Method and system for providing password-free, hardware-rooted, ASIC-based authentication of a human to a mobile device using biometrics with a protected, local template to release trusted credentials to relying parties

US 9,286,457 B2
Filed: 03/06/2014
Issued: 03/15/2016
Est. Priority Date: 06/14/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A stand-alone computing device, which may also be a mobile device comprising:

a processor;

a memory;

a biometric sensor;

optionally, an application specific integrated circuit (ASIC) connected to or contained within said stand-alone computing device, incorporating an ASIC processor, an ASIC memory and ASIC software storage, capable of causing code-signing, biometric authentication and encryption operations to take place;

a software storage, wherein, upon power-up of the said stand-alone computing device, and prior to executing at least some of the software stored thereon, causes the said processor and the said ASIC processor, individually or in combination to;

check the signed code stored on the said ASIC and the said stand-alone computing device and, responsive to a successful check;

generate a device ID from hardware characteristics of said stand-alone computing device and said ASIC;

prompt a user to submit a plurality of biometric samples and capture said plurality of biometric samples using said biometric sensor;

optionally, transform data of said captured biometric samples to a consistent angle of inclination;

biometrically enroll an identity of a device user by matching said captured biometric samples to each other and determining a biometric template;

obtain a PIN value by one of a) generating said PIN value from hardware characteristics of the said stand-alone computer and the said ASIC and b) capturing said PIN value after being entered on said device;

generate a one-way hashed value of said PIN;

accept a password from the user after obtaining said PIN;

obfuscate said password using said hashed value of said PIN and said device ID, and store the obfuscated password in one of said memory and said ASIC memory;

generate a first private encryption key using at least said hashed PIN and, optionally, one of said device ID and said obfuscated password;

encrypt said biometric template using said first private encryption key and store the encrypted template in one of the said memory and the said ASIC memory;

and upon subsequent stand-alone computing device power up, the said software and the said ASIC software further cause the stand-alone computing device processor and the ASIC processor, individually or in combination to;

a) check said signed code stored on the said ASIC and the said stand-alone computing device and, responsive to a successful check;

b) generate said device ID from hardware characteristics of said stand-alone computing device and said ASIC;

c) capture a subsequent biometric sample from a user, using said biometric sensor;

d) decrypt the encrypted template using said first private encryption key;

e) de-obfuscate the obfuscated password using at least said hashed value of said PIN and said device IDf) provide the said de-obfuscated password for an authentication process, only if the encrypted template is correctly decrypted and said subsequent biometric sample matches said decrypted template.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Biometric data are obtained from a biometric sensor on a mobile device, containing an ASIC, which is connected to or incorporated within it. The mobile device and ASIC, in combination or individually, capture biometric samples, extract biometric features and match them to a locally stored, encrypted template. For extra security, the biometric matching may be enhanced by the use of an entered PIN. The biometric template and other sensitive data are encrypted using hardware elements of the mobile device and ASIC, together with a PIN hash. A stored obfuscated Password is de-obfuscated and released to the mobile device authentication mechanism in response to a successfully decrypted template and matching biometric sample. A different de-obfuscated password may be released to authenticate the user to a remote computer and to encrypt data in transit. The system eliminates the need for the user to remember and enter complex passwords on the mobile device.

Citations

20 Claims

1. A stand-alone computing device, which may also be a mobile device comprising:
- a processor;
  
  a memory;
  
  a biometric sensor;
  
  optionally, an application specific integrated circuit (ASIC) connected to or contained within said stand-alone computing device, incorporating an ASIC processor, an ASIC memory and ASIC software storage, capable of causing code-signing, biometric authentication and encryption operations to take place;
  
  a software storage, wherein, upon power-up of the said stand-alone computing device, and prior to executing at least some of the software stored thereon, causes the said processor and the said ASIC processor, individually or in combination to;
  
  check the signed code stored on the said ASIC and the said stand-alone computing device and, responsive to a successful check;
  
  generate a device ID from hardware characteristics of said stand-alone computing device and said ASIC;
  
  prompt a user to submit a plurality of biometric samples and capture said plurality of biometric samples using said biometric sensor;
  
  optionally, transform data of said captured biometric samples to a consistent angle of inclination;
  
  biometrically enroll an identity of a device user by matching said captured biometric samples to each other and determining a biometric template;
  
  obtain a PIN value by one of a) generating said PIN value from hardware characteristics of the said stand-alone computer and the said ASIC and b) capturing said PIN value after being entered on said device;
  
  generate a one-way hashed value of said PIN;
  
  accept a password from the user after obtaining said PIN;
  
  obfuscate said password using said hashed value of said PIN and said device ID, and store the obfuscated password in one of said memory and said ASIC memory;
  
  generate a first private encryption key using at least said hashed PIN and, optionally, one of said device ID and said obfuscated password;
  
  encrypt said biometric template using said first private encryption key and store the encrypted template in one of the said memory and the said ASIC memory;
  
  and upon subsequent stand-alone computing device power up, the said software and the said ASIC software further cause the stand-alone computing device processor and the ASIC processor, individually or in combination to;
  
  a) check said signed code stored on the said ASIC and the said stand-alone computing device and, responsive to a successful check;
  
  b) generate said device ID from hardware characteristics of said stand-alone computing device and said ASIC;
  
  c) capture a subsequent biometric sample from a user, using said biometric sensor;
  
  d) decrypt the encrypted template using said first private encryption key;
  
  e) de-obfuscate the obfuscated password using at least said hashed value of said PIN and said device IDf) provide the said de-obfuscated password for an authentication process, only if the encrypted template is correctly decrypted and said subsequent biometric sample matches said decrypted template.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The device of claim 1, wherein said device is connected, through a network to a remote computer and said device and said remote computer achieve mutual remote computer/device authentication by:
    - a) said remote computer being configured to request an active device user to authenticate to said device using said subsequent biometric sample and said PIN;
      
      b) said device being configured to generate a one-way hash value of said de-obfuscated password provided for authentication;
      
      c) said device being configured to communicate encrypted data, including a user credential over said network, using a symmetrical encryption key, which is a function of at least one of the one-way hashed value of said provided de-obfuscated password and said device ID;
      
      d) said device being configured to further communicate at least said device ID, encrypted with said symmetrical encryption key, to said remote computer;
      
      e) said remote computer being configured to calculate said symmetrical encryption key, decrypt at least said device ID, and authenticate said device as a legitimate device on said network;
      
      f) said remote computer being configured to acknowledge the legitimacy of said network communication by encrypting the said hashed password using said calculated symmetrical key and communicating said encrypted hashed password to said device,g) said device being configured to decrypt said encrypted hashed password, test the said decrypted hashed password for authenticity and in response to said test, acknowledge remote computer legitimacy to remote computer and grant it full access to said device;
      
      h) said remote computer being configured to check said device for compliance with network security policy, if necessary, change parameter data for acceptability and, if appropriate, release said user credential to said remote computer, andi) said remote computer being configured to gain full access to said device and modify said device according to enterprise security policy when said device does not respond to said remote computer request.
  - 3. The device of claim 1 wherein said device is connected, through a network to a remote computer, said device and said remote computer achieving mutual remote computer/device authentication by:
    - a) said remote computer being configured to request an active device user to authenticate to said device using said subsequent biometric sample and said PIN;
      
      b) said device being configured to de-obfuscate a previously-entered, stored, obfuscated, second password which is used to release a second Private Key to implement a PKI encryption-based authentication protocol and encrypted communications between said device and the said remote computer, only after successful submission of said subsequent biometric sample and PIN,c) said remote computer being configured to gain full access to said device and modify said device according to enterprise security policy when said device does not respond to said remote computer request.
  - 4. The device of claim 3, wherein said device does not contain and is not connected to said ASIC and the following tasks are undertaken:
    - a) said device and said remote computer achieve mutual remote computer/device authentication by;
      
      b) said remote computer being configured to request an active device user to authenticate to said device using said subsequent biometric sample and said PIN;
      
      c) said device being configured to de-obfuscate said stored, obfuscated, previously-entered second password which is used to release said second Private Key to implement a PKI encryption-based authentication protocol between said device and the said remote computer, only after successful submission of said subsequent biometric sample and PIN.
  - 5. The device of claim 4 where said remote computer is configured to gain full access to said device and modify said device according to enterprise security policy when said device does not respond to said remote computer request.
  - 6. The device of claim 1, wherein the said biometric sensor comprises one of a stylus-based screen entry digitizer and a finger-based screen entry digitizer and records sign input as the biometric sample.
  - 7. The device of claim 6, wherein said biometric samples contain, at least (X,Y) coordinate values, wherein each set of co-ordinate values has one of an associated explicit and inferred time stamp;
    - said biometric template is adaptive;
      
      said device being configured to calculate, store, and update biometric features, biometric feature means, and biometric feature variances, wherein said biometric feature means are modified by choosing weights that correspond to a large discrimination score measured between authentic and imposter samples; and
      
      said device being configured to prompt a user to choose said signs to be one of a secret sign without user feedback and a signature with user feedback.
  - 8. The device of claim 7, wherein said biometric feature means are based on at least one of:
    - V(x), where V(x) is a variance of the x-coordinate values of a transformed sign, V(y), where V(y) is a variance of the y-coordinate values of a transformed sign, C(x,y), where C(x,y) is a covariance of a transformed sign coordinate values, total sign time, total in-contact sign time, total out-of contact sign time, positions of (x,y) turning points with respect to time, positions of (x,y) turning points with respect to x-position, positions of (x,y) turning points with respect to y-position, an estimate of total x-distance traveled, an estimate of total y-distance traveled, (x,y) positions of new points of stylus contact with respect to time, new out-of-contact stylus (x,y) positions with respect to x-position, (x,y) positions of new points of stylus contact with respect to x-position, (x,y) positions of new out-of-contact stylus positions with respect to time, Forehand (x,y) distances, and Backhand (x,y) distances.
  - 9. The device of claim 1, wherein:
    - said biometric template contains an electronic representation of the user'"'"'s valid signature which is released to electronic documents requiring it, said electronic documents subsequently being communicated to a remote computer storing a valid signature for said user, which is used to check the authenticity of the said electronic representation of user'"'"'s valid signature, requiring an exact or very close match;
      
      said biometric template includes a time-stamp associated with the last time it was used to match a biometric sample;
      
      said biometric template includes an authentication code which is a definitive function of at least data defining said template;
      
      said biometric template contains the number of samples contributing to its values.
  - 10. The device of claim 1, wherein said device does not contain, and is not connected to said ASIC and performs the following tasks:
    - upon power-up of the said stand-alone computing device, and prior to executing at least some of the said software stored thereon, the said software causes the said processor to;
      
      check the signed code stored on the said stand-alone computing device and, responsive to a successful check;
      
      generate a device ID from hardware characteristics of the stand-alone computing device;
      
      prompt a user to submit a plurality of biometric samples and capture said plurality of biometric samples using said biometric sensor;
      
      optionally, transform data of said captured biometric samples to a consistent angle of inclination;
      
      biometrically enroll an identity of a device user by matching said captured biometric samples to each other and determining a biometric template;
      
      obtain a PIN value by one of capturing said PIN from said user after being entered on said device and generating said PIN from said Device ID;
      
      generate a one-way hashed value of said PIN;
      
      generate a first private encryption key using at least said hashed PINencrypt said biometric template using said first private encryption key and store the encrypted template in the said memory;
      
      and, upon subsequent stand-alone computing device power up, the said software further causes said stand-alone computing device to;
      
      check the signed code stored on the said stand-alone computing device and, responsive to a successful check;
      
      generate said device ID from characteristics of said stand-alone computing device hardware components;
      
      capture a subsequent biometric sample from a user, using said biometric sensor;
      
      submit said PIN;
      
      decrypt the encrypted template using said first private encryption key;
      
      enable device for further operation only if the said subsequent biometric sample matches said decrypted template, ensuring that both the correct PIN and a correct biometric sample have been submitted and if either of them fail, causing the device not to inform the user whether the PIN or the biometric sample failed.
  - 11. The device of claim 10, where the stand alone computer is an IC chip connected to an integrated IC card reader and wherein a user credential is released in the following manner:
    - a) said biometric template and a user credential are stored on an IC card;
      
      b) said PIN hashing, template decryption and subsequent biometric sample-matching processes are undertaken on the IC card; and
      
      c) in response to a correct PIN and biometric sample match, said user credential is released in encrypted form to be compared to information stored on a remote computer.

12. A stand-alone computing device comprising;
- a processor;
  
  a memory;
  
  a biometric sensor;
  
  Optionally, an application specific integrated circuit (ASIC) connected to or contained within said stand-alone computing device, incorporating an ASIC processor, an ASIC memory and an ASIC software storage, capable of causing code-signing, biometric authentication and encryption operations to take place;
  
  a software storage, wherein, upon power-up of the said stand-alone computing device, and prior to executing at least some of the software stored thereon, causes the said processor and the said ASIC processor, individually or in combination to;
  
  check the signed code stored on the said ASIC and the said stand-alone computing device and, responsive to a successful check;
  
  generate a device ID from hardware characteristics of said stand-alone computing device and said ASIC;
  
  biometrically enroll device users by capturing biometric samples, wherein said biometric samples contain, at least, (X,Y) coordinate values, and each set of co-ordinate values having one of an associated explicit and inferred time stamp;
  
  extract biometric feature values from signs made on an electronic signing area of said stand-alone computing device, by one of a stylus and a finger, wherein said signs are chosen by the user to be one of, a secret sign without user feedback and a signature with user feedback;
  
  verify the identity of a user by matching a new biometric sample with a previously enrolled biometric template, wherein said biometric template includes an electronic representation of said user'"'"'s authentic signature and said authentic electronic signature and said authentic electronic signature is released so that it may be compared with an electronic signature stored on a second computer remote from the stand-alone computing device;
  
  calculate means of biometric features and modify the said means by weights that correspond to a large discrimination score measured between authentic and imposter samples;
  
  generate a password and password hash from a stored, de-obfuscated password and device ID, wherein said de-obfuscated password is generated following a PIN generation and biometric sample matching;
  
  provide the de-obfuscated password for an authentication process, only if the encrypted template is correctly decrypted and said subsequent biometric sample matches said decrypted template.
- View Dependent Claims (13, 14)
- - 13. The device of claim 12, wherein said device is connected, through a network to a remote computer and said device and said remote computer achieving mutual remote computer/device authentication by:
    - a) said remote computer being configured to request an active device user to authenticate to said device;
      
      b) said device being configured to communicate encrypted data over said network using a symmetrical encryption key, which is a function of the hashed value of said password;
      
      c) said device being configured to communicate at least said device ID, encrypted with said symmetrical encryption key, to said remote computer;
      
      d) said remote computer being configured to calculate said symmetrical encryption key, decrypt at least said device ID, and authenticate said device as a legitimate device on said network;
      
      e) said remote computer being configured to acknowledge the legitimacy of said network communication by encrypting one of said hashed password and other known data using said symmetrical key and communicate the encrypted one to said device;
      
      f) said device being configured to check the value of one of said hashed password and said other known data and in response to said check, acknowledge remote computer legitimacy to remote computer and grant it full access to said device;
      
      g) said remote computer being configured to check said device for compliance with network security policy and may change device parameter data for acceptability and, if appropriate, release a trusted credential; and
      
      h) said remote computer being configured, according to security policy, to delete appropriate data from said device when said device does not respond to said remote computer request.
  - 14. The device of claim 12, wherein said device is connected, through a network to a remote computer, said device and said remote computer achieving mutual remote computer/device authentication by:
    - a) said remote computer being configured to request an active device user to authenticate to the said device using said subsequent biometric sample and said PIN;
      
      b) said device being configured to de-obfuscate the said previously entered stored obfuscated second password which is used to release the said second Private Key to implement a PKI encryption and authentication protocol between said device and the said remote computer, only after successful matching of a subsequent biometric sample and PIN;
      
      c) said remote computer being configured to gain full access to said device and modify said device according to enterprise security policy when said device does not respond to said remote computer request.

15. A stand-alone computing device comprising:
- a processor;
  
  a memory;
  
  a biometric sensor;
  
  Optionally, an application specific integrated circuit (ASIC) connected to or contained within said stand-alone computing device, incorporating an ASIC processor, an ASIC memory and an ASIC software storage, capable of causing code-signing, biometric authentication and encryption operations to take place;
  
  a software storage, wherein, upon power-up of the said stand-alone computing device, and prior to executing at least some of the software stored thereon, causes the said processor and the said ASIC processor, individually or in combination to;
  
  check the signed code stored on the said ASIC and the said stand-alone computing device and, responsive to a successful check;
  
  generate a device ID from hardware characteristics of said stand-alone computing device and said ASIC;
  
  capture a biometric sample from a device user using said biometric sensor;
  
  perform authentication with a remote computer using PKI communications and a second private encryption key, wherein said second private encryption key is generated as a function of a previously entered password and said device ID;
  
  said software further causing one of the said processor and the said ASIC processor to perform PKI encryption using at least said second private encryption key;
  
  One of said memory and said ASIC memory storing a biometric template, which is encrypted and decrypted using said first private encryption key;
  
  wherein said stand-alone computing device is further enabled, in response to a good match between said biometric sample and said decrypted biometric template, and accessed by PKI communications software, without said user re-entering a PIN or password for deviceaccess or for remote computer authentication.
- View Dependent Claims (16, 17)
- - 16. The device of claim 15, wherein said ASIC memory stores an electronic representation of said user'"'"'s authentic electronic signature which, in response to a satisfactory biometric match of said biometric sample with said biometric template, is released in encrypted form, enabling comparison with a very close replica of said electronic signature stored remotely on a separate computer.
  - 17. The device of claim 15, wherein said device and said device user authenticate to a remote computer using a CBEFF patron such as ANSI BioAPI and where the BioAPI payload includes at least said device ID encrypted with said second private encryption key.

18. A stand-alone computing device comprising:
- a processor;
  
  a memory;
  
  a biometric sensor integrated into said stand-alone computing device;
  
  Optionally, an application specific integrated circuit (ASIC) connected to or contained within said stand-alone computing device, incorporating an ASIC processor, an ASIC memory and ASIC software storage, capable of causing code-signing, biometric authentication and encryption operations to take place and;
  
  software storage, wherein, upon power-up of the said stand-alone computing device, and prior to executing at least some of the software stored thereon, causes the processor and the said ASIC, individually or in combination to;
  
  check the signed code stored on one of the said ASIC and the said stand-alone computing device and, responsive to a successful check;
  
  generate a device ID from characteristics of hardware components of said device;
  
  capture a biometric sample from a device user using said biometric sensor;
  
  prompt the user to enter a PIN, which is subjected to a one-way hash function, wherein said hashed PIN is used (optionally in conjunction with said device ID) to generate said first private encryption key;
  
  perform authentication with a remote computer using PKI communications with said second private encryption key;
  
  one of said ASIC memory and said memory storing a biometric template, which is encrypted and decrypted using said first private encryption key;
  
  wherein operation of said stand-alone computing device is further enabled, in response to a good match between said biometric sample and said decrypted biometric template, and accessed by PKI communications software, without said user re-entering a password for device access or for remote computer authentication.
- View Dependent Claims (19, 20)
- - 19. The device of claim 18, wherein one of said memory and said ASIC memory stores an electronic representation of said user'"'"'s authentic electronic signature which, in response to a satisfactory biometric match of said biometric sample with said biometric template, is released in encrypted form enabling comparison with a very close replica of said electronic signature stored remotely on a separate computer.
  - 20. The device of claim 18, wherein said device and said device user authenticate to a remote computer using a CBEFF patron such as ANSI BioAPI and where the BioAPI payload includes at least said device ID encrypted with said second private encryption key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Biocrypt Access, LLC
Original Assignee
Christopher J. Beatson, Mark A. Kelty, Rodney Beatson
Inventors
Kelty, Mark A., Beatson, Rodney, Beatson, Christopher J.
Primary Examiner(s)
Johns, Andrew W

Application Number

US14/198,695
Publication Number

US 20140365782A1
Time in Patent Office

740 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/45   Structures or tools for the...

G06F 21/72   in cryptographic circuits

G06F 2221/2129   Authenticate client device ...

G06V 30/1478   of characters or characters...

G06V 40/382   Preprocessing; Feature extr...

G06V 40/50   Maintenance of biometric da...

G06V 40/53   Measures to keep reference ...

H04L 2209/12   Details relating to cryptog...

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 2209/80   Wireless

H04L 9/0861   Generation of secret inform...

H04L 9/3226   using a predetermined code,...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3242   involving keyed hash functi...

Method and system for providing password-free, hardware-rooted, ASIC-based authentication of a human to a mobile device using biometrics with a protected, local template to release trusted credentials to relying parties

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing password-free, hardware-rooted, ASIC-based authentication of a human to a mobile device using biometrics with a protected, local template to release trusted credentials to relying parties

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links