Biometric authentication system
First Claim
1. A method of generating authentication data for authenticating a subject, the method comprising a computer to execute the steps of:
- receiving physical data representing a physical characteristic of the subject;
processing the physical data by performing a predetermined processing operation to generate i) a reference number whose value is representative of the subject, and ii) variability correction data for improving the repeatability of the generation of the reference number;
generating identification data comprising at least part of the reference number and at least part of the variability correction data;
encrypting the generated identification data; and
generating authentication data comprising said variability correction data and said encrypted data,wherein said encrypting step comprises applying a one-way encryption algorithm to said identification data to generate a hash value, and applying a two-way encryption algorithm to encrypt the generated hash value.
4 Assignments
0 Petitions
Accused Products
Abstract
There is described an authentication system in which during an enrolment process a distinctive characteristic of a subject being enrolled is measured to generate a reference number representative of the subject. Authentication data is then generated using the reference number, and the authentication data is stored for use in a subsequent verification process. During verification, the representative characteristic of the subject being verified is re-measured to generate a test number representative of the subject being verified and the authentication data during enrolment is retrieved. The authentication system then checks for equality between the test number and the reference number using the retrieved authentication data. If the test number and the reference number are equal, then the authenticity of the subject is verified, otherwise the authenticity is denied.
-
Citations
35 Claims
-
1. A method of generating authentication data for authenticating a subject, the method comprising a computer to execute the steps of:
-
receiving physical data representing a physical characteristic of the subject; processing the physical data by performing a predetermined processing operation to generate i) a reference number whose value is representative of the subject, and ii) variability correction data for improving the repeatability of the generation of the reference number; generating identification data comprising at least part of the reference number and at least part of the variability correction data; encrypting the generated identification data; and generating authentication data comprising said variability correction data and said encrypted data, wherein said encrypting step comprises applying a one-way encryption algorithm to said identification data to generate a hash value, and applying a two-way encryption algorithm to encrypt the generated hash value. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of authenticating a subject, the method comprising a computer to execute the steps of:
-
retrieving authentication data comprising encrypted data indicative of a reference number whose value is representative of a reference subject, and variability correction data relating to the generation of the reference number; decrypting the encrypted data to generate decrypted data; receiving physical data associated with a physical characteristic of the subject; processing the physical data using said variability correction data to generate a test number; and testing the equality of the reference number and the test number using the retrieved authentication data and the generated test number to determine the authenticity of the test subject, wherein said testing step comprises generating test identification data using at least part of the test number and at least part of the variability correction data, applying a one-way encryption algorithm to said test identification data to generate a test hash value, and testing the equality of the test hash value and the decrypted data. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. An apparatus for generating authentication data to authenticate a subject, the apparatus comprising:
-
a receiver operable to receive physical data representing a physical characteristic of the subject; a processor operable to perform a predetermined processing operation on the physical data to generate i) a reference number, whose value is representative of the subject, and ii) variability correction data for improving the repeatability of the generation of the reference number; an identification data generator operable to generate identification data comprising at least part of the reference number and at least part of the variability correction data; an encrypter operable to encrypt the generated identification data to generate encrypted data; an authentication data generator operable to generate authentication data comprising said variability correction data and said encrypted data, wherein said encrypter is operable to apply a one-way encryption algorithm to said identification data to generate a hash value, and to apply a two-way encryption algorithm to encrypt the generated hash value. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. An apparatus for authenticating a subject, the apparatus comprising:
-
a retriever operable to retrieve authentication data comprising encrypted data indicative of a reference number whose value is representative of a reference subject, and variability correction data relating to the generation of the reference number; a decrypter operable to decrypt the encrypted data to generate decrypted data; a receiver operable to receive physical data associated with a physical characteristic of the subject; a processor operable to process the physical data using said variability correction data to generate a test number; and a tester operable to test the equality of the reference number and the test number using the retrieved authentication data and the generated test number to determine the authenticity of the test subject, wherein said tester comprises a test identification data generator operable to generate test identification data using at least part of the test number and at least part of the variability correction data and an encrypter operable to apply a one-way encryption algorithm to said test identification data to generate a test hash value, wherein the tester is operable to test the equality of the test hash value and the decrypted data. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. A storage device storing instructions including instructions for causing a programmable apparatus to perform a method of generating authentication data for authenticating a subject, the method comprising the steps of:
-
receiving physical data representing a physical characteristic of the subject; processing the physical data by performing a predetermined processing operation to generate i) a reference number whose value is representative of the subject, and ii) variability correction data for improving the repeatability of the generation of the reference number; generating identification data comprising at least part of the reference number and at least part of the variability correction data; encrypting the generated identification data; and generating authentication data comprising said variability correction data and said encrypted data, wherein said encrypting step comprises applying a one-way encryption algorithm to said identification data to generate a hash value, and applying a two-way encryption algorithm to encrypt the generated hash value.
-
-
35. A storage device storing instructions including instructions for causing a programmable apparatus to perform a method of authenticating a subject, the method comprising the steps of:
-
retrieving authentication data comprising encrypted data indicative of a reference number whose value is representative of a reference subject, and variability correction data relating to the generation of the reference number; decrypting the encrypted data to generate decrypted data; receiving physical data associated with a physical characteristic of the subject; processing the physical data using said variability correction data to generate a test number; and testing the equality of the reference number and the test number using the retrieved authentication data and the generated test number to determine the authenticity of the test subject, wherein said testing step comprises generating test identification data using at least part of the test number and at least part of the variability correction data, applying a one-way encryption algorithm to said test identification data to generate a test hash value, and testing the equality of the test hash value and the decrypted data.
-
Specification