Security method and apparatus using biometric data
First Claim
1. A security method, carried out by a trusted authority entity, for generating decryption keys for multiple individuals, the method comprising:
- (a) receiving biometric data of a specific individual,(b) comparing the biometric data with biometric characteristics of a subject individual to determine whether the latter is said specific individual, and(c) using at least the biometric data and private data of the trusted authority entity to generate, by an identifier-based cryptography process, a decryption key that forms one key of an asymmetric key pair, and(d) repeating (a) to (c) for each of multiple specific individuals, the same trusted-authority private data being used in generating each decryption key.
1 Assignment
0 Petitions
Accused Products
Abstract
A security method and apparatus is provided in which a trusted authority is arranged to read in identity data from a memory device presented by an individual. This identity data comprises both biometric data of a specific individual ,and additional identity data concerning the same individual. The trusted authority uses the biometric data as a biometric reference for comparison with biometric characteristics of the individual presenting the memory card in order to determine whether the latter is the individual represented by the biometric data. The trusted authority uses the additional identity data or matching data, together with private data of the trusted authority, to generate a decryption key. This decryption key is apt to decrypt data encrypted using both an encryption key string comprising the additional identity data of the specific individual and public data of the trusted authority.
58 Citations
36 Claims
-
1. A security method, carried out by a trusted authority entity, for generating decryption keys for multiple individuals, the method comprising:
-
(a) receiving biometric data of a specific individual, (b) comparing the biometric data with biometric characteristics of a subject individual to determine whether the latter is said specific individual, and (c) using at least the biometric data and private data of the trusted authority entity to generate, by an identifier-based cryptography process, a decryption key that forms one key of an asymmetric key pair, and (d) repeating (a) to (c) for each of multiple specific individuals, the same trusted-authority private data being used in generating each decryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A data access control method comprising:
-
(a) encrypting first data using encryption parameters comprising public data of a trusted authority entity and an encryption key string formed using at least biometric data of a specific individual; (b) providing the biometric data of said specific individual to the trusted authority entity which uses it both; as a biometric reference for comparison with biometric characteristics of a subject individual to determine whether the latter is said specific individual, and to generate, by an identifier-based cryptography process, a decryption key that forms one key of an asymmetric key pair and that is based on at least the biometric data and private data of the trusted authority entity, said public data of the trusted authority entity being related to its private data; (c) using the decryption key to decrypt the encrypted first data; and (d) repeating (a) to (c) for each of multiple specific individuals, the same trusted-authority private data being used in generating each decryption key. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification