Trusted biometric client authentication
First Claim
1. A method for authenticating an identity of a user in order to secure access to a host system, comprising:
- receiving, at the host system, an identifier for the user from a client system;
retrieving, at the host system, a template containing biometric data associated with the user, the template being retrieved from a database of templates by the host system;
sending the template to the client system;
waiting for the client system to compare the template with a biometric sample gathered from the user to produce a comparison result, and to compute a first message digest using the template, the comparison result and an encryption key;
receiving, at the host system, the first message digest from the client system;
computing, at the host system, a second message digest using the template, a comparison result indicating a successful match between the biometric sample and the template, and the encryption key;
comparing, at the host system, the first message digest and the second message digest; and
allowing the user to access the host system if the first message digest matches the second message digest;
wherein using the template in computing the second message digest provides an additional measure of security because the first message digest will not match the second message digest unless the client system also used the template in computing first message digest, which indicates that the client computed the comparison result using the template.
2 Assignments
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a method for authenticating an identity of a user in order to secure access to a host system. In this embodiment, the host system receives an identifier for the user from a client system. This identifier is used to retrieve a template containing biometric data associated with the user, and this template is returned to the client. The client then gathers a biometric sample from the user, and compares this biometric sample with the template to produce a comparison result. Next, the client computes a message digest using the template, the comparison result and an encryption key, and sends the message digest to the host system. This computation takes places within a secure hardware module within the client computing system that contains a secure encryption key in order to guard against malicious users on the client system. Next, the host system receives the message digest and authenticates the user by determining whether the message digest was computed using the template, the encryption key, and a comparison result indicating a successful match between the biometric sample and the template. If so, the host has confidence that the client has successfully matched the template with the biometric sample, and the client is allowed to access a service on the host system. By requiring the secure hardware in the client system to include the template in the message digest, the host system can guard against a malicious user who substitutes another template to gain unauthorized access to the host system. In a variation on this embodiment, the host system retrieves the template from a centralized repository for templates.
359 Citations
45 Claims
-
1. A method for authenticating an identity of a user in order to secure access to a host system, comprising:
-
receiving, at the host system, an identifier for the user from a client system; retrieving, at the host system, a template containing biometric data associated with the user, the template being retrieved from a database of templates by the host system; sending the template to the client system; waiting for the client system to compare the template with a biometric sample gathered from the user to produce a comparison result, and to compute a first message digest using the template, the comparison result and an encryption key; receiving, at the host system, the first message digest from the client system; computing, at the host system, a second message digest using the template, a comparison result indicating a successful match between the biometric sample and the template, and the encryption key; comparing, at the host system, the first message digest and the second message digest; and allowing the user to access the host system if the first message digest matches the second message digest; wherein using the template in computing the second message digest provides an additional measure of security because the first message digest will not match the second message digest unless the client system also used the template in computing first message digest, which indicates that the client computed the comparison result using the template. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 24)
-
-
15. A method for authenticating an identity of a user in order to secure access to a host system, comprising:
-
sending an identifier for the user to the host system; receiving, from the host system, a template containing biometric data associated with the user, the template being retrieved from a database of templates by the host system; gathering a biometric sample from the user; comparing the template with the biometric sample to produce a comparison result; computing a first message digest using the template, the comparison result and an encryption key; sending the first message digest to the host system; and receiving access to the host system if the host system determines that the first message digest matches a second message digest computed at the host system using the template, a comparison result indicating a successful match between the biometric sample and the template and the encryption key; wherein using the template in computing the second message digest provides an additional measure of security because the first message digest will not match the second message digest unless the client system also used the template in computing first message digest, which indicates that the client computed the comparison result using the template. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
-
25. A method for authenticating an identity of a user in order to secure access to a host system, comprising:
-
receiving, at the host system, an identifier for the user from a client system; retrieving, at the host system, a template containing biometric data associated with the user from a database of templates; sending the template to the client system; receiving the template at the client system; gathering, at the client system, a biometric sample from the user; comparing, at the client system, the template with the biometric sample to produce a comparison result; computing, at the client system, a first message digest using the template, the comparison result and an encryption key; sending the first message digest to the host system; receiving, at the host system, the first message digest; computing, at the host system, a second message digest using the template, a comparison result indicating a successful match between the biometric sample and the template, and the encryption key; comparing, at the host system, the first message digest and the second message digest; and allowing the user to access the host system if the first message digest matches the second message digest; wherein using the template in computing the second message digest provides an additional measure of security because the first message digest will not match the second message digest unless the client system also used the template in computing first message digest, which indicates that the client computed the comparison result using the template. - View Dependent Claims (26, 27, 28, 29)
-
-
30. A method for authenticating an identity of a user in order to secure access to a host system, comprising:
-
receiving, from the host system, a randomized number; gathering a biometric sample from the user; computing a first message digest using the biometric sample, the randomized number and an encryption key; sending the biometric sample and the first message digest to the host system; receiving access to the host system if the host system determines that the biometric sample matches a template containing biometric data associated with the user, and that the first message digest matches a second message digest computed at the host system using the biometric sample, the randomized number and the encryption key; wherein the template is retrieved from a database of templates by the host system; and wherein using the template in computing the second message digest provides an additional measure of security because the first message digest will not match the second message digest unless the client system also used the template in computing first message digest, which indicates that the client computed the comparison result using the template.
-
-
31. A program storage device storing instructions that when executed by a computer perform a method for authenticating an identity of a user in order to secure access to a host system, comprising:
-
receiving, at the host system, an identifier for the user from a client system; retrieving, at the host system, a template containing biometric data associated with the user, the template being retrieved from a database of templates by the host system; sending the template to the client system; waiting for the client system to compare the template with a biometric sample gathered from the user to produce a comparison result, and to compute a first message digest using the template, the comparison result and an encryption key; receiving, at the host system, the first message digest from the client system; computing, at the host system, a second message digest using the template, a comparison result indicating a successful match between the biometric sample and the template, and the encryption key; comparing, at the host system, the first message digest and the second message digest; and allowing the user to access the host system if the first message digest matches the second message digest; wherein using the template in computing the second message digest provides an additional measure of security because the first message digest will not match the second message digest unless the client system also used the template in computing first message digest, which indicates that the client computed the comparison result using the template.
-
-
32. An apparatus for authenticating an identity of a user in order to secure access to a host system, comprising:
-
the host system; a mechanism within the host system that receives an identifier for the user from a client system; a mechanism within the host system that retrieves a template containing biometric data associated with the user from a database of templates; a mechanism within the host system that sends the template to the client system; a mechanism within the host system that receives a first message digest from the client system; a mechanism within the host system that computes a second message digest using the template, an encryption key, and a comparison result indicating a successful match between the template and the biometric sample taken from the user; a comparison mechanism within the host system for comparing the first message digest and the second message digest; and a mechanism within the host system that allows the user to access the host system if the first message digest matches the second message digest; wherein using the template in computing the second message digest provides an additional measure of security because the first message digest will not match the second message digest unless the client system also used the template in computing first message digest, which indicates that the client computed the comparison result using the template. - View Dependent Claims (33, 34, 35, 36, 37, 38, 39)
-
-
40. An apparatus for authenticating an identity of a user in order to secure access to a host system, comprising:
-
a client system; a mechanism, within the client system, that sends an identifier for the user to the host system; a mechanism, within the client system, that receives a template containing biometric data associated with the user from the host system; a biometric gathering device, for gathering a biometric sample from the user; a comparison unit, within the client system, coupled to the biometric gathering device, including circuitry to compare the biometric sample with the template; and a computation unit, within the client system, for computing a first message digest using the template, a result from the comparison unit and an encryption key; and a mechanism, within the client system, that sends the first message digest to the host system; a mechanism, within the client system, for receiving access to the host system if the host system determines that the first message digest matches a second message digest computed at the host system using the template, a comparison result indicating a successful match between the biometric sample and the template, and the encryption key, the template being retrieved from a database of templates by the host system; wherein using the template in computing the second message digest provides an additional measure of security because the first message digest will not match the second message digest unless the client system also used the template in computing first message digest, which indicates that the client computed the comparison result using the template. - View Dependent Claims (41, 42, 43, 44, 45)
-
Specification