System, method and apparatus for secure two-tier backup and retrieval of authentication information
First Claim
1. A method for backing up a biometrics-based authentication device comprising the steps of:
- obtaining a first encryption key;
enciphering lower tier data with said first encryption key to generate an encrypted lower tier backup file;
obtaining a second encryption key; and
enciphering upper tier data with said second encryption key to generate an encrypted upper tier backup file, wherein said lower tier data contain encrypted identification of a user and authentication information associated therewith and wherein said upper tier data contain biometrics data of said user and said lower tier data encrypted with said first encryption key.
0 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides new ways to securely backup and restore a user'"'"'s portable biometrics-based authentication device without compromising the secrecy thereof. A two-tier backup encryption structure allows the decryption of lower tier data only when upper tier data has been decrypted and validated. The structure can be expressed as:
Backup={biometrics data+any validation scripts/keys/values+(associated data)},
where
( ) represents the lower tier encryption; and
{ } represents the upper tier encryption.
The lower tier data contain encrypted electronic identity of a user and authentication information associated therewith such as private keys and corresponding certificates. The upper tier data contain the encrypted lower tier data and the user'"'"'s biometrics information.
-
Citations
13 Claims
-
1. A method for backing up a biometrics-based authentication device comprising the steps of:
-
obtaining a first encryption key;
enciphering lower tier data with said first encryption key to generate an encrypted lower tier backup file;
obtaining a second encryption key; and
enciphering upper tier data with said second encryption key to generate an encrypted upper tier backup file, wherein said lower tier data contain encrypted identification of a user and authentication information associated therewith and wherein said upper tier data contain biometrics data of said user and said lower tier data encrypted with said first encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification