DYNAMIC SEED AND KEY GENERATION FROM BIOMETRIC INDICIA
First Claim
1. A system for seed generation comprising:
- a storage device associated with a storage medium for interfacing with a computer; and
a computer-readable medium integrated in or accessible by the storage device, the computer-readable medium having a plurality of modules comprising a plurality of code segments stored thereon, includingan enrollment module includinga code segment executable by the computer for receiving information indicative of at least one biometric template specific to a user for storing on, or otherwise making accessible by, the storage device, such that the stored biometric template is an enrolled biometric template, anda code segment executable by the computer for assigning an optimization value to the enrolled biometric template that is indicative of a representative feature associated with the enrolled biometric template,a seed generation module includinga code segment executable by the computer for encrypting an item of test data using, at least in part, the optimization value associated with the enrolled biometric template, such that the optimization value serves as an encryption seed,a code segment executable by the computer for storing the encrypted item of test data on, or in a location accessible by, the storage device, anda code segment executable by the computer for destroying the encryption seed after encrypting the item of test data, such that the seed is not stored on, or otherwise made accessible by, the storage device,a live capture module including a code segment executable by the computer for receiving information indicative of a live biometric template for use in regenerating the encryption seed, anda seed regeneration module includinga code segment executable by the computer for comparing the enrolled biometric template with the live biometric template and determining an interval having a range based on a probability that the enrolled and live templates are specific to the same user,wherein the interval has a plurality of values therein, and one of the values is indicative of or is the same as the destroyed encryption seed associated with the optimization value for the enrolled biometric template, anda code segment executable by the computer for iteratively testing the values within the interval to identify the value in the interval for decrypting the encrypted item of test data,wherein upon testing a particular value within the interval and determining that the particular value is operable to decrypt the encrypted item of test data, the encryption seed is regenerated and the iterative testing is ceased.
3 Assignments
0 Petitions
Accused Products
Abstract
A system, a method, and a computer program for generating a seed and/or a key from live biometric indicia, such that all the information necessary for generating the seed and/or the key is not stored on a storage medium. The method comprises receiving a biometric template from a user and enrolling the template; assigning an optimization value to the enrolled biometric template; encrypting an item of test data using the optimization value, such that the optimization value is an encryption seed; storing the encrypted item of test data on the storage medium; destroying the encryption seed after encrypting the item of test data; receiving a live biometric template; comparing the templates and determining an interval based on a probability that the templates are specific to the same user; iteratively testing values within the interval to identify the value in the interval for decrypting the encrypted item of test data, wherein the value used to decrypt the item of test data is the encryption seed; and generating the key using the seed.
-
Citations
20 Claims
-
1. A system for seed generation comprising:
-
a storage device associated with a storage medium for interfacing with a computer; and a computer-readable medium integrated in or accessible by the storage device, the computer-readable medium having a plurality of modules comprising a plurality of code segments stored thereon, including an enrollment module including a code segment executable by the computer for receiving information indicative of at least one biometric template specific to a user for storing on, or otherwise making accessible by, the storage device, such that the stored biometric template is an enrolled biometric template, and a code segment executable by the computer for assigning an optimization value to the enrolled biometric template that is indicative of a representative feature associated with the enrolled biometric template, a seed generation module including a code segment executable by the computer for encrypting an item of test data using, at least in part, the optimization value associated with the enrolled biometric template, such that the optimization value serves as an encryption seed, a code segment executable by the computer for storing the encrypted item of test data on, or in a location accessible by, the storage device, and a code segment executable by the computer for destroying the encryption seed after encrypting the item of test data, such that the seed is not stored on, or otherwise made accessible by, the storage device, a live capture module including a code segment executable by the computer for receiving information indicative of a live biometric template for use in regenerating the encryption seed, and a seed regeneration module including a code segment executable by the computer for comparing the enrolled biometric template with the live biometric template and determining an interval having a range based on a probability that the enrolled and live templates are specific to the same user, wherein the interval has a plurality of values therein, and one of the values is indicative of or is the same as the destroyed encryption seed associated with the optimization value for the enrolled biometric template, and a code segment executable by the computer for iteratively testing the values within the interval to identify the value in the interval for decrypting the encrypted item of test data, wherein upon testing a particular value within the interval and determining that the particular value is operable to decrypt the encrypted item of test data, the encryption seed is regenerated and the iterative testing is ceased. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable storage medium encoded with code segments for generating a seed and a key for accessing a storage device interfaced with a computer, the computer-readable medium comprising:
-
an enrollment module including a code segment executable by the computer for receiving information indicative of at least one biometric template specific to a user for storing on, or otherwise making accessible by, the storage device, such that the stored biometric template is an enrolled biometric template, and a code segment executable by the computer for assigning an optimization value to the enrolled biometric template that is indicative of a representative feature associated with the enrolled biometric template, a seed generation module including a code segment executable by the computer for encrypting an item of test data using, at least in part, the optimization value associated with the enrolled biometric template, such that the optimization value serves as an encryption seed, a code segment executable by the computer for storing the encrypted item of test data on, or in a location accessible by, the storage device, and a code segment executable by the computer for destroying the encryption seed after encrypting the item of test data, such that the seed is not stored on, or otherwise made accessible by, the storage device, a live capture module including a code segment executable by the computer for receiving information indicative of a live biometric template for use in regenerating the encryption seed, a seed regeneration module including a code segment executable by the computer for comparing the enrolled biometric template with the live biometric template and determining an interval having a range based on a probability that the enrolled and live templates are specific to the same user, wherein the interval has a plurality of values therein, and one of the values is indicative of or is the same as the destroyed encryption seed associated with the optimization value for the enrolled biometric template, and a code segment executable by the computer for iteratively testing the values within the interval to identify the value in the interval for decrypting the encrypted item of test data, wherein upon testing a particular value within the interval and determining that the particular value is operable to decrypt the encrypted item of test data, the encryption seed is regenerated and the iterative testing is ceased, and a key generation module for generating the key, wherein said key is operable to encrypt or decrypt one or more files stored on a secure repository associated with the storage device or provide access to the secure repository, said key generation module including a code segment executable by the computer for using the seed to generate the key. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for seed and key generation comprising:
-
receiving information indicative of at least one biometric template specific to a user for storing on, or otherwise making accessible by, a storage device, such that the stored biometric template is an enrolled biometric template; assigning an optimization value to the enrolled biometric template that is indicative of a representative feature associated with the enrolled biometric template; encrypting an item of test data using, at least in part, the optimization value associated with the enrolled biometric template, such that the optimization value serves as an encryption seed; storing the encrypted item of test data on, or in a location accessible by, the storage device; destroying the encryption seed after encrypting the item of test data, such that the seed is not stored on, or otherwise made accessible by, the storage device; receiving information indicative of a live biometric template for use in regenerating the encryption seed; comparing the enrolled biometric template with the live biometric template and determining an interval having a range based on a probability that the enrolled and live templates are specific to the same user, wherein the interval has a plurality of values therein, and one of the values is indicative of or is the same as the destroyed encryption seed associated with the optimization value for the enrolled biometric template; iteratively testing the values within the interval to identify the value in the interval for decrypting the encrypted item of test data, wherein upon testing a particular value within the interval and determining that the particular value is operable to decrypt the encrypted item of test data, the encryption seed is regenerated and the iterative testing is ceased; and generating the key using the seed. - View Dependent Claims (18, 19, 20)
-
Specification