Privacy-enhanced E-passport authentication protocol
First Claim
Patent Images
1. A method of maintaining confidentiality of sensitive information stored in a machine readable document pertaining to a correspondent during transmission of said sensitive information to a machine for examination, comprising:
- generating an encryption key e from a public key of said correspondent and encrypting said sensitive information with said encryption key e to obtain a ciphertext C,forwarding said ciphertext C to said machine,receiving from said machine an ephemeral public key obtained from an ephemeral private key b of said machine and said ciphertext C, andreturning to said machine additional information to permit recovery of said sensitive information by said machine from said ciphertext C.
7 Assignments
0 Petitions
Accused Products
Abstract
A passport authentication protocol provides for encryption of sensitive data such as biometric data and transfer of the encryption key from the passport to the authentication authority to permit comparison to a reference value.
33 Citations
15 Claims
-
1. A method of maintaining confidentiality of sensitive information stored in a machine readable document pertaining to a correspondent during transmission of said sensitive information to a machine for examination, comprising:
-
generating an encryption key e from a public key of said correspondent and encrypting said sensitive information with said encryption key e to obtain a ciphertext C, forwarding said ciphertext C to said machine, receiving from said machine an ephemeral public key obtained from an ephemeral private key b of said machine and said ciphertext C, and returning to said machine additional information to permit recovery of said sensitive information by said machine from said ciphertext C. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of maintaining confidentiality of sensitive information stored in a machine readable document pertaining to a correspondent during transmission of said sensitive information to a machine for examination, comprising:
-
said machine initiating a request to assemble a message by said machine readable document, said message having a primary portion M1 and a secondary portion M2, said primary portion including a ciphertext C obtained from encrypting said sensitive information with a session encryption key e and said secondary portion containing less sensitive information retrieved from said machine readable document and including a long term public key of said one correspondent, receiving said message from said machine readable document, generating a value from said ciphertext C and said secondary portion M2, generating an ephemeral private key, and utilizing said value and said ephemeral private key to generate a public session key from said value and said ephemeral private key, forwarding said public session key to said machine readable document and obtaining from said machine readable document additional information to permit recovery of said sensitive information from said ciphertext C, and said machine recovering said sensitive information from said ciphertext C using said additional information. - View Dependent Claims (11, 12)
-
-
13. A machine readable document of a correspondent, said machine readable document having a cryptographic unit including an arithmetic processor for performing cryptographic operations and a random number generator to provide ephemeral session keys, a data communication interface for communicating with a machine for examining said machine readable document, and a memory device to store sensitive information in a secure manner, said data communication interface and said memory device being in data communication with said cryptographic unit, said cryptographic unit configured to implement a method comprising:
-
generating an encryption key e from a public key of said correspondent and encrypting said sensitive information with said encryption key e to obtain a ciphertext C, forwarding said ciphertext C to said machine, receiving from said machine an ephemeral public key obtained from an ephemeral private key b of said machine and said ciphertext C, and returning to said machine additional information to permit recovery of said sensitive information by said machine from said ciphertext C. - View Dependent Claims (14)
-
-
15. A machine for authenticating a correspondent based on sensitive information stored in a machine readable document pertaining to the correspondent, comprising:
-
a data processing engine, a data communication interface coupled to the data processing engine, the data communication interface being configured to communicate with a machine readable document having stored therein sensitive information pertaining to the correspondent, and a scanner coupled to the data processing engine for obtaining a reference input directly from the correspondent, wherein the data processing engine is configured to implement a method comprising; initiating a request to assemble a message by said machine readable document, said message having a primary portion M1 and a secondary portion M2, said primary portion including a ciphertext C obtained from encrypting said sensitive information with a session encryption key e and said secondary portion containing less sensitive information retrieved from said machine readable document and including a long term public key of said one correspondent, receiving said message from said machine readable document, generating a value from said ciphertext C and said secondary portion M2, generating an ephemeral private key, and utilizing said value and said ephemeral private key to generate a public session key from said value and said ephemeral private key, forwarding said public session key to said machine readable document and obtaining from said machine readable document additional information to permit recovery of said sensitive information from said ciphertext C, and recovering said sensitive information from said ciphertext C using said additional information.
-
Specification