Encryption system

US 20050021984A1
Filed: 06/01/2004
Published: 01/27/2005
Est. Priority Date: 11/30/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method of allowing a sender to encrypt a data object for transfer to a recipient via a communication system, the method including:

a. Determining biometric data representative of at least one of the sender and the recipient;

b. Using the determined biometric data to generate an encryption key;

c. Encrypting the data object using the generated encryption key and a predetermined encryption algorithm; and

, d. Transferring the encrypted data object to the recipient via the communications system.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a method of allowing a sender to encrypt a data object for transfer to a recipient via a communication system. The method includes determining biometric data representative of at least one of the sender and the recipient. The determined biometric data is used to generate an encryption key which is used to encrypt the data object. The encrypted data object is then transferred to the recipient via the communications system.

46 Citations

View as Search Results

54 Claims

1. A method of allowing a sender to encrypt a data object for transfer to a recipient via a communication system, the method including:
- a. Determining biometric data representative of at least one of the sender and the recipient;
  
  b. Using the determined biometric data to generate an encryption key;
  
  c. Encrypting the data object using the generated encryption key and a predetermined encryption algorithm; and
  
  , d. Transferring the encrypted data object to the recipient via the communications system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 25, 27, 29)
- - 2. A method according to claim 1, the method including generating biometric data by:
    - a. Generating a scanned image by scanning a portion of the user; and
      
      , b. Generating the biometric data representative of the user from the scanned image.
  - 3. A method according to claim 2, the method of generating the biometric data from the scanned image including applying a predetermined one-way function to the scanned image.
  - 4. A method according to claim 2, the method including generating the encryption key using the generated biometric data representative of the sender.
  - 5. A method according to claim 2, the method further including:
    - a. Validating the identity of the sender; and
      
      , b. Generating the encryption key in response to a successful validation.
  - 6. A method according to claim 5, the method of validating the sender including:
    - a. Comparing the generated biometric data representative of the sender to predetermined biometric data representative of the sender; and
      
      , b. Validating the sender in response to a successful comparison.
  - 7. A method according to claim 6, the validation being performed by a processor coupled to a data store, the data store being adapted to store the sender'"'"'s predetermined biometric data, the processor being adapted to:
    - a. Receive an indication of the sender;
      
      b. Receive the sender'"'"'s generated biometric data;
      
      c. Obtain the predetermined biometric data from the data store in accordance with the indication of the sender;
      
      d. Compare the sender'"'"'s generated biometric data and the predetermined biometric data; and
      
      , e. Validate the sender in response to a successful comparison.
  - 8. A method according to claim 7, the processor and the data store being located at a base station, the method including using an end station to transfer the data object to the recipient via the communications system.
  - 9. A method according to claim 8, the end station including:
    - a. An input;
      
      b. A scanning system;
      
      c. A communications link, for coupling the end station to the communications system; and
      
      , d. An end station processor, the method including causing the end station processor to;
      
      i. Receive an input command from the sender requesting the transfer of the data object;
      
      ii. Determine sender'"'"'s biometric data by causing the scanning system to scan a portion of the sender;
      
      iii. Generate the encryption key;
      
      iv. Encrypt the data object with the determined encryption key; and
      
      , v. Transfer the data object to the communications system.
  - 10. A method according to claim 9, the encryption key being generated based on the biometric data of the sender and the recipient.
  - 11. A method according to claim 10, the method further including a. Causing the end station processor to transfer to the base station:
    - i. The sender'"'"'s biometric data;
      
      ii. An indication of the recipient; and
      
      , iii. An indication of the sender;
      
      b. Causing the base station processor to;
      
      i. Validate the sender; and
      
      , ii. In response to a successful validation;
      
      1. Obtain the biometric data of the recipient from a database in accordance with the received indication; and
      
      , 2. Transfer the recipient'"'"'s biometric data to the end station.
  - 12. A method according to claim 11, the method including causing the end station processor to transfer the sender'"'"'s biometric data to the base station by:
    - a. Encrypting the sender'"'"'s biometric data; and
      
      , b. Transferring the sender'"'"'s encrypted biometric data to the base station, the base station processor being adapted to decrypt the received encrypted biometric data.
  - 13. A method according to claim 12, the biometric data being encrypted using a second predetermined encryption algorithm and a second encryption key, the second encryption key being generated by a remote processing system, the method including:
    - a. Causing the end station processor to;
      
      i. Obtain the second encryption key from the remote processing system; and
      
      , ii. Encrypt the sender'"'"'s biometric data using the second encryption algorithm and the obtained second encryption key;
      
      b. Causing the base station processor to decrypt the encrypted sender'"'"'s biometric data by;
      
      i. Obtaining the second encryption key from the remote processing system; and
      
      , ii. Decrypting the sender'"'"'s encrypted biometric data using the second encryption algorithm and the obtained second encryption key.
  - 14. A method according to claim 15, the method of obtaining the second encryption key from the remote processing system and including the steps of:
    - a. Generating a request for an encryption key;
      
      b. Transferring the request to the remote processing system;
      
      c. Causing the remote processing system to;
      
      i. Generate the second key;
      
      ii. Encrypt the second encryption key;
      
      iii. Transfer the encrypted second encryption key via a secure connection;
      
      d. Receiving the encrypted second encryption key via the secure connection; and
      
      , e. Decrypt the second encryption key.
  - 15. A method according to any of claim 11, the method including causing the base station processor to transfer the recipient'"'"'s biometric data to the base station by:
    - a. Encrypting the recipient'"'"'s biometric data; and
      
      , b. Transferring the recipient'"'"'s encrypted biometric data to the end station, the end station processor being adapted to decrypt the received encrypted biometric data.
  - 16. A method according to claim 15, the biometric data being encrypted using a third predetermined encryption algorithm and a third encryption key, the third encryption key being generated by a remote processing system, the method including:
    - a. Causing the base station processor to;
      
      i. Obtain the third encryption key from the remote processing system; and
      
      , ii. Encrypt the recipient'"'"'s biometric data using the third encryption algorithm and the obtained third encryption key;
      
      b. Causing the end station processor to decrypt the encrypted biometric data by;
      
      i. Obtaining the third encryption key from the remote processing system; and
      
      , ii. Decrypting the recipient'"'"'s encrypted biometric data using the third encryption algorithm and the obtained third encryption key.
  - 17. A method according to claim 16, the method of obtaining the third encryption key from the remote processing system including:
    - a. Generating a request for an encryption key;
      
      b. Transferring the request to the remote processing system;
      
      c. Causing the remote processing system to;
      
      i. Generate the third key;
      
      ii. Encrypt the third encryption key;
      
      iii. Transfer the encrypted third encryption key via a secure connection;
      
      d. Receiving the encrypted third encryption key via the secure connection; and
      
      , e. Decrypt the third encryption key.
  - 18. A method according to claim 14, the secure connection being a 128-bit SSL connection.
  - 19. A method according to claim 1, the data object including an e-mail.
  - 20. A method according to claim 19, the e-mail including an attachment.
  - 21. A method according to claim 19, the indication being an e-mail address.
  - 22. A method according to claim 1, the biometric data being formed from by scanning the user'"'"'s thumb.
  - 25. The method of claim 1 performed with an end station for allowing a sender to encrypt a data object for transfer to a recipient via a communication system, the end station including:
    - a. An input;
      
      b. A communications link, for coupling the end station to the communications system; and
      
      , c. An end station processor, adapted to;
      
      i. Receive an input command from the sender requesting the transfer of the data object;
      
      ii. Determine an encryption key based on biometric data representative of at least one of the sender and the recipient;
      
      iii. Encrypt the data object with the encryption key; and
      
      , iv. Transfer the data object to the communications system.
  - 27. The method of claim 1 performed with a base station for allowing a sender to encrypt a data object for transfer to a recipient via a communication system, the base station including:
    - a. A data store for storing biometric data;
      
      b. A processor, the processor being adapted to validate the sender to allow the data object to be encrypted by;
      
      i. Receiving an indication of the sender;
      
      ii. Receiving the sender'"'"'s generated biometric data;
      
      iii. Obtaining predetermined biometric data from the data store in accordance with the indication of the sender;
      
      iv. Comparing the sender'"'"'s generated biometric data and the predetermined biometric data; and
      
      , v. Validating the sender in response to a successful comparison.
  - 29. The method of claim 1 performed with apparatus for allowing a sender to encrypt a data object for transfer to a recipient via a communication system, the apparatus including a processor adapted to:
    - a. Determine biometric data representative of at least one of the sender and the recipient;
      
      b. Use the determined biometric data to generate an encryption key;
      
      c. Encrypt the data object using the generated encryption key and a predetermined encryption algorithm; and
      
      , d. Transfer the encrypted data object to the recipient via the communications system.

23. An end station for allowing a sender to encrypt a data object for transfer to a recipient via a communication system, the end station including:
- a. An input;
  
  b. A communications link, for coupling the end station to the communications system; and
  
  , c. An end station processor, adapted to;
  
  i. Receive an input command from the sender requesting the transfer of the data object;
  
  ii. Determine an encryption key based on biometric data representative of at least one of the sender and the recipient;
  
  iii. Encrypt the data object with the encryption key; and
  
  , iv. Transfer the data object to the communications system.
- View Dependent Claims (24)
- - 24. An end station according to claim 23, the end station the end station further including a scanning system, the scanning system being adapted to determine the sender'"'"'s biometric data by scanning a portion of the sender.

26. A base station for allowing a sender to encrypt a data object for transfer to a recipient via a communication system, the base station including:
- a. A data store for storing biometric data;
  
  b. A processor, the processor being adapted to validate the sender to allow the data object to be encrypted by;
  
  i. Receiving an indication of the sender;
  
  ii. Receiving the sender'"'"'s generated biometric data;
  
  iii. Obtaining predetermined biometric data from the data store in accordance with the indication of the sender;
  
  iv. Comparing the sender'"'"'s generated biometric data and the predetermined biometric data; and
  
  , v. Validating the sender in response to a successful comparison.

28. Apparatus for allowing a sender to encrypt a data object for transfer to a recipient via a communication system, the apparatus including a processor adapted to:
- a. Determine biometric data representative of at least one of the sender and the recipient;
  
  b. Use the determined biometric data to generate an encryption key;
  
  c. Encrypt the data object using the generated encryption key and a predetermined encryption algorithm; and
  
  , d. Transfer the encrypted data object to the recipient via the communications system.

30. A method of allowing a recipient to decrypt an encrypted data object received from a sender via a communication system, the method including:
- a. Receiving the encrypted data object from the communications system;
  
  b. Determining biometric data representative of at least one of the sender and the recipient;
  
  c. Using the determined biometric data to generate a decryption key; and
  
  , d. Decrypting the encrypted data object using the generated decryption key and a predetermined decryption algorithm.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 45, 46, 47, 48, 51, 54)
- - 31. A method according to claim 30, the method including generating biometric data by:
    - a. Generating a scanned image by scanning a portion of the user; and
      
      , b. Generating the biometric data representative of the user from the scanned image.
  - 32. A method according to claim 31, the method of generating the biometric data from the scanned image including applying a predetermined one-way function to the scanned image.
  - 33. A method according to claim 31, the method including generating the decryption key using the generated biometric data representative of the recipient.
  - 34. A method according to claim 31, the method further including:
    - a. Validating the identity of the recipient; and
      
      , b. Generating the decryption key in response to a successful validation.
  - 35. A method according to claim 34, the method of validating the recipient including:
    - a. Comparing the generated biometric data representative of the recipient to predetermined biometric data representative of the recipient; and
      
      , b. Validating the recipient in response to a successful comparison.
  - 36. A method according to claim 35, the validation being performed by a processor coupled to a data store, the data store being adapted to store the recipient'"'"'s predetermined biometric data, the processor being adapted to:
    - a. Receive an indication of the recipient;
      
      b. Receive the recipient'"'"'s generated biometric data;
      
      c. Obtain the predetermined biometric data from the data store in accordance with the indication of the recipient;
      
      d. Compare the recipient'"'"'s generated biometric data and the predetermined biometric data; and
      
      , e. Validate the recipient in response to a successful comparison.
  - 37. A method according to claim 36, the processor and the data store being located at a base station, the method including using an end station to decrypt the encrypted data object received via the communications system.
  - 38. A method according to claim 37, the end station including:
    - a. An input;
      
      b. A scanning system;
      
      c. A communications link, for coupling the end station to the communications system; and
      
      , d. An end station processor, the method including causing the end station processor to;
      
      i. Receive an input command from the recipient requesting the decryption of the data object;
      
      ii. Determine recipient'"'"'s biometric data by causing the scanning system to scan a portion of the recipient;
      
      iii. Generate the decryption key; and
      
      , iv. Decrypt the data object with the determined decryption key.
  - 45. A method according to claim 30, the data object including an e-mail.
  - 46. A method according to claim 45, the e-mail including an attachment.
  - 47. A method according to claim 45, when dependent on claim 38 or claim 42, the indication being an e-mail address.
  - 48. A method according to claim 30, the biometric data being formed by scanning the user'"'"'s thumb.
  - 51. The method of claim 30 performed with an end station for allowing a recipient to decrypt an encrypted data object received from a sender via a communication system, the end station including:
    - a. An input;
      
      b. A communications link, for coupling the end station to the communications system; and
      
      , c. An end station processor, adapted to;
      
      i. Receive an input command from the recipient requesting the decryption of the encrypted data object;
      
      ii. Determine an decryption key based on biometric data representative of at least one of the recipient and the sender; and
      
      , iii. Decrypt the data object with the decryption key.
  - 54. The method of claim 30 performed with an apparatus for allowing a recipient to decrypt an encrypted data object received from a sender via a communication system, the apparatus including a processor adapted to:
    - a. Determine biometric data representative of at least one of the recipient and the sender;
      
      b. Use the determined biometric data to generate a decryption key;
      
      c. Decrypt the data object using the generated decryption key and a predetermined decryption algorithm; and
      
      , d. Transfer the decrypted data object to the sender via the communications system.

39. A method according to claim 39, the encryption key being generated based on the biometric data of the sender and the recipient.
- View Dependent Claims (40, 41, 42, 43, 44)
- - 40. A method according to claim 39, the method further including a. Causing the end station processor to transfer to the base station:
    - i. The recipient'"'"'s biometric data;
      
      ii. An indication of the sender; and
      
      , iii. An indication of the recipient;
      
      b. Causing the base station processor to;
      
      i. Validate the recipient; and
      
      , ii. In response to a successful validation;
      
      1. Obtain the biometric data of the sender from a database in accordance with the received indication; and
      
      , 2. Transfer the sender'"'"'s biometric data to the end station.
  - 41. A method according to claim 39, the method including causing the end station processor to transfer to the recipient'"'"'s biometric data to the base station by:
    - a. Encrypting the recipient'"'"'s biometric data; and
      
      , b. Transferring the recipient'"'"'s encrypted biometric data to the base station, the base station processor being adapted to decrypt the received encrypted biometric data.
  - 42. A method according to any of claim 39, the biometric data being encrypted using a second predetermined encryption algorithm and a second encryption key, the second encryption key being generated by a remote processing system, the method including:
    - a. Causing the end station processor to;
      
      i. Obtain the second encryption key from the remote processing system; and
      
      , ii. Decrypt the recipient'"'"'s biometric data using the second encryption algorithm and the obtained second encryption key;
      
      b. Causing the base station processor to decrypt the decrypted recipient'"'"'s biometric data by;
      
      i. Obtaining the second encryption key from the remote processing system; and
      
      , ii. Decrypting the recipient'"'"'s encrypted biometric data using the second encryption algorithm and the obtained second encryption key.
  - 43. A method according to claim 39, the method including causing the base station processor to transfer the sender'"'"'s biometric data to the base station by:
    - a. Encrypting the biometric data; and
      
      , b. Transferring the encrypted biometric data to the end station, the end station processor being adapted to decrypt the received encrypted biometric data.
  - 44. A method according to claim 40, the biometric data being encrypted using a third predetermined encryption algorithm and a third encryption key, the third encryption key being generated by a remote processing system, the method including:
    - a. Causing the base station processor to;
      
      i. Obtain the third encryption key from the remote processing system; and
      
      , ii. Encrypt the biometric data using the third decryption algorithm and the obtained third encryption key;
      
      b. Causing the end station processor to decrypt the encrypted biometric data by;
      
      i. Obtaining the third encryption key from the remote processing system; and
      
      , ii. Decrypting the encrypted biometric data using the third encryption algorithm and the obtained third encryption key.

49. An end station for allowing a recipient to decrypt an encrypted data object received from a sender via a communication system, the end station including:
- a. An input;
  
  b. A communications link, for coupling the end station to the communications system; and
  
  , c. An end station processor, adapted to;
  
  i. Receive an input command from the recipient requesting the decryption of the encrypted data object;
  
  ii. Determine an decryption key based on biometric data representative of at least one of the recipient and the sender; and
  
  , iii. Decrypt the data object with the decryption key.
- View Dependent Claims (50)
- - 50. An end station according to claim 49, the end station the further including a scanning system, the scanning system being adapted to determine the recipient'"'"'s biometric data by scanning a portion of the recipient.

52. A base station for allowing a recipient to decrypt an encrypted data object received from a sender via a communication system, the base station including:
- a. A data store for storing biometric data;
  
  b. A processor, the processor being adapted to validate the recipient to allow the data object to be decrypted by;
  
  i. Receiving an indication of the recipient;
  
  ii. Receiving the recipient'"'"'s generated biometric data;
  
  iii. Obtaining predetermined biometric data from the data store n accordance with the indication of the sender;
  
  iv. Comparing the recipient'"'"'s generated biometric data and the predetermined biometric data; and
  
  , v. Validating the recipient in response to a successful comparison.

53. Apparatus for allowing a recipient to decrypt an encrypted data object received from a sender via a communication system, the apparatus including a processor adapted to:
- a. Determine biometric data representative of at least one of the recipient and the sender;
  
  b. Use the determined biometric data to generate a decryption key;
  
  c. Decrypt the data object using the generated decryption key and a predetermined decryption algorithm; and
  
  , d. Transfer the decrypted data object to the sender via the communications system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Thumbsecure Biometrics Corporation Pty Limited
Original Assignee
Thumbaccess Biometrics Corporation Pty Limited
Inventors
Hollander, Harry

Application Number

US10/859,617
Publication Number

US 20050021984A1
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 9/0822   using key encryption key

H04L 9/0866   involving user or device id...

H04L 9/3231   Biological data, e.g. finge...

Encryption system

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

46 Citations

54 Claims

Specification

Use Cases

Quick Links

Others

Encryption system

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

46 Citations

54 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others