SECURE DIGITAL COMMUNICATIONS VIA BIOMETRIC KEY GENERATION

US 20110047377A1
Filed: 08/19/2009
Published: 02/24/2011
Est. Priority Date: 08/19/2009
Status: Abandoned Application

First Claim

Patent Images

1. A client device in a communications system, comprising:

a transceiver;

a detector for acquiring at least one biometric sample associated with the user; and

a processing element configured for;

generating an in-situ biometric code based at least on the biometric sample,comparing the in-situ biometric code and a canonical biometric code based on at least one comparison criterion, the canonical biometric code representing at least one biometric reference associated with the user, andif the comparison criterion is met, configuring the transceiver to transmit the in-situ biometric code to a server and establishing at least one encrypted communications session based on at least one of the in-situ encryption keys.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for secure communications in a communications network (100), including a server (102) and a client device (104a, 104b), are provided. A method includes transmitting a communications session request from the client device to the server (304), the session request including an in-situ biometric code associated with a biometric sample of a user. The method also includes separately comparing at the server and the client device the in-situ biometric code and an associated canonical biometric code based on comparison criterion (208, 310), the canonical biometric code representing a biometric reference for the user. The method also includes generating an encryption key at the server and at the client device based on the in-situ and canonical biometric codes (218, 314). The method further includes establishing an encrypted communications session between the server and the client device if the in-situ biometric code meets comparison criteria at the server and at client device (220, 316).

Citations

21 Claims

1. A client device in a communications system, comprising:
- a transceiver;
  
  a detector for acquiring at least one biometric sample associated with the user; and
  
  a processing element configured for;
  
  generating an in-situ biometric code based at least on the biometric sample,comparing the in-situ biometric code and a canonical biometric code based on at least one comparison criterion, the canonical biometric code representing at least one biometric reference associated with the user, andif the comparison criterion is met, configuring the transceiver to transmit the in-situ biometric code to a server and establishing at least one encrypted communications session based on at least one of the in-situ encryption keys.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The client device of claim 1, wherein said at least one biometric sample comprises a plurality of biometric samples, and wherein said processing element is further configured for verifying that the acquired plurality of biometric samples are acquired from live tissue.
  - 3. The client device of claim 1, wherein the processing element is configured to generate the encryption key based on at least the in-situ code.
  - 4. The client device of claim 3, wherein encryption for the encrypted communications session comprises is based on advanced encryption standard (AES) encryption, and the encryption key comprises an AES encryption key.
  - 5. The client device of claim 1, wherein the transceiver is further configured for receiving a seed key from the server and generating the encryption key based on the seed key.
  - 6. The client device of claim 5, wherein the seed key is based a combination of the in-situ biometric code and at least one other in-situ biometric code associated with another user.
  - 7. The client device of claim 1, wherein the biometric reference and the biometric sample are associated with at least one among physiological characteristics and behavioral characteristics of the user.
  - 8. The client device of claim 1, wherein the detector comprises at least one among a fingerprint detector, an iris detector, a retina detector, and hand/palm detector.
  - 9. The client device of claim 1, wherein the processing element is further configured during the comparing for determining at least one difference value for the in-situ and the canonical biometric codes, and wherein the comparison criterion is met if the difference value is less than a first threshold value.
  - 10. The client device of claim 9, wherein the comparison criterion is met if the difference value is greater than a second threshold value less than the first threshold value.

11. A server in a communications system, comprising:
- a transceiver configured for receiving one or more communications session requests from one or more client devices, each of the session requests comprising an in-situ biometric code associated with a biometric sample of a user at one of the client devices; and
  
  a processing element configured for processing each of the session requests, the processing comprising;
  
  comparing the in-situ biometric code and an associated canonical biometric code based on at least one comparison criterion, the associated canonical biometric code representing at least one biometric reference for the user associated with the in-situ biometric code, andif the comparison criterion is met, generating an encryption key based on at least the in-situ code and configuring the transceiver to establish at least one encrypted communications session based on at least the encryption key.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The server of claim 11, wherein at least two of the session requests are associated with a same communications session, wherein the processing element is further configured for generating a seed key based on at least the in-situ biometric code associated with each the two of the session requests and for forwarding the seed key to the client devices associated with the two of the session requests.
  - 13. The server of claim 11, wherein encryption for the encrypted communications session is based on advanced encryption standard (AES) encryption, and the encryption key comprises an AES key.
  - 14. The server of claim 11, wherein the biometric reference and the biometric sample are associated with at least one among a plurality of physiological characteristics or behavioral characteristics of the user.
  - 15. The server of claim 11, wherein the processing element is further configured for determining a comparative difference value representing a variation between the in-situ biometric code and the canonical biometric codes, and wherein the comparison criterion is met if the comparative difference value is less than a first threshold value.
  - 16. The server of claim 15, wherein the comparison criterion is not met if the comparative difference value is less than a second threshold values less than the first threshold value.

17. A method for establishing secure communications sessions in a communications network comprising at least one server and at least a first client device, the method comprising:
- transmitting at least a first communications session request from the first client device to the server, the first communication session request comprising a first in-situ biometric code associated with a biometric sample of a first user at the first client device;
  
  separately comparing at the server and the first client device the first in-situ biometric code and an associated first canonical biometric code based on at least one comparison criterion, the first canonical biometric code representing at least one biometric reference for the first user;
  
  if the first in-situ biometric code meets a comparison criteria at the server and at the first client device, separately generating a first encryption key at the server and at the first client device based on the first in-situ biometric code and the first canonical biometric code; and
  
  establishing at least a first encrypted communications session between the server and the first client device based on the first encryption key.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The method of claim 17, further comprising:
    - transmitting at least a second communications session request from at least a second client device to the server, the second session request comprising a second in-situ biometric code associated with a biometric sample of a second user at the second client device;
      
      repeating the comparing, generating, and establishing for the server and the second client device based on the second communications request;
      
      generating a seed key based on the first and the second in-situ biometric codes; and
      
      transmitting the seed key to the first and the second client devices.
  - 19. The method of claim 18, wherein the transmitting further comprises generating the seed key to provide an advanced encryption standard (AES) seed key.
  - 20. The method of claim 18, further comprisingestablishing at least one encrypted communications session between the first and the second client devices based on an encryption key derived from the seed key.
  - 21. The method of claim 17, wherein the biometric reference and the biometric sample are associated with at least one among physiological characteristics or behavioral characteristics of the first user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Harris Corporation (L3Harris Technologies, Inc.)
Original Assignee
Harris Corporation (L3Harris Technologies, Inc.)
Inventors
Gierling, David, Lyle, David, Smith, C.W. Sinjin, Allen, Josef, Rahmes, Mark

Application Number

US12/543,742
Publication Number

US 20110047377A1
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

H04L 9/0866 involving user or device id...

SECURE DIGITAL COMMUNICATIONS VIA BIOMETRIC KEY GENERATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE DIGITAL COMMUNICATIONS VIA BIOMETRIC KEY GENERATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links