GB2526519A - Binding a digital file to a person's identity using biometrics - Google Patents

Binding a digital file to a person's identity using biometrics Download PDF

Info

Publication number
GB2526519A
GB2526519A GB1406081.8A GB201406081A GB2526519A GB 2526519 A GB2526519 A GB 2526519A GB 201406081 A GB201406081 A GB 201406081A GB 2526519 A GB2526519 A GB 2526519A
Authority
GB
United Kingdom
Prior art keywords
biometric information
content
file
information files
files
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB1406081.8A
Other versions
GB2526519A8 (en
GB2526519B (en
GB201406081D0 (en
GB2526519B8 (en
Inventor
Martin Tomlinson
Cen Jung Tihai
Andersen Cheng
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB1406081.8A priority Critical patent/GB2526519B8/en
Publication of GB201406081D0 publication Critical patent/GB201406081D0/en
Publication of GB2526519A publication Critical patent/GB2526519A/en
Publication of GB2526519B publication Critical patent/GB2526519B/en
Application granted granted Critical
Publication of GB2526519A8 publication Critical patent/GB2526519A8/en
Publication of GB2526519B8 publication Critical patent/GB2526519B8/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C5/00Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/07User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail characterised by the inclusion of specific contents
    • H04L51/10Multimedia information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3215Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a plurality of channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Multimedia (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)
  • Collating Specific Patterns (AREA)

Abstract

A feature, characteristic or a portion of the contents of one or more digital files is implanted into one or more biometric information files 19, which are electronically recorded and transmitted and in which the identity of the originator or a trusted third party and all or part of the feature, characteristic or portion of the contents of said files is determined from saidbiometric information files. The digital file may relate to the public key 17 of a registered user and may be retrieved from a server 5, along with the associated biometric file 19, prior to communicating with the user. The biometric file may contain an audio visual video of the user speaking a part of the key, which may then be compared with the key provided in the digital file. A method of communicating messages with a masked identity is also disclosed.

Description

BINDING A DIGITAL FILE TO A PERSON'S IDENTITY USING
BIOMETRICS
Field of the Invention
100011 This invention relates to data encryption and communication, and more particularly to systems and methods for improved verification of parties involved.
Background of the Invention
100021 Much of current day electronic communications involves digital files and in the case of encrypted communications the encryption and decryption keys are usually stored as digital files.
100031 In many applications it is necessary to hind one or more digital files to the identity of an individual who is designated as the originator, owner or administrator of said files. An example of particular importance is the binding of a public encryption key or any shared secret to an individual to prevent impersonations such as Man In The Middle (MITM) attacks.
100041 Conventional identity authentication systems are generally known, implementing different methods with this general aim. For exampk, US2003/0182585 (Murasc and Marada) discusses a tcchniquc whereby the digital file is a password and it is associated with an identity by means of the same password written by hand similar to a handwritten signature.
100051 Tn IJS7,606,768 (Grauhart et al), the originator of a document generates a voice message which includes their ID and a secret number, a PIN. The voice message is appended to the document to form a data file. A polynomial hash of the data file is calculated and encrypted using the PIN as (he basis of the encryption key. The recipient is able to authenticate the originator's ID by recognising the originator's voice in the voice message. The document is bound to the originator through the PIN encrypted hash. Provided the PIN is kept secret, a forger cannot change the document without invalidating the encrypted hash.
100061 Tn the Applicant's earlier patent GB2487503B, a hash is calculated of one or more digital files and all or part of the hash value is included in a biometric file in which the individual can be identified. A common example is a video recording of the individual enunciating or writing all or part of (he hash value. Although the method of GB 2487503B provides positive proof that a digital file was originated or authenticated by a particular person, in numy cases there is not the processing power or time available to calc&ate cryptographic functions such as a hash function. In sonic applications there is not even a need to provide irrefutable proof. However there is still a need in some cases to provide an association, a binding of a person's identity with one or more digital files by using biometrics. An example is that of a photograph taken by an individual in which the individual wishes to take the credit for the photograph.
Statements of the Invention
100071 Aspects of the present invention arc set out in the accompanying claims.
100081 According to one aspect of the present invention, a method is provided of authenticating a digital file associated with a transmitting entity, the method comprising implanting at least a portion of content from a digital data file into one or more associated biometric information files, and transmitting the digital file and the associated one or more biometric information files to a recipient, whereby the implanted content is determined from said received one or more biometric information files for verification, and the identity of the transmitting entity is determined by the recipient from the received one or more biometric information files.
100091 The content that is implanted into said one or more biometric information files may he encoded using a codebook look up table, where a symbcñ or sequence of symbols is used to describe said content.
100101 The one or more biometric information files may comprise an audio or video recording of a person communicating said at least a portion of content. Alternatively or additionally, the one or more biometric information ffles may comprise one or more captured images of a person communicating said at least a portion of content. The at least a portion of content may be implanted into one or more biometric information files by enunciating or writing said content, or by hand or body gestures representative of said content.
100111 The digital data file may be a public encryption key, and a defined portion of said public encryption key may be implanted into said one or more biometric information files.
100121 The implanted portion of the public encryption key and the identity of the entity associated with the puhhc encryption key from said received one or more biometric information files may be verified before allowing encryption of data using said received public encryption key.
100131 The encrypted data may comprise electronic data messages transmitted between respective messaging applications of host devices. The one or more biometric information files may be generated using a microphone and/or camera of the host device to record the implanted content.
100141 The biometric information files may he stored in a server for retrieval by the recipient of the associated digital data file. The digital file may comprise the one or more biometric information files used for authentication, to form a nested authentication arrangement whereby successive trusted third parties provide biometric information files which may he used to provide additional authentication.
100151 According to another aspect of the present invention, a method is provided of authenticating one or more digital files in which a feature or characteristic of the contents of said files is implanted into one or more biometric information files, which are electronically recorded and transmitted and in which the identity of the or ginator or a trusted third party and all or part of the feature or characteristic of the contents of said files is determined from said biometric information files.
100161 According to yet another aspect, the present invention provides a method of masking the identity of an entity transmitting an electronic data message to a receiving entity. comprising generating a random identifier for the transmitting entity. linking the random identifier to an associated biometric information file for the transmitting entity.
transmitting a data message to the receiving entity, the data message including the random identifier, displaying the received encrypted data message and the associated random identifier, and outputting the biometric information file associated with the random identifier, from which the identity of the transmitting entity is determined.
100171 The biometric information file may be retrieved from a remote server. The transmitted data message may be a data message encrypted using the receiving entity's public key. and wherein the biometric information file is generated by the transmitting entity implanting at least a portion of the public key into the biometric information file.
100181 In further aspects the present invention provides a system comprising means for performing the above methods. In yet other aspects, there is provided a computer program arranged to carry out the above methods when executed by a programmable device.
100191 The above aspects of the present invention provide an association or a binding of onc or morc digital files containing text information and images such as document files, or video sequence files or other digital media to the identity of an individual which may he determined from a biometric file which is stored or transmitted with said media uiles.
Preferably. some features or characteristics of the information contained in these files or characteristics of the files themselves are described in a biometric information file which is generated such that the identity of an individual may be also determined. The recipient of said biometric information file and the media ffles is thereby affle to confirm the association of the identity of the originator of the biometric file with the media files.
Brief Description of the Drawings
100201 There now follows, by way of example only, a detailed description of embodiments ol the present invention, with relerenees to the figures identified below.
100211 Figure 1 is a block diagram showing the main components of a data communication system according to an embodiment of the invention.
100221 Figure 2 is a block diagram schematically illustrating an example of biometric file construction.
100231 Figure 3 illustrates an example of a biometric file based on recorded video.
100241 Figure 4 illustrates an example of a biometric file based on recorded audio.
100251 Figure 5 iflustrates an example of a biometric file based on description, replicated values and signature.
100261 Figure 6 illustrates an exemplary table of hand gestures alphabet which may be used in biometric file construction.
100271 Figure 7. which comprises Figures 7A and 7B. is an example of received and sent ciphertexts and their corresponding decrypted messages displayed by messaging applications according to an embodiment of the invention.
100281 Figure 8 is an example of a list of random IDs of other users displayed by messaging apphcations according to an embodiment of the invention, along with associated information symbols which, if permission is granted. enable associated biometric files to be accessed for verification of the true user's identity.
Detailed Description of Embodiments of the Invention 100291 A specific embodiment of the invention will now be described for a process of transmitting encrypted documents using a verified public key. Referring to Figure 1, a data communication system 1 according to the present exemplary embodiment comprises a first device 3a in communication with a second device 3b via a server 5 and a data network 7. The devices 3 are associated with respective registered users of the system 1, the serverS storing data 9 identifying each registered user in a database 11.
100301 The devices 3 may be of a type that is known per se. such as a desktop computer, laptop computer, a tablet computer, a smartphone such as an iOSTM, B1ackberrv' or AndroidTM based smartphone, a feature' phone, a personal digital assistant (PDA). or any processor-powered device with suitable input and display means. The data network 7 may comprise a terrestrial cellular network such as a 2G.
3G or 4G network, a private or public wireless network such as a WiFiTMhased network and/or a mobile satellite network or the Tnternet. It will he appreciated that a plurality of devices 3 are operable concurrently within the system 1.
100311 lii the present embodiment, each device 3 has a respective secure messaging application 13 for communicating encrypted data, such as one or more data files 15 stored in a memory 4a and/or electronic messages input by a user, with other devices 3 connected to the network 7. via the server 5. lii the example illustrated in Figure 1. the first device 3a (Device A) is associated with a first registered user, Alice. and the second device 3b (Device B) is associated with a second registered user, Bob. In order for Alice to send a message to Bob, device A 3a is configured to access the database 9 on the serverS to obtain Bob's public encryption key 17 in order to encrypt her message prior to sending it to device B 3b.
100321 Device A 3a is also configured to access a biometric information file 19, such as a video recording, generated by Bob using his messaging app 13b and a microphone 14a S and/or camera 14h of the host device 3. By replaying the video recording on her messaging app 13a, Alice is able to identify Bob to make sure that he is indeed the person she wishes to communicate with and also to confirm that she has the correct public key for Bob and not the public encryption key of an impersonator or an interceptor, a Man in the Middle. Mice is able to authenticate the identity of Bob by rccognising him as the pcrson in thc vidco recording, for example by rccognising his face, voice, distinctive gestures, reading his lips, etc. 100331 The present embodiment is described by way of example in which a first digital data file is a document containing information such as a public encryption key appended with auxiliary data. Auxiliary data may consist of the document originator's, a time stamp, type of document and any other data. Hereinafter this file in totality is referred to as a media file 16. As schematically illustrated in Figure 2, selected contents of a document plus auxiliary data can be impinnted into a second digital data file, refelTed to as a biometric information file 19. which is generated by a registered user so that their identification may he discerned by a recipient from the biometric information file 19.
For example. the media file 16 contains the public encryption key 17 of a user and the biometric information file 19 is a video rccording made by thc same uscr. These two data files are stored in the database 9 on the server 5 for each registered user 11.
100341 Accordingly, thc messaging application 13a of dcvicc A 3a includcs a filc retrieval module 21 for retrieving Bob's media file 16, containing his public key 17, and for retrieving his associated biometric infomiation file 19, from the database 9 of the server 5. The messaging application l3a also includes a data encryption module 23 for encrypted data files 15 using the retrieved public key 17. The messaging application 13b of device B 3b includes a data decryption module 23 for decrypting received encrypted data files 15 using the associated registered user's private key 27. The messaging application I 3h also includes a biometric file generation module 31 for generating a biometric file as described below. The registered user's public key 17 and generated associated biometric file 19, as well as the private key 27 may be stored in a memory 4b of the device 3b.
100351 Each messaging application 13 also includes a communications module 33 providing an interface for communication of data therebetween, via the data network 7 and the server 5. It will he appreciated that, although not illustrated, the messaging applications 13a, 13b would also include the complementary data processing modules 17 to both generate the biometric file and retrieve the public key, as well as to both encrypt and decrypt data.
100361 The biometric file generation module 31 can he configured to generate the biometric information file according to one or more of a number of different techniques.
For example, the biometric information file may be constructed so as to contain said contents or leatures ol the first digital lile. In the present embodiment, as illustrated in Figure 3. the originator of the digital file, or a trusted person produces a video recording showing his or her face with their lips clearly visible, and enunciates the values of said contents or features. In the present exemplary embodiment, the biometric information file 19 can include a video recording of Bob enunciating a defined portion of his public key, such as the first ten characters. On replay of the video recording, from the images and the audio, the viewer is firstly able to identify the person who is claiming to be the originator and/or owner of the associated media file, and secondly able to discern the said contents or features, namely parts or features of the media file. These identified details may be corroborated with the received media file itself. For example, the messaging application 13 may be configured to prompt the user to input the name of the identified person and some or all of the discerned portion of the public key from the received biometric information file 19. The messaging application 13 can then verify that the user input details matches the respective data of the associated media file, before allowing data to be encrypted using the received public key.
100371 In an alternative embodiment, the person providing the biometric authentication information, who may be the originator of the media file or a trusted third party. makes a sound recording of themselves describing some of the contents or features of the media file, for example as illustrated in Figure 4. The recipient of the media file and the biometric file, which is an audio recording in this embodiment, is able to identify the speaker by recognising his or her voice from the received audio recording. The recipient is also able to check and verify that the contents or features described by the speaker in the audio recording are the same as those of the associated media file.
100381 lii a further alternative embodiment, the biometric information file consists of a video recording or a photograph of the originator, or trusted third party writing down details of the media file and optionally signing his or her name. An example in the case of a media file being a digital photograph is that of the originator writing down some of the pixel values for a number of different pixel coordinates. This is shown in Figure 5 where the originator has written down the X and Y pixel coordinates followed by the Red, Green and Blue pixel values from the RGB format of the digital photograph. The pixel at 403 pixels from the left side and 688 from the bottom has red value 41. green value 156 and blue value 17 and the pixel at 674 pixels from the left side and 1013 from the bottom has red value 22. green value 71 and blue value 198 as illustrated in Figure 5. which also includes the originator, or trusted third party signing and dating the document.
100391 It is appreciated that other forms and types of biometric information file may he constructed. Some of the contents, features or derived values of the media file may be communicated by means of gestures of the body recorded in the video recording. As an exanipk, signing using a language utilised by hearing-impaired people may he used.
Figure 6 shows an exemplary look up table for hand gestures and letters of the alphabet.
Further Embodiments, Alternatives and Modifications 100401 Further embodiments wifi now he described using corresponding reference numerals to those of preceding figures where appropriate for corresponding elements.
100411 lii an alternative embodiment, instead of communicating directly the contents, features or derived values of the media file in a video recording, sound recording or photograph as described in the embodiment above, the biometric file is constructed whereby the contents, features or derived values of the media file are communicated indirecfly, by using a codebook look up table where a prearranged phrase or word is substituted for each phrase, word or character used to represent the contents, features or derived values of the media file. An example is given in the codebook look up table
below in Table 1.
Input value, word or phrase Output Photograph Code A Public encryption key Code B Secret information Code C Pixel coordinates Image violet Pixcl values Flowers Number Stars 1 Twig 2 Root 3 Branch 4 Leaf Table 1. Example of part of a codebook look up table to be used in constructing and decoding the biometric file.
100421 Using a secret or undisclosed codebook look up table in the construction of the biometric information file so that only the colTesponding entries of the codebook table and not the acmal contents, features or derived values of the media file means that these are encrypted or obfuscated in the biometric information file. This makes the forging of a biometric file more difficult.
[0043] lii yet a further embodiment, a series of biometric files may be constructed and provided by a number of trusted third parties each describing the contents, features or values of a first media file plus the contents, features or values of the associated biometric files in a nested authentication anangement. This can be useful in cases where the originator of the document is not expected to be known to the intended recipient but a number of trusted third parties are expected to he known to the recipient.
100441 As yet a further embodiment, the invention can be further used to provide identification to what appears to be an anonymous sender ID. The messaging application 13 allows users to send and receive secure messages by encrypting each message using the public keys of the intended recipients. Employing their configured devices 3, the recipients download sent ciphertexts and the messaging application 13 uses their private keys to decrypt the contents of each ciphertext and display each corresponding message. This is illustrated in Figures 7A and 7W which shows the example messages before and after decryption, respectively. A feature of the messaging application 13 is an anonymous mode in which each user is allocated an anonymous.
random ID rather than their name, telephone number or email address. The idea is that users are able to invite other users to send each other messages without the risk of follow up communications by traditional means. This is illustrated in Figure 8 where invited users appear as a list under the heading Buddies, displayed hy messaging applications according to this alternative embodiment. It can be seen that the list of contacts have randomly generated IDs.
100451 Providing a sending user has granted their permission by previously sending the recipient the appropriate command, the recipient is able to tap on the information symbol next to thc ID. as shown in Figurc 8, which results in the recipient being able to preview the biometric file constructed by the user with that random ID and deternilne their actua' ID. For example ii the recipient taps the inlormation symbol next to H1N383KL a video recording made by the user whose random ID is H1N383KL is played to the recipient which identifies the user binding him or her to H1N383KL. In this way, a recipient of a message from a random ID is able to retrieve the associated biometric files for verification of the sender's true identity. It will be appreciated that the biometric information file in this embodiment may be generated by the transmitting entity implanting at least a portion of her public key into the associated biometric information file.
100461 Tn the embodiments described above, the invention is described in the context of data communicated between messaging applications on respective devices. It is appreciated that the invention can also be implemented in a wide number of different types of applications that enable and/or facilitate secured access to digitally represented information, such as cloud-based information services, internet banking. digital rights management, personal information databases, social networking, point of sate transactions. e-mail applications, secure ticketing, message services. digital broadcasting. digital communications, wireless communications, video communications, magnetic cards and general digital storage.
100471 Tn the embodiments described above, the devices store application modules (also referred to as computer programs or software) in memory. which when executed, enable the respective device to implement aspects of embodiments of the present invention as discussed herein. As those skilled in the art will appreciate, the software may be stored in a computer program product and loaded into (he mobile device using any known instrument, such as removable storage disk or drive, hard disk drive, or communication interface, to provide some examples.
100481 The invention may he implemented on a number of different hardware platforms and devices using custom integrated circuits, Field Programmable Gate AlTays, special and general purpose processors using firmware and/or software.
100491 It will be understood that embodiments of the present invention are described herein by way of exarnpk only. and that various changes and modifications may he made without departing from the scope of the invention. Alternative embodiments may be envisaged, which nevertheless fall within the scope of the following claims.

Claims (18)

  1. CLAIMS1. A method of authenticating a digital file associated with a transmittthg entity, the method comprising: implanting at least a portion of content from a digital data file into one or more associated biometric information files; and transmitting the digital file and (lie associated one or more biometric inlormation files to a recipient, whereby the implanted content is deternilned from said received one or more biometric information files for verification, arid the identity of the transmitting entity is determined by the recipient from the received one or more biometric information files.
  2. 2. A method according to claim 1. wherein the content implanted into said one or more biometric information files is encoded using a codebook look up table, where a symbol or sequence of symbols is used to describe said content.
  3. 3. A method according to claim 1, wherein the one or more biometric information files comprise an audio or video recording of a person communicating said at least a portion of content.
  4. 4. A method according to claim 1, wherein the one or more biometric information files comprises one or more captured images of a person communicating said at least a portion of content.
  5. 5. A method according to c'aim 3 or 4, wherein the at least a portion ol content is implanted into one or more biometric information files by enunciating or writing said content, or by hand or body gestures representative of said content.
  6. 6. A method according to any preceding claim, wherein said digital data file is a public encryption key, and wherein a defined portion of said public encryption key is implanted into said one or more biometric information flies.
  7. 7. A method according to claim 6, further comprising verifying the implanted portion of the public encryption key and the identity of the entity associated with the public encryption key from said received one or more biometric information files, before allowing encryption of data using said received public encryption key.
  8. 8. The method of claim 7, wherein the encrypted data comprises electronic data messages transmitted between respective messaging apphcations of host devices.
  9. 9. The method of claim 8, wherein the one or more biometric information files are generated using a microphone and/or camera ol the host device to record the implanted content.
  10. 10. The method of any preceding claim, wherein the biometric information files are stored in a server for retrieval by the recipient of the associated digital data file.
  11. 11. A method according to any preceding claim, wherein said digital File comprises the one or more biometric information files used for authentication, to form a nested authentication arrangement whereby successive trusted third parties provide biometric information files which may he used to provide additiona' authentication.
  12. 12. A method of authenticating one or more digital flies in which a feature or characteristic of the contents of said files is implanted into one or more biometric information files, which arc elcctronically recordcd and transmitted and in which thc identity of the originator or a trusted third party and all or part of the feature or characteristic of the contents of said files is determined From said biometric information files.
  13. 13. A method of masking the identity of an entity transmitting an electronic data message to a receiving entity, comprising: generating a random identifier for the transmitting entity: linking thc random idcntificr to an associated biometric information file for the transmitting entity; transmitting a data message to the receiving entity, the data message including the random identifier; displaying the received encrypted data message and the associated random identifier: and outputting the biometric infoimation file associated with the random identifier, from which the identity of the transmitting entity is determined.
  14. 14. The method of claim 13, wherein the biometric information file is retrieved from a remote server.
  15. 15. The method of claim 13 or 14, wherein the transmitted data message is a data message encrypted using the receiving entity's public key, and wherein the biometiic information file is generated by the transmitting entity implanting at least a portion of thc public key into the biometric information file.
  16. 16. Apparatus comprising means for executing the method ci any one ci claims I to 15.
  17. 17. A computer-readable storage medium storing computer-executable steps for carrying out the method of any one of claims ito 15.
  18. 18. A system substantially as hereinbefore described with reference to, or as illustrated in Figure 1 of the accompanying drawings.Amendments to the claims have been filed as followsCLAIMS1. A method of authenticating a digital file associated with an originator of one or more digital files, the method comprising: displaying at least a portion of content from a digital data file and prompting the originator to provide biometric input of the at least a portion of content of the digital data (lie; generating one or more biometric information files, comprising audio and/or visual content of a person, from received biometric input by the originator, wherein the at least a portion of content from the digital data file is implanted into the one or more associated biometric information files; and r transmitting the digital file and the associated one or more biometric information files to a recipient,LCD0 whereby the implanted content is determined from an output of the one or more biometric information files received by the recipient. for verification of the integrity of the one or more digital files, and whereby the identity ol the originator is determined by the recipient recognizing characteristics of the originator from the output of the received one or more biometric information files.2. A method according to claim 1, wherein the content implanted into said one or more biometric information files is encoded using a eodehook look up table, where a symbol or sequence of symbols is used to describe said content.3. A method according to c'aim I, wherein the one or more biometric inlormation files comprise an audio or video recording of a person communicating said at least a portion of content.4. A method according to claim 1. wherein the one or more biometric information files comprises one or more captured images of a person communicating said at least a portion of content.5. A method according to claim 3 or 4. wherein the at least a portion of content is IC) 10 implanted into one or more biometric information files by enunciating or writing said content, or by hand or body gestures representative of said content. r6. A method according to any preceding claim, wherein said digital data file is a public encryption key, and wherein a defined portion of said public encryption key is implanted into said one or more biometric information flies.7. A method according to claim 6, further comprising verifying the implanted portion of the public encryption key and the identity of the entity associated with the public encryption key from said received one or more biometric information files, before allowing encryption of data using said received public encryption key.8. The method of claim 7. wherein the encrypted data comprises electronic data messages ftansmitted between respective messaging applications of host devices.9. The method of claim 8, wherein the one or more biometric information files are generated using a microphone and/or camera of the host device to record the implanted content.10. The method of any preceding claim, wherein the biometric information files are stored in a server for retrieval by the recipient of the associated digital data file.11. A method according to any preceding claim, wherein said digital file comprises IC) 10 (he one or more biometric information Files used for authentication, to form a nested authentication arrangement whereby successive trusted third parties provide biometric r 0 information files which may be used to provide additional authentication. IC)12. Apparatus comprising means for executing the method of any one of claims I to 11.13. A computer-readable storage medium storing computer-executable steps for carrying out the method of any one of daims I to 11.14. A system substantially as hereinbefore described with reference to. or as illustrated in Figure 1 of the accompanying drawings.
GB1406081.8A 2014-04-04 2014-04-04 Binding a digital file to a person's identity using biometrics Active GB2526519B8 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1406081.8A GB2526519B8 (en) 2014-04-04 2014-04-04 Binding a digital file to a person's identity using biometrics

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1406081.8A GB2526519B8 (en) 2014-04-04 2014-04-04 Binding a digital file to a person's identity using biometrics

Publications (5)

Publication Number Publication Date
GB201406081D0 GB201406081D0 (en) 2014-05-21
GB2526519A true GB2526519A (en) 2015-12-02
GB2526519B GB2526519B (en) 2016-07-27
GB2526519A8 GB2526519A8 (en) 2016-09-07
GB2526519B8 GB2526519B8 (en) 2016-09-07

Family

ID=50776816

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1406081.8A Active GB2526519B8 (en) 2014-04-04 2014-04-04 Binding a digital file to a person's identity using biometrics

Country Status (1)

Country Link
GB (1) GB2526519B8 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2487503A (en) * 2012-04-19 2012-07-25 Martin Tomlinson Authentication of digital files and associated identities using biometric information

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2487503A (en) * 2012-04-19 2012-07-25 Martin Tomlinson Authentication of digital files and associated identities using biometric information

Also Published As

Publication number Publication date
GB2526519A8 (en) 2016-09-07
GB2526519B (en) 2016-07-27
GB201406081D0 (en) 2014-05-21
GB2526519B8 (en) 2016-09-07

Similar Documents

Publication Publication Date Title
US10122710B2 (en) Binding a data transaction to a person's identity using biometrics
US11743041B2 (en) Technologies for private key recovery in distributed ledger systems
US10652018B2 (en) Methods and apparatus for providing attestation of information using a centralized or distributed ledger
US9438589B2 (en) Binding a digital file to a person's identity using biometrics
US9485096B2 (en) Encryption / decryption of data with non-persistent, non-shared passkey
US10559049B2 (en) Digital passport country entry stamp
US8918896B2 (en) Method and system for automatic generation of context-aware cover message
US20110055585A1 (en) Methods and Systems to Create Big Memorizable Secrets and Their Applications in Information Engineering
US10110521B2 (en) Communication support system
WO2008030184A1 (en) Improved authentication system
US20200145389A1 (en) Controlling Access to Data
CN107222501A (en) A kind of information interaction security transmission method and system based on the non-electromagnetic signal of message identification code
CN108390755B (en) Safety input method of SIM (subscriber identity Module) film-pasting card based on built-in safety chip
WO2015196642A1 (en) Data encryption method, decryption method and device
WO2016188079A1 (en) Data storage method for terminal device and terminal device
US9652621B2 (en) Electronic transmission security process
GB2526519A (en) Binding a digital file to a person's identity using biometrics
KR101269818B1 (en) Data transmission system and method and data decryption system and method for securely delivering of digital information
KR101269751B1 (en) Data transmission system and method and data decryption system and method for securely delivering of digital information
Amenu et al. Optimizing the Security and Privacy of Cloud Data Communication; Hybridizing Cryptography and Steganography Using Triple Key of AES, RSA and LSB with Deceptive QR Code Technique: A Novel Approach
Parmar et al. Efficient Data Hiding Method in Image Based on Modified LSB
JP4958014B2 (en) File data transfer method, file data transfer program, file data transfer system, and communication terminal
Friedman PGP & Encrypted Communication
CN109388973A (en) Method is signed for the electronic document under non-network environment

Legal Events

Date Code Title Description
732E Amendments to the register in respect of changes of name or changes affecting rights (sect. 32/1977)

Free format text: REGISTERED BETWEEN 20220804 AND 20220810