FR2975249A1 - METHOD, SERVER AND BIOMETRIC AUTHENTICATION SYSTEM - Google Patents

Abstract

The invention relates to the field of biometric authentication and more particularly to a biometric authentication method of a user implementing at least one user's equipment 1 and a biometric authentication server 2, according to which the server: - Receives 110 an identifier of the user, - Retrieves 111, from the identifier, a doubly encrypted binary biometric vector 7, previously stored in the server, and a public key 51, - decrypts 112, using the public key, the binary biometric vector doubly encrypted to generate a first simply encrypted biometric vector 61, - receives 113 a second simply encrypted binary biometric vector 62 coming from the equipment of the user, - compares 114 the first and second biometric vectors binary simply encrypted between them, and - decides 115, according to a result of the comparison, to authenticate or not the use of sateur. The invention also relates to a server and a biometric authentication system.

Description

The invention relates to the field of biometric authentication. The invention more particularly relates to a biometric authentication method of a user implementing a user equipment and a biometric authentication server. The invention also relates to a biometric authentication server and a biometric authentication system. Subsequently, we mean: - by server, at least one hardware, software or computer system intended to provide a specific service to other computer systems or to at least one user whose at least one device is able to communicate with the server , this communication possibly being carried out via a network, - by integrity, the state of data which, during their processing, storage or transmission, undergo no accidental or accidental alteration or destruction, and retain a format allowing their use, the integrity of data comprising four elements: completeness, accuracy, accuracy or authenticity and validity, - by public key, a cryptographic key stored at least in a directory accessible to all members of a network or an organization, - by private key, a cryptographic key which, if it is to be stored, is securely, for example s the user equipment, and - per module, a subset of a program or a functional hardware unit used in conjunction with other components to fulfill at least one well-defined task.

In the field of authentication, and as illustrated in FIG. 1, document EP 1 063 812 teaches methods of encryption / decryption of biometric data of a user which implement a user's equipment 1 and an authentication server 2 capable of communicating with each other via a network 31. The user's equipment comprises a user interface capable of allowing the user to enter identification data, a sensor capable of capturing 92 a determined biometry of the user and an encryption module capable of encrypting the captured biometric data. The authentication server includes a storage medium for storing the user identification data and reference biometric data.

The methods essentially comprise the following steps implemented by the authentication server: - reception of the user identification data and encrypted biometric data 95, - using the received identification data, recovery 96 of the reference biometric data, - using the received identification data, decryption 97 of the encrypted biometric data, - comparison 98 of the biometric data generated in the previous step with the reference biometric data, - authentication decision 99 of the user according to a result of the comparison. These methods have the disadvantage that the decision to authenticate or not a user is made on the basis of the result of a direct comparison between biometric data; However, the biometric data and their capture being subject to inherent variability, their comparison is made very complex and the authentication decision difficult to adjust to different levels of security. Moreover, these methods do not make it possible to guarantee the integrity and the security of the biometric data. Indeed, the latter being necessarily stored on the storage medium of the authentication server 2, any break-in on the server, despite careful attention to its protection, compromise the integrity and security of the biometric data. of a plurality of users and would allow us to impersonate them. Likewise, the user identification data and the encrypted biometric data being transmitted from the equipment of the user 1 to the server 2 via the network 31, the interception and the exploitation of these data would make it possible to usurp the identity of the user. In addition, these methods do not make it possible to repudiate the data enabling authentication, for example following the finding of a spoofing, because the authentication data include the biometric data themselves, the latter being by nature irreproachable . It is also known from the prior art, and more particularly from document EP 1 865 442, a biometric authentication method implementing a first piece of equipment (corresponding to the equipment of the user) and a second piece of equipment (corresponding to biometric authentication server). The method comprises firstly an enrollment phase, secondly an authentication phase. The enrollment phase comprises the following steps implemented on the first equipment: - capture of the user's first biometric data, - from the first biometric data, extraction of particular first points and first identification information of the first particular points, - random generation of transformation parameters of the first particular points, - association of the transformation parameters with the first identification information of the first particular points, - using the transformation parameters, transformation of the first particular points to generate the first particular points, - first particular points transformed, and - transmission of the first particular points transformed to the second equipment which stores them as reference data. The authentication phase comprises the following steps implemented: on the first equipment: - capture of the second biometric data of the user, - from the second biometric data, extraction of second particular points and second identification information of the second particular points, - comparing the second identification information with the first identification information to search for the correspondences between them, - according to the correspondences found, association of the transformation parameters to the second particular points, - using the parameters of transformation determined according to the correspondences found, transformation of the second particular points to generate second transformed particular points, and - transmission of the second particular points transformed to the second equipment, then to the second equipment: - comparison of the first particular points transform with the second particular points transformed, - according to a result of the comparison, authentication or not of the user. According to this method, the biometric data are no longer compared directly with each other, that is to say in their unprocessed forms. Indeed, only the first and second particular points transformed, derived from the biometric data of the user, are compared for authentication. However, this method has the following disadvantages. It is complex to implement and implement onboard. It is very strongly linked to the captured biometry (which must notably present at least some particular points, or singularities, identifiable) which one understands that it is, in fact, limited to biometric (mappable) images. It is based on the questionable robustness of the random generation of transformation parameters, the use of which is otherwise unconventional. Also, this process is not very evolutionary. For example, because the number of particular points is limited by the nature of the biometry captured, the method does not make it possible to increase the level of security achieved and to guarantee the integrity and security of the biometric data, as the capabilities of the software and / or hardware resources involved will increase. In addition, this method does not make it possible to repudiate the authentication data without requiring a new biometric data capture of the user.

Moreover, it is known, by the scientific article of X. Anguera and J.-F. Bonastre entitled "A Nove / Speaker Binary Key Derived from Anchor Models" and published in INTERSPEECH-2010, on pages 2118 to 2121, a method for classifying biometric data using a first universal statistical model and a second statistical model for representing the biometric data of an individual in the form of at least one highly discriminating binary vector including storage, computer manipulation and the transfer are by nature easy. Such a method thus makes it possible to make available to biometric authentication methods and systems the wide field of applications defined in the binary space. In this context, the present invention provides an authentication method for overcoming one or more of the aforementioned disadvantages.

More particularly, the method according to the invention is intended to be simpler (particularly at the algorithmic level to be able to be embedded in various user equipment), more generic, scalable, adapted to different biometrics, guaranteeing the integrity and security of the biometric data, and / or easily making it possible to adjust the security level and / or the repudiation of the authentication data (in particular without requiring a new capture of the biometric data). To this end, the method of the invention, moreover in conformity with the generic definition given in the preamble above, is essentially such that it comprises the following steps implemented by the biometric authentication server: receiving an identifier of the user, - recovering, from the identifier, a biometric biometric vector doubly encrypted, previously stored in the server, and a public key, - decryption, using the public key, the binary biometric vector doubly encrypted to generate a first biometric vector simply encrypted, - receiving a second biometric vector simply encrypted encrypted from the equipment of the user, - comparison of the first and second binary biometric vectors simply encrypted between them, and - decision, according to a result of the comparison, to authenticate or not the user. The method thus advantageously makes it possible to guarantee the integrity and the security of the user's biometric data, in particular because it does not require the storage of unencrypted biometric data, or their transfer via a network between the equipment of the user. the user and the server, nor the comparison of the unencrypted biometric data between them, nor the complete decryption of the encrypted biometric data. The method thus advantageously allows the repudiation of the authentication data. In addition, the method is thus advantageously simple, generic and scalable at least in that it relies on proven cryptographic methods and that, to increase the level of security and robustness of the process, it is sufficient, for example, to increase the length (in bits) of the public key used. In addition, the method is advantageously adapted to any captured biometry as long as it can be represented as a binary biometric vector. According to one particularity, the comparison and the decision are performed according to at least one function comprising an adjustable parameter according to a desired security level. The method thus advantageously makes it possible to adapt the security level.

According to another particularity, the biometric authentication method further comprises, before the reception of the user's identifier by the authentication server, an enrollment sub-method comprising the following steps: biometrics of the user, extraction from the captured biometry of biometric data and transformation of the biometric data into a binary biometric vector, generation of the identifier of the user, the public key and an associated private key, encrypting, using the public key, the binary biometric vector to generate the second binary biometric vector simply encrypted, encrypting, with the aid of the private key, the second binary biometric vector simply encrypted to generate the biometric vector binary double encrypted, - storage of the second binary biometric vector simply encrypted in the equipment of the user, and - storage of biometric biometric vector doubly encrypted and identifier in the authentication server. Advantageously, the repudiation of the authentication data simply consists in generating a new pair of private / public keys for (re) encrypting the biometric biometric vector representative of the user's biometric data.

According to a first embodiment of the method, the biometric biometric vector is stored only in the equipment of the user. The method thus advantageously makes it possible to require neither the transfer nor the storage of the biometric data, particularly in equipment other than that of the user, such as, for example, the biometric authentication server. According to the first embodiment of the method, the enrollment sub-method is reiterated a plurality of times using the biometric biometric vector stored in the user's equipment. Advantageously, the repudiation of the authentication data by simply generating a new pair of private / public keys for (re) encrypting the biometric biometric vector representative of the user's biometric data does not require a new acquisition of the user's biometric data. . According to a second embodiment of the method, following the enrollment sub-method, the binary biometric vector and / or the private key are erased.

The implementation of the biometric authentication method according to its second embodiment involves the binary biometric vector and the private key only during the implementation of the enrollment subprocess; Erasing the biometric biometric vector or the private key amounts to erasing at least one of the data that would allow, if they were acquired fraudulently, together with the public key, to generate the authentication data and consequently to impersonate the identity of the user. Thus, it may be preferred that the biometric data and / or the private key are never stored on a static storage medium. The invention also relates to a biometric authentication server essentially such that it comprises: a receiver of an identifier of a user and a second biometric vector simply encrypted encrypted from an equipment of the user; a recuperator, from the received identifier, a doubly encrypted binary biometric vector, previously stored in the server, and a public key, - a decryption module, using the public key, the vector biometric binary doubly encrypted to generate a first biometric vector simply encrypted, - a comparator of the first and second binary biometric vectors simply encrypted with each other, and - a decision module, according to a comparison result, to authenticate or not the user.

The invention also relates to a biometric authentication system essentially such that it comprises a biometric authentication server, as characterized above, and a user equipment adapted to communicate with the server and comprising a storage medium to store at least a second biometric biometric vector simply encrypted.

Other characteristics and advantages of the invention will emerge clearly from the description which is given below, by way of indication and in no way limiting, with reference to the appended drawings, in which: FIG. 1 represents a biometric authentication method according to the prior art implementing a user equipment and a biometric authentication server capable of communicating with each other via a network, FIG. 2 represents a biometric authentication system according to a first embodiment of the invention, FIG. 3 represents a biometric authentication system according to a second embodiment of the invention, and FIG. 4 represents an embodiment of the biometric authentication method according to one embodiment of the invention. As illustrated in FIGS. 2 and 3, the biometric authentication system 30 comprises a user's equipment 1 and a biometric authentication server 2. The equipment and the server each comprise a receiver / transmitter 12, 22 arranged to enable them to communicate with each other at least. This communication is carried out with or without contact, directly or via a network 31. The equipment 1 further comprises: data processing means 10, data storage medium 11, encryption module 13 at least one piece of data, and - a private / public key generator 14. The server 2 comprises at least: data processing means 20, and a data storage medium 21.

According to a first embodiment of the server, it further comprises: - a data collector 23 from at least the storage medium 21, - a decryption module 24 of at least one datum, - a comparator 26 of data between them and a decision module 27 able to decide whether or not to authenticate the user from a result of the comparison made by the comparator 26. According to a second embodiment of the server, it also comprises a module of encryption 25 of at least one datum. According to the first embodiment of the server and / or the second embodiment of the server, it further comprises a second storage medium 28, a display device 33 and a man / machine interface 34. The storage medium 21 and the second storage medium 28 of the server according to its first embodiment and / or its second embodiment can be merged. The system further comprises a biometric module 32 comprising: a sensor 321 of at least one biometry; an extractor 322 of biometric parameters from the captured biometry; and a generator 323 of a biometric biometric vector 4 from biometric parameters extracted. The biometric module 32 is thus able to capture at least one biometry of the user, to extract biometric parameters therefrom, and to transform them into the form of the binary biometric vector 4, the latter being highly discriminating, that is to say able to constitute a biometric authentication data of the user. The size in bits and / or the number of bits equal to one of the binary biometric vector 4 are for example controlled by the generator 323.

In a first embodiment of the biometric authentication system illustrated in FIG. 2, the biometric module 32 is included in the, or connected to, the server 2. For example, the server is a computer system and the equipment is a card smart, a cell phone or a PDA.

In a second embodiment of the biometric authentication system illustrated in Figure 3, the biometric module 32 is included in the equipment 1, which further comprises a user interface 15. The equipment 1 of the user is for example a mobile phone, a PDA or a personal computer, and the server is a computer system.

In a variant of the second embodiment of the biometric authentication system, the equipment 1 of the user is for example a mobile phone, a PDA or a personal computer, and the server 2 is a software and / or hardware embedded means in the equipment 1 of the user, such as a SIM card embedded in the mobile phone.

The biometric authentication method includes a sub-method of enrolling a user with a service provider, such as a bank, a commercial sign, etc. The biometric authentication method further comprises the steps 110 to 115, described below, implemented by the biometric authentication server 2.

The implementation of the biometric authentication method depends on the choice of the embodiment of the biometric authentication system. FIG. 4 represents a first embodiment of the biometric authentication method implemented by a biometric authentication system according to its first embodiment. This embodiment of the biometric authentication method is described below with reference to FIG. 4. The enrollment subprocess comprises a step 101 for capturing a biometrics of the user, extraction 102 from biometrics captured from biometric parameters and transformation 103 biometric parameters in the form of said biometric biometric vector 4.

In the first embodiment of the biometric authentication method, capture, extraction and transformation are performed by the biometric module 32, that is to say by the server 2. For example and as illustrated in FIG. 2, the sensor 321 is a fingerprint sensor connected to the server 2 via the extractor 322 and the generator 323; the server communicates with the smart card, the communication between the server and the smart card being performed preferentially by contact, to transmit to the smart card the biometric biometric vector 4 generated by the server via a secure communication channel. Once generated, the binary biometric vector 4 is stored only on the storage medium 11 of the smart card 1, during a storage step 103 '. The biometric authentication method is thus advantageously adapted to any captured biometry as long as it can be represented in the form of a highly discriminating binary biometric vector 4. The enrollment sub-method then comprises a step 104 for generating an identifier of the user, the public key 51 and a private key 52 associated with said public key 51. The generation 104 'of the identifier can be carried out by the user as well as by the service provider. According to the first embodiment of the biometric authentication method, the server generates an identifier for the user to be enrolled and communicates the identifier generated for example via the display device 33, or the user enters via the human / machine interface 34 of the server an identifier proposition.

For example, the server checks via a control module (not shown) that the identifier is unique by consulting a list of user identifiers already enrolled, said list being stored for example in the second storage medium 28. The server 2 stores the user's generated identifier to be enrolled in the second storage medium 28.

According to the first embodiment of the biometric authentication method and as represented in FIG. 4, the generation 104 "of the public key 51 and of the private key 52 is preferentially carried out by the user's equipment 1, and more particularly by the public / private key generator 14 of the equipment 1, whether the equipment is of the smart card or mobile phone type However, it is conceivable for the public key 51 and the private key 52 to be generated by the server , to the extent that it communicates the private key to the device via a secure communication channel.

In the first embodiment of the biometric authentication method, the private key must not be stored in the storage media 21, 28 of the server 2; it is for example stored in the storage medium 11 of the smart card or in the SIM card of the mobile phone.

The public key 51 is stored in association with the identifier of the corresponding user in the storage medium 28 of the server 2 and / or in a directory accessible to the server 2. Advantageously, the biometric authentication method is thus scalable and its implementation is robust at least in that the public / private keys generated can be extended, for example from 128 or 256 bits to 1024 bits or more, depending on the evolving computing capabilities of the server 2 and / or the equipment 1. The enrollment subprocess then comprises an encryption step 105, using the public key 51, of the biometric binary vector 4 to generate a second simply encrypted binary biometric vector 62.

In the first embodiment of the biometric authentication method illustrated in FIG. 4, this encryption step 105 is carried out by the device 1 which alone stores the biometric binary vector 4. However, it is conceivable that this step is carried out by the server 2, especially in the case where the generation of private / public keys is performed by the server and a secure communication channel exists between the equipment and the server; the binary biometric vector 4 then being erased from the server 2 only following this encryption step 105 and the second simply encrypted binary biometric vector 62 being transmitted via the secure communication channel to the equipment 1.

The second simply encrypted binary biometric vector 62 is stored, during a storage step 107 of the enrollment sub-method, on the storage medium 11 of the equipment 1. At this stage, the binary biometric vector stored on the storage medium 11 of the equipment 1 can be erased. The enrollment subprocess comprises a second encryption step 106, using the private key 52, the second simply encrypted binary biometric vector 62 to generate a doubly encrypted binary biometric vector 7.

In the first embodiment of the biometric authentication method, this encryption step 106 is performed by the smart card which alone stores the private key; then the doubly encrypted binary biometric vector is transmitted to the server via a secure communication channel.

However, it is conceivable that the encryption step 106 is performed by the server 2, especially in the case where the generation 104 "of the private / public keys is itself carried out by the server and where a secure communication channel exists between the equipment and the server, the private key is deleted from the server only following this encryption step 106.

The doubly encrypted binary biometric vector 7 is stored in association with the identifier of the corresponding user on the storage medium 21 of the server 2, during a storage step 108. By simply encrypted data, it is understood that data is which has been made a single encryption using an encryption key. By doubly encrypted data is meant data on which two successive ciphers have been made using two encryption keys. Those skilled in the art will note that data encrypted with the private key 52 can only be decrypted with the public key 51 and that data encrypted with the public key 51 can only be decrypted with the private key 52. Those skilled in the art will therefore note that the private key 52 here makes it possible to over-encrypt the second simply encrypted binary biometric vector 62, so that this over-encryption can only be decrypted by the public key 51. The enrollment sub-method This makes it possible to define the authentication data and to distribute it in an ad hoc manner on the various storage media of the biometric authentication system. The authentication data more particularly comprise the public key 51, the second simply encrypted binary biometric vector stored in the user's equipment 1, and the doubly encrypted binary biometric vector 7 stored in the biometric authentication server 2.

The method thus advantageously allows the repudiation of the authentication data. To this end, it is sufficient to generate a new pair of private / public keys to re-encrypt, simply and then doubly, the biometric binary vector 4 representative of the biometric data of the user. Moreover, in the case where the binary biometric vector is stored stored in the equipment 1, it is not necessary to repudiate the authentication data to repeat the capture steps 101, extraction 102 and transformation 103 On the other hand, if, for obvious security reasons, the binary biometric vector has been erased, it is then necessary to repeat the capture 101, extraction 102 and transformation 103 steps to obtain a new binary biometric vector 4 to quantify. The enrollment sub-method, or the repudiation of the authentication data, can be performed a plurality of times, for example at each finding of identity theft or periodically so as to reduce the risk of usurpation. identity. The biometric authentication method furthermore comprises the following steps implemented by the server: reception of the user's identifier 110, recovery from the identifier of the doubly encrypted binary biometric vector 7, previously stored in the server, and the public key 51, - decryption 112, using the public key 51, biometric biometric vector doubly encrypted to generate a first biometric vector simply encrypted 61, - receipt 113 of the second biometric vector binary simply encrypted 62 from the equipment of the user, - comparison 114 of the first and second binary biometric vectors simply encrypted between them, and - decision 115, depending on a result of the comparison, to authenticate or not 'user. It should be noted that the biometric authentication server participating in the implementation of the enrollment sub-method (steps 101 to 108) and the biometric authentication server implementing the steps 110 to 115 may be identical or different. between them. In the case where they are identical, they can be strictly confused or distinct from each other. In the case where they are different from each other, they can be distant and possibly connected to each other via the network 31 or another network.

For example, the biometric authentication server implementing steps 110-115 may not include the encryption module 25, with steps 110 through 115 not including any data encryption steps. For example, the enrollment subprocess is implemented by a terminal connected to a server dedicated to enrollments and located in secure premises of a bank, while steps 110 to 115 are implemented by any which ATM or any terminal at a point of sale, connected to a server dedicated to cash withdrawals or cash payments, respectively.

In the first embodiment of the biometric authentication method, for the server 2 to receive the user's identifier 110, the user enters his identifier via the human / machine interface 34 of the server 2, or more particularly via the machine man / machine interface of the ATM or via the man / machine interface of the terminal of a point of sale.

Optionally, upon receipt of the identifier, the server 2 verifies by its control module (not shown) whether the identifier is part of the list of identifiers of users already enrolled. By a first example, the reception 110 of the identifier is possibly carried out together with the reception 113 of the second simply encrypted binary biometric vector 62 from the equipment 1 of the user. By a second example, possibly provided that the received identifier is part of the list of identifiers of users already enrolled, the server sends a request to the device 1 so that the latter transmits the second biometric biometric vector simply encrypted 62.

From the identifier, it retrieves 111: firstly the doubly encrypted binary biometric vector 7, which is stored on its storage medium 21, secondly the public key 51, which is stored either on its storage medium 28, or in the directory that is accessible to him.

The server 2 decrypts 112, by means of its decryption module 24 and using the recovered public key 51, the doubly encrypted binary biometric vector 7 to generate the first simply encrypted biometric vector 61.

The encryption / decryption modules 13, 24 and 25 are adapted to implement, from the private / public keys, at least one asymmetric cryptographic method, that is to say public key. The asymmetric cryptographic method relies, for example, on the RSA algorithm or on elliptic curves (EEC for Elliptic Curve Cryptography) or on the ElGamal algorithm. The method is thus advantageously simple and generic at least in that it relies on proven cryptographic methods. The server 2 compares 114, by its comparator 26, the first and second binary biometric vectors simply encrypted 61 and 62.

By a first example, the comparison is more particularly carried out by implementation of a logical bit-to-bit sequential comparison algorithm between the first and second encrypted binary biometric vectors. This algorithm determines values Pl1, P00, P01 and P10. The value P11 corresponds to the number of correspondences between the two vectors such that each bit of the first vector is equal to 1 and each corresponding bit of the second vector is equal to 1. The value P00 corresponds to the number of correspondences between the two vectors such that each bit of the first vector is 0 and each corresponding bit of the second vector is 0. The value P01 corresponds to the number of correspondences between the two vectors such that each bit of the first vector is 0 and each corresponding bit of the second vector is 1. The value P10 corresponds to the number of correspondences between the two vectors such that each bit of the first vector is 1 and each corresponding bit of the second vector is equal to 0. The sum of these four values, Pl 1, P00, P01 and P10, is equal to the number of bits of the first and second encrypted biometric biometric vectors. The result of the comparison is a function of these values and of a parameter a representing an average loss in terms of bits introduced by the asymmetric cryptographic method used, P11 + P00 + PO1 + P10-a. Those skilled in the art will note that the discrimination potential of the method, on the encrypted vectors, is identical to the discrimination potential with unencrypted vectors, at the loss rate a near, which corresponds to a simple decrease in the size of the vectors considered. . This decrease can be compensated by a redundancy of information in the vectors themselves. The result of the comparison can for example correspond to P11 / (P1 + P00 + P01 + P10-a) or POO / (P11 + POO + PO1 + P10-a).

By a second example, the comparison consists more particularly in performing a search for identical subsequences of successive bits between the first and second binary biometric vectors encrypted. Said subsequences may be located at different locations in the first vector as compared to the second vector. The result of the comparison function is then a function of the number and the length of the identified subsequences, compared to the number and the length of such identical subsequences for vectors resulting from a random process modeled by digital simulation, on the other hand the parameter a as defined above. The simulation process may for example be implemented using a Monte Carlo method, taking into account in particular the size of the vectors considered, and the number of bits equal to 1 in each vector. Those skilled in the art will note that the average bit loss introduced by the asymmetric cryptographic method used is here neutralized by the introduction of the measurements made from the simulation process.

According to these two exemplary embodiments of the comparison, the result of the comparison therefore consists of at least one measure of resemblance between the first and second biometric binary encrypted vectors. The method thus advantageously makes it possible to guarantee the integrity and the security of the biometric data of the user, on the one hand because only the public key 51 of the user makes it possible to decrypt the doubly encrypted binary biometric vector 7, of secondly, because the method does not require the transfer of the biometric data (not encrypted) via a network 31 between the user's equipment 1 and the server 2, or the comparison of the biometric data (not encrypted) between them. Absolutely no access to the biometric data of the user is allowed through the present biometric authentication method. It is thus not possible for a third party to acquire the biometric data of the user and thus to impersonate the user through these. For the two comparison embodiments described above, the server decides whether or not to authenticate the user on the basis of the measure of similarity between the first and second encrypted binary biometric vectors resulting from the comparison. More particularly, the decision is positive if the result of the comparison is greater than an adjustable parameter, corresponding to a threshold value, set according to a desired level of security, and the decision is negative otherwise. By defining 'hollow' binary vectors, in other words comprising more bits equal to 0 than bits equal to 1, or conversely 'full' binary vectors, in other words comprising more bits equal to 1 than bits equal to 0, the method makes it possible to ensure a high and finely controlled discrimination level and to easily define and adjust the adjustable parameter according to the desired level of security. More particularly, the adjustable parameter is defined by an acceptable number of differences in terms of bits over the total number of bits of each of said first and second binary biometric vectors simply encrypted or by a required number of identical bit sequences, determined by the comparison. between the first and second biometric biometric vectors simply encrypted. The method thus advantageously makes it possible to adapt the security level. The biometric authentication method has been described above according to its first embodiment related to the first embodiment of the biometric authentication system. A second embodiment of the biometric authentication system and a variant of this second mode are described above for which some of the steps of the biometric authentication method differ from the steps of the biometric authentication method described above. being adapted to the authentication system according to its first embodiment. Firstly, when the biometric authentication system is in its second embodiment, the capture 101, the extraction 102 and the transformation 103 can be performed by the user equipment, since it includes the biometric module 32 For example, the user's equipment is a mobile phone, and the sensor 321 is the microphone of the mobile phone 1, the sensed biometry being the voice of the user. Once generated, the biometric biometric vector 4 is stored only on the storage medium 11 of the mobile phone or in the SIM card of the mobile phone, during the storage step 103 '.

Secondly, when the biometric authentication system is in its second embodiment, the user's equipment comprises a user interface, and, during the enrollment subprocess, the user can enter a proposal for an identifier. via the user interface 15, the proposed identifier being transmitted to the server 2 and optionally controlled. In addition, before the step 110 of receiving the user's identifier by the server 2, the user can enter his identifier via the user interface 15 of his equipment 1.

A variant of the second embodiment of the biometric authentication system consists in considering that the equipment of the user is a mobile phone and that the server is none other than the SIM card embedded in the mobile phone. The SIM card has in particular its own processing means 20 and its own storage medium 21, different and distinct from the processing means 10 and the storage medium 11 of the mobile phone, respectively. According to this variant, following the enrollment sub-method, the authentication data are distributed as follows: the public key 51 is stored in the storage medium 11 of the mobile phone or in a directory accessible to the mobile phone; second simply encoded binary biometric vector 62 is stored in the storage medium 11 of the mobile phone, said storage medium 11 not being the SIM card, and - the biometrically double encrypted biometric vector 7 is stored in the SIM card.

According to this variant, the user can identify himself to the SIM card via his mobile phone, so that he can, via his mobile phone, benefit from the services offered by the SIM card and / or access the data stored on the card. SIM card, with the security level as previously defined. It should be obvious to those skilled in the art that the present invention allows embodiments in many other specific forms without departing from the scope of the invention as claimed. Therefore, the present embodiments should be considered by way of illustration, but may be modified in the field defined by the scope of the appended claims.

Claims (8)

REVENDICATIONS1. A method of biometric authentication of a user implementing at least one equipment (1) of the user and a server (2) for biometric authentication, the method comprising the following steps implemented by the server: - reception ( 110) of an identifier of the user, - recovery (111), from the identifier, of a doubly encrypted binary biometric vector (7), previously stored in the server, and a public key (51 ), - decrypting (112), using the public key, the doubly encrypted binary biometric vector to generate a first simply encrypted biometric vector (61), - receiving (113) a second biometric simply encrypted biometric vector ( 62) from the equipment of the user, - comparison (114) of the first and second binary biometric vectors simply encrypted with each other, and - decision (115), according to a result of the comparison, to authenticate or no the user ator. 2. Biometric authentication method according to claim 1, the comparison and the decision are performed according to at least one function comprising an adjustable parameter according to a desired security level. The biometric authentication method according to claim 1, comprising, prior to the reception (110) of the user's identifier by the authentication server, an enrollment subprocess comprising the following steps: 101) of a user's biometry, extraction (102) from the captured biometry of biometric data and transformation (103) of the biometric data into a binary biometric vector (4), - generation (104) of the identifier of the user, the public key (51) and an associated private key (52), - encryption (105), using the public key (51), the binary biometric vector (4) to generate the second simply encrypted binary biometric vector (62), - encrypting (106), using the private key (52), the second simply encrypted binary biometric vector (62) to generate the doubly encrypted binary biometric vector (7) storing (107) the second biometric vector bina simply encrypted (62) in the equipment (1) of the user, and - storage (108) of the doubly encrypted binary biometric vector (7) and the identifier in the server (2) authentication. 4. biometric authentication method according to claim 3, characterized in that the biometric biometric vector (4) is stored only in the equipment (1) of the user. A biometric authentication method according to claim 4, characterized in that the enrollment sub-method is reiterated a plurality of times using the binary biometric vector (4) stored in the user's equipment (1). . 6. biometric authentication method according to claim 3, characterized in that, following the enrollment sub-method, the binary biometric vector (4) and / or the private key (52) are erased. A biometric authentication server (2) of a user comprising: - a receiver (22) of a user identifier and a second simply encrypted binary biometric vector (62) from a device (1). ) of the user, - a recuperator (23), from the received identifier, a doubly encrypted binary biometric vector (7), previously stored in the server, and a public key (51), - a decryption module (24), using the public key, the biometric biometric vector doubly encrypted to generate a first biometric vector simply encrypted (61), - a comparator (25) of the first and second binary biometric vectors simply encrypted between them, and - a decision module (26), according to a result of the comparison, to authenticate or not the user. A biometric authentication system (30) comprising a biometric authentication server (2) according to claim 7 and a user equipment (1) adapted to communicate with the server and having a storage medium (11) for storing at least one second biometric biometric vector simply encrypted (62).