Multi-factor biometric authenticating device and method
First Claim
Patent Images
1. A two factor biometric authenticating device comprising:
- means for generating error correction based partial encryption key seed data based on a plurality of sampled biometric inputs wherein the error correction based partial encryption key seed data serves as a first partial seed for generating a secret encryption key for encrypting unique user data, when combined with a second partial encryption key seed that is based on later received biometric input data, and means for storing internal to the biometric authenticating device the error correction based partial encryption key seed data to facilitate authentication of a user based on later received biometric input data.
7 Assignments
0 Petitions
Accused Products
Abstract
A multi-factor biometric authenticating device and method generates error correction based partial encryption key seed data based on a plurality of sample biometric inputs, such as raw biometric data The error correction based partial encryption key seed data serves as a partial seed for generating a secret encryption key for encrypting user data. The first partial seed is combined with a second partial encryption seed to generate the secret encryption key. The device stores the error correction based partial encryption key seed data and does not store the secret encryption key.
391 Citations
19 Claims
-
1. A two factor biometric authenticating device comprising:
-
means for generating error correction based partial encryption key seed data based on a plurality of sampled biometric inputs wherein the error correction based partial encryption key seed data serves as a first partial seed for generating a secret encryption key for encrypting unique user data, when combined with a second partial encryption key seed that is based on later received biometric input data, and means for storing internal to the biometric authenticating device the error correction based partial encryption key seed data to facilitate authentication of a user based on later received biometric input data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
means, operatively responsive to the plurality of sampled biometric inputs, for determining variability data representing variability among the plurality of sampled biometric inputs and for selecting at least one of the plurality of biometric inputs;
means for storing n-bit data of biometric input data and k-bits of data representing a subset of the n-bit data;
means, operatively responsive to the variability data, the n-bit data and the k-bit data, for selecting an error correction code from a group of codes;
means, operatively responsive to the selected biometric input and the selected code, for generating the first codeword data; and
means for operatively combining the first codeword data with the selected biometric input to generate the error correction based partial encryption seed data.
-
-
4. The device of claim 3 wherein the means for operatively combining performs an exclusive OR operation between the first codeword data and the selected biometric input.
-
5. The device of claim 1 further including means, operatively coupled to the means for storing, for generating a secret encryption key based on the error correction based partial encryption key seed data and at least one of the sampled biometric inputs.
-
6. The device of claim 5 wherein the means for generating the secret encryption key includes:
-
means for operatively combining the error correction based partial encryption key and the second partial encryption key seed to produce second codeword data wherein the second partial encryption key seed includes biometric input data;
means for providing error correction to the second codeword data to produce an error corrected codeword; and
means, responsive to the error corrected codeword, for producing a secret encryption key by modifying the error corrected codeword.
-
-
7. The device of claim 6 wherein modifying the error corrected codeword includes applying a hash function to the error corrected codeword to produce the secret encryption key.
-
8. The device of claim 4 wherein the means for operatively combining applies an exclusive OR operation on n−
- k bits of the first codeword data and the selected biometric input to produce the first partial seed.
-
9. A method for providing two factor biometric authentication comprising:
-
generating error correction based partial encryption key seed data based on a plurality of sampled biometric inputs wherein the error correction based partial encryption key seed data serves as a first partial seed for generating a secret encryption key for uniquely encrypting user data, when combined with a second partial encryption key seed that is based on later received biometric input data, and storing internal to a biometric authentication device the error correction based partial encryption key seed data to facilitate authentication of a user based on later received biometric input data. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
determining variability data representing variability among the plurality of sampled biometric inputs and selecting at least one of the plurality of biometric inputs;
storing n-bit data of biometric input data and k-bits of data representing a subset of the n-bit data;
selecting an error correction code from a group of codes based on the variability data, the n-bit data and the k-bit data;
generating the first codeword data based on at least the selected biometric input and the selected code; and
operatively combining the first codeword data with the selected biometric input to generate the error correction based partial encryption seed data.
-
-
12. The method of claim 11 wherein the step of operatively combining includes performing an exclusive OR operation between the first codeword data and the selected biometric input.
-
13. The method of claim 9 further including the step of generating a secret encryption key based on the error correction based partial encryption key seed data and at least one of the sampled biometric inputs.
-
14. The method of claim 13 wherein the step of generating the secret encryption key includes:
-
operatively combining the error correction based partial encryption key and the second partial encryption key seed to produce second codeword data wherein the second partial encryption key seed includes biometric input data;
providing error correction to the second codeword data to produce an error corrected codeword; and
producing a secret encryption key by modifying the error corrected codeword.
-
-
15. The method of claim 14 wherein modifying the error corrected codeword includes applying a hash function to the error corrected codeword to produce the secret encryption key.
-
16. The method of claim 12 wherein operatively combining includes applying an exclusive OR operation on n−
- k bits of the first codeword data and the selected biometric input to produce the first partial seed.
-
17. A two factor biometric authenticating device comprising:
-
means for generating error correction based partial encryption key seed data based on first codeword data derived at least in part from variability data obtained from among a plurality of sampled biometric inputs, wherein the error correction based partial encryption key seed data serves as a first partial seed for generating a secret encryption key for encrypting unique user data, when combined with a second partial encryption key seed that is based on later received biometric input data, and means for storing internal to the biometric authenticating device the error correction based partial encryption key seed data to facilitate authentication of a user based on later received biometric input data; and
means, operatively coupled to the means for storing, for generating a secret encryption key based on the error correction based partial encryption key seed data and at least one of the sampled biometric inputs. - View Dependent Claims (18, 19)
means, operatively responsive to the plurality of sampled biometric inputs, for determining variability data representing variability among the plurality of sampled biometric inputs and for selecting at least one of the plurality of biometric inputs;
means for storing n-bit data of biometric input data and k-bits of data representing a subset of the n-bit data;
means, operatively responsive to the variability data, the n-bit data and the k-bit data, for selecting an error correction code from a group of codes;
means, operatively responsive to the selected biometric input and the selected code, for generating the first codeword data; and
means for operatively combining the first codeword data with the selected biometric input to generate the error correction based partial encryption seed data.
-
-
19. The device of claim 17 wherein the means for generating the secret encryption key includes:
-
means for operatively combining the error correction base partial encryption key and the second partial encryption key seed to produce second codeword data wherein the second partial encryption key seed includes biometric input data;
means for providing error correction to the second codeword data to produce an error corrected codeword; and
means, responsive to the error corrected codeword, for producing a secret encryption key by modifying the error corrected codeword.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeEntrust Corp.
-
Original AssigneeEntrust Technologies Limited
-
InventorsAdams, Carlisle, Wiener, Michael J.
-
Primary Examiner(s)Peeso, Thomas R.
-
Assistant Examiner(s)Smithers, Matthew
-
Application NumberUS09/150,430Time in Patent Office1,294 DaysField of Search713/184, 713/183, 713/186, 380/258, 380/267US Class Current713/186CPC Class CodesH04L 9/304 based on error correction c...H04L 9/3231 Biological data, e.g. finge...
