Authentication executing device, portable authentication device, and authentication method using biometrics identification
First Claim
1. An authentication method using biometrics identification, comprising the following steps of:
- identifying a user by biometrics entered from a portable authentication terminal;
when the user has been registered previously, establishing communication between the authentication terminal and an authentication executing device independent of the authentication terminal, and calculating a common secret key for use in transmission of an authentication message;
encrypting the authentication message including the user'"'"'s inherent information based on the secret key in the authentication terminal;
sending the encrypted authentication message from the authentication terminal to the authentication executing device; and
decrypting the authentication message based on the calculated secret key in the authentication executing device, thereby executing an operation depending on the user inherent information included in the message.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication method using biometrics identification, comprising the following steps of: identifying a user by biometrics entered from a portable authentication terminal; when the user has been registered previously, establishing communication between the authentication terminal and an authentication executing device independent of the authentication terminal, and calculating a common secret key for use in transmission of an authentication message; encrypting an authentication message including the user'"'"'s inherent information in the authentication terminal based on the secret key; sending the encrypted authentication message from the authentication terminal to the authentication executing device; and decrypting the authentication message in the authentication executing device based on the calculated secret key, thereby executing an operation depending on the user. inherent information included in the message.
-
Citations
36 Claims
-
1. An authentication method using biometrics identification, comprising the following steps of:
-
identifying a user by biometrics entered from a portable authentication terminal;
when the user has been registered previously, establishing communication between the authentication terminal and an authentication executing device independent of the authentication terminal, and calculating a common secret key for use in transmission of an authentication message;
encrypting the authentication message including the user'"'"'s inherent information based on the secret key in the authentication terminal;
sending the encrypted authentication message from the authentication terminal to the authentication executing device; and
decrypting the authentication message based on the calculated secret key in the authentication executing device, thereby executing an operation depending on the user inherent information included in the message. - View Dependent Claims (2, 3, 4, 5, 6)
the communication message is transmitted in one of non-contact typed communications, for example, via infrared rays, radio waves, and sound waves. -
3. An authentication method using biometrics identification as set forth in claim 1, wherein
the user inherent information included in the authentication message includes such secret information as cannot be read out without identification of an authorized user from the biometrics in the authentication terminal. -
4. An authentication method using biometrics identification as set forth in claim 1, wherein
an operation to be executed by the authentication executing device depending on the user inherent information is non-executable operation without identification of an authorized user from the biometrics in the authentication terminal, and therefore a function of authenticating that a person having registered the biometrics previously carries and uses the authentication terminal, is provided. -
5. An authentication method using biometrics identification as set forth in claim 1, wherein
the user inherent information included in the authentication message includes individual information that cannot be read out without identification of an authorized user from the biometrics in the authentication terminal, and using the individual information, the authentication executing device executes the operation depending on the information of a user employing the authentication function. -
6. An authentication method using biometrics information as set forth in claim 1, wherein
the operation performed by the authentication executing device depending on the user inherent information includes file encryption and decryption, and a secret key for use in this encryption and decryption is to be stored in such a way that the secret key cannot be read out without identification of an authorized user from the biometrics in the authentication terminal.
-
-
7. A portable terminal for authentication using biometrics identification, comprising:
-
biometrics image input means for receiving a user'"'"'s biometrics image;
biometrics feature extracting means for extracting biometrics feature for matching from the input biometrics image;
user inherent information storing means for storing the biometrics feature and inherent information of the user in pairs;
secret key agreeing means for deciding a key for use in encryption of an authentication message between the authentication executing device and the portable terminal;
biometrics image checking means for comparing the biometrics image extracted from the user'"'"'s input biometrics image with the biometrics feature stored in said user inherent information storing means, judging whether the user having entered the biometrics image this time is a registered user or not, and when this user is a registered user, supplying the inherent information stored in pairs with the biometrics image in said user inherent information storing means;
authentication message encrypting means for encrypting the user'"'"'s inherent information by the decided secret key; and
communication message sending means for sending a communication message to the authentication executing device. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
said user inherent information storing means stores the biometrics features and inherent information for a plurality of users. -
9. A portable terminal as set forth in claim 7, wherein
said biometrics image checking means estimates score indicating similarity of the biometrics images, and judges that the user having entered the biometrics image this time is a registered user when the score is higher than a threshold. -
10. A portable terminal as set forth in claim 7, wherein
said user inherent information storing means stores the biometrics features and inherent information for a plurality of users, and said biometrics image checking means estimates score indicating similarity of the biometrics images, and judges that the user having entered the biometrics image this time is a registered user when the score is higher than a threshold. -
11. A portable terminal as set forth in claim 7, wherein
said secret key agreeing means creates any random number, sends the random number to the authentication executing device, and calculates the key by use of a secret formula based on the same random number. -
12. A portable terminal as set forth in claim 7, wherein
said user inherent information storing means stores the biometrics features and inherent information for a plurality of users, and said secret key agreeing means creates any random number, sends the random number to the authentication executing device, and calculates the key by use of a secret formula based on the same random number. -
13. A portable terminal as set forth in claim 7, wherein
said biometrics image checking means estimates score indicating similarity of the biometrics images, and judges that the user having entered the biometrics image this time is a registered user when the score is higher than a threshold, and said secret key agreeing means creates any random number, sends the random number to the authentication executing device, and calculates the key by use of a secret formula based on the same random number. -
14. A portable terminal as set forth in claim 7, wherein
said secret key agreeing means performs mutual authentication together with the authentication executing device according to a predetermined protocol and countersign prior to deciding the key. -
15. A portable terminal as set forth in claim 7, wherein
said user inherent information storing means stores the biometrics features and inherent information for a plurality of users, and said secret key agreeing means performs mutual authentication together with the authentication executing device according to a predetermined protocol and countersign prior to deciding the key. -
16. A portable terminal as set forth in claim 7, wherein
said biometrics image checking means estimates score indicating similarity of the biometrics images, and judges that the user having entered the biometrics image this time is a registered user when the score is higher than a threshold, and said secret key agreeing means performs mutual authentication together with the authentication executing device according to a predetermined protocol and countersign prior to deciding the key. -
17. A portable terminal as set forth in claim 7, wherein
said secret key agreeing means creates any random number, sends the created random number to the authentication executing device, receives the created random number from the authentication executing device, and creates the key by use of the both random numbers. -
18. A portable terminal as set forth in claim 7, wherein
said user inherent information storing means stores the biometrics features and inherent information for a plurality of users, and said secret key agreeing means creates any random number, sends the created random number to the authentication executing device, receives the created random number from the authentication executing device, and creates the key by use of the both random numbers. -
19. A portable terminal as set forth in claim 7, wherein
said biometrics image checking means estimates score indicating similarity of the biometrics images, and judges that the user having entered the biometrics image this time is a registered user when the score is higher than a threshold, and said secret key agreeing means creates any random number, sends the created random number to the authentication executing device, receives the created random number from the authentication executing device, and creates the key by use of the both random numbers. -
20. A portable terminal as set forth in claim 7, which
communicates with the authentication executing device by one of non-contact typed communications, for example, via infrared rays, radio waves, and sound waves. -
21. A portable terminal as set forth in claim 7, which
communicates with the authentication executing device through another terminal.
-
-
22. An authentication system for performing authentication using biometrics identification, having
a portable terminal and an authentication executing device, said portable terminal including: -
biometrics image input means for a user'"'"'s receiving biometrics image;
biometrics feature extracting means for extracting biometrics feature for matching from the input biometrics image;
user inherent information storing means for storing the biometrics feature and inherent information of the user in pairs;
secret key agreeing means for deciding a key for use in encryption of an authentication message between said authentication executing device and said portable terminal;
biometrics image checking means for comparing the biometrics image extracted from the user'"'"'s input biometrics image with the biometrics feature stored in said user inherent information storing means, judging whether the user having entered the biometrics image this time is a registered user or not, and when this user is a registered user, supplying the inherent information stored in pairs with the biometrics image in said user inherent information storing means;
authentication message encrypting means for encrypting the user'"'"'s inherent information by use of the decided secret key; and
communication message sending means for sending a communication message to said authentication executing device, said authentication executing device including;
secret key agreeing means for deciding a key for use in encryption of an authentication message between said portable terminal and said authentication executing device;
communication message receiving means for receiving a communication message sent from said portable terminal;
authentication message decrypting means for decrypting the communication message by use of the decided secret key; and
user inherent operation executing means for executing the user inherent operation based on the inherent information decrypted from the communication message. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29)
said biometrics image checking means estimates score indicating similarity of the biometrics images, and judges that the user having entered the biometrics image this time is a registered user when the score is higher than a threshold. -
24. An authentication system as set forth in claim 22, wherein
said user inherent information storing means of said portable terminal stores the biometrics features and inherent information for a plurality of users, and said biometrics image checking means estimates score indicating similarity of the biometrics images, and judges that the user having entered the biometrics image this time is a registered user when the score is higher than a threshold. -
25. An authentication system as set forth in claim 22, wherein
said secret key agreeing means of said portable terminal creates any random number, sends the random number to said authentication executing device, and calculates the key by use of a secret formula based on the same random number. -
26. An authentication system as set forth in claim 22, wherein
said user inherent information storing means of said portable terminal stores the biometrics features and inherent information for a plurality of users, and said secret key agreeing means creates any random number, sends the random number to said authentication executing device, and calculates the key by use of a secret formula based on the same random number. -
27. An authentication system as set forth in claim 22, wherein
said biometrics image checking means of said portable terminal estimates score indicating similarity of the biometrics images, and judges that the user having entered the biometrics image this time is a registered user when the score is higher than a threshold, and said secret key agreeing means creates any random number, sends the random number to said authentication executing device, and calculates the key by use of a secret formula based on the same random number. -
28. An authentication system as set forth in claim 22, wherein
said secret key agreeing means of said authentication executing device calculates the key by use of the same secret formula as that of said portable terminal based on the random number sent from said portable terminal. -
29. An authentication system as set forth in claim 22, wherein
said secret key agreeing means of said authentication executing device receives the random number from said portable terminal, creates any random number, and creates the key by use of the both random numbers.
-
-
30. A computer readable memory storing an authentication program for making a computer perform authentication using biometrics identification,
the authentication program comprising: -
a biometrics image input step for a user'"'"'s receiving biometrics image;
a biometrics feature extracting step for extracting biometrics feature for matching from the input biometrics image;
a secret key agreeing step for deciding a key for use in encryption of an authentication message between said authentication executing device and said portable terminal;
a biometrics image checking step for comparing the biometrics image extracted from the user'"'"'s input biometrics image with the biometrics feature stored in said user inherent information storing means for storing a pair of the biometrics features and inherent information of the user, judging whether the user having entered the biometrics image this time is a registered user or not, and when this user is a registered user, supplying the inherent information stored in pairs with the biometrics image in said user inherent information storing means;
an authentication message encrypting step for encrypting the user'"'"'s inherent information by use of the decided secret key; and
a communication message sending step for sending a communication message to said authentication executing device. - View Dependent Claims (31, 32, 33, 34, 35, 36)
said biometrics image checking step of said authentication program estimates score indicating similarity of the biometrics images, and judges that the user having entered the biometrics image this time is a registered user when the score is higher than a threshold. -
32. A computer readable memory as set forth in claim 30, wherein
said secret key agreeing step of said authentication program creates any random number, sends the random number to said authentication executing device, and calculates the key by use of a secret formula based on the same random number. -
33. A computer readable memory as set forth in claim 30, wherein
said biometrics image checking step of said authentication program estimates score indicating similarity of the biometrics images, and judges that the user having entered the biometrics image this time is a registered user when the score is higher than a threshold, and said secret key agreeing step of said authentication program creates any random number, sends the random number to said authentication executing device, and calculates the key by use of a secret formula based on the same random number. -
34. A computer readable memory as set forth in claim 30,
storing an authentication executing program of said authentication executing device, the authentication executing program making a computer perform a secret key agreeing step for deciding a key for use in encryption of an authentication message between the authentication program and the authentication executing program; -
a communication message receiving step for receiving a communication message sent from the authentication program;
an authentication message decrypting step for decrypting the communication message by use of the decided secret key; and
a user inherent operation executing step for executing the user inherent operation based on the inherent information decrypted from the communication message.
-
-
35. A computer readable memory as set forth in claim 34, wherein
said secret key agreeing step of the authentication executing program calculates the key by use of the same secret formula as that of said portable terminal based on the random number sent from said portable terminal. -
36. A computer readable memory as set forth in claim 34, wherein
said secret key agreeing step of the authentication executing program receives the random number from said authentication program, creates any random number, and creates the key by use of the both random numbers.
-
Specification