Cryptographic key generation using biometric data

US 6,035,398 A
Filed: 11/14/1997
Issued: 03/07/2000
Est. Priority Date: 11/14/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method comprising the computer implemented steps of:

receiving a fingerprint;

extracting minutiae from the fingerprint;

creating a message based on the minutiae of the fingerprint, comprising;

creating ghost points not corresponding to features of the fingerprint;

creating a template including the features and the ghost points;

subtracting the features from the template, leaving a ghost template, the ghost template being the message; and

storing the template;

applying a message digest function to the message to create a cryptographic key.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for generating a cryptographic key using biometric data is provided. A fingerprint is received, and features are extracted from the fingerprint. These features may include one or more of the following: A message is created based on the features of the fingerprint. For one embodiment, the message is a template including the features. For another embodiment, the message is a subset of features not included in a template. For another embodiment, the message is ghost points not corresponding to the features in the template. A message digest function is applied to the message to create a cryptographic key.

Another embodiment of the present invention uses features of the fingerprint image to generate a digital certificate. The public key used for the digital certificate is based on a fingerprint image. In one embodiment, the digital certificate contains a template including the fingerprint image or the features extracted from the fingerprint image. Verification of this template provides additional security to the validity of the digital certificate.

358 Citations

26 Claims

1. A method comprising the computer implemented steps of:
- receiving a fingerprint;
  
  extracting minutiae from the fingerprint;
  
  creating a message based on the minutiae of the fingerprint, comprising;
  
  creating ghost points not corresponding to features of the fingerprint;
  
  creating a template including the features and the ghost points;
  
  subtracting the features from the template, leaving a ghost template, the ghost template being the message; and
  
  storing the template;
  
  applying a message digest function to the message to create a cryptographic key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 24, 25)
- - 2. The method of claim 1, wherein said step of creating the message comprises the step of creating a template including the features of the fingerprint, wherein said template comprises the message.
  - 3. The method of claim 2, further comprising a step of retrieving the cryptographic key comprising the steps of:
    - receiving a new fingerprint;
      
      retrieving the template;
      
      comparing the new fingerprint with the template;
      
      if the new fingerprint matches the template, applying the message digest function to the template to generate the cryptographic key.
  - 4. The method of claim 1, wherein said step of creating the message comprises the step of extracting additional features from the fingerprint, the additional features comprising the message.
  - 5. The method of claim 4 further comprising the step of retrieving the cryptographic key comprising the steps of:
    - receiving a new fingerprint;
      
      retrieving the message;
      
      extracting a primary set of features from the new fingerprint;
      
      extracting a secondary set of features from the new fingerprint;
      
      comparing the primary set of features to the message;
      
      if the primary set of features match the messages, applying the message digest function to the secondary set of features to create the cryptographic key.
  - 6. The method of claim 1, further comprising the step of retrieving the cryptographic key comprising the steps of:
    - receiving a new fingerprint;
      
      retrieving the template;
      
      extracting a new set of features from the new fingerprint;
      
      comparing the new set of features to the template;
      
      and if the new set of features match the template;
      
      subtracting the new set of features from the template, generating the ghost template;
      
      applying the message digest function to the ghost template to create the cryptographic key.
  - 7. The method of claim 1, wherein said step of creating the message comprises the step of combining the features of the fingerprint to create the message.
  - 8. The method of claim 7, further comprising a step of retrieving the cryptographic key comprising the steps of:
    - receiving a new fingerprint;
      
      extracting features from the new fingerprint;
      
      creating the message digest function of the new fingerprint;
      
      applying the message digest function to the template to create a new cryptographic key, the new cartographic key identical to the cryptographic key previously generated.
  - 24. The method of claim 1, wherein the step of receiving the fingerprint comprises receiving multiple fingerprints and generating a composite fingerprint image.
  - 25. The method of claim 1, further comprising:
    - jiggling the images to generate a plurality of different messages.

9. A method comprising the computer implemented steps of:
- receiving a fingerprint;
  
  extracting features from the fingerprint;
  
  creating a template of the features of the fingerprint;
  
  extracting additional features from the fingerprint, the additional features comprising the message;
  
  applying a message digest function to the message to create a cryptographic key;
  
  wherein the message is not stored; and
  
  in order to retrieve the cryptographic key, performing the steps of;
  
  receiving a new fingerprint;
  
  extracting the features from the new fingerprint;
  
  creating a new template of the features of the new fingerprint;
  
  extracting the additional features from the new fingerprint;
  
  comparing the new template to the stored template; and
  
  if the features match the stored template, applying the message digest function to the additional features to create a new cryptographic key, the new cryptographic key identical to the cryptographic key previously generated.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method of claim 9, further comprising:
    - storing the template with each file that is encrypted using the cryptographic key.
  - 11. The method of claim 9, further comprising:
    - storing the template in a database.
  - 12. The method of claim 9, further comprising a step of retrieving the cryptographic key comprising the steps of:
    - receiving a new fingerprint;
      
      retrieving the template;
      
      comparing the new fingerprint with the template;
      
      if the new fingerprint matches the template, applying the message digest function to the template to generate the cryptographic key.
  - 13. The method of claim 9, wherein said step of applying the message digest function comprises an MD5 algorithm.

14. A method comprising the computer implemented steps of:
- receiving a fingerprint;
  
  extracting a first set of features from the fingerprint;
  
  extracting a second set of features from the fingerprint;
  
  creating a template of the first set of features;
  
  applying a message digest function to the second set of features to create a cryptographic key; and
  
  storing the template with the first set of features.
- View Dependent Claims (15, 21, 22, 23)
- - 15. The method of claim 14 further comprising the step of retrieving the cryptographic key including the steps of:
    - receiving a new fingerprint;
      
      retrieving the template;
      
      extracting a primary set of features from the new fingerprint;
      
      extracting a secondary set of features from the new fingerprint;
      
      comparing the primary set of features to the template;
      
      if the primary set of features match the template, applying the message digest function to the secondary set of features to create the cryptographic key.
  - 21. The method of claim 14, wherein said step of applying the message digest function comprises an MD5 algorithm.
  - 22. The method of claim 14, wherein the first set of features comprise a plurality of minutiae.
  - 23. The method of claim 14, wherein the second set of features comprise one or more of the following features:
    - spatial frequency, curvature, ridge count, ridge distance/curvature between points, relationship of features to global features, and other spatial characteristics.

16. A method comprising the computer implemented steps of:
- receiving a fingerprint;
  
  extracting a set of features from the fingerprint;
  
  generating ghost points, not corresponding to actual features of the fingerprint;
  
  creating a template of the set of features and the ghost points;
  
  subtracting the set of features from the template, generating a ghost template;
  
  applying a message digest function to the ghost template to create a cryptographic key; and
  
  storing the template.
- View Dependent Claims (17, 26)
- - 17. The method of claim 16, further comprising the step of retrieving the cryptographic key including the steps of:
    - receiving a new fingerprint;
      
      retrieving the template;
      
      extracting a new set of features from the new fingerprint;
      
      comparing the new set of features to the template;
      
      and if the new set of features match the template;
      
      subtracting the new set of features from the template, generating a new ghost template;
      
      applying the message digest function to the new ghost template to create a new cryptographic key.
  - 26. The method of claim 16, wherein the step of receiving the fingerprint comprises receiving multiple fingerprints and generating a composite fingerprint image.

18. A method comprising the computer implemented steps of:
- a certifying authority receiving a public key corresponding to a private key generated based on a user'"'"'s fingerprint;
  
  including the public key and the user'"'"'s fingerprint template in a digital certificate;
  
  signing the digital certificate with a private key of the certifying authority.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, further comprising the steps of:
    - sending the digital certificate to a third party for authentication of the user;
      
      the third party decrypting the digital certificate; and
      
      the user sending a message encrypted with the user'"'"'s fingerprint based private key; and
      
      the third party decrypting the message with the public key included in the digital certificate to verify an identity of the user.
  - 20. The method of claim 18, further comprising the steps of:
    - sending the digital certificate to a third party for authentication of the user;
      
      the third party decrypting the digital certificate; and
      
      the user sending a fingerprint image to the third party; and
      
      the third party comparing the fingerprint image to the fingerprint template to verify an identity of the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Digitalpersona Corporation (Assa Abloy AB)
Original Assignee
Digitalpersona Corporation (Assa Abloy AB)
Inventors
Bjorn, Vance
Primary Examiner(s)
Swann, Tod R.
Assistant Examiner(s)
JACK, TODD M

Application Number

US08/970,304
Time in Patent Office

844 Days
Field of Search

382/181, 382/199, 382/203, 382/206, 382/209, 380/23
US Class Current

713/186
CPC Class Codes

G06V 40/12   Fingerprints or palmprints

H04L 9/0866   involving user or device id...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3263   involving certificates, e.g...

Cryptographic key generation using biometric data

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

358 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Cryptographic key generation using biometric data

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

358 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links