WO1997008868A1 - Method of secure communication using signature verification - Google Patents
Method of secure communication using signature verification Download PDFInfo
- Publication number
- WO1997008868A1 WO1997008868A1 PCT/US1996/013736 US9613736W WO9708868A1 WO 1997008868 A1 WO1997008868 A1 WO 1997008868A1 US 9613736 W US9613736 W US 9613736W WO 9708868 A1 WO9708868 A1 WO 9708868A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- sender
- receiver
- key
- message
- server
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
Definitions
- One problem which has arisen in the art is the difficulty of easily and quickly authenticating the identities of users.
- One known solution is to provide each user with a password or other key, and to require the user to enter that password for authentication.
- this known method is subject to several drawbacks. First, the password may be forgotten or otherwise lost. This would require the user to obtain a new password or otherwise obtain authentication using another channel.
- the first communication path 131 , the second communication path 132, and the third communication path 133 comprise communication paths in a network 130 such as a local area network (LAN), a wide area network (WAN), or a network of networks (an "intemet").
- a network 130 such as a local area network (LAN), a wide area network (WAN), or a network of networks (an "intemet").
- the first communication path 131, the second communication path 132, and the third communication path 133 comprise dynamically routed communication paths constructed using network media, routers, and other intermediate processors in an intemet
- the first communication path 131, the second communication path 132, and the third communication path 133 may comprise telephone connections in a telephone network, coupled between telephones at the server 110, the sender 120, and the receiver 140.
- methods shown in the Signature Verification Disclosures are adapted to provide one of three altemative results from the attempt to verify the test signature — (1) the test signature is considered to match the template signatures, (2) the test signature is considered to not match the template signatures, or (3) the result of the attempt to verify is considered ambiguous.
- the server 110 and the sender 120 may conduct a supplemental attempt to authenticate the sending person, such as by requesting additional test signatures, by using other biometric data, by using memorized data such as a password, or by using physical authentication such as requiring pass key from the sending person.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Collating Specific Patterns (AREA)
Abstract
A method of and system for secure communication using signature verification. A message sender transmits to a trusted server a set of biometric data, such as representing the sender's handwritten signature, and a set of information about a message, such as a message identifier. The server verifies the sender's signature against a signature feature vector database, and provides the sender with a key for securely encoding the message. The sender encodes the message and transmits it to a message receiver. The receiver transmits to the server a second set of biometric data, such as representing the receiver's handwritten signature. The server verifies the receiver's signature against the signature feature vector database, and provides the receiver with the message identifier and a key for decoding the message. The biometric data represents a handwritten signature given contemporaneously by the sender or receiver, and is verified against a set of template signatures earlier given by the sender and receiver and recorded by the server, or may represent fingerprints, voiceprints, retinal images, other biometric data, or any arbitrary data which is particular to the sender or receiver and which the server is capable of verifying. The message comprises a single set of binary or text data, such as a file, or the message may comprise a stream of data and the method may be used for a virtual circuit to be created between the sender and receiver. The server may enhance the communication channel between the sender and the receiver, for example by transmitting signals to the sender representing whether the message was received.
Description
Title of the Invention
Method of Secure Communication Using Signature Verification
Background of the Invention
1. Field of the Invention
This invention relates to a method of secure communication using signature verification.
2. Description of Related Art
In some environments, communicating messages is brought with the risk that unauthorized persons may intercept the messages and read them, or may insert counterfeit messages into the message stream. Various methods have been proposed for communication in such environments; these various methods generally require message encryption and secure distribution of encryption keys.
In environments where communicating users are mobile, one problem which has arisen in the art is the difficulty of easily and quickly authenticating the identities of users. One known solution is to provide each user with a password or other key, and to require the user to enter that password for authentication. However, this known method is subject to several drawbacks. First, the password may be forgotten or otherwise lost. This would require the user to obtain a new password or otherwise obtain authentication using another channel.
Second, the password (or some transformation thereof) must be transmitted from the user's new position to some entity for authentication. This creates a point of attack for unauthorized persons to identify the password or its transformation and copy that information for their own use. Once a password has been compromised, it is easy for an unauthorized person to enter that password and obtain improper authentication.
Third, the password may simply be guessed by unauthorized persons, particularly those who are familiar with the user.
Accordingly, it would be advantageous to provide a system in which users may easily and quickly authenticate their identities and communicate with other users, and in which it is difficult for authentication means (1) to become lost, (2) to be copied by unauthorized persons, or (3) to be guessed by unauthorized persons.
Summary of the Invention
The invention provides a method of and system for secure communication using signature verification. A message sender transmits to a trusted server a set of biometric data, such as representing the sender's handwritten signature, and a set of information about a message, such as a message identifier. The server verifies the sender's signature against a signature feature vector database, and provides the sender with a key for securely encoding the message. The sender encodes the message and transmits it to a message receiver. The receiver transmits to the server a second set of biometric data, such as representing the receiver's handwritten signature. The server verifies the receiver's signature against the signature feature vector database, and provides the receiver with the message identifier and a key for decoding the message.
In a preferred embodiment, the biometric data represents a handwritten signature given contemporaneously by the sender or receiver, and is verified against a set of template signatures earlier given by the sender and receiver and recorded by the server. However, in altemative embodiments, the biometric data may represent facial images, fingerprints, hand images or handprints, foot images or footprints, human genome data, retinal images, voiceprints, recorded spoken statements, or other biometric data, or any arbitrary data which is particular to the sender or receiver and which the server is capable of verifying.
In a preferred embodiment, the message comprises a single set of binary or text data, such as a file. However, in altemative embodiments, the message may comprise a stream of data and the method may be used for a virtual circuit to be created between the sender and receiver. In other altemative embodiments, the server may enhance the communication channel between the sender and the receiver, for example by transmitting signals to the sender representing whether the message was received, and if so, when.
Brief Description of the Drawings
Figure 1 shows a block diagram of a system for secure communication using signature verification.
Figure 2 shows a flow diagram of a method of secure communication using signature verification using an arrangement as shown in figure 1.
Description of the Preferred Embodiment
In the following description, a preferred embodiment of the invention is described with regard to preferred process steps and data stmctures. However, those skilled in the art would recognize, after perusal of this application, that embodiments of the invention may be implemented using a set of general purpose computers operating under program control, and that modification of a set of general purpose computers to implement the process steps and data stmctures described herein would not require undue invention.
Secure Communication Using Signature Verification
Figure 1 shows a block diagram of a system for secure communication using signature verification.
A system 100 for secure communication comprises a server 110, a message sender 120, a first communication path 131 between the server 110 and the sender 120, a message receiver 140, a second communication path 132 between the server 110 and the receiver 140, and a third communication path 133 between the sender 120 and the receiver 140.
In a preferred embodiment, the first communication path 131 , the second communication path 132, and the third communication path 133 comprise communication paths in a network 130 such as a local area network (LAN), a wide area network (WAN), or a network of networks (an "intemet"). Preferably, the first communication path 131, the second communication path 132, and the third communication path 133 comprise dynamically routed communication paths constructed using network media, routers, and other intermediate processors in an intemet However, in altemative embodiments, the first communication path 131, the second communication path 132, and the third communication path 133 may comprise telephone connections in a telephone network, coupled between telephones at the server 110, the sender 120, and the receiver 140.
The server 110 comprises a database 111 of authentication information. The database 111 is preferably stored using a mass storage device such as magnetic disk, optical disk, or magnetic tape, but may altematively be stored using any technique which allows for storage and retrieval of biometric information.
In a preferred embodiment, the database 111 comprises a set of signature feature vectors 112 such as those described with a method of signature verification shown in the following disclosures:
o Application Serial No.08/169,654, filed December 17, 1993, in the name of inventors
Ali Mohamed Moussa and Chih Chan, titled "Method for Automatic Signature Verification", assigned to the same assignee, and having attorney docket number ACS-001; and
o Application Serial No.08/483,942, filed June 7, 1995, in the name of inventors Ali Mohamed Moussa and Chih Chan, titled "Method for Automatic Signature Verification", assigned to the same assignee, and having attorney docket number ACS-002.
Each of these applications is hereby incorporated by reference as if fully set forth herein. There are collectively referred to herein as the Signature Verification Disclosures.
However, in altemative embodiments, the database 111 may comprise altemative sets of biometric data or other data for validating signatures from the sender 120 or the receiver 140. For example, such biometric data may comprise all or a selected part of, or an encoding of, a set of biometric information about a person, which biometric information may comprise a facial image, a fingerprint, a hand image or handprint, a foot image or footprint, a human genome or related genetic information, a retinal image, a voiceprint or other record of a spoken statement, or altematively any other biometric information which is substantially unique to a first selected individual and difficult to adapt to a second selected individual. Biometric information differs from memorized information such as a password. Authentication using biometric information differs from physical forms of authentication such as using a pass key.
The server 110 also comprises a processor 113 operating under software program control for performing the functions described herein, having memory for storing software programs and data, and having mass storage for storing all or part of the database 111.
The processor 113 includes a verifier 114 for operating on the database 111 and on signature feature vectors 112 received from the sender 120 or the receiver 140. In a preferred embodiment, the verifier 114 performs the method of signature verification shown in the Signature Verification Disclosures. However, in altemative embodiments, the verifier 114 may perform another method of signature verification or verification of other biometric data.
The sender 120 comprises a pen tablet 121 for receiving a signature from the sending person. In a preferred embodiment, the pen tablet 121 comprises one like that shown in the Signature Verification Disclosures.
The sender 120 also comprises a processor 122 coupled to the pen tablet 121, operating under software program control for performing the functions described herein, having
memory for storing software programs and data, and for storing a signature feature vector 112 constructed for the sending person, and having mass storage for storing messages to be sent.
The receiver 140 comprises a pen tablet 141 for receiving a signature from the receiving person. In a preferred embodiment, the pen tablet 141 is similar to the pen tablet 121, and comprises one like that shown in the Signature Verification Disclosures.
The receiver 140 also comprises a processor 142 coupled to the pen tablet 141, operating under software program control for performing the functions described herein, having memory for storing software programs and data, and for storing a signature feature vector 112 constructed for the receiving person, and having mass storage for storing received messages.
The server 110, the sender 120, and the receiver 140 collectively perform the method shown herein.
Method Of Secure Communication
Figure 2 shows a flow diagram of a method of secure communication using signature verification using an arrangement as shown in figure 1.
At a flow point 200, the sender 120 desires to send a message to the receiver
140.
At a step 210, the sender 120 registers a set of signature feature vectors 112 for the sending person, using the first communication path 131 (between the server 110 and the sender 120). To perform this step 210, the sender 120 performs the step 211 through the step 213.
At a step 211, the sender 120 collects a set of template signatures from the sending person using the pen tablet 121.
At a step 212, the sender 120 forms a set of signature feature vectors 112 for the template signatures for the sending person, using the processor 122. The sender 120 preferably performs methods shown in the Signature Verification Disclosures.
At a step 213, the sender 120 transmits the set of signature feature vectors 112 for the template signatures for the sending person to the server 110, using the first communication path 131. In a preferred embodiment, it is not necessary that the first
communication path 131 is secure against reading by unauthorized third parties, only that the first communication path 131 is secure against unauthorized third parties altering the set of signature feature vectors 112 without detection.
Once the signature feature vectors 112 for the template signatures for the sending person are registered at the server 110, the sending person may use the sender 120 to transmit a message. Although in a preferred embodiment, the signature feature vectors 112 for the template signatures for the sending person are transmitted from the sender 120 to the server 110, in altemative embodiments the sending person may deliver their signature feature vectors 112 by other means. For example, the sending person may altematively use a different physical device in place of the sender 120 for transmitting signature feature vectors 112 for their template signatures to the server 110, or may use the server 110 directly for entering their template signatures and forming signature feature vectors 112 therefor.
At a step 220, the sender 120 verifies a new signature from the sending person. To perform this step 220, the server 110 and sender 120 perform the step 221, the step 222, and the step 223.
At a step 221, the sender 120 collects a test signature from the sending person using the pen tablet 121.
At a step 222, the sender 120 forms a signature feature vector 112 for the test signature for the sending person. The sender 120 preferably performs methods shown in the Signature Verification Disclosures.
At a step 223, the server 110 receives the signature feature vector 112 for the test signature for the sending person, and attempts to verify that test signature against the set of signature feature vectors 112 template signature for the sending person, using the processor 113. The server 110 preferably performs methods shown in the Signature Verification Disclosures.
If the attempt to verify is successful (i.e., the test signature is considered to match the template signatures), the server 110 proceeds with the step 230. If the attempt to verify is unsuccessful (i.e., the test signature is considered to not match the template signatures), the server 110 transmits a message so indicating to the sender 120.
In a preferred embodiment, if the attempt to verify is unsuccessful, the server
110 and the sender 120 may conduct a set of reattempts to verify the sending person, such as by
requesting an additional test signature and repeating the step 221, the step 222, and the step 223. Altematively, the server 110 and the sender 120 may attempt to verify the sending person by other means, such as by using other biometric data, by using memorized data such as a password, or by using physical authentication such as requiring pass key from the sending person.
In a preferred embodiment, methods shown in the Signature Verification Disclosures are adapted to provide one of three altemative results from the attempt to verify the test signature — (1) the test signature is considered to match the template signatures, (2) the test signature is considered to not match the template signatures, or (3) the result of the attempt to verify is considered ambiguous. In the event of the third altemative result, the server 110 and the sender 120 may conduct a supplemental attempt to authenticate the sending person, such as by requesting additional test signatures, by using other biometric data, by using memorized data such as a password, or by using physical authentication such as requiring pass key from the sending person.
At a step 230, the server 110 transmits to the sender 120 a key for encoding the message to be transmitted from the sender 120 to the receiver 140.
In a preferred embodiment, the key for encoding comprises a key for a symmetric encoding/decoding method such as the Data Encryption Standard (DES).
However, in altemative embodiments, the key for encoding may comprise a first key from a key pair used in a public key system.
At a step 240, the sender 120 encodes the message using the key for encoding, to generate an encoded message.
At a step 250, the sender 120 transmits the encoded message to the receiver 140 using the third communication path 133.
At a step 260, the receiver 140 registers a set of signature feature vectors 112 for the receiving person, using the second communication path 132 (between the server 110 and the receiver 140). To perform this step 260, the receiver 140 performs steps like the step 211 through the step 213. The receiver 140 collects a set of template signatures from the receiving person using the pen tablet 141. The receiver 140 forms a set of signature feature vectors 112 for the template signatures for the sending person, using the processor 142. The receiver 140
transmits the set of signature feature vectors 112 for the template signatures for the receiving person to the server 110, using the second communication path 132.
As was the case for the sending person, once the signature feature vectors 112 for the template signatures for the receiving person are registered at the server 110, the receiving person may use the receiver 140 to receive a message. Although in a preferred embodiment, the signature feature vectors 112 for the template signatures for the receiving person are transmitted from the receiver 140 to the server 110, in altemative embodiments the receiving person may deliver their signature feature vectors 112 by other means similar to those shown herein for the sending person.
In addition, it is not necessary for the signature feature vectors 112 for the template signatures for the receiving person to be registered at the server 110, if they have already been registered at the server 110 for the same person as a sending person. Once an individual is registered at the server 110 in one capacity, the server 110 will retrieve their signature feature vectors 112 when they use the server 110 in another capacity.
At a step 270, the receiver 140 verifies a new signature from the receiving person. To perform this step 270, the receiver 140 performs steps like the step 221 through the step 223. The receiver 140 collects a test signature from the receiving person using the pen tablet 141. The receiver 140 forms a signature feature vector 112 for the test signature for the receiving person. The server 110 receives the signature feature vector 112 for the test signature for the receiving person, and attempts to verify that test signatore against the set of signature feature vectors 112 template signature for the receiving person, using the processor 113.
If the attempt to verify is successful (i.e., the test signature is considered to match the template signatures), the server 110 proceeds with the step 280. If the attempt to verify is unsuccessful (i.e., the test signature is considered to not match the template signatures), the server 110 transmits a message so indicating to the receiver 140. If the attempt to verify is unsuccessful, the server 110 and the receiver 140 may conduct a set of reattempts to verify the receiving person, similar to processing in the step 223 for the sending person.
At a step 280, the server 110 transmits to the receiver 140 a key for decoding the encoded message that was transmitted from the sender 120 to the receiver 140.
In a preferred embodiment, the key for decoding comprises the same key as the key for encoding, for use in a symmetric encoding decoding method such as the Data Encryption Standard (DES).
However, in altemative embodiments, the key for decoding may comprise a second key from a key pair used in a public key system, and corresponding to the key pair from which the key for encoding was selected.
In a preferred embodiment, server 110 generates a signal to the sender 120, indicating that the receiver 140 has received the key for decoding, and therefore that biometric data for the receiving person has been verified. The server 110 transmits this signal to the sender 120 using the first communication path 131. This signal provides the sender 120 with an indication that the receiver 140 has received the message. Preferably, the signal provides an identifier for the message (so as to distinguish between several messages transmitted from the sender 120 to the receiver 140) and a timestamp value representative of when the key for decoding was transmitted from the server 110 to the receiver 140.
At a step 290, the receiver 140 decodes the encoded message using the key for decoding, to recover the original message.
In a preferred embodiment, the message comprises a single set of binary or text data, such as a file being transferred using a file transfer protocol or other network protocol. To generate the encoded message, the entire file is encoded using the key for encoding in a block encoding technique, thus creating an encoded file. The encoded file is transferred using the file transfer protocol or other network protocol. To recover the original message, the entire encoded file is decoded using the key for decoding.
However, in altemative embodiments, the message may comprise a stream of data and the method may be used for a virtual circuit to be created between the sender and receiver. To generate the encoded message, each separate transmission is encoded using the key for encoding in a stream encoding technique, thus creating an encoded stream of transmissions from the sender 120 to the receiver 140. The encoded stream is transferred using a "telnet" protocol or other stream communication protocol. To recover the original stream of transmissions, the encoded stream is decoded using the key for decoding.
The receiver 140 may generate a response message to be transmitted to the sender 120. In this event, the receiver 140 may obtain a new key for encoding from the server 110, using the method described with regard to figure 2. Altematively, since the receiver 120 has obtained from the server 110 a verification of the biometric data for the receiving person, the method may be streamlined for response messages from the receiver 140 to the sender 120. The server 110 may simply generate a key for encoding the response message and transmit that key for encoding to the receiver 140, and generate a key for decoding the response message and
transmit that key for decoding to the sender 120. In a preferred embodiment where the key for encoding and the key for decoding the original message are substantially identical, the receiver 140 may use the key for decoding the original message as a key for encoding the response message and the sender 120 may use the key for encoding the original message as a key for decoding the response message.
Alternative Embodiments
Although preferred embodiments are disclosed herein, many variations are possible which remain within the concept, scope, and spirit of the invention, and these variations would become clear to those skilled in the art after perusal of this application.
Claims
1. A method for communication between a sender and a receiver, said method comprising transmitting from said sender to a server a set of biometric data for a sending person; verifying, at said server, said biometric data for said sending person; transmitting from said server to said sender a key for encoding said message; encoding a message using said key for encoding to generate an encoded message; transmitting said encoded message to said receiver; transmitting from said receiver to said server a set of biometric data for a receiving person; verifying, at said server, said biometric data for a receiving person; transmitting from said server to said receiver a key for decoding said encoded message; and decoding said encoded message at said receiver.
2. A method as in claim 1 , comprising encoding a second message using said key for encoding to generate a second encoded message; and decoding said second encoded message using said key for decoding.
3. A method as in claim 1 , comprising transmitting from said server to said receiver a key for encoding a response; encoding a response using said key for encoding to generate an encoded response; transmitting said encoded response to said sender; transmitting from said server to said sender a key for decoding said encoded response; and decoding said encoded response at said sender.
4. A method as in claim 1, comprising transmitting from said server to said sender a signal representing whether said biometric data for said receiving person was verified at said server.
5. A method as in claim 1, wherein said key for encoding said message and said key for decoding said encoded message are paired keys in a public key system.
6. A method as in claim 1 , wherein said key for encoding said message and said key for decoding said encoded message are substantially identical.
7. A method as in claim 1, wherein said biometric data for said receiving person represents at least a portion of a facial image, a fingerprint, a hand image, a handprint, a foot image, a footprint, a human genome, a retinal image, a voiceprint, or a record of a spoken statement.
8. A method as in claim 1 , wherein said biometric data for said receiving person represents a receiver's signature.
9. A method as in claim 1, wherein said step of verifying said biometric data for said receiving person comprises receiving a set of template biometric data from said sender; receiving said biometric data for said receiving person; and comparing said biometric data for said receiving person against said set of template biometric data from said sender.
10. A system for communication between a sender and a receiver, said system comprising an input device coupled to said sender, said input device disposed for receiving a set of biometric data for a sending person; a server, said server coupled to said sender and to said receiver, said server comprising a biometric data verifier and a generator of a key for encoding and a key for decoding; means, at said sender, for encoding a message using said key for encoding, to generate an encoded message; a communication path between said sender and said receiver; an input device coupled to said receiver, said input device disposed for receiving a set of biometric data for a receiving person; means, at said receiver, for decoding said encoded message using said key for decoding.
11. A system as in claim 10, comprising means, at said sender, for encoding a second message using said key for encoding to generate a second encoded message; and means, at said receiver, for decoding said second encoded message using said key for decoding.
12. A system as in claim 10, comprising means, at said receiver, for encoding a response using said key for encoding to generate an encoded response; and means, at said sender, for decoding said encoded response.
13. A system as in claim 10, comprising means, at said server, for transmitting to said sender a signal representing whether said biometric data for said receiving person was verified.
14. A system as in claim 10, wherein said key for encoding and said key for decoding are paired keys in a public key system.
15. A system as in claim 10, wherein said key for encoding and said key for decoding are substantially identical.
16. A system as in claim 10, wherein said biometric data for said receiving person represents at least a portion of a facial image, a fingerprint, a hand image, a handprint, a foot image, a footprint, a human genome, a retinal image, a voiceprint, or a record of a spoken statement.
17. A system as in claim 10, wherein said biometric data for said receiving person represents a receiver's signature.
18. A system as in claim 10, wherein said biometric data verifier comprises a set of template biometric data from a person whose biometric data is to be verified; and means for comparing biometric data for said person against said set of template biometric data.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US51943095A | 1995-08-25 | 1995-08-25 | |
US08/519,430 | 1995-08-25 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1997008868A1 true WO1997008868A1 (en) | 1997-03-06 |
Family
ID=24068278
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1996/013736 WO1997008868A1 (en) | 1995-08-25 | 1996-08-20 | Method of secure communication using signature verification |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO1997008868A1 (en) |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1998057247A1 (en) * | 1997-06-09 | 1998-12-17 | Koninklijke Philips Electronics N.V. | Web-based, biometric authentication system and method |
US6167517A (en) * | 1998-04-09 | 2000-12-26 | Oracle Corporation | Trusted biometric client authentication |
WO2001028413A1 (en) * | 1999-10-20 | 2001-04-26 | Siemens Aktiengesellschaft | Method for transmitting person-related data |
WO2002073520A1 (en) * | 2001-03-13 | 2002-09-19 | Relatable Llc | A system and method for acoustic fingerprinting |
US6463418B1 (en) * | 1997-08-15 | 2002-10-08 | Sun Microsystems, Inc. | Secure and stateful electronic business transaction system |
US7085840B2 (en) * | 2001-10-29 | 2006-08-01 | Sun Microsystems, Inc. | Enhanced quality of identification in a data communications network |
US7240365B2 (en) | 2002-09-13 | 2007-07-03 | Sun Microsystems, Inc. | Repositing for digital content access control |
US7246244B2 (en) | 1999-05-14 | 2007-07-17 | Fusionarc, Inc. A Delaware Corporation | Identity verification method using a central biometric authority |
US7275260B2 (en) | 2001-10-29 | 2007-09-25 | Sun Microsystems, Inc. | Enhanced privacy protection in identification in a data communications network |
US7363651B2 (en) | 2002-09-13 | 2008-04-22 | Sun Microsystems, Inc. | System for digital content access control |
US7380280B2 (en) | 2002-09-13 | 2008-05-27 | Sun Microsystems, Inc. | Rights locker for digital content access control |
US7398557B2 (en) | 2002-09-13 | 2008-07-08 | Sun Microsystems, Inc. | Accessing in a rights locker system for digital content access control |
US7496751B2 (en) | 2001-10-29 | 2009-02-24 | Sun Microsystems, Inc. | Privacy and identification in a data communications network |
US7512972B2 (en) | 2002-09-13 | 2009-03-31 | Sun Microsystems, Inc. | Synchronizing for digital content access control |
US7549295B2 (en) | 2004-02-11 | 2009-06-23 | Sumitomo Heavy Industries, Ltd. | Three track valve for cryogenic refrigerator |
US20110185176A1 (en) * | 2008-10-31 | 2011-07-28 | Hitachi, Ltd. | Biometric authentication method and system |
US8448230B2 (en) | 2008-08-22 | 2013-05-21 | International Business Machines Corporation | System and method for real world biometric analytics through the use of a multimodal biometric analytic wallet |
US8893303B2 (en) | 2002-09-13 | 2014-11-18 | Oracle America, Inc. | Embedded content requests in a rights locker system for digital content access control |
US10679749B2 (en) | 2008-08-22 | 2020-06-09 | International Business Machines Corporation | System and method for virtual world biometric analytics through the use of a multimodal biometric analytic wallet |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0281224A2 (en) * | 1987-03-03 | 1988-09-07 | Hewlett-Packard Company | Secure messaging systems |
US4993068A (en) * | 1989-11-27 | 1991-02-12 | Motorola, Inc. | Unforgeable personal identification system |
US5237614A (en) * | 1991-06-07 | 1993-08-17 | Security Dynamics Technologies, Inc. | Integrated network security system |
WO1995016974A1 (en) * | 1993-12-17 | 1995-06-22 | Quintet, Incorporated | Method of automated signature verification |
-
1996
- 1996-08-20 WO PCT/US1996/013736 patent/WO1997008868A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0281224A2 (en) * | 1987-03-03 | 1988-09-07 | Hewlett-Packard Company | Secure messaging systems |
US4993068A (en) * | 1989-11-27 | 1991-02-12 | Motorola, Inc. | Unforgeable personal identification system |
US5237614A (en) * | 1991-06-07 | 1993-08-17 | Security Dynamics Technologies, Inc. | Integrated network security system |
WO1995016974A1 (en) * | 1993-12-17 | 1995-06-22 | Quintet, Incorporated | Method of automated signature verification |
Cited By (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1998057247A1 (en) * | 1997-06-09 | 1998-12-17 | Koninklijke Philips Electronics N.V. | Web-based, biometric authentication system and method |
US5930804A (en) * | 1997-06-09 | 1999-07-27 | Philips Electronics North America Corporation | Web-based biometric authentication system and method |
US6463418B1 (en) * | 1997-08-15 | 2002-10-08 | Sun Microsystems, Inc. | Secure and stateful electronic business transaction system |
US6167517A (en) * | 1998-04-09 | 2000-12-26 | Oracle Corporation | Trusted biometric client authentication |
US7246244B2 (en) | 1999-05-14 | 2007-07-17 | Fusionarc, Inc. A Delaware Corporation | Identity verification method using a central biometric authority |
WO2001028413A1 (en) * | 1999-10-20 | 2001-04-26 | Siemens Aktiengesellschaft | Method for transmitting person-related data |
WO2002073520A1 (en) * | 2001-03-13 | 2002-09-19 | Relatable Llc | A system and method for acoustic fingerprinting |
US7085840B2 (en) * | 2001-10-29 | 2006-08-01 | Sun Microsystems, Inc. | Enhanced quality of identification in a data communications network |
US7496751B2 (en) | 2001-10-29 | 2009-02-24 | Sun Microsystems, Inc. | Privacy and identification in a data communications network |
US7275260B2 (en) | 2001-10-29 | 2007-09-25 | Sun Microsystems, Inc. | Enhanced privacy protection in identification in a data communications network |
US7398557B2 (en) | 2002-09-13 | 2008-07-08 | Sun Microsystems, Inc. | Accessing in a rights locker system for digital content access control |
US8893303B2 (en) | 2002-09-13 | 2014-11-18 | Oracle America, Inc. | Embedded content requests in a rights locker system for digital content access control |
US7363651B2 (en) | 2002-09-13 | 2008-04-22 | Sun Microsystems, Inc. | System for digital content access control |
US7240365B2 (en) | 2002-09-13 | 2007-07-03 | Sun Microsystems, Inc. | Repositing for digital content access control |
US7512972B2 (en) | 2002-09-13 | 2009-03-31 | Sun Microsystems, Inc. | Synchronizing for digital content access control |
US7380280B2 (en) | 2002-09-13 | 2008-05-27 | Sun Microsystems, Inc. | Rights locker for digital content access control |
US7549295B2 (en) | 2004-02-11 | 2009-06-23 | Sumitomo Heavy Industries, Ltd. | Three track valve for cryogenic refrigerator |
US10679749B2 (en) | 2008-08-22 | 2020-06-09 | International Business Machines Corporation | System and method for virtual world biometric analytics through the use of a multimodal biometric analytic wallet |
US8448230B2 (en) | 2008-08-22 | 2013-05-21 | International Business Machines Corporation | System and method for real world biometric analytics through the use of a multimodal biometric analytic wallet |
US11080377B2 (en) | 2008-08-22 | 2021-08-03 | International Business Machines Corporation | System and method for virtual world biometric analytics through the use of a multimodal biometric analytic wallet |
US11170083B2 (en) | 2008-08-22 | 2021-11-09 | International Business Machines Corporation | System and method for virtual world biometric analytics through the use of a multimodal biometric analytic wallet |
US11269979B2 (en) | 2008-08-22 | 2022-03-08 | International Business Machines Corporation | System and method for virtual world biometric analytics through the use of a multimodal biometric analytic wallet |
US8412940B2 (en) * | 2008-10-31 | 2013-04-02 | Hitachi, Ltd. | Biometric authentication method and system |
US20110185176A1 (en) * | 2008-10-31 | 2011-07-28 | Hitachi, Ltd. | Biometric authentication method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO1997008868A1 (en) | Method of secure communication using signature verification | |
CN1792060B (en) | Methd and system for authenticating physical object | |
CA2341784C (en) | Method to deploy a pki transaction in a web browser | |
US6741851B1 (en) | Method for protecting data stored in lost mobile terminal and recording medium therefor | |
KR100486062B1 (en) | Biometric certificates | |
US6990444B2 (en) | Methods, systems, and computer program products for securely transforming an audio stream to encoded text | |
CN1973306B (en) | Renewable and private biometrics | |
US6263446B1 (en) | Method and apparatus for secure distribution of authentication credentials to roaming users | |
US7028184B2 (en) | Technique for digitally notarizing a collection of data streams | |
US6185316B1 (en) | Self-authentication apparatus and method | |
JP2001325549A (en) | Biometric personal identification service providing system | |
US7620213B2 (en) | Authentication device using anatomical information and method thereof | |
US20060235729A1 (en) | Application-specific biometric templates | |
US20020095601A1 (en) | Technique for establishing provable chain of evidence | |
US20020095587A1 (en) | Smart card with integrated biometric sensor | |
EP1290534A2 (en) | Method for biometric encryption of e-mail | |
JP2000276445A (en) | Authentication method and device using biometrics discrimination, authentication execution device, and recording medium recorded with authentication program | |
JP3569751B2 (en) | User authentication system | |
JP2000184448A (en) | Personal communication system and its communicating method | |
EP1131911B1 (en) | Method and apparatus for secure distribution of authentication credentials to roaming users | |
JP2004013560A (en) | Authentication system, communication terminal, and server | |
JP2001052181A (en) | Personal authenticating method and recording medium recording personal authentication program | |
WO2022130528A1 (en) | Recovery verification system, collation system, recovery verification method, and non-temporary computer readable medium | |
JP2002366527A (en) | Personal identification method | |
JP2002032516A (en) | Ic card electronic voting system and voting method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): CA JP |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: CA |