption keys. The fourth encryption key may be generated by the number of NCK combinations (the number of combinations for selecting K of N).

For example, the device can encrypt content by three users and set the content to be decryptable by two of the users. In this case, 3C2 encryption keys (fourth encryption key) can be generated. That is, a key in which the first encryption key and the second encryption key are combined, a key in which the first encryption key and the third encryption key are combined, and a key in which the second encryption key and the third encryption key are combined can be generated.

In step S522, the device 2007 of the first user can encrypt the content encryption key using the generated fourth encryption key. In step S523, the device 2007 of the first user may store the encrypted content encryption key. In step S524, the device 2007 of the first user may store the encrypted content in step S512.

59 shows an example in which the server 200 generates a content encryption key and encrypts the content.

In step S531, the server 200 according to an embodiment of the present invention may generate a content encryption key. The content encryption key may refer to a key randomly generated by the system for encrypting the content (i.e., the server 200). In step S532, the server 200 can encrypt the content using the content encryption key.

In step S533, the device of the first user can acquire the biometric information of the first user. In step S534, the device of the first user can generate the first encryption key using the biometric information of the first user. In step S535, the server 200 may receive the first encryption key from the device 2007 of the first user.

On the other hand, in step S536, the device of the second user can acquire the biometric information of the second user. In step S537, the device of the second user can generate the second encryption key using the biometric information of the second user. In step S538, the server 200 may receive the second encryption key from the device 2008 of the second user.

Further, in step S539, the device 2009 of the third user can acquire the biometric information of the third user. In step S540, the device 2009 of the third user can generate the third encryption key using the biometric information of the third user. In step S541, the server 200 may receive the third encryption key from the device of the third user.

In step S542, the server 200 may generate a fourth encryption key by combining some of the first, second, and third encryption keys. The fourth encryption key may be generated by the number of NCK combinations (the number of combinations for selecting K of N).

For example, the server can encrypt the content by three users and set the content to be decryptable by two users out of the three. In this case, 3C2 encryption keys (fourth encryption key) can be generated. That is, a key in which the first encryption key and the second encryption key are combined, a key in which the first encryption key and the third encryption key are combined, and a key in which the second encryption key and the third encryption key are combined can be generated.

In step S543, the server 200 can encrypt the content encryption key using the generated fourth encryption key. In step S544, the server 200 may store the encrypted content encryption key. In step S545, the server 200 may store the encrypted content in step S532.

60 to 61 are flowcharts for explaining a decoding method according to an eighth embodiment of the present invention.

60 is a flowchart for explaining an example in which the device 2007 of the first user decrypts the encrypted content.

In step S551, the device 2007 of the first user may store the encrypted content encryption key. In step S552, the device 2007 of the first user may store the encrypted content.

In step S553, the device 2007 of the first user can acquire the first biometric information of the user. In step S554, the device 2007 of the first user can generate the first decryption key using the first biometric information of the user.

In step S555, the device 2007 of the first user may request a second decryption key from the device of the second user. That is, the device 2007 of the first user can request a second decryption key from the device 2008 of the second user to decrypt the encrypted content.

In step S556, the device 2008 of the second user can acquire the second biometric information of the user. In step S557, the device 2008 of the second user can generate the second decryption key using the second biometric information of the user.

In step S558, the device 2007 of the first user may receive the second decryption key from the device 2008 of the second user (step S558). That is, the device 2008 of the second user can transmit the second decryption key to the device 2007 of the first user.

In step S559, the device 2007 of the first user can generate the fourth decryption key by combining the first and second decryption keys. In step S560, the device 2007 of the first user can decrypt the content encryption key using the fourth decryption key. In step S561, the device 2007 of the first user can decrypt the encrypted content using the decrypted content encryption key.

Figures 60 to 61 relate to an embodiment in which content is encrypted by three users and content encrypted by two of the users can be decrypted. 60 shows an example in which the device of the first user decrypts the content, but the present invention is not limited to this. That is, the device of the second user can decrypt the content. The device of the third user may also decrypt the content.

61 is a flowchart for explaining an example in which the server 200 decrypts the encrypted content.

In step S571, the server 200 may store the encrypted content encryption key. In step S572, the server 200 may store the encrypted content.

In step S573, the server 200 may request a first decryption key from the device 2007 of the first user. That is, the server 200 may request the first user's device 2007 to decrypt the encrypted content using the first decryption key.

In step S574, the device 2007 of the first user can acquire biometric information of the first user. In step S575, the device 2007 of the first user can generate the first decryption key using the biometric information of the first user. In step S576, the server 200 may receive the first decryption key from the device of the first user.

In step S577, the server 200 may request a second decryption key from the device of the second user. That is, the server 200 may request a second decryption key from the device 2008 of the second user to decrypt the encrypted content.

In step S578, the device 2008 of the second user can acquire biometric information of the second user. In step S579, the device 2008 of the second user can generate the second encryption key using the biometric information of the second user. In step S580, the server 200 may receive the second decryption key from the device of the second user.

In step S581, the server 200 can generate the fourth decryption key by combining the first and second decryption keys. In step S582, the server 200 can decrypt the content encryption key using the fourth decryption key. In step S583, the server 200 can decrypt the encrypted content using the decrypted content encryption key.

62 is a table for explaining a decoding method according to the seventh embodiment of the present invention.

That is, FIG. 62 is a table for explaining a method for decrypting encrypted content after content encryption according to the embodiment described in FIG. 58 to FIG.

The control unit 130 can decode the contents using at least two pieces of biometric information among the biometric information of the first user, the biometric information of the second user, and the biometric information of the third user.

Specifically, the control unit 130 can generate a decryption key (Key_1) using the biometric information of the first user. The control unit 130 may generate a decryption key (Key_2) using the biometric information of the second user. Also, the controller 130 may generate Key_4 'by combining Key_1 and Key_2.

Also, the controller 130 may generate a decryption key (Key_3) using the biometric information of the third user. The control unit 130 can generate Key_4 '' by combining Key_2 and Key_3.

Also, the control unit 130 may generate Key_4 '' 'by combining Key_1 and Key_3.

The encrypted content encryption key (content encryption key encrypted using E [key_con] Key_4, Key_4) can be decrypted using the decryption key Key_4 ', Key_4' ', or Key_4' ''.

The encrypted content (E [content] Key_con, content that is encrypted using the content encryption key) can be decrypted using the decrypted content encryption key (key_con).

[Eighth Embodiment]

63 is a view for explaining an eighth embodiment of the present invention.

According to the eighth embodiment of the present invention, the user can log in to the server 200 using the smartphone 100. [ For example, the user can input login information for accessing a specific web service (e.g., a web site) provided by the server 200 using the smartphone 100. [ When the user authentication is completed using the login information in the server 200, the user can log in to the server 200 using the smartphone 100.

In this situation, the user can use biometric information as login information. There may be a plurality of pieces of biometric information that the user uses as login information. For example, the user may log in the server 200 using the first biometric information, or may log in the server 200 using the second biometric information. Alternatively, the server 200 may log in using both the first biometric information and the second biometric information.

When biometric information is used as the login information, the smartphone 100 of the user can acquire fingerprint information, iris information, etc. of the user from the wearable devices 701 and 702 paired with the smartphone 100 through the communication unit . For example, the smartphone 100 can acquire the fingerprint information 71 from the wearable wearable device 701. [ Further, the smartphone 100 can acquire the iris information 72 from the glass-like wearable device 702. [

The smartphone 100 of the user can generate the authentication request information based on the acquired biometric information. The authentication request information may be, for example, biometric authentication information generated using biometric information of a user. Specifically, the biometric authentication information may be a biometric information (for example, a fingerprint image of a user) generated as a template using a predetermined mathematical algorithm. Alternatively, it may be a result generated by inserting at least a part of the template as a factor of a predetermined function (for example, a one-way hash function SHA-1 (Secure Hash Algorithm-1), SHA-256 or SHA-512).

Further, the authentication request information may be, for example, a password obtained based on biometric information. Specifically, the password obtained based on the biometric information may be a password obtained based on the biometric authentication information generated using the biometric information of the user in the smartphone 100 of the user.

Next, the smartphone 100 of the user may transmit the generated authentication request information to the server 200. [ When the user authentication is completed using the authentication request information in the server 200, the user can log in to the server 200 using the smartphone 100.

A method of logging in to the server according to the eighth embodiment of the present invention will be described in detail with reference to FIGS. 64 to 82, which will be described later.

FIG. 64 is a flowchart for explaining a method of registering biometric information in order for the device 100 according to the eighth embodiment of the present invention to log into the server 200. FIG.

Referring to Fig. 64, in step S7101, the device 100 can acquire the first biometric information of the user (e.g., fingerprint information).

For example, the device 100 may acquire the first biometric information from the biometric module provided in the device 100. [ As another example, the device 100 may obtain first biometric information from an external device.

In step S7102, the device 100 may generate authentication request information related to the first biometric information using the first biometric information of the user. The authentication request information related to the first biometric information may be, for example, the first biometric authentication information generated using the first biometric information of the user.

In step S7103, the device 100 may transmit the first biometric authentication information related to the first biometric information to the server 300. [

In step S7104, the server 300 transmits the received first biometric authentication information to the device 100 (for example, serial number or MAC (Media Access Control) address of the device 100, The identification information may be received from the device 100 together with the first biometric authentication information, or may be stored in the first (first) In other words, since the first biometric authentication information includes the biometric information unique to the user, the server 300 transmits the first biometric authentication information to the third It may be transmitted to the certification authority to obtain the identification information of the user.

In step S7105, the device 100 can acquire the second biometric information of the user (e.g., iris information).

In step S7106, the device 100 may generate authentication request information related to the second biometric information using the second biometric information of the user. The authentication request information related to the second biometric information may be, for example, second biometric authentication information generated using the second biometric information of the user.

In step S7107, the device 100 may transmit the second biometric authentication information related to the second biometric information to the server 300. [ At this time, the device 100 may transmit the identification information of the device 100 or the user together.

In step S7108, the server 300 may store the received second biometric authentication information in association with the identification information of the device 100 or the user. At this time, the first biometric information mapped to the identification information of the device 100 or the user may be stored in the server 300. In this case, the server 300 may store the received second biometric authentication information and the first biometric authentication information received in step S7004 together in the identification information of the device 100 or the user. In this manner, when biometric authentication information is received from the same device 100 or a user, the server 300 may further map and store the received biometric authentication information with the device 100 or user identification information.

65 is a flowchart for explaining another method of registering biometric information so that the device 100 according to the eighth embodiment of the present invention logs in to the server.

Referring to Fig. 65, in step S7201, the device 100 can acquire first biometric information of a user (e.g., fingerprint information) and second biometric information of a user (e.g., iris information).

In step S7202, the device 100 can generate the first biometric authentication information and the second biometric authentication information using the first biometric information and the second biometric information, respectively.

In step S7203, the device 100 can transmit the generated first biometric authentication information and second biometric authentication information to the server 300. [

In step S7204, the server 300 may store the received first biometric authentication information and the second biometric authentication information in association with the device 100 or the identification information of the user. In this case, the identification information may be received from the device 100 together with the biometric authentication information, or may be extracted from the biometric authentication information.

66 to 69 are views for explaining a process of registering biometric information in a server according to an eighth embodiment of the present invention.

66, when the user wants to log in and receive a specific service from the server 300, the control unit 130 displays a screen 7301 for requesting membership to the display unit 121 before providing the service, Can be displayed. At this time, the control unit 130 can display the notification screen 7302 on the display unit 121 for inquiring about the use of the biometric information at the time of login. Next, the control unit 130 may receive a user input for selecting the accept button ('Y') of the notification screen 7302 to use biometric information. On the other hand, if the user selects the reject button ('N') on the notification screen 7302, the control unit 130 displays a screen for requesting text input for setting a password on the display unit 130 .

67, in response to the user input for selecting the accept button ('Y'), the control unit 130 acquires the fingerprint information 71 as the first biometric information from the first external device 701 . Then, the control unit 130 can transmit the first biometric authentication information related to the first biometric information to the server 200. [ Then, the control unit 130 may display a notification screen 7401 on the display unit 121 indicating that the acquired first biometric information is registered in the server.

On the other hand, as shown in FIG. 68, the control unit 130 can display on the display unit 130 a notification screen 7501 for inquiring about addition registration of biometric information for login. Next, the control unit 130 can receive a user input for selecting an accept button ('Y') of the notification screen 7501 to additionally register biometric information. Meanwhile, if the user selects the reject button ('N') on the notification screen 7501, the control unit 130 ends the registration of the biometric information for login and displays the screen of the next step for membership And can be displayed on the display unit 130.

69, in response to the user input for selecting the accept button ('Y'), the control unit 130 acquires the iris information 72 as the second biometric information from the second external device 702 . Next, the control unit 130 can display on the display unit 121 a notification screen 7601 indicating that the received second biometric information is registered.

70A and 70B are flowcharts for explaining a method of connecting a device 100 according to an eighth embodiment of the present invention to a server.

Referring to FIG. 70A, in step S7701, the server 300 may store first biometric authentication information and second biometric authentication information corresponding to the identification information of the device 100 or the user.

In this situation, in step S7702, the device 100 may display a login screen for accessing the specific service provided by the server 300. [

In step S7703, the device 100 can acquire the first biometric information of the user. For example, the device 100 may provide a guide screen for requesting input of the first biometric information, and may acquire the first biometric information according to the user agreement. Alternatively, the device 100 may automatically acquire the first biometric information of the user when the login screen is displayed.

In step S7704, the device 100 can generate authentication request information related to the first biometric information using the acquired first biometric information. The authentication request information may be, for example, the first biometric authentication information generated using the first biometric information of the user. Specifically, the first biometric authentication information may be a template generated using biometric information using a predetermined mathematical algorithm. Or, it may be a result generated by putting at least a part of the template as a factor of a predetermined function.

In step S7705, the device 100 may transmit the first biometric authentication information associated with the first biometric information to the server 300. [

In step S7706, the server 300 can determine whether the first biometric authentication information received for user authentication matches the previously stored first biometric authentication information. For example, the server 300 may receive the identification information of the device 100 or the user together with the first biometric authentication information. In this case, the server 300 can acquire previously stored first biometric authentication information mapped to the received identification information, and determine whether or not the first biometric authentication information matches the received first biometric authentication information.

If it is determined that the first biometric authentication information and the previously stored first biometric authentication information coincide with each other, the server 300 can transmit the login acceptance information to the device 100 in step S7707.

As the device 100 receives login acceptance information in step S7708, the device 100 can access the specific service provided by the server 300. [ That is, a connection for transmitting / receiving content related to a specific service may be performed between the device 100 and the server 300. [

Referring to FIG. 70B, in step S7709, a connection for transmitting / receiving content related to a specific service between the device 100 and the server 300 may be released. For example, the device 100 and the server 300 may be disconnected in response to a user input for unlocking, i. E., Logging out, via the device 100.

In response to a user input to re-login to the server 300 after the connection between the device 100 and the server 300 is disconnected in step S7710, the device 100 transmits the service to the specific service provided by the server 300 A login screen for connection can be displayed.

In step S7711, the device 100 can acquire the first biometric information acquired in step S7703 and the second biometric information of the user of a different type. For example, the device 100 may provide guide information for requesting selection of the first biometric information and the second biometric information, and may acquire the second biometric information according to an input of a user selecting the second biometric information . Alternatively, the device 100 may automatically acquire the second biometric information from the user when the login screen is displayed.

In step S7712, the device 100 can generate authentication request information related to the second biometric information using the acquired second biometric information. The authentication request information may be, for example, second biometric authentication information generated using the second biometric information of the user.

In step S7713, the device 100 can transmit the second biometric authentication information related to the second biometric information to the server 300. [

In step S7714, the server 300 can determine whether or not the received second biometric authentication information for user authentication matches the previously stored second biometric authentication information. For example, the server 300 may receive the identification information of the device 100 or the user together with the second biometric authentication information. In this case, the server 300 can acquire the previously stored second biometric authentication information mapped to the received identification information, and determine whether the second biometric authentication information matches the received second biometric authentication information.

If it is determined that the second biometric authentication information and the previously stored second biometric authentication information coincide with each other, the server 300 can transmit the login acceptance information to the device 100 in step S7715.

As the device 100 receives the login acceptance information in step S7716, the device 100 can access the specific service provided by the server 300. [ That is, a connection for transmitting / receiving content related to a specific service may be performed between the device 100 and the server 300. [

71 to 72B are views for explaining a process of registering biometric information in a server according to an eighth embodiment of the present invention.

The control unit 130 may display the login screen 7801 for accessing the specific service provided by the server 300 on the display unit 121 as shown in Figure 71 (a). The control unit 130 can display a notification screen 7802 on the display unit 121 to inquire whether or not to log in using biometric information. Next, the control unit 130 can receive a user input for selecting an accept button ('Y') of the notification screen 7802 for agreeing to use biometric information for login. On the other hand, if the user selects the reject button ('N') of the notification screen 7802 in the above-described situation, the control unit 130 displays a screen for requesting the input of a password for login on the display unit 121 .

71 (b), in response to a user input for selecting the accept button ('Y'), the control unit 130 displays a notification screen 7803 for selecting biometric information on the display unit 121 Can be displayed. When there is the first biometric information (for example, fingerprint information) and the second biometric information (for example, iris information) as loginable biometric information, the control unit 130 displays a user input for selecting first biometric information (for example, fingerprint information) Lt; / RTI &gt;

72A, in response to the user input for selecting the first biometric information, the control unit 130 can acquire the fingerprint information 71 as the first biometric information from the first external device 701. [ Then, the first biometric authentication information associated with the first biometric information can be transmitted to the server 200. [ The control unit 130 may display on the display unit 121 a notification screen 7901 indicating that user authentication for login is completed based on the acquired first biometric authentication information.

71 (b), the control unit 130 may receive a user input for selecting the second biometric information (for example, iris information).

In this case, as shown in Fig. 72B, the control unit 130 can acquire the iris information 72 as the second biometric information from the second external device 702. Fig. The control unit 130 can display on the display unit 121 a notification screen 7902 indicating that biometric information authentication for login is completed based on the acquired second biometric authentication information.

73 is a flowchart for explaining another method of registering biometric information for connection to the server 300 by the device 100 according to the eighth embodiment of the present invention.

Referring to FIG. 73, in step S8001, the server 300 may store identification information of a user or device necessary for login, and a password mapped to the identification information.

In step S8002, the device 100 can receive a password for logging into the server 300 through the biometric information management application from the user. At this time, the device 100 may receive the user or the identification information of the device together with the password.

In step S8003, the device 100 can store the input password. When the identification information of the user or device is input together, the control unit 130 may map the input password to the identification information of the user or device and store the same.

In step S8004, the device 100 can acquire the first biometric information (e.g., fingerprint information) and the second biometric information (e.g., iris information) of the user.

In step S8005, the device 100 can generate the first biometric authentication information and the second biometric authentication information using the first biometric information and the second biometric information of the user, respectively.

In step S8006, the device 100 can store the generated first biometric authentication information and the second biometric authentication information by mapping the password stored in step S8003.

In another embodiment, the device 100 may receive a password after acquiring the first biometric information and the second biometric information. In this case, the device 100 may map the received password to the stored first biometric information and second biometric information and store the same.

74 to 78 are diagrams for explaining a process of registering biometric information in a server according to an eighth embodiment of the present invention.

74 (a), the control unit 130 displays a notification screen 8101 for inquiring whether or not to use biometric information in order to log in to a specific service (for example, a specific site) provided by the server 300 And can be displayed on the display unit 121. Next, the control unit 130 may receive a user input for selecting an accept button ('Y') of the notification screen 8101 to use biometric information.

In response to a user input for selecting the accept button ('Y'), as shown in (a) of FIG. 81, the control unit 130 displays a screen 8102 for requesting a password input for logging into the server 300, Can be displayed on the display unit 121. Next, when the password is input from the user, the control unit 130 may store the input password.

Next, as shown in Fig. 75, the control unit 130 can display on the display unit 121 a notification screen 8201 for inquiring registration of biometric information for login. Next, the control unit 130 may receive a user input for selecting an accept button ('Y') of the notification screen 8201 to register biometric information.

76, in response to a user input for selecting the accept button ('Y'), the control unit 130 acquires the fingerprint information 71 as the first biometric information from the first external device 701 . Then, the control unit 130 can display the notification screen 8301 on the display unit 121 indicating that the acquired first biometric information is registered.

On the other hand, as shown in FIG. 77, the control unit 130 can display on the display unit 130 a notification screen 8401 for inquiring whether or not biometrics information for login is additionally registered. Next, the control unit 130 may receive a user input for selecting an accept button ('Y') of the notification screen 8401 to additionally register biometric information.

78, in response to the user input for selecting the accept button ('Y'), the control unit 130 receives the iris information 72 as the second biometric information from the second external device 702 . Next, the control unit 130 can display, on the display unit 121, a notification screen 8501 indicating that the received second biometric information is registered.

79A is a flowchart for explaining a method of connecting a device 100 according to an eighth embodiment of the present invention to a server.

Referring to Fig. 79A, in step S8601, the device 100 may store the password, first biometric authentication information, and second biometric authentication information required for login in the server 300. [

Further, in step S8602, the server 300 may store the identification information of the user or the device, and the password mapped to the identification information.

In this situation, in step S8603, the device 100 may display a login screen for accessing the specific service provided by the server 300. [

In step S8604, the device 100 can acquire the first biometric information of the user. For example, the device 100 may provide a notification screen for inquiring the use of biometric information to access the server 300 through the biometric information management application, and may acquire the first biometric information according to the acceptance of the user . Alternatively, the device 100 may automatically acquire the first biometric information from the user when the login screen is displayed.

In step S8605, the device 100 may generate authentication request information related to the first biometric information using the acquired first biometric information of the user. The authentication request information may be, for example, the first biometric authentication information generated using the first biometric information of the user.

In step S8606, the device 100 can determine whether the received first biometric authentication information matches the previously stored first biometric authentication information. Here, the previously stored first biometric authentication information may be mapped to the identification information of the user or the device 100 and previously stored in step S8601.

If it is determined that the first biometric authentication information and the previously stored first biometric authentication information match, the device 100 can transmit the identification information and the password of the user or the device 100 to the server 300 in step S8607.

The server 200 can perform an authentication procedure to determine whether the identification information and the password of the received user or device 100 match the identification information and the password of the user or device 100 previously stored in the server 200 . If it is determined that they match, the server 200 can transmit login acceptance information to the device 100 in step S8608.

As the device 100 receives the login acceptance information in step S8609, the device 100 can access the specific service provided by the server 200. [ That is, a connection for transmitting / receiving a content related to a specific service can be performed between the device 100 and the server 200.

Referring to FIG. 79B, in step S8610, a connection for transmitting / receiving content related to a specific service between the device 100 and the server 300 may be released. For example, the device 100 and the server 300 may be disconnected in response to a user input for unlocking, i. E., Logging out, via the device 100.

After the connection between the device 100 and the server 300 is released in step S8611, in response to a user input for re-login to the server 300, the device 100 transmits the service to the specific service provided by the server 300 A login screen for connection can be displayed.

In step S8612, the device 100 can acquire the first biometric information acquired in step S8604 and the second biometric information of the user of a different type. For example, the device 100 may provide guide information for requesting selection of the first biometric information and the second biometric information, and may acquire the second biometric information according to an input of a user selecting the second biometric information . Alternatively, the device 100 may automatically acquire the second biometric information from the user when the login screen is displayed.

In step S8613, the device 100 can generate authentication request information related to the second biometric information using the acquired second biometric information. The authentication request information may be, for example, second biometric authentication information generated using the second biometric information of the user.

In step S8614, the server 300 can determine whether the first biometric authentication information received for user authentication matches the previously stored second biometric authentication information. Here, the previously stored second biometric authentication information may be mapped to the identification information of the user or the device 100 and previously stored in step S8601.

If it is determined in step S8615 that the second biometric authentication information and the previously stored second biometric authentication information match, the device 100 transmits the identification information and the password of the user or the device 100, (300).

The server 200 may perform an authentication procedure to determine whether the identification information and the password of the received user or device 100 match the identification information and the password of the user or device 100 previously stored in the server 300 . If it is determined that they match, the server 200 can transmit login acceptance information to the device 100 in step S8616.

As the device 100 receives the login acceptance information in step S8617, the device 100 can access the specific service provided by the server 200. [ That is, a connection for transmitting / receiving a content related to a specific service can be performed between the device 100 and the server 200.

80 to 81B are views for explaining a process of registering biometric information in a server according to an eighth embodiment of the present invention.

The control unit 130 may display the login screen 8701 for accessing the specific service provided by the server 300 on the display unit 121 as shown in FIG.

In this case, when the biometric information management application has a password registered in advance to log into the server 300, the control unit 130 displays a biometric information login button 8701-1 that can log in using the biometric information And can be displayed on the display unit 130. Next, the control unit 130 can receive a user input for selecting the login button 8701-1 for biometric information.

As shown in (b) of FIG. 80, in response to user input, the control unit 130 can display a notification screen 8702 for selecting biometric information on the display unit 121. [ When there is the first biometric information (for example, fingerprint information) and the second biometric information (for example, iris information) as loginable biometric information, the control unit 130 displays a user input for selecting first biometric information (for example, fingerprint information) Lt; / RTI &gt;

As shown in FIG. 81A, in response to a user input for selecting the first biometric information, the control unit 130 can acquire the fingerprint information 71 as the first biometric information from the first external device 701. FIG. If it is determined that the first biometric authentication information and the previously stored first biometric authentication information coincide with each other using the biometric information management application, the device 100 can identify the user or the device 100 necessary for the login of the server 300 Information and a password to the server 300. The control unit 130 can display the notification screen 8801 on the display unit 121 indicating that the login to the server 300 is completed using the password obtained based on the first biometric authentication information.

On the other hand, in (b) of FIG. 80, the control unit 130 may receive a user input for selecting the second biometric information (for example, iris information).

In this case, as shown in Fig. 81B, the control unit 130 can acquire the iris information 72 as the second biometric information from the second external device 702. Fig. When it is determined that the second biometric authentication information and the previously stored second biometric authentication information coincide with each other using the biometric information management application, the device 100 identifies the user or the device 100 required to log in the server 300 Information and a password to the server 300. The control unit 130 may display the notification screen 8802 on the display unit 121 indicating that the login to the server 300 is completed using the password obtained based on the second biometric authentication information.

When the user logs in to the server using the biometric information management application, the password can be encrypted and decrypted using biometric information.

For example, when the password is encrypted, the controller 130 may generate the first encryption key using the acquired first biometric information. Then, the password can be encrypted using the first encryption key. Alternatively, the control unit 130 may generate the second encryption key using the acquired second biometric information. Then, the first encryption key can be encrypted using the second encryption key. Then, the password can be encrypted using the encrypted first encryption key.

82, when the password is decrypted, the control unit 130 can generate the decryption key key_B using the acquired second biometric information. The control unit 130 can decrypt the encrypted first encryption key (E [Key_A] key_B) using the generated decryption key key_B. The control unit 130 can decrypt the encrypted password using the decrypted Key_A.

Alternatively, the control unit 130 can generate the decryption key Key_A using the acquired first biometric information. Then, the control unit 130 can decrypt the encrypted password using the decrypted Key_A (k22).

It is to be understood that the above-described embodiments are illustrative and non-restrictive. Further, it is to be understood that the present invention is not limited to the order of operations shown in the above-described flowcharts, and that according to various embodiments of the present invention, it is to be understood that some steps may be omitted or added, .

Data transmission (e.g., transmission of content, transmission of biometric information, transmission of an encryption key, transmission of a decryption key, etc.) between a transmitting device and a receiving device according to an embodiment of the present invention throughout the above- Can be performed using a secure channel. The secure channel may refer to a channel having high security of communication contents between the transmitting device and the receiving device. For example, the secure channel may refer to a protocol such as https (hypertext transfer protocol over Secure Sockets Layer).

83 and 84 are block diagrams of a device related to an embodiment of the present invention.

83, the device 100 according to the embodiment of the present invention may include a control unit 130, a communication unit 150, and a memory 170. [ However, not all illustrated components are required. The device 100 may be implemented by more components than the components shown, and the device 100 may be implemented by fewer components.

84, the device 100 according to an exemplary embodiment of the present invention may include a display unit 121, a sensing unit 140, a communication unit 150, and a control unit 130, An input unit 110, an output unit 120, an A / V input unit 160, and a memory 170. [

Hereinafter, the components will be described in order.

The user input unit 110 means means for the user to input data for controlling the device 100. [ For example, the user input unit 110 may include a key pad, a dome switch, a touch pad (contact type capacitance type, pressure type resistive type, infrared ray detection type, surface ultrasonic wave conduction type, A tension measuring method, a piezo effect method, etc.), a jog wheel, a jog switch, and the like, but is not limited thereto.

The user input unit 110 may be controlled by the control unit 130 to receive a user input. For example, the user input 110 may receive a user input for unlocking the device 100.

The output unit 120 is for outputting an audio signal, a video signal, or a vibration signal by being controlled by the control unit 130. The output unit 120 includes a display unit 121, an acoustic output unit 122, a vibration motor 123, And the like.

The display unit 121 displays information processed in the device 100 by being controlled by the control unit 1300. [ The display unit 121 can display and change the user interface for unlocking the device 100. [ Further, the display unit 121 can display the home screen when the device 100 is unlocked.

Meanwhile, when the display unit 121 and the touch pad have a layer structure and are configured as a touch screen, the display unit 121 may be used as an input device in addition to the output device. The display unit 121 may be a liquid crystal display, a thin film transistor-liquid crystal display, an organic light-emitting diode, a flexible display, a three-dimensional display A 3D display, and an electrophoretic display. The device 100 may include two or more display units 121 according to the implementation of the device 100. [ At this time, the two or more display units 121 may be arranged to face each other using a hinge.

The audio output unit 122 outputs audio data received from the communication unit 1500 or stored in the memory 170. [ In addition, the sound output unit 122 may output sound signals related to functions (e.g., call signal reception sound, message reception sound, alarm sound) performed by the device 100. [ The sound output unit 122 may include a speaker, a buzzer, and the like.

The vibration motor 123 can output a vibration signal. For example, the vibration motor 123 may output a vibration signal corresponding to an output of audio data or video data (e.g., a call signal reception tone, a message reception tone, etc.). In addition, the vibration motor 123 may output a vibration signal when a touch is input to the touch screen.

The control unit 130 typically controls the overall operation of the device 100. For example, the control unit 130 may include a user input unit 110, an output unit 120, a sensing unit 140, a communication unit 150, an A / V input unit 160 And so on.

Specifically, the controller 130 according to the embodiment of the present invention can acquire the first biometric information of the user. Further, the control unit 130 can generate the first encryption key using the first biometric information. Also, the control unit 130 can encrypt the content using the generated first encryption key.

Also, the control unit 130 can acquire the second biometric information of the user. Also, the control unit 130 can generate the second encryption key using the second biometric information. Also, the control unit 130 can encrypt the first encryption key using the generated second encryption key.

Also, the control unit 130 may store the encrypted content in the memory 170 using the first biometric information of the user.

The control unit 130 may acquire second biometric information of the user different from the first biometric information in response to a request for execution of the content stored in the memory 170, So that the encrypted content can be decrypted.

Also, the control unit 130 stores the encrypted content using the first encryption key generated based on the first biometric information in the memory 170, and performs a second encryption process based on the second biometric information, The first encryption key encrypted using the key may be stored in the memory 170.

In addition, when decrypting the encrypted content using the obtained second biometric information, the control unit 130 may use the second encryption key generated based on the obtained second biometric information to encrypt the encrypted biometric information 1 decryption key, and decrypt the encrypted content using the decrypted first encryption key.

In addition, the control unit 130 determines one biometric information to be acquired among the first biometric information and the second biometric information according to the execution request of the content, and when the second biometric information is determined, Acquire biometric information, and decrypt the encrypted content using the obtained second biometric information.

Also, the control unit 130 may acquire at least one of the first biometric information and the second biometric information from at least one biometric module.

Further, the control unit 130 logs into the server based on user authentication using the first biometric information, and after the login with the server is released, the second biometric information of the user of a different kind from the first biometric information Authentication request information related to the obtained second biometric information is transmitted to the server through the communication unit 150 and the user can log in to the server again based on user authentication using the authentication request information.

In addition, when transmitting authentication request information related to the obtained second biometric information to the server through the communication unit 150, the control unit 130 generates second biometric authentication information from the obtained second biometric information , And transmit the password obtained based on the generated second biometric authentication information or the second biometric authentication information to the server.

When transmitting the authentication request information related to the acquired second biometric information to the server through the communication unit, the controller 130 stores identification information of the user terminal and identification information of a user using the user terminal At least one can be transmitted.

The sensing unit 140 may sense the state of the device 100 or the state around the device 100 and may transmit the sensed information to the control unit 130. [ The sensing unit 1400 includes a magnetism sensor 141, an acceleration sensor 142, a temperature / humidity sensor 143, an infrared sensor 144, a gyroscope sensor 145, (GPS) 146, an air pressure sensor 147, a proximity sensor 148, and an RGB sensor (illuminance sensor) 149. However, the present invention is not limited thereto. The function of each sensor can be intuitively deduced from the name by those skilled in the art, so a detailed description will be omitted.

The sensing unit 1400 may include a sensor for sensing a touch input by an input tool and a sensor for sensing a touch input by a user. In this case, the sensor for sensing the touch input by the user may be included in the touch screen or the touch pad. Further, a sensor for sensing a touch input by the input tool may be located below the touch screen or the touch pad, or may be included in the touch screen or the touch pad.

The communication unit 150 may include one or more components that allow communication between the device 100 and an external device or between the external device 100 and a server (not shown). For example, the communication unit 150 may include a short-range communication unit 151, a mobile communication unit 152, and a broadcast reception unit 153.

The short-range wireless communication unit 151 includes a Bluetooth communication unit, a BLE (Bluetooth Low Energy) communication unit, a Near Field Communication unit, a WLAN communication unit, a Zigbee communication unit, IrDA, an infrared data association) communication unit, a WFD (Wi-Fi Direct) communication unit, an UWB (ultra wideband) communication unit, an Ant + communication unit, and the like.

The mobile communication unit 152 transmits and receives radio signals to at least one of a base station, an external terminal, and a server on a mobile communication network. Here, the wireless signal may include various types of data depending on a voice call signal, a video call signal, or a text / multimedia message transmission / reception.

The broadcast receiving unit 153 receives broadcast signals and / or broadcast-related information from outside through a broadcast channel. The broadcast channel may include a satellite channel and a terrestrial channel. The device 100 may not include the broadcast receiving unit 153 according to the embodiment.

The A / V (Audio / Video) input unit 160 is for inputting an audio signal or a video signal, and may include a camera 161 and a microphone 162. The camera 161 can obtain an image frame such as a still image or a moving image through the image sensor in a video communication mode or a photographing mode. The image captured through the image sensor can be processed through the control unit 130 or a separate image processing unit (not shown).

The image frame processed by the camera 161 can be stored in the memory 170 or transmitted to the outside through the communication unit 150. [ The camera 161 may be equipped with two or more cameras according to the configuration of the device.

The microphone 162 receives an external acoustic signal and processes it as electrical voice data. For example, the microphone 162 may receive acoustic signals from an external device or speaker. The microphone 162 may use various noise reduction algorithms to remove noise generated in receiving an external sound signal.

The memory 170 may store a program for processing and controlling the control unit 130, and may store input / output data.

The memory 170 may be a flash memory type, a hard disk type, a multimedia card micro type, a card type memory (e.g., SD or XD memory), a RAM (Random Access Memory) SRAM (Static Random Access Memory), ROM (Read Only Memory), EEPROM (Electrically Erasable Programmable Read-Only Memory), PROM (Programmable Read-Only Memory) , An optical disc, and the like. The device 100 may also operate a web storage or a cloud server that performs storage functions of the memory 170 on the Internet.

The programs stored in the memory 170 may be classified into a plurality of modules according to their functions, for example, a UI module 171, a touch screen module 172, a notification module 173, .

According to one embodiment, the memory 170 may store the encrypted content using the first biometric information of the user.

Further, the memory 170 may store the first encryption key encrypted using the second encryption key generated based on the second biometric information.

The UI module 171 can provide a specialized UI, a GUI, and the like that are interlocked with the device 100 for each application. The touch screen module 172 senses a touch gesture on the user's touch screen and can transmit information on the touch gesture to the control unit 130. [ The touch screen module 172 according to an embodiment of the present invention can recognize and analyze the touch code. The touch screen module 172 may be configured as separate hardware including a controller.

Various sensors may be provided in or near the touch screen to sense the touch or near touch of the touch screen. An example of a sensor for sensing the touch of the touch screen is a tactile sensor. A tactile sensor is a sensor that detects the contact of a specific object with a degree or more that a person feels. The tactile sensor can detect various information such as the roughness of the contact surface, the rigidity of the contact object, and the temperature of the contact point.

In addition, a proximity sensor is an example of a sensor for sensing the touch of the touch screen. The proximity sensor refers to a sensor that detects the presence or absence of an object approaching a predetermined detection surface or a nearby object without mechanical contact using the force of an electromagnetic field or infrared rays. Examples of proximity sensors include a transmission type photoelectric sensor, a direct reflection type photoelectric sensor, a mirror reflection type photoelectric sensor, a high frequency oscillation type proximity sensor, a capacitive proximity sensor, a magnetic proximity sensor, and an infrared proximity sensor. The user's touch gestures can include tap, touch & hold, double tap, drag, panning, flick, drag and drop, swipe, and the like.

The notification module 173 may generate a signal for notifying the occurrence of an event of the device 100. [ Examples of events generated in the device 100 include call signal reception, message reception, key signal input, schedule notification, and the like. The notification module 173 may output a notification signal in the form of a video signal through the display unit 121 or may output a notification signal in the form of an audio signal through the sound output unit 122, It is possible to output a notification signal in the form of a vibration signal.

85 is a block diagram of a server related to an embodiment of the present invention.

85, the server 200 according to the embodiment of the present invention may include a control unit 901, a communication unit 903, and a database unit 905. [ The database unit 905 may include a content database unit 907. The database unit 905 may include a key database unit 909. However, not all illustrated components are required. The device 100 may be implemented by more components than the components shown, and the device 100 may be implemented by fewer components.

The control unit 901 typically controls the overall operation of the server 200. [

More specifically, the control unit 901 of the server 200 may store the encrypted encryption key in the key database unit 909. [ The control unit 901 of the server 200 can store the encrypted content in the content database unit 907. [

The control unit 901 of the server 200 can acquire biometric information of the user.

The control unit 901 of the server 200 can generate the encryption key using the biometric information.

The control unit 901 of the server 200 can generate a decryption key using the biometric information of the user.

The control unit 901 of the server 200 can combine a plurality of decryption keys.

The control unit 901 of the server 200 can decrypt the encrypted content using the decryption key.

Some embodiments may also be implemented in the form of a recording medium including instructions executable by a computer, such as program modules, being executed by a computer. Computer readable media can be any available media that can be accessed by a computer and includes both volatile and nonvolatile media, removable and non-removable media. In addition, the computer-readable medium can include both computer storage media and communication media. Computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Communication media typically includes any information delivery media, including computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave, or other transport mechanism.

Also, in this specification, the term &quot; part &quot; may be a hardware component such as a processor or a circuit, and / or a software component executed by a hardware component such as a processor.

It will be understood by those skilled in the art that the foregoing description of the present invention is for illustrative purposes only and that those of ordinary skill in the art can readily understand that various changes and modifications may be made without departing from the spirit or essential characteristics of the present invention. will be. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. For example, each component described as a single entity may be distributed and implemented, and components described as being distributed may also be implemented in a combined form.

The scope of the present invention is defined by the appended claims rather than the detailed description and all changes or modifications derived from the meaning and scope of the claims and their equivalents are to be construed as being included within the scope of the present invention do.

100: device 130:
200: Server

Claims (14)

A device for decoding content using biometric information,
A memory for storing the encrypted content using the first biometric information of the user; And
And a controller for obtaining the second biometric information of the user different from the first biometric information according to the execution request of the content and decrypting the encrypted content using the obtained second biometric information, .
The method according to claim 1,
The memory comprising:
Storing the encrypted content using the first encryption key generated based on the first biometric information and storing the encrypted first encryption key using the second encryption key generated based on the second biometric information In addition,
Wherein,
When the encrypted content is decrypted using the obtained second biometric information,
Decrypting the encrypted first encryption key using a second encryption key generated based on the obtained second biometric information, and decrypting the encrypted content using the decrypted first encryption key. device.
The method according to claim 1,
Wherein,
Wherein the biometric information acquisition unit determines one biometric information to be acquired from among the first biometric information and the second biometric information in accordance with the execution request of the content, acquires the second biometric information when the second biometric information is determined, And decrypt the encrypted content using the second biometric information.
The method according to claim 1,
Further comprising a communication unit,
Wherein at least one of the first biometric information and the second biometric information comprises:
Is obtained from the at least one external device via the communication unit.
The method according to claim 1,
Further comprising at least one biometric module for recognizing biometric information of a user,
Wherein at least one of the first biometric information and the second biometric information comprises:
Wherein the at least one biometric module is obtained from the at least one biometric module.
A method of decrypting content using biometric information,
Storing the encrypted content using the first biometric information of the user;
Acquiring second biometric information of the user different from the first biometric information according to the execution request of the content; And
And decrypting the encrypted content using the obtained second biometric information.
The method according to claim 6,
Further comprising the step of storing the encrypted first encryption key using the second encryption key generated based on the second biometric information,
Wherein the step of storing the encrypted content using the first biometric information of the user comprises:
And storing the encrypted content using the first encryption key generated based on the first biometric information,
And decrypting the encrypted content using the obtained second biometric information,
Decrypting the encrypted first encryption key using a second encryption key generated based on the obtained second biometric information, and decrypting the encrypted content using the decrypted first encryption key And decrypting the content.
The method according to claim 6,
Wherein the acquiring of the second biometric information of the user different from the first biometric information, in response to the execution request of the content,
Determining one biometric information to be acquired from the first biometric information and the second biometric information according to an execution request of the content; And
And if the second biometric information is determined, acquiring second biometric information of the user different from the first biometric information.
A user terminal for logging in to a server using biometric information,
A communication unit for communicating with a server located outside the user terminal; And
Log-in to the server based on user authentication using the first biometric information,
After the login with the server is released,
Acquiring second biometric information of the user different from the first biometric information,
Transmits authentication request information related to the acquired second biometric information to the server through the communication unit,
And a control unit for re-logging in to the server based on user authentication using the authentication request information.
10. The method of claim 9,
Wherein,
When the authentication request information related to the acquired second biometric information is transmitted to the server through the communication unit,
Generates second biometric authentication information from the obtained second biometric information,
And transmits the password obtained based on the generated second biometric authentication information or the second biometric authentication information to the server.
10. The method of claim 9,
Wherein,
When the authentication request information related to the acquired second biometric information is transmitted to the server through the communication unit,
And transmits at least one of identification information of the user terminal and identification information of a user using the user terminal.
A method for a user terminal to log into a server using biometric information,
Logging in to the server based on user authentication using the first biometric information;
Acquiring second biometric information of the user different from the first biometric information after the login with the server is released;
Transmitting authentication request information related to the acquired second biometric information to the server; And
And re-logging in to the server based on user authentication using the authentication request information.
13. The method of claim 12,
Wherein the transmitting the authentication request information related to the acquired second biometric information to the server comprises:
Generating second biometric authentication information from the obtained second biometric information; And
And transmitting the password obtained based on the generated second biometric authentication information or the second biometric authentication information to the server.
13. The method of claim 12,
Wherein the transmitting the authentication request information related to the acquired second biometric information to the server comprises:
And transmitting at least one of identification information of the user terminal and identification information of a user using the user terminal.

Images