System for biometric signal processing with hardware and software acceleration

US 20070038867A1
Filed: 06/02/2004
Published: 02/15/2007
Est. Priority Date: 06/02/2003
Status: Abandoned Application

First Claim

Patent Images

1. A secure system for biometric signal processing, comprising:

a secure communication protocol configured to localize biometric data, wherein said protocol provides authentication without transmission of said biometric data; and

a key generation function based on a dynamic key generator and static biometric components.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure embedded system that uses cryptographic and biometric signal processing acceleration is described. In one embodiment, the secure embedded system is configured as a wireless pay-point protocol for brick-and-mortar and e-commerce applications in which biometric information is localized and does not require transmission of biometric data for authentication. In one embodiment, a key-generation function uses a dynamic key generator and static biometric components. In one embodiment, an embedded system design methodology provides hardware and software acceleration transparency.

Citations

19 Claims

1. A secure system for biometric signal processing, comprising:
- a secure communication protocol configured to localize biometric data, wherein said protocol provides authentication without transmission of said biometric data; and
  
  a key generation function based on a dynamic key generator and static biometric components.

2. A secure system for biometric signal processing, comprising:
- a fingerprint image sensor;
  
  a cryptographic module configured to encrypt and decrypt data using a secret key known to said cryptographic hardware accelerator and to an authentication server; and
  
  a communication protocol module configured to receive an authentication vector from said authentication server, verify an identity of said authentication server, and to provide authentication of a user to said authentication server without transmission of biometric data.
- View Dependent Claims (3, 4, 5, 6)
- - 3. The system of claim 2, further comprising a communication port.
  - 4. The system of claim 2, wherein a biometric verification process is performed within the secure system.
  - 5. The system of claim 2, wherein a fingerprint verification process is performed within the secure system using minutia detection and matching algorithms.
  - 6. The system of claim 2, wherein access to said cryptographic hardware accelerator is substantially transparent to a JAVA program.

7. A method for providing secure communications, comprising sending an identification code to a transaction terminal;
- forwarding said identification code and transaction data from said transaction terminal to an authentication server;
  
  generating a first authorization vector;
  
  encrypting at least a portion of said first authorization vector using a first secret key to produce a first encrypted authorization vector;
  
  sending said first encrypted authorization vector to said transaction terminal;
  
  forwarding said first encrypted authorization vector from said transaction terminal to a biometric identification device comprising a biometric identification sensor;
  
  decrypting said first encrypted authorization vector to create a first decrypted authorization vector;
  
  verifying an identity of said authorization server using at least portion of said first decrypted authorization vector;
  
  sensing biometric data using said biometric identification sensor;
  
  examining said biometric data to verify an identity of a user of said biometric identification device;
  
  generating a second authorization vector;
  
  encrypting at least a portion of said second authorization vector using a second secret key to produce a second encrypted authorization vector;
  
  sending said second encrypted authorization vector to said transaction terminal;
  
  forwarding said first encrypted authorization vector from said transaction terminal to said authentication server;
  
  decrypting said first encrypted authorization vector to create a second decrypted authorization vector; and
  
  verifying an identity of said user using at least a portion of said second decrypted authorization vector.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 8. The method of claim 7, further comprising:
    - profiling a JAVA application module of said biometric identification device;
      
      converting relatively moderately-used portions of said JAVA application to a C language portion and accessing said C language portion without substantially modifying said JAVA application module; and
      
      converting relatively heavily-used portions of said JAVA application into hardware and accessing said hardware through an interface without substantially modifying said JAVA application module.
  - 9. The method of claim 7, wherein said first secret key and said second secret key are substantially identical.
  - 10. The method of claim 7, wherein said sending an identification code comprises wireless transmission.
  - 11. The method of claim 7, wherein said sending an identification code comprises infrared transmission.
  - 12. The method of claim 7, wherein said sending an identification code comprises radio-frequency wireless transmission.
  - 13. The method of claim 7, wherein said encrypting said at least a portion of said first authorization vector comprises a Rijndael algorithm.
  - 14. The method of claim 7, wherein said biometric sensor comprises a fingerprint sensor.
  - 15. The method of claim 7, wherein said biometric sensor comprises an RFID sensor.
  - 16. The method of claim 7, wherein said biometric sensor comprises a retina scan sensor.
  - 17. The method of claim 7, wherein said biometric data comprises image data.
  - 18. The method of claim 7, wherein said biometric data comprises fingerprint image data.
  - 19. The method of claim 7, wherein said verifying an identity of said user comprises identifying minutiae in a fingerprint scan.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Regents of the University of California (University of California)
Original Assignee
Regents of the University of California (University of California)
Inventors
Fan, Yi, Schaumont, Patrick, Hwang, David, Yang, Shenglin, Verbauwhede, Ingrid, Sakiyama, Kazuo, Lai, Bo-Cheng, Hodjat, Alireza

Application Number

US10/554,763
Publication Number

US 20070038867A1
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06Q 20/12   specially adapted for elect...

G06Q 20/4014   Identity check for transact...

G07C 9/257   electronically G07C9/26 tak...

H04L 2209/12   Details relating to cryptog...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/0637   Modes of operation, e.g. ci...

H04L 9/085   Secret sharing or secret sp...

H04L 9/16   the keys or algorithms bein...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3242   involving keyed hash functi...

System for biometric signal processing with hardware and software acceleration

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System for biometric signal processing with hardware and software acceleration

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links