使用带有模糊容差算法的笔画作为加密密钥
如何以模糊容忍度加密/解密?
我希望能够使用 InkCanvas 上的笔画作为加密密钥,但再次解密时,用户不必绘制完全相同的符号,而只需绘制相似的符号。这可以在 .NET C# 中完成吗?
--- 更新(9 月 9 日) ---
我理想地想要的是一种加密算法,该算法将接受基于某些基本密钥的特定密钥范围内的任何密钥和定义允许差异的函数..
我正在执行所有加密/本地解密,因此我不需要通过线路安全地发送任何内容。而且我不想存储用于加密的密钥,所以我没有任何东西可以比较。我可以想出一些方法来为每个相似的笔划生成相同的键,但如果想要接受任何类型的符号(不仅仅是字母),这并不容易。另一种选择是加密密钥是否可以通过设计接受类似的密钥,我不知道这是否可能......?
How can I encrypt/decrypt with fuzzy tolerance?
I want to be able to use a Stroke on an InkCanvas as key for my encryption but when decrypting again the user should not have to draw the exact same symbol, only similar. Can this be done in .NET C#?
--- Update (9 sep) ---
What I ideally want is an encryption algorithm that would accept any key in a certain range of keys based on some base-key and a function defining the allowed differences ..
Im doing all encryption/decryption locally so I wont need to send anything over a wire safely. And I dont want to store the key used for encryption, so I wont have anything to compare with. I could come up with some method to generate the same key for every similar stroke but its not easy if a want to accept any kind of symbol (not only letters). The other option is if the encryption key somehow could accept similar keys by design, which I dont know if its possible...?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(7)
好的。让我们把你的问题分成两部分。
1) 模糊
2) 加密
事实上,这两个概念都相对较旧,而且它们的实现已经存在多年了。每个都很好地处理了手头的问题,但这并不意味着将两者结合起来是一个好主意。我相信您的解决方案必须采用两阶段方法。
首先,现有的加密标准在使用单一精确密钥保护数据方面非常有效。根据您的情况,您需要对称加密算法,例如 AES 或 Rijndael。
解决方案的模糊部分也不是那么难。与任何其他模糊识别技术一样,您需要进行特征提取并创建要传递给加密算法的向量。您需要在您的功能中建立模糊性。例如,笔画的数量、每个笔画的起始点的象限、每个笔画的弯曲系数等。这足以构建一个 32 位向量来传递给加密算法。
更新
我会尝试使其更具说明性:
2位表示笔划数:1、2、3、+3,转换为00、01、10和11
2位表示笔划开始的象限第一个笔划:TopLeft、TopRight、BottomLeft、BottomRightt 编码为 00、01、10 和 11
第一个笔划结束的象限的 2 位:同上
第二个笔划开始的象限的 2 位:同上。如果没有第二笔画,则为 00。
第二笔画末尾象限的 2 位:同上。如果没有第二笔划,则为 00。
第三笔划开始的象限的 2 位:同上。如果没有第三笔画,则为 00。
第二笔画末尾象限的 2 位:同上。如果没有第三笔划,则为00。
第一笔划的弯曲度的2位:直->00...漂亮的圆->11。这不会很容易,您可能会将弯曲度降低到 2,并仅使用一点,但这是“吮吸它并看看”。
所以这是 16 位。您现在可以将其余部分保留为零,然后尝试看看它是如何工作的。
希望这有帮助。
OK. Let's break your problem into two.
1) Fuzzy
2) Encryption
Reality is both these concepts are relatively old and their implementation have been out there for years. Each deals with the problem at hand very well but this does not mean that combining these two is a good idea. I believe you have to have your solution as a two-stage approach.
First of all encryption standards out there are great in securing the data using a SINGLE EXACT key. In your case you need symmetric encryption algos such as AES or Rijndael.
Fuzzy part of the solution is also not that hard. Like any other fuzzy recognition technique, you need to do a feature extraction and create a vector to be passed to the encryption algo. You need to build fuzziness into your features. For example, number of strokes, quadrant of the start point for each stroke, a factor of curviness for each stroke and the like. This will be enough to build a 32 bit vector to pass to the encryption algorithm.
UPDATE
I will try to make it more illustrative:
2 bits for number of strokes: 1, 2, 3, +3 which translates to 00, 01, 10 and 11
2 bits for quadrant of the start of the first stroke: TopLeft, TopRight, BottomLeft, BottomRightt encodes to 00, 01, 10 and 11
2 bits for quadrant of the end of the first stroke: ditto
2 bits for quadrant of the start of the second stroke: ditto. If no second stroke then 00.
2 bits for quadrant of the end of the second stroke: ditto. If no second stroke then 00.
2 bits for quadrant of the start of the third stroke: ditto. If no third stroke then 00.
2 bits for quadrant of the end of the second stroke: ditto. If no third stroke then 00.
2 bits for curviness of the first stroke: straight->00 ... Nice round->11. This is not going to be very easy and you might reduce the degrees of curviness to 2 and use just one bit but it is a "suck it and see".
So this is 16 bits. You can leave the rest as zero for now and try and see how it works.
Hope this helps.
有许多允许模糊秘密的加密方案。通常,开发这些方案是为了利用生物特征信息(即指纹、视网膜扫描)来保护秘密,但底层方案更普遍适用。这种方案的一个例子是
模糊保险库方案 由Juels 和Sudan 提议。
There are a number of encryption schemes that allow fuzzy secrets. Frequently, these schemes are developed to protect secrets with biometric information (i.e. fingerprints, retina scans), but the underlying schemes are more generally applicable. One example for such a scheme is
a fuzzy vault scheme proposed by Juels and Sudan.
使用某种形式的 OCR(光学字符识别)将 Stroke 转换为常规文本,然后使用该文本作为键。只要用户将任何经过 OCR 处理的内容绘制成完全相同的文本,他们就能够再次解密。
Use some form of OCR (optical character recognition) to convert the Stroke into regular text, and then use that text as the key. As long as the user draws anything that gets OCR-ed into the exact same text, they'll be able to decrypt again.
如果您将笔划编码为图像,则可以使用模糊算法来检测图像之间的相似性< /a>.当然,如果您要使用这种方法,您应该使用 2 路加密方法而不是 1 路哈希,以便可以检索原始图像。
If you encode your strokes as images, there are fuzzy algorithms for detecting similarity between images. Of course, if you were to use such an approach, you should use a 2-way encryption method rather than a 1-way hash so that the original image is retrievable.
这里的问题是用于加密的密钥(Stroke 或从 Stroke 派生的东西)必须与加密消息一起发送。否则,解密协议无法将解密笔画与原始笔画进行比较。
因此,假设 Alice 想要加密一些消息
M。她是唯一应该解密该消息的人,因此鲍勃不在照片中。 Alice 生成一个模糊加密密钥Ke并将M加密为Me:Encrypt(M,Ke) = Me。发送的消息是(Ke,Me)。在接收方,Alice 产生模糊解密密钥Kd。某些算法检查Ke ~ Kd和Me是否已解密:Decrypt(Me,Ke) = M。请注意,这是对称加密;Kd仅用于检查它是否“充分等于”Ke。当然,问题在于
Ke是与消息一起以明文形式发送的,因此 Eve 可以简单地获取密钥并解密Me。然而,接收端需要Ke来将其与Kd进行比较。那么我们如何在 Eve 无法窃听的情况下发送Ke和消息呢?我们可以创建Ke的哈希值并通过线路发送:(Hash(Ke),Me)。然而,在接收端,无法基于Hash(Ke)来验证Ke和Kd之间的“充分相等”。我们可以设计一些基于
Ke生成值的算法,这样如果Ke ~ Kd -> V(Ke) ~ V(Kd)(如果Ke和Kd相似,则生成的值相似)。我们将消息(V(Ke),Me)发送给接收者。然而,现在 Eve 可以相对容易地根据V(Ke)确定Ke。她从随机候选密钥:KeC开始,并使用我们的算法确定V(KeC)。如果它看起来与消息中的V(Ke)完全不同,她会对候选KeC进行一些重大更改,然后重试。当她接近消息的V(Ke)时,她会对KeC等进行较小的更改。因此,如果我们允许
,则不可能创建安全的加密方案Ke与消息一起发送。这意味着必须将Ke提供给受信任的 Trent第三者。在这种情况下,Trent 可以是应用程序的数据库。所以现在的方案如下:Alice 生成
Ke、一条消息M和一个唯一的 idId。Ke与Id一起存储在我们的数据库 Trent 中。M使用常规加密方案进行加密,该方案使用Ke作为密钥:Me = Encrypt(M,Ke)。发送给接收者的消息是(Me,Id)。在接收方,Alice 收到消息
(Me,Id)。 Alice 生成Kd。根据Id,我们从Trent获取对应的Ke,并与Kd进行比较。如果匹配,我们解密Me:M = Decrypt(Me,Ke)。现在唯一的问题是当你有一个入侵者 Mallory 可以访问特伦特.他可以向 Trent 询问基于随机 ID 的
Ke值。为了防止出现这种情况,您不应在消息中包含Id,这样消息就变成了(Me)。现在,您必须想出一个策略,仅使用Kd从 Trent 获取候选Ke。这当然是可能的,因为您可以将Kd与数据库中的所有Ke进行比较,返回最“相似”的Ke并尝试作为解密密钥。该策略假设每个人的 Stroke(或 Ke)有足够的不同。上述策略借鉴了生物识别加密技术,将生物识别数据存储在数据库中,并使用该数据来识别或验证个人。尝试在 Google 中搜索生物识别加密以获取一些其他信息。
The problem here is that the key that is used for encryption (the Stroke or something derived from the Stroke) must be sent along with the encrypted message. Otherwise, there is no way for the decryption protocol to compare the decryption stroke with the original.
So suppose Alice wants to encrypt some message
M. She is the only person who should decrypt the message, so Bob is not in the picture. Alice generates a fuzzy encryption keyKeand encryptsMto becomeMe:Encrypt(M,Ke) = Me. The message that is sent is(Ke,Me). On the receiving side, Alice produces fuzzy decryption keyKd. Some algorithm checks thatKe ~ KdandMeis decrypted:Decrypt(Me,Ke) = M. Note that this is symmetric encryption;Kdis only used to check that it is 'sufficiently equal' toKe.Of course the problem is that
Keis sent in cleartext along with the message so Eve can simply take the key and decryptMe. However,Keis needed on the receiving side to compare it againstKd. So how do we sendKealong with the message without Eve being able to eavesdrop? We could create a hash ofKeand send that over the line:(Hash(Ke),Me). However, on the receiving side there would be no way to verify 'sufficient equality' betweenKeandKdbased onHash(Ke).We could device some algorithm that generates a value based on
Kesuch that ifKe ~ Kd -> V(Ke) ~ V(Kd)(ifKeandKdare similar then the generated values are similar). We send the message(V(Ke),Me)to the receiver. However, it would now be relatively easy for Eve to determineKebased onV(Ke). She starts with a random candidate key:KeCand using our algorithm, determines aV(KeC). If it doesn't look at all like theV(Ke)in the message, she makes some drastic changes to the candidateKeCand tries again. As she comes closer to the message'sV(Ke)she makes smaller changes toKeC, etc.So it is impossible to create a secure encryption scheme if we allow
Keto be sent along with the message. This means thatKehas to be given to Trent, the trusted third party. In this case, Trent can be the application's database. So now the scheme becomes as follows:Alice generates
Ke, a messageMand a unique idId.Keis stored with Trent, our database, along withId.Mis encrypted using a regular encryption scheme that usesKeas key:Me = Encrypt(M,Ke). The message sent to the receiver is(Me,Id).On the receiving side, Alice receives the message
(Me,Id). Alice generatesKd. Based onId, we get the correspondingKefrom Trent and compare it withKd. If there is a match, we decryptMe:M = Decrypt(Me,Ke).The only problem now is when you have an intruder Mallory with access to Trent. He can ask Trent for
Kevalues based on random id's. To prevent this, you shouldn't includeIdinto the message so that the message simply becomes(Me). Now you would have to come up with a strategy to get candidateKe's from Trent only by usingKd. This is of course possible because you can compareKdwith allKe's in the database, return the most 'similar'Keand try that as the decryption key. This strategy assumes that each person's Stroke (or Ke) is sufficiently different.The strategy above is borrowed from biometric encryption where you store biometric data in a database and use that to either identify or authenticate individuals. Try searching Google for biometric encryption to get some additional info.
正如我在评论中指出的那样,我不知道 模糊加密是一个成熟的话题,所以我们来思考一下横向。既然您在本地进行加密/解密,那么硬件实现怎么样?也就是说,您购买一台平板电脑来进行生物识别,并在其中保留传统的加密密钥。大概是这样的:
请注意,第 5 步是安全链的弱点,因为针对文档查看器(例如 Acrobat Reader)的攻击正在变得更多 普遍。最好使用某种沙箱方案,例如 VMWare 实例。
As I pointed out in a comment, I don't know that fuzzy encryption is a mature topic, so let's think laterally. Since you are doing the encrypt/decrypt locally, how about a hardware implementation? Ie you buy a tablet computer to do the biometrics, and stronghold a conventional encryption key inside it. It would go like this:
Note that step 5 is the weak point of the security chain, as attacks against document viewers (eg Acrobat Reader) are becoming more prevalent. Better use some kind of sandboxing scheme such as a VMWare instance.
一种简单的方法是对有关密钥的大量信息进行编码,然后计算其匹配的准确度。示例信息,假设您可以将用户的输入转换为线/弧/点的某种近似值:
直线数
封闭区域的数量
使用的绘图量。
x 轴上点的标准差。
y 轴上点的标准差。
绘制形状尺寸的标准偏差。
封闭区域的排序列表。
等等。
因此,您不是表示图像,而是表示图像的属性。模糊性是指您给每个属性一个准确度分数,添加或乘以或以其他方式组合总准确度级别,并在密码通过某个阈值时接受密码。
One simple way to do it is to instead encode lots of information about the key, and then figure out how accurately it matches. Example information, assuming you can convert the user's input to some approximation of lines/arcs/points:
Number of straight lines
Number of enclosed regions
Amount of drawing used.
Standard deviation of points on the x axis.
Standard deviation of points on the y axis.
Standard deviation of size of shapes drawn.
Sorted list of areas of the enclosed regions.
Etc.
Thus, instead of representing the image you are representing properties of the image. The fuzziness will be that you give each of these properties an accuracy score, add or multiply or otherwise combine the total accuracy level, and accept the password if it passes some threshold.