WO2009073144A3 - Bio-cryptography: secure cryptographic protocols with bipartite biotokens - Google Patents

Bio-cryptography: secure cryptographic protocols with bipartite biotokens Download PDF

Info

Publication number
WO2009073144A3
WO2009073144A3 PCT/US2008/013190 US2008013190W WO2009073144A3 WO 2009073144 A3 WO2009073144 A3 WO 2009073144A3 US 2008013190 W US2008013190 W US 2008013190W WO 2009073144 A3 WO2009073144 A3 WO 2009073144A3
Authority
WO
WIPO (PCT)
Prior art keywords
techniques
biometric
data
biotokens
bipartite
Prior art date
Application number
PCT/US2008/013190
Other languages
French (fr)
Other versions
WO2009073144A8 (en
WO2009073144A2 (en
Inventor
Terrance E. Boult
Walter Scheirer
Original Assignee
The Regents Of The University Of Colorado
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by The Regents Of The University Of Colorado filed Critical The Regents Of The University Of Colorado
Priority to GB1010257A priority Critical patent/GB2467884A/en
Publication of WO2009073144A2 publication Critical patent/WO2009073144A2/en
Publication of WO2009073144A8 publication Critical patent/WO2009073144A8/en
Publication of WO2009073144A3 publication Critical patent/WO2009073144A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Abstract

Techniques, systems and methods are described relating to combining biometric and cryptographic techniques to support securely embedding data within a token and subsequent biometrically-enabled recovery of said data. Various transformation approaches are described that provide a secure means for transforming a stored or live, secure biometric-based identity token, embedding data into such tokens and biometric-based matching to both verify the user's identity and recover the embedded data. Security enhancements to a range of existing protocols are described using the techniques. Systems using novel protocols based on these techniques are described
PCT/US2008/013190 2007-11-28 2008-11-26 Bio-cryptography: secure cryptographic protocols with bipartite biotokens WO2009073144A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1010257A GB2467884A (en) 2007-11-28 2008-11-26 Bio-cryptography secure cryptographic protocols with bipartite biotokens

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US458407P 2007-11-28 2007-11-28
US61/004,584 2007-11-28
US12550208P 2008-04-25 2008-04-25
US61/125,502 2008-04-25

Publications (3)

Publication Number Publication Date
WO2009073144A2 WO2009073144A2 (en) 2009-06-11
WO2009073144A8 WO2009073144A8 (en) 2011-05-05
WO2009073144A3 true WO2009073144A3 (en) 2012-04-05

Family

ID=40718411

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2008/013190 WO2009073144A2 (en) 2007-11-28 2008-11-26 Bio-cryptography: secure cryptographic protocols with bipartite biotokens

Country Status (2)

Country Link
GB (1) GB2467884A (en)
WO (1) WO2009073144A2 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9336402B2 (en) 2010-09-13 2016-05-10 City University Of Hong Kong Secure data in removable storage devices via encryption token(s)
CN103607711B (en) * 2013-12-11 2017-01-04 北京交通大学 A kind of method for distributing key of intelligent terminal network based on position similarity
CN108123796A (en) * 2016-11-29 2018-06-05 展讯通信(上海)有限公司 Method and device, fingerprint tokens and its control method and device of fingerprint comparison
CN109791583B (en) 2017-07-27 2023-04-14 指纹卡安娜卡敦知识产权有限公司 Method and device for enabling authentication of a user of a client device over a secure communication channel based on biometric data
EP3682357B1 (en) * 2017-09-13 2022-03-09 Fingerprint Cards Anacatum IP AB Methods and devices of enabling authentication of a user of a client device over a secure communication channel based on biometric data
US10305690B1 (en) 2017-11-29 2019-05-28 Fingerprint Cards Ab Two-step central matching
US11711216B1 (en) * 2019-12-02 2023-07-25 T Stamp Inc. Systems and methods for privacy-secured biometric identification and verification

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010039619A1 (en) * 2000-02-03 2001-11-08 Martine Lapere Speaker verification interface for secure transactions
US20020176583A1 (en) * 2001-05-23 2002-11-28 Daniel Buttiker Method and token for registering users of a public-key infrastructure and registration system
US7178025B2 (en) * 1998-02-13 2007-02-13 Tec Sec, Inc. Access system utilizing multiple factor identification and authentication
US7590861B2 (en) * 2002-08-06 2009-09-15 Privaris, Inc. Methods for secure enrollment and backup of personal identity credentials into electronic devices

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7178025B2 (en) * 1998-02-13 2007-02-13 Tec Sec, Inc. Access system utilizing multiple factor identification and authentication
US20010039619A1 (en) * 2000-02-03 2001-11-08 Martine Lapere Speaker verification interface for secure transactions
US20020176583A1 (en) * 2001-05-23 2002-11-28 Daniel Buttiker Method and token for registering users of a public-key infrastructure and registration system
US7590861B2 (en) * 2002-08-06 2009-09-15 Privaris, Inc. Methods for secure enrollment and backup of personal identity credentials into electronic devices

Also Published As

Publication number Publication date
WO2009073144A8 (en) 2011-05-05
GB2467884A (en) 2010-08-18
GB201010257D0 (en) 2010-07-21
WO2009073144A2 (en) 2009-06-11

Similar Documents

Publication Publication Date Title
WO2009073144A8 (en) Bio-cryptography: secure cryptographic protocols with bipartite biotokens
WO2008127323A3 (en) Biometric security system and method
WO2013002903A3 (en) System and method for user enrollment in a secure biometric verification system
WO2010093636A3 (en) Devices, systems and methods for secure verification of user identity
WO2007012814A3 (en) Signature for access tokens
EP2034458A3 (en) One-time passwords
WO2006044917A3 (en) Revocable biometrics with robust distance metrics
WO2008146667A1 (en) Anonymous authenticating system and anonymous authenticating method
WO2008049032A3 (en) System and method for secure transaction
WO2007058732A3 (en) B2c authentication system and methods
WO2008015458A3 (en) System and method for authenticating a workflow
WO2008070480A3 (en) Token authentication
WO2007087194A3 (en) System and method for the automated processing of physical objects
WO2005029227A3 (en) System and method for authentication
WO2008095011A3 (en) Methods and systems for authentication of a user
NO20034321L (en) Identification procedure
EP1544780A4 (en) Authentication system
SG149874A1 (en) System and method for encrypted smart card pin entry
WO2008127431A3 (en) Systems and methods for identification and authentication of a user
WO2008014090A3 (en) Document authentication using template matching with fast masked normalized cross-correlation
WO2009008074A1 (en) User authentication device, user authentication method, and user authentication program
GB2473566A (en) Systems and method for data security
WO2006101711A3 (en) Negotiable instrument authentication systems and methods
WO2010032126A3 (en) A vein pattern recognition based biometric system and methods thereof
ATE518665T1 (en) IDENTIFICATION DOCUMENTS WITH INCREASED SECURITY

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 1010257

Country of ref document: GB

Kind code of ref document: A

Free format text: PCT FILING DATE = 20081126

WWE Wipo information: entry into national phase

Ref document number: 1010257.2

Country of ref document: GB

WWE Wipo information: entry into national phase

Ref document number: 4554/DELNP/2010

Country of ref document: IN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08879352

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 08879352

Country of ref document: EP

Kind code of ref document: A2