Authorized anonymous authentication
First Claim
1. A computer-implemented method for processing data comprising:
- (a) performing, in a computer, an enrollment process, comprising;
receiving a first biometric data and a first personal key;
processing the first biometric data combined with the first personal key through an irreversible cryptographic algorithm executed by the computer to form a first processed data comprised of the first biometric data and the first personal key in an irreversibly encrypted form;
eliminating all storage or trace of the first biometric data and the first personal key in an unprocessed and unencrypted form after the first processed data has been formed and prior to any storage; and
storing the first processed data in a repository for use in a subsequent authentication process; and
(b) performing, in a computer, an authentication process, comprising;
receiving a second biometric data and a second personal key;
processing the second biometric data combined with the second personal key through the irreversible cryptographic algorithm executed by the computer to form a second processed data comprised of the second biometric data and the second personal key in an irreversibly encrypted form;
eliminating all storage or trace of the second biometric data and the second personal key in an unprocessed and unencrypted form after the second processed data has been formed and prior to any comparison;
comparing the second processed data to the first processed data previously stored in the repository, without accessing either the first or second processed data in an unprocessed and unencrypted form, in order to enable authentication of the second biometric data and the second personal key in a confidential manner; and
generating a signal pertaining to the comparison of the second processed data to the first processed data for use in the authentication process.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, program and system for processing data is disclosed. The method, program and system comprising the steps of: (a) receiving (e.g., during an enrollment process) a first biometric data and a first personal key, (b) processing the first biometric data and the first personal key through an irreversible cryptographic algorithm, sometimes after: (i) generating one or more variants from the first biometric data, (ii) processing the first personal key through a reversible cryptographic algorithm, and (iii) adding salt to the first biometric data or first personal key, (c) receiving (e.g., during an authentication process) a second biometric data and a second personal key, (d) processing the second biometric data and the second personal key through the irreversible cryptographic algorithm, (e) comparing the second processed data to the first processed data, and (f) generating a signal pertaining to the comparison of the second processed data to the first processed data, such as: (i) a confirmation reflecting authentication when the second processed data matches the first processed data (sometimes allowing access to a facility or system) or (ii) a denial reflecting no confirmation when the second processed data does not match the first processed data.
-
Citations
58 Claims
-
1. A computer-implemented method for processing data comprising:
-
(a) performing, in a computer, an enrollment process, comprising; receiving a first biometric data and a first personal key; processing the first biometric data combined with the first personal key through an irreversible cryptographic algorithm executed by the computer to form a first processed data comprised of the first biometric data and the first personal key in an irreversibly encrypted form; eliminating all storage or trace of the first biometric data and the first personal key in an unprocessed and unencrypted form after the first processed data has been formed and prior to any storage; and storing the first processed data in a repository for use in a subsequent authentication process; and (b) performing, in a computer, an authentication process, comprising; receiving a second biometric data and a second personal key; processing the second biometric data combined with the second personal key through the irreversible cryptographic algorithm executed by the computer to form a second processed data comprised of the second biometric data and the second personal key in an irreversibly encrypted form; eliminating all storage or trace of the second biometric data and the second personal key in an unprocessed and unencrypted form after the second processed data has been formed and prior to any comparison; comparing the second processed data to the first processed data previously stored in the repository, without accessing either the first or second processed data in an unprocessed and unencrypted form, in order to enable authentication of the second biometric data and the second personal key in a confidential manner; and generating a signal pertaining to the comparison of the second processed data to the first processed data for use in the authentication process. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer-implemented method for processing data comprising:
-
receiving biometric data and a personal key; processing the biometric data combined with the personal key through an irreversible cryptographic algorithm executed by a computer to form a processed data comprised of the biometric data and the personal key in an irreversibly encrypted form; eliminating all storage or trace of the biometric data and personal key in an unprocessed and unencrypted form prior to any comparison; and comparing the processed data to secondary data stored in a repository, without accessing the processed data in an unprocessed and unencrypted form, in order to enable authentication of the biometric data and personal key in a confidential manner; wherein the secondary data comprises one or more combinations of biometric data and personal keys stored in the repository in an irreversibly encrypted form during an enrollment process that processes the one or more combinations of biometric data and personal keys through an irreversible cryptographic algorithm executed by a computer to form the secondary data, eliminates all storage or trace of the one or more combinations of biometric data and personal keys in an unprocessed and unencrypted form after the secondary data has been formed and prior to any storage, and stores the secondary data in the repository for subsequent use. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A computer readable storage device storing program instructions for execution by a computer, such that when the computer executes the program instructions, it performs a computer-implemented method for processing data, comprising:
-
(a) performing, in a computer, an enrollment process, comprising; receiving a first biometric data and a first personal key; processing the first biometric data combined with the first personal key through an irreversible cryptographic algorithm to form a first processed data comprised of the first biometric data and the first personal key in an irreversibly encrypted form; eliminating all storage or trace of the first biometric data and the first personal key in an unprocessed and unencrypted form after the first processed data has been formed and prior to any storage; and storing the first processed data in a repository for use in a subsequent authentication process; and (b) performing, in a computer, an authentication process, comprising; receiving a second biometric data and a second personal key; processing the second biometric data combined with the second personal key through the irreversible cryptographic algorithm to form a second processed data comprised of the second biometric data and the second personal key in an irreversibly encrypted form; eliminating all storage or trace of the second biometric data and the second personal key in an unprocessed and unencrypted form after the second processed data has been formed and prior to any comparison; comparing the second processed data to the first processed data previously stored in the repository, without accessing either the first or second processed data in an unprocessed and unencrypted form, in order to enable authentication of the second biometric data and the second personal key in a confidential manner; and generating a signal pertaining to the comparison of the second processed data to the first processed data for use in the authentication process. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
-
-
46. A computer readable storage device storing program instructions for execution by a computer, such that when the computer executes the program instructions, it performs a method for processing data, comprising:
-
receiving biometric data and a personal key; processing the biometric data combined with the personal key through an irreversible cryptographic algorithm to form a processed data comprised of the biometric data and the personal key in an irreversibly encrypted form; eliminating all storage or trace of the biometric data and personal key in an unprocessed and unencrypted form prior to any comparison; and comparing the processed data to secondary data stored in a repository, without accessing the processed data in an unprocessed and unencrypted form, in order to enable authentication of the biometric data and personal key in a confidential manner; wherein the secondary data comprises one or more combinations of biometric data and personal keys stored in the repository in an irreversibly encrypted form during an enrollment process that processes the one or more combinations of biometric data and personal keys through an irreversible cryptographic algorithm to form the secondary data, eliminates all storage or trace of the one or more combinations of biometric data and personal keys in an unprocessed and unencrypted form after the secondary data has been formed and prior to any storage, and stores the secondary data in the repository for subsequent use. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58)
-
Specification