Authorized anonymous authentication
First Claim
1. A computer-implemented method for processing data, comprising:
- (a) performing, in a computer, an enrollment process, comprising;
receiving a first biometric data and encrypting the first biometric data using an irreversible cryptographic algorithm executed by a computer;
receiving a first personal key and encrypting the first personal key using an irreversible cryptographic algorithm executed by a computer;
combining the encrypted first biometric data and the encrypted first personal key to form a first processed data;
eliminating all storage or trace of the first biometric data and the first personal key in an unprocessed and unencrypted form, after the first biometric data and the first personal key have been irreversibly encrypted and before any comparison is performed; and
storing the first processed data in a repository for use in a subsequent authentication process; and
(b) performing, in a computer, an authentication process, comprising;
receiving a second biometric data and encrypting the second biometric data using an irreversible cryptographic algorithm executed by a computer;
receiving a second personal key and encrypting the second personal key using an irreversible cryptographic algorithm executed by a computer;
combining the encrypted second biometric data and the encrypted second personal key to form a second processed data;
eliminating all storage or trace of the second biometric data and the second personal key in an unprocessed and unencrypted form, after the second biometric data and the second personal key have been irreversibly encrypted and before any comparison is performed; and
comparing the second processed data to the first processed data previously stored in the repository, without accessing either the first or second processed data in an unprocessed and unencrypted form, in order to enable an authentication process for an entity represented by the second biometric data and the second personal key in a confidential manner, wherein a signal is generated pertaining to the comparison of the second processed data to the first processed data for use in the authentication process of the entity represented by the second biometric data and the second personal key.
0 Assignments
0 Petitions
Accused Products
Abstract
A method, program and system for processing data is disclosed. The method, program and system comprising the steps of: (a) receiving (e.g., during an enrollment process) a first biometric data and a first personal key, (b) processing the first biometric data and the first personal key through an irreversible cryptographic algorithm, sometimes after: (i) generating one or more variants from the first biometric data, (ii) processing the first personal key through a reversible cryptographic algorithm, and (iii) adding salt to the first biometric data or first personal key, (c) receiving (e.g., during an authentication process) a second biometric data and a second personal key, (d) processing the second biometric data and the second personal key through the irreversible cryptographic algorithm, (e) comparing the second processed data to the first processed data, and (f) generating a signal pertaining to the comparison of the second processed data to the first processed data, such as: (i) a confirmation reflecting authentication when the second processed data matches the first processed data (sometimes allowing access to a facility or system) or (ii) a denial reflecting no confirmation when the second processed data does not match the first processed data.
-
Citations
21 Claims
-
1. A computer-implemented method for processing data, comprising:
-
(a) performing, in a computer, an enrollment process, comprising; receiving a first biometric data and encrypting the first biometric data using an irreversible cryptographic algorithm executed by a computer; receiving a first personal key and encrypting the first personal key using an irreversible cryptographic algorithm executed by a computer; combining the encrypted first biometric data and the encrypted first personal key to form a first processed data; eliminating all storage or trace of the first biometric data and the first personal key in an unprocessed and unencrypted form, after the first biometric data and the first personal key have been irreversibly encrypted and before any comparison is performed; and storing the first processed data in a repository for use in a subsequent authentication process; and (b) performing, in a computer, an authentication process, comprising; receiving a second biometric data and encrypting the second biometric data using an irreversible cryptographic algorithm executed by a computer; receiving a second personal key and encrypting the second personal key using an irreversible cryptographic algorithm executed by a computer; combining the encrypted second biometric data and the encrypted second personal key to form a second processed data; eliminating all storage or trace of the second biometric data and the second personal key in an unprocessed and unencrypted form, after the second biometric data and the second personal key have been irreversibly encrypted and before any comparison is performed; and comparing the second processed data to the first processed data previously stored in the repository, without accessing either the first or second processed data in an unprocessed and unencrypted form, in order to enable an authentication process for an entity represented by the second biometric data and the second personal key in a confidential manner, wherein a signal is generated pertaining to the comparison of the second processed data to the first processed data for use in the authentication process of the entity represented by the second biometric data and the second personal key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method for processing data, comprising:
-
receiving a first biometric data and encrypting the first biometric data using an irreversible cryptographic algorithm executed by a computer; receiving a first personal key and encrypting the first personal key using an irreversible cryptographic algorithm executed by a computer; combining the encrypted first biometric data and the encrypted first personal key to form a first processed data; eliminating all storage or trace of the first biometric data and the first personal key in an unprocessed and unencrypted form, after the first biometric data and the first personal key have been irreversibly encrypted and before any comparison is performed; and storing the first processed data in a repository for use in a subsequent authentication process; wherein an authentication process; receives a second biometric data and encrypts the second biometric data using an irreversible cryptographic algorithm executed by a computer; receives a second personal key and encrypts the second personal key using an irreversible cryptographic algorithm executed by a computer; combines the encrypted second biometric data and the encrypted second personal key to form a second processed data; eliminates all storage or trace of the second biometric data and the second personal key in an unprocessed and unencrypted form, after the second biometric data and the second personal key have been irreversibly encrypted and before any comparison is performed; compares the second processed data to the first processed data previously stored in the repository, without accessing either the first or second processed data in an unprocessed and unencrypted form, in order to enable an authentication process for an entity represented by the second biometric data and the second personal key in a confidential manner, wherein a signal is generated pertaining to the comparison of the second processed data to the first processed data for use in the authentication process of the entity represented by the second biometric data and the second personal key. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented method for processing data, comprising:
-
receiving a first biometric data and encrypting the first biometric data using an irreversible cryptographic algorithm executed by a computer; receiving a first personal key and encrypting the first personal key using an irreversible cryptographic algorithm executed by a computer; combining the encrypted first biometric data and the encrypted first personal key to form a first processed data; eliminating all storage or trace of the first biometric data and the first personal key in an unprocessed and unencrypted form, after the first biometric data and the first personal key have been irreversibly encrypted and before any comparison is performed; and comparing the first processed data to a second processed data previously stored in a repository, without accessing either the first or second processed data in an unprocessed and unencrypted form, in order to enable an authentication process for an entity represented by a second biometric data and a second personal key in a confidential manner, wherein a signal is generated pertaining to the comparison of the first processed data to the second processed data for use in the authentication process of the entity represented by the second biometric data and the second personal key, wherein an enrollment process; receives the second biometric data and encrypts the second biometric data using an irreversible cryptographic algorithm executed by a computer; receives the second personal key and encrypts the second personal key using an irreversible cryptographic algorithm executed by a computer; combines the encrypted second biometric data and the encrypted second personal key to form the second processed data; eliminates all storage or trace of the second biometric data and the second personal key in an unprocessed and unencrypted form, after the second biometric data and the second personal key have been irreversibly encrypted and before any comparison is performed; and stores the second processed data in the repository for use in a subsequent authentication process. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification