Methods and systems for managing network activity using biometrics
First Claim
1. A method of managing network traffic using biometrics, the method comprising:
- storing, by a server, a first value N, and a primitive root modulo N, wherein N is selected during enrollment of a user;
storing, by the server, a plurality of verification codes, wherein each of the plurality of verification codes is generated using the primitive root modulo N to the power of a hash function result of a respective portion of a first biometric template acquired from the user during the enrollment, and each portion of the biometric template is identified by a corresponding offset identifier;
receiving, by the server, a request to connect to the server, the request from a client operated by the user;
transmitting, by the server, a first offset identifier to the client, wherein the client uses the first offset identifier to identify a first portion of a second biometric template acquired from the user in association with the request, and to generate a first value corresponding to a common exponentiation function using the identified first portion of the second biometric template, wherein the common exponentiation function has the primitive root modulo N as a base;
generating, at the server according to the first offset identifier, a second value corresponding to the common exponentiation function; and
determining, by the server, that the user is authenticated when the first value from the client matches the second value.
1 Assignment
0 Petitions
Accused Products
Abstract
The present disclosure describes systems and methods for managing network traffic using biometrics. A server may store a first value N, a primitive root modulo N, and a plurality of verification codes generated using the primitive root modulo N to the power of a hash function result of a respective portion of a first biometric template acquired from the user during enrollment. The sever may receive a request to connect to the server, from a client operated by the user. The client may use a first offset identifier from the server to identify a first portion of a second biometric template acquired from the user, and generate a first value corresponding to a common exponentiation function. The server may generate a second value corresponding to the common exponentiation function. The server may determine that the user is authenticated if the first value from the client matches the second value.
-
Citations
20 Claims
-
1. A method of managing network traffic using biometrics, the method comprising:
-
storing, by a server, a first value N, and a primitive root modulo N, wherein N is selected during enrollment of a user; storing, by the server, a plurality of verification codes, wherein each of the plurality of verification codes is generated using the primitive root modulo N to the power of a hash function result of a respective portion of a first biometric template acquired from the user during the enrollment, and each portion of the biometric template is identified by a corresponding offset identifier; receiving, by the server, a request to connect to the server, the request from a client operated by the user; transmitting, by the server, a first offset identifier to the client, wherein the client uses the first offset identifier to identify a first portion of a second biometric template acquired from the user in association with the request, and to generate a first value corresponding to a common exponentiation function using the identified first portion of the second biometric template, wherein the common exponentiation function has the primitive root modulo N as a base; generating, at the server according to the first offset identifier, a second value corresponding to the common exponentiation function; and determining, by the server, that the user is authenticated when the first value from the client matches the second value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system of managing network traffic using biometrics, the system comprising:
a server in communication with a client operated by a user, the server comprising; memory configured to store a first value N, and a primitive root modulo N, wherein N is selected during enrollment of the user, and to store a plurality of verification codes, wherein each of the plurality of verification codes is generated using the primitive root modulo N to the power of a hash function result of a respective portion of a first biometric template acquired from the user during the enrollment, and each portion of the biometric template is identified by a corresponding offset identifier; a transceiver configured to receive a request from the client to connect to the server, and to transmit a first offset identifier to the client, wherein the client uses the first offset identifier to identify a first portion of a second biometric template acquired from the user in association with the request, and to generate a first value corresponding to a common exponentiation function using the identified first portion of the second biometric template, wherein the common exponentiation function has the primitive root modulo N as a base; and one or more processors configured to generate, according to the first offset identifier, a second value corresponding to the common exponentiation function, and to determine that the user is authenticated when the first value from the client matches the second value. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
Specification