Apparatus, system and method for authenticating personal identity, computer readable medium having personal identity authenticating program recorded thereon method of registering personal identity authenticating information, method of verifying personal identity authenticating information, and recording medium having personal identity authenticating information recorded thereon
First Claim
1. A personal identity authenticating system comprising:
- an authentication support station at which secret key and public key pairs are managed such that each pair is mapped to the identifier of a registrant or registrar to which the pair belongs;
a registry terminal which encrypts image data and identity data and writes encrypted data onto a recording medium; and
a personal identity authenticating terminal which reads the encrypted data from said recording medium, decrypts said image data and said identity data, and checks the decrypted data for consistency of its contents,wherein;
said registry terminal receives and stores the input of image data generated by capturing a part of the body of the registrant, and the input of the registrant'"'"'s identity data, encrypts the identity data with the registrant'"'"'s secret key and with the registrar'"'"'s secret key respectively, and writes the image data and encrypted identity data onto said recording medium of the registrant,said personal identity authenticating terminal decrypts the double encrypted data respectively with the registrant'"'"'s and registrar'"'"'s public keys which are obtained from said authentication support station by specifying either the registrant or registrar identifier and performs matching between both identity data decrypted with each public keys, and moreover presents a image from said image data and accepts the input of confirmation.
1 Assignment
0 Petitions
Accused Products
Abstract
A personal identity authenticating system where the registrant/cardholder and the registrar are assigned specific identifiers and secret keys and public keys that are mapped to the identifiers at the authentication support station (ASS). Personal identity to which the registrar identifier is attached is encrypted with the registrant/cardholder'"'"'s secret key. Personal identity data is embedded as an encrypted watermark image data by means of the registrar'"'"'s secret key. Both encrypted identity and watermarked image data are recorded on the IC card. When authentication is required, the identity data with the registrar identifier is decrypted with the cardholder'"'"'s public key that is supplied by the ASS. The registrar'"'"'s public key is obtained from the ASS by using the decrypted registrar identifier. The registrar'"'"'s public key permits the personal identity to be retrieved from the watermarked image data. Internal authentication is executed by matching between personal identity strings and image data.
-
Citations
8 Claims
-
1. A personal identity authenticating system comprising:
-
an authentication support station at which secret key and public key pairs are managed such that each pair is mapped to the identifier of a registrant or registrar to which the pair belongs; a registry terminal which encrypts image data and identity data and writes encrypted data onto a recording medium; and a personal identity authenticating terminal which reads the encrypted data from said recording medium, decrypts said image data and said identity data, and checks the decrypted data for consistency of its contents, wherein; said registry terminal receives and stores the input of image data generated by capturing a part of the body of the registrant, and the input of the registrant'"'"'s identity data, encrypts the identity data with the registrant'"'"'s secret key and with the registrar'"'"'s secret key respectively, and writes the image data and encrypted identity data onto said recording medium of the registrant, said personal identity authenticating terminal decrypts the double encrypted data respectively with the registrant'"'"'s and registrar'"'"'s public keys which are obtained from said authentication support station by specifying either the registrant or registrar identifier and performs matching between both identity data decrypted with each public keys, and moreover presents a image from said image data and accepts the input of confirmation. - View Dependent Claims (2, 3, 4)
-
-
5. A method of authenticating personal identity, using secret key and public key pairs which are managed such that each pair is mapped to the identifier of a registrant or registrar to which the pair belongs at an authentication support station, said method comprising:
-
encrypting image data and identity data and writing encrypted data onto a recording medium at a registry site; and reading the encrypted data from said recording medium, decrypting said image data and said identity data, and checking the decrypted data for consistency of its contents at a personal identity authenticating site; at the registry site, said method further comprising; receiving and storing the input of image data generated by capturing a part of the body of the registrant; receiving and storing the input of the registrant'"'"'s identity data; encrypting the identity data with the registrant'"'"'s secret key; encrypting the identity data with the registrar'"'"'s secret key; and writing the image data and encrypted identity data onto said recording medium of the registrant; at the personal identity authenticating site, said method further comprising; decrypting the double encrypted data respectively with the registrant'"'"'s and registrar'"'"'s public keys which are obtained from said authentication support station by specifying the registrant or registrar identifier; performing matching between both identity data decrypted with each public keys; presenting a personal image from said image data; and accepting the input of confirmation.
-
-
6. A computer readable medium having a personal identity authenticating program recorded thereon, said program based on authentication using secret key and public key pairs which are managed such that each pair is mapped to the identifier of a registrant or registrar to which the pair belongs at an authentication support station, said program comprising:
-
a subprogram to run on a registry workstation for encrypting image data and identity data and writing encrypted data onto a recording medium; and a subprogram to run on a personal identity authenticating workstation for reading the encrypted data from said recording medium, decrypting said image data and said identity data, and checking the decrypted data for consistency of its contents; said subprogram to run on a registry workstation comprising the functions of; receiving and storing the input of image data generated by capturing a part of the body of the registrant; receiving and storing the input of the registrant'"'"'s identity data; encrypting the identity data with the registrant'"'"'s secret key; encrypting the identity data with the registrar'"'"'s secret key; and writing the image data and encrypted identity data onto said recording medium of the registrant; said subprogram to run on a personal identity authenticating workstation comprising the functions of; decrypting the double encrypted data respectively with the registrant'"'"'s and registrar'"'"'s public keys which are obtained from said authentication support station by specifying the registrant or registrar identifier; performing matching between both identity data decrypted with each public keys; presenting a personal image from said image data; and accepting the input of confirmation.
-
-
7. A method of registering personal identity authenticating information, using secret key and public key pairs which are managed such that each pair is mapped to the identifier of a registrant or registrar to which the pair belongs at an authentication support station, said method comprising:
-
receiving and storing the input of image data representing the peculiarity of a person, the registrant who will be the cardholder of an IC card; receiving and storing the input of identity data of said registrant; encrypting said image data and said identity data by means of the registrar'"'"'s secret key; encrypting said identity data together with the registrar identifier by the registrant'"'"'s secret key; and recording the encrypted data on the IC card, thus registering the identity of the registrant.
-
-
8. A method of verifying personal identity authenticating information, using secret key and public key pairs which are managed such that each pair is mapped to the identifier of a registrant or registrar to which the pair belongs at an authentication support station, said method comprising:
-
obtaining the public key of the cardholder of an IC card from said authentication support station by specifying the cardholder identifier; decrypting one encrypted data from the IC card with said public key, thereby retrieving the identity data and the registrar identifier; obtaining the public key of the registrar from said authentication support station by specifying the registrar identifier; decrypting the other encrypted data from the IC card with the registrar'"'"'s public key, thereby retrieving the identity data and image data; checking the retrieved data for falsification; and rendering the result of the check and the image data usable.
-
Specification