Asymmetric cryptography with user authentication

US 7,805,615 B2
Filed: 07/15/2005
Issued: 09/28/2010
Est. Priority Date: 07/15/2005
Status: Active Grant

First Claim

Patent Images

1. A method for encrypting data comprising:

receiving at least one user authentication factor;

generating a decryption key from the at least one user authentication factor;

generating an encryption key from a one-way function of the decryption key;

encrypting data using the encryption key;

encrypting the at least one user authentication factor using the encryption key to produce an encrypted at least one user authentication factor;

storing the encrypted data;

storing the encryption key to be used in a later authentication process; and

storing the encrypted at least one user authentication factor to be used in the later authentication process.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device uses a user authentication factor to generate a decryption key for use in asymmetric cryptography. An encryption key is generated from the decryption key using a one-way function.

133 Citations

View as Search Results

36 Claims

1. A method for encrypting data comprising:
- receiving at least one user authentication factor;
  
  generating a decryption key from the at least one user authentication factor;
  
  generating an encryption key from a one-way function of the decryption key;
  
  encrypting data using the encryption key;
  
  encrypting the at least one user authentication factor using the encryption key to produce an encrypted at least one user authentication factor;
  
  storing the encrypted data;
  
  storing the encryption key to be used in a later authentication process; and
  
  storing the encrypted at least one user authentication factor to be used in the later authentication process.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein the at least one user authentication factor includes a unique ID for a hardware device.
  - 3. The method of claim 2 wherein the hardware device comprises a hardware device physically separate from an apparatus performing the method.
  - 4. The method of claim 2 wherein the hardware device comprises a hardware device physically separable from an apparatus performing the method.
  - 5. The method of claim 1 wherein the at least one user authentication factor includes a biometric factor.
  - 6. The method of claim 1 wherein the at least one user authentication factor includes a unique ID for a hardware device and a biometric factor.
  - 7. The method of claim 1 wherein generating a decryption key comprises setting the decryption key equal to the at least one user authentication factor.

8. A method for decrypting data comprising:
- receiving at least one user authentication factor;
  
  generating a decryption key from the at least one user authentication factor;
  
  decrypting stored data using the decryption key; and
  
  encrypting the at least one user authentication factor using a stored encryption key to produce a result, and comparing the result with a stored encrypted user authentication factor, wherein the stored encryption key was previously generated from a one-way function of a decryption key that was generated from a previously received at least one user authentication factor.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method of claim 8 wherein the at least one user authentication factor includes a unique ID for a hardware device.
  - 10. The method of claim 9 wherein the hardware device comprises a hardware device physically separate from an apparatus performing the method.
  - 11. The method of claim 9 wherein the hardware device comprises a hardware device physically separable from an apparatus performing the method.
  - 12. The method of claim 8 wherein the at least one user authentication factor includes a biometric factor.
  - 13. The method of claim 8 wherein the at least one user authentication factor includes a unique ID for a hardware device and a biometric factor.

14. An apparatus with a non-transitory machine readable medium having instructions stored thereon that when accessed result in a machine performing:
- receiving at least one user authentication factor;
  
  generating a decryption key from the at least one user authentication factor;
  
  generating an encryption key from a one-way function of the decryption key;
  
  encrypting data using the encryption key;
  
  encrypting the at least one user authentication factor using the encryption key to produce an encrypted at least one user authentication factor;
  
  storing the encrypted data;
  
  storing the encryption key to be used in a later authentication process; and
  
  storing the encrypted at least one user authentication factor to be used in the later authentication process.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The apparatus of claim 14 wherein the at least one user authentication factor includes a unique ID for a hardware device.
  - 16. The apparatus of claim 15 wherein the hardware device comprises a hardware device physically separate from the machine performing the method.
  - 17. The apparatus of claim 15 wherein the hardware device comprises a hardware device physically separable from the machine performing the method.
  - 18. The apparatus of claim 14 wherein the at least one user authentication factor includes a biometric factor.
  - 19. The apparatus of claim 14 wherein the at least one user authentication factor includes a unique ID for a hardware device and a biometric factor.

20. An apparatus with a non-transitory machine readable medium having instructions stored thereon that when accessed result in a machine performing:
- receiving at least one user authentication factor;
  
  generating a decryption key from the at least one user authentication factor;
  
  decrypting stored data using the decryption key; and
  
  encrypting the at least one user authentication factor using a stored encryption key to produce a result, and comparing the result with a stored encrypted user authentication factor, wherein the stored encryption key was previously generated from a one-way function of a decryption key that was generated from a previously received at least one user authentication factor.
- View Dependent Claims (21, 22, 23, 24, 25)
- - 21. The apparatus of claim 20 wherein the at least one user authentication factor includes a unique ID for a hardware device.
  - 22. The apparatus of claim 21 wherein the hardware device comprises a hardware device physically separate from the machine performing the method.
  - 23. The apparatus of claim 21 wherein the hardware device comprises a hardware device physically separable from the machine performing the method.
  - 24. The apparatus of claim 20 wherein the at least one user authentication factor includes a biometric factor.
  - 25. The apparatus of claim 20 wherein the at least one user authentication factor includes a unique ID for a hardware device and a biometric factor.

26. A computer system for storing and accessing encrypted data, comprising:
- a user authentication factor collection component to receive at least one user authentication factor;
  
  a decryption key generation component to generate a decryption key from the at least one user authentication factor;
  
  an encryption key generation component to generate an encryption key from the decryption key using a one-way function;
  
  an encryption process component to encrypt data and the at least one user authentication factor using the encryption key;
  
  a decryption process component to decrypt encrypted data using the decryption key; and
  
  a non-transitory machine readable medium to store the encryption key and the encrypted at least one user authentication factor for later authentication.
- View Dependent Claims (27, 28, 29, 30)
- - 27. The computer system of claim 26 wherein the user authentication factor collection component is configured to receive a unique ID for a hardware device as a user authentication factor.
  - 28. The computer system of claim 27 wherein the hardware device comprises a hardware device physically separable from the computer system.
  - 29. The computer system of claim 26 wherein the user authentication factor collection component is configured to receive a biometric factor as a user authentication factor.
  - 30. The computer system of claim 26 wherein the user authentication factor collection component is configured to receive a unique ID for a hardware device and a biometric factor as user authentication factors.

31. An apparatus comprising:
- means for collecting at least one user authentication factor;
  
  means for generating a decryption key from the at least one user authentication factor;
  
  means for generating an encryption key from the decryption key using a one-way function;
  
  means for encrypting data and the at least one user authentication factor using the encryption key;
  
  means for decrypting data using the decryption key; and
  
  a non-transitory machine readable medium to store the encryption key and the encrypted at least one user authentication factor for later authentication.

32. A handheld device to store encrypted data, comprising:
- a biometric collection device to collect a biometric user authentication factor;
  
  an asymmetric cryptography engine to generate an asymmetric decryption key from the biometric user authentication factor, and to generate an asymmetric encryption key from the asymmetric decryption key, and to encrypt the biometric user authentication factor using the asymmetric encryption key; and
  
  a non-transitory machine readable medium to store the asymmetric encryption key and the encrypted biometric user authentication factor for later authentication.
- View Dependent Claims (33, 34, 35, 36)
- - 33. The handheld device of claim 32 wherein the biometric collection device comprises a fingerprint collection device.
  - 34. The handheld device of claim 32 wherein the biometric collection device comprises a retinal scanner.
  - 35. The handheld device of claim 32 further comprising a wireless interface to receive a unique ID from a wireless device.
  - 36. The handheld device of claim 35 wherein the asymmetric cryptography engine is configured to generate the asymmetric cryptography key from the unique ID and the biometric user authentication factor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tyfone Incorporated
Original Assignee
Tyfone Incorporated
Inventors
Tadepalli, Prabhakar, Narendra, Siva G., Spitzer, Thomas N.
Primary Examiner(s)
Vu; Kimyen
Assistant Examiner(s)
Zee; Edward

Application Number

US11/182,520
Publication Number

US 20070016798A1
Time in Patent Office

1,901 Days
Field of Search

726/9, 726/20, 726/5, 726/7, 726/18, 726/19, 713/186, 713/185, 380/44, 380/46
US Class Current

713/186
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 9/0866   involving user or device id...

H04L 9/3231   Biological data, e.g. finge...

Asymmetric cryptography with user authentication

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

133 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

Asymmetric cryptography with user authentication

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

133 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links