System and method of user and data verification
First Claim
1. A method of generating a digital signature, the method comprising:
- generating a public and a private key on a secure device;
storing biometric information indicative of a user in the secure device;
receiving biometric information indicative of the user; and
comparing the stored biometric information with the received biometric information on the secure device, and if the comparison is successful, generating a digital signature for a message.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method of authenticating users and data. One embodiment of the invention includes a smart card that digitally signs a message in response to authenticating biometric information that is provided by a user. The smart card may include a random number generator and an encryption module. In an enrollment mode, the biometric data analyzer receives biometric data from a user and triggers the random number generator to create a public key and a private key. The private key is stored in a tamper-resistant component on the smart card. The public key is transmitted to an external device, such as a computer, via a card reader interface. During a signing mode, the smart card digitally signs incoming messages subsequent to verifying the biometric information that is provided by the user.
-
Citations
24 Claims
-
1. A method of generating a digital signature, the method comprising:
-
generating a public and a private key on a secure device;
storing biometric information indicative of a user in the secure device;
receiving biometric information indicative of the user; and
comparing the stored biometric information with the received biometric information on the secure device, and if the comparison is successful, generating a digital signature for a message. - View Dependent Claims (2, 3, 4)
-
-
5. A system for generating a digital signature, the system comprising:
-
means for generating a public and a private key on a secure device;
means for storing biometric information indicative of a user on the secure device;
means for receiving biometric information indicative of the user; and
means for comparing the stored biometric information with the received biometric information on the secure device, and if the comparison is successful, generating a digital signature for a message. - View Dependent Claims (6, 7, 8)
-
-
9. A method of generating a digital signature, the method comprising:
-
storing biometric information in a secure and portable device; and
generating, with the biometric information, a public key and a private key on the secure and portable device. - View Dependent Claims (10, 11, 13, 14, 16, 17, 18, 20, 21)
-
-
12. A secure device for generating a digital signature, the secure device comprising:
-
a module configured to generate a public and a private key on a secure device;
a memory configured to store biometric information indicative of a user in the secure device; and
a biometric data analyzer configured to receive biometric information indicative of the user, and wherein the biometric data analyzer is configured to compare the stored biometric information with the received biometric information on the secure device, and if the comparison is successful, the biometric data analyzer generates a digital signature for a message.
-
-
15. A secure device, comprising:
-
a biometrics processor configured to process biometric data and configured to authenticate the identity of a user;
a biometrics interface for receiving biometric data and transmitting the biometric data to the biometrics processor;
a card reader interface for transmitting at least one message to an electronic device; and
a cryptoprocessor for generating a digital signature for the message;
wherein the secure device transmits the generated digital signature to the electronic device via the card reader interface subsequent to the biometric processor authenticating the identity of the user.
-
-
19. A method of generating a digital signature on a smart card, comprising:
-
generating a public key on a portable smart card;
generating a private key on the portable smart card;
storing the private key in a tamperproof memory in the portable smart card;
storing biometric information indicative of a user in the portable smart card;
receiving biometric information indicative of the user at the portable smart card;
comparing the stored biometric information with the received biometric information on the portable smart card, and if the comparison is successful, generating a digital signature for a message, wherein the digital signature includes an encrypted message digest of the message, and wherein the digital signature is encrypted, at least in part, using the generated private key; and
transmitting the generated digital signature to a remote electronic device.
-
-
22. A system for generating a digital signature, the system comprising:
-
means for registering biometric information in a secure device; and
means for generating a public key and a private key on the secure device in conjunction with the biometric information. - View Dependent Claims (23)
-
-
24. A system, comprising:
-
a network;
at least one biometric input device; and
a device configured to provide a digital signature to another device via the network in response to authenticating the identity of a user.
-
Specification