Method of authenticating a user holding a biometric certificate
First Claim
Patent Images
1. A method of generating a biometric certificate of a user performed by a data processing device of a certifying authority, comprising:
- acquiring biometric data of said user;
generating a proof of knowledge of said acquired biometric data from the acquired biometric data and a pseudo-random function;
generating a truncated authentication datum by applying a truncation function to said generated proof of knowledge;
generating a certificate for said user comprising data related to an identity of the user and the truncated authentication datum so that the certificate provides a proof of the user'"'"'s identity and allows authenticating the user with a reduced rate of error while not allowing identification of the user,wherein said method further comprises, for at least one error to be processed among a determined set of tolerable errors;
generating derived biometric data by adding said error to the acquired biometric data,generating derived proofs of knowledge from the generated derived biometric data and from said pseudo-random function, andgenerating derived truncated authentication data by applying said truncation function to said first generated derived proofs of knowledge.
10 Assignments
0 Petitions
Accused Products
Abstract
The present invention concerns a method of generating a biometric certificate of a user performed by a data processing device of a certifying authority, comprising a step of generating (E4) a certificate for said user comprising data related to the identity of the user and truncated authentication data of said user generated using a method of generating a biometric authentication datum, comprising steps of:
- acquiring (E1) first biometric data of said user;
- generating (E2) a first a proof of knowledge of said first biometric data from the first acquired biometric data and from a pseudo-random function;
- generating (E3) a first truncated authentication datum by applying a truncation function to said first generated proof of knowledge.
24 Citations
12 Claims
-
1. A method of generating a biometric certificate of a user performed by a data processing device of a certifying authority, comprising:
-
acquiring biometric data of said user; generating a proof of knowledge of said acquired biometric data from the acquired biometric data and a pseudo-random function; generating a truncated authentication datum by applying a truncation function to said generated proof of knowledge; generating a certificate for said user comprising data related to an identity of the user and the truncated authentication datum so that the certificate provides a proof of the user'"'"'s identity and allows authenticating the user with a reduced rate of error while not allowing identification of the user, wherein said method further comprises, for at least one error to be processed among a determined set of tolerable errors; generating derived biometric data by adding said error to the acquired biometric data, generating derived proofs of knowledge from the generated derived biometric data and from said pseudo-random function, and generating derived truncated authentication data by applying said truncation function to said first generated derived proofs of knowledge. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of authenticating a user holding a biometric certificate generated comprising:
-
acquiring biometric data of said user to be authenticated; generating a proof of knowledge of said acquired biometric data from the acquired biometric data and a pseudo-random function; generating a truncated authentication datum by applying a truncation function to said generated proof of knowledge; acquiring a truncated authentication datum or a derived truncated authentication datum stored in the certificate; comparing the acquired truncated authentication datum or the derived truncated authentication datum with said generated truncated authentication datum, said method further comprising; for at least one tolerable error to be tested among a determined set of tolerable errors, generating derived biometric data by adding said error to the acquired biometric data; for each error to be tested, generating a derived proof of knowledge from the generated derived biometric data and from said pseudo-random function, and a step of generating derived truncated authentication datum by applying said truncation function to said generated derived proof of knowledge; acquiring a second truncated authentication datum or a derived truncated authentication datum obtained from said certificate; comparing the second truncated authentication datum or the derived truncated authentication datum with the generated derived truncated authentication data. - View Dependent Claims (10)
-
-
11. A computer program product comprising program code instructions, stored on a non-transitory computer readable medium, to perform a method of generating a biometric certificate of a user by:
-
acquiring biometric data of said user; generating a proof of knowledge of said acquired biometric data from the acquired biometric data and a pseudo-random function; generating a truncated authentication datum by applying a truncation function to said generated proof of knowledge; generating a certificate for said user comprising data related to an identity of the user and the truncated authentication datum so that the certificate provides a proof of the user'"'"'s identity and allows authenticating the user with a reduced rate of error while not allowing identification of the user, wherein said method further comprises, for at least one error to be processed among a determined set of tolerable errors; generating derived biometric data by adding said error to the acquired biometric data, generating derived proofs of knowledge from the generated derived biometric data and from said pseudo-random function, and generating derived truncated authentication data by applying said truncation function to said first generated derived proofs of knowledge.
-
-
12. A certification server comprising:
-
a processor and a memory storing instructions which when executed by the processor perform configured to perform a method of generating a biometric certificate of a user by; acquiring biometric data of said user; generating a proof of knowledge of said acquired biometric data from the acquired biometric data and a pseudo-random function; generating a truncated authentication datum by applying a truncation function to said generated proof of knowledge; generating a certificate for said user comprising data related to an identity of the user and the truncated authentication datum so that the certificate provides a proof of the user'"'"'s identity and allows authenticating the user with a reduced rate of error while not allowing identification of the user, wherein said method further comprises, for at least one error to be processed among a determined set of tolerable errors; generating derived biometric data by adding said error to the acquired biometric data, generating derived proofs of knowledge from the generated derived biometric data and from said pseudo-random function, and generating derived truncated authentication data by applying said truncation function to said first generated derived proofs of knowledge.
-
Specification