WO2007113888A1 - Procédé pour générer et vérifier des informations de sécurité obtenues au moyen de lectures biométriques - Google Patents

Procédé pour générer et vérifier des informations de sécurité obtenues au moyen de lectures biométriques Download PDF

Info

Publication number
WO2007113888A1
WO2007113888A1 PCT/IT2007/000235 IT2007000235W WO2007113888A1 WO 2007113888 A1 WO2007113888 A1 WO 2007113888A1 IT 2007000235 W IT2007000235 W IT 2007000235W WO 2007113888 A1 WO2007113888 A1 WO 2007113888A1
Authority
WO
WIPO (PCT)
Prior art keywords
detection information
information
biometric
type
extraction
Prior art date
Application number
PCT/IT2007/000235
Other languages
English (en)
Inventor
Stelvio Cimato
Marco Gamassi
Vincenzo Piuri
Daniele Sana
Roberto Sassi
Fabio Scotti
Original Assignee
Universita' Degli Studi Di Milano
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Universita' Degli Studi Di Milano filed Critical Universita' Degli Studi Di Milano
Publication of WO2007113888A1 publication Critical patent/WO2007113888A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/25Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
    • G07C9/257Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition electronically
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/40Indexing scheme relating to groups G07C9/20 - G07C9/29
    • G07C2209/41Indexing scheme relating to groups G07C9/20 - G07C9/29 with means for the generation of identity documents

Definitions

  • the present invention refers to a method for generating and verifying security information to be associated with an entity, such as typically a person: In particular, the methods of the invention make use of biometric traits.
  • the researchers have ideated systems which are not well suited for the requirements of the applications of the real world. In fact, such systems are based on low fault tolerance thresholds or on infrastructures which are not available or universally accepted.
  • biometric factors such as for example finger prints, voice and face are permanently associated with the user and can therefore get around the need to have an identification mark therewith or remember passwords and access keys .
  • biometric factors such as for example finger prints, voice and face are permanently associated with the user and can therefore get around the need to have an identification mark therewith or remember passwords and access keys .
  • the high typical variability of biometric traits renders them unsuitable for direct use in data protection.
  • the cryptographic keys must be definite and only one bit of difference (in the key or in the message) eliminates the possibility to access to the protected data.
  • the biometric key is generated directly from the biometric trait by using a fault-tolerant binary representation.
  • Hao et al. [6] proposed a generation procedure of the biometric key, based on the coding of the iris extracted from an algorithm and on the combined use of Hadamard and Reed- Solomon codes.
  • Juels and Sudan have also proposed a "fuzzy vault" scheme in [7] .
  • Another conventional recording and verification typology is that "multimodal" which is based on the reading of several biometric traits (typically, iris, finger print, voice, two- or three-dimensional face characteristic, auricle, DNA sequences, manual signature) , to obtain corresponding biometric characteristics, each of which is recorded on the document of the individual, unencrypted or after a encrypting with a corresponding external key.
  • biometric traits typically, iris, finger print, voice, two- or three-dimensional face characteristic, auricle, DNA sequences, manual signature
  • the verification occurs by comparing the characteristic of the first biometric trait recorded on the document with the respective characteristic, result of a subsequent biometric reading carried out in the identification step. Moreover, the comparison is also carried out for the characteristic related to the second biometric trait. Typically, the recognition of the individual occurs if one verifies the related matching for each of the considered biometric characteristics.
  • Object of the present invention is that of proposing a method for the generation of security information alternative to the known methods. Summary of the Invention The object of the present invention is achieved by a method for generating security information associated with an entity (for example, a person) as described in claim 1. Preferred embodiments of said method are described in claims 2 - 23. Object of the present invention is also a method of verification of the entity identification, as defined by claim 24 and by particular embodiments thereof defined by claims 25 - 33.
  • the present invention relates to a processing device for the generation of security data as described by claim 34 and a computer program capable of executing a processing for the generation of the security information defined by claim 35.
  • Object of the present invention is also a processing apparatus for the verification of a label of an entity to be recognised, as described by claim 36, and a computer program capable of executing a processing for the verification of the identity of said entity as defined by claim 37.
  • Figure 1 schematically shows, by means of functional blocks, a recording method and a module for generating a security label associated with a user, according to a first particular embodiment of the present invention
  • Figure 2 schematically shows, by means of functional blocks, an embodiment of a method and module for verifying the identity of a subject, suitable for the recognition of users with the exemplary method of figure
  • Figure 3 schematically shows, by means of functional blocks, a first alternative version of the recording method and module of figure 1, made according to a "parallel" approach;
  • Figure 4 schematically shows, by means of functional blocks, a first alternative version of the method and module of figure 2, suitable for recognising users recorded with the method of figure 3 ;
  • Figure 5 schematically shows, by means of functional blocks, a second alternative version of the recording method and module of figure 1, made according to a "hierarchical" approach;
  • Figure 6 schematically shows, by means of functional blocks, a second alternative version of the method and verification module of figure 2, suitable for recognising users recorded with the method of figure 5;
  • Recording Method and Module Figure 1 shows, by means of a block diagram, steps of a recording or "enrolment” method of an entity (for example, an animal, and preferably, a human being) , such as a person, hereinafter called user.
  • entity for example, an animal, and preferably, a human being
  • the functional blocks shown in figure 1 can correspond to software and/or hardware modules implemented in a suitable device or module indicated with the same reference 100.
  • a suitable device is, for example, a computer (for example a microcontroller or a personal computer) equipped with a processing unit and adequate mass and work memory, as well as with a (software) program for the execution of the method itself.
  • the enrolment method permits generating an ID label which is assigned to the appropriate user.
  • This ID label after having been generated, can be stored in various medium types and is destined to be provided during every verification step.
  • At least a first biometric reading information Il (Inputl_l step) and at least a second biometric reading information 12 (Input2_l step) are acquired (or, equivalentIy, detected) , hereinafter called first and second biometric reading.
  • biometric readings are separate from each other.
  • the biometric readings employable in the method in accordance with the invention regard the acquisition of one of the following physiological and behavioural traits of the user: iris, finger print, voice, two- or three-dimensional face characteristic, auricle, DNA sequences, manual signature, retina, hand geometry, pattern of the hand blood vessels.
  • biometric readings can be acquired by means of conventional technologies, known in the sector, such as for example: photography or scanning.
  • first biometric reading Il and the second biometric reading 12 are separate from each other, in the sense that they have separate biometric information content, but they can also refer to different portions of a same physiological- behavioural trait, such as for example different portions of the same iris, same finger print or same signature.
  • the first and second biometric reading Il and 12 undergo processing steps (for example, the steps indicated in the figure with the symbols: Fl, PPl; F2, PP2, ECE) so to obtain a first value cSl and a second value S4 having the biometric content of said first and second reading respectively associated.
  • a function RFl of cryptographic type with at least two operands is applied to the first cSl and second S4 value, obtaining a combination value S5 from which the already mentioned ID security label to be assigned to the user is generated (step indicated with the symbol IFl) .
  • the first biometric reading Il undergoes a processing FEl for extracting at least one first selected biometric characteristic ⁇ ⁇ El and a subsequent processing step FPl to return a binary string Sl corresponding to the extracted biometric characteristics.
  • the functional block Fl comprising the processing FEl and the processing block FPl, overall carries out the processing known with the term "feature extraction" and the conversion of the features obtained in a string of bits, and can be of convention type.
  • the feature extraction block FEl carries out the conventional minutia extraction.
  • the block Fl can provide, for example, the application of the conventional IrisCode ® technique, suggested by Daugmann.
  • - techniques based on the extraction of overall characteristics for detection information of imprint type; - techniques based on direction and orientation fields of the characteristics for detection information of imprint type; techniques based on the coordinates of the characteristics called minutia for detection information of imprint type;
  • - techniques based on the extraction of three- dimensional characteristics for detection information of facial type techniques based on the extraction of three- dimensional characteristics for detection information of body type, also including the characteristics extracted with radiographic and magnetic resonance apparatuses; - techniques based on the extraction of characteristics from DNA samples; techniques based on the extraction of characteristics for detection information of writing or signature type; - techniques based on the extraction of characteristics for detection information of walking or postural type; techniques based on the extraction of two- dimensional characteristics of the image of the hands; - techniques based on the extraction of three- dimensional characteristics of the image of the hands; techniques based on the extraction of characteristics for detection information of retinal type; - techniques based on the extraction of characteristics for detection information of keystroking type; techniques based on the extraction of characteristics for detection information of thermographic facial type; techniques based on the extraction of characteristics for detection information of thermographic type of the hands or fingers.
  • each of the two feature extraction and processing blocks Fi can be subdivided into a first block FEi which carries out the step of feature extraction, and a second processing block, FPi.
  • the first block FEi given the input Ii, produces a list of features Ei which is subsequently processed to obtain a string of bits, Si.
  • each string of bits Si (both the string Sl, and that S2) is mapped in a code word cSi, according to a processing carried out by a respective post-processing block, PPi, shown in figure 1.
  • the code word cS2 is processed by a error correction encoding block ECE (for example a Reed-Solomon code, possibly shortened) , known in the sector.
  • ECE error correction encoding block
  • t i.e., a correction threshold
  • the parameters which characterise the error correction code and thus the correction threshold t are created considering the best decoding block available.
  • list decoding algorithms can be employed such as, for example, as indicated in the article of Ron M. Roth, and Gitit Ruckenstein, "Efficient Decoding of Reed- Solomon Codes Beyond Half the Minimum Distance", IEEE TRANSACTIONS ON INFORMATION THEORY, 46, 246-257, 2000.
  • Reed-Solomon technique one of the following techniques can also be employed, for example: linear code, BCH (Bose Ray-
  • the post processing block PP2 which precedes the block ECE, has the function of mapping the information content of the string S2 in a code word adapted for the treatment carried out by the error correction encoding ECE block.
  • the string Sl was processed by the post processing block PPl by returning the code word cSl so that it too forms a code word in the space of the code words of the particular preselected ECE.
  • the function RFl acts on one or more operands (or variables a, b) according to a predetermined algorithm and to return an output.
  • the function RFl is of cryptographic type.
  • the function of one or more operands of cryptographic type it is intended a function so that, based only on the knowledge of the algorithm and the output, it is possible to obtain at most only part of the corresponding operands or, in some cases, none of such operands.
  • the cryptographic type function RFl does not permit obtaining all of the operands which have led to a certain output, based only on the knowledge of the output and the defining algorithm.
  • the function of cryptographic type RFl is also of reversible type, i.e. it permits obtaining part of the operands based on the knowledge of the algorithm, the output and the other operands.
  • a further function example RFl is the polynomial interpolation on finished fields, given a set of known points .
  • a further function of cryptographic type NIFl is applied to the bit string S2, resulting from the feature extraction block F2. In particular, such further function of cryptographic type is non invertible and hence is a function which, based on the knowledge of the output and defining algorithm, does not permit going back to the operand .
  • NIFl is a hash function (for example the hash function SHA-I) .
  • the function IFl is an invertible function, i.e. a function which permits obtaining the operands based on the knowledge of the defining algorithm and the output.
  • the invertible function IFl can for example be the successive connection of the two bit strings S3 and S5.
  • the digital value corresponding to the ID label can be stored in one of the following mediums of known type: smart card, floppy disc, semiconductor memory, EPROM
  • ID label can be stored in a medium incorporated in an identity document assigned to the user and composes a security label based on which one can recognise the person in possession of the identity document as the user actually recorded (or not as the recorded user) according to the above-described methodology.
  • a verification method 200 of the user identity will now be described with reference to figure 2.
  • the functional blocks of figure 2 represent both processing steps of the verification method and software and/or hardware modules capable of executing the corresponding processing.
  • the verification method 200 can be executed by a verification apparatus equipped with devices for carrying out at least separate biometric readings (i.e. the same reading type of the enrolment method 100) and a processing unit with appropriate storage. Moreover, both the recording device which implements the method 100 and the verification apparatus which implements the method 200 is equipped with respective interfaces for its use by an operator. In particular, the apparatus which implements the verification method 200 has an operator interface (for example a display) to signal the occurred recognition or the lack of recognition of the user.
  • a verification apparatus equipped with devices for carrying out at least separate biometric readings (i.e. the same reading type of the enrolment method 100) and a processing unit with appropriate storage. Moreover, both the recording device which implements the method 100 and the verification apparatus which implements the method 200 is equipped with respective interfaces for its use by an operator. In particular, the apparatus which implements the verification method 200 has an operator interface (for example a display) to signal the occurred recognition or the lack of recognition of the user.
  • an operator interface for example a display
  • biometric verification readings refers to the same biometric trait (i.e. physiological) used for the biometric reading II
  • biometric verification reading J2 refers to the same physiological trait used for the biometric reading 12.
  • the bit string S6 is mapped in the code word cS6 by means of the post processing block PP3, for example, identical to the block PPl of figure 1,
  • two different biometric readings of the same subject produce two keys whose Hamming (HD) distance is less than r ; on the other hand, HD>r when the readings belong to different subjects.
  • HD Hamming
  • S 7 and S 4 will differ by a limited number of words. Such differences of S7 with respect to SA can be seen, when the subject is the same recorded user, as "errors" of the value S4.
  • the value S7 is processed from an error correction decoding block ECD, operating in accordance with the encoding block ECE of figure 1, which acts in a manner to correct the aforesaid errors, generating the correct reconstructed value cS7.
  • ECD error correction decoding block
  • the correct reconstructed version cS7 can be considered identical to the string S4.
  • the string thus obtained, cS7, is processed by a processing block PP2 "1 , which, by applying an inverse processing with respect to that of the block PP2, generates the reconstructed value S8.
  • the decoded value S8 is identical to the value S2 if the subject is not an impostor, and consequently only if the number of bits in S6 which have a different value from Sl is less than the correction capacity of the preselected code.
  • the method in accordance with the invention foresees that no biometric feature is included in the ID label if not in cryptographic form and resistant to any reconstruction attempt by means of processing carried out only on the ID label itself.
  • the verification module which implements the method 200 does not provide a value S2 as obtained in the recording procedure of figure 1, making a direct comparison between the values S2 and S8 impossible .
  • the exemplary verification method 200 provides the application to the reconstructed value S8 of the same non-invertible function NIFl which has acted in the recording processing on the value S2.
  • the application of the function NIFl to S8 returns the value S9, which is a reconstructed version of the value S3.
  • enabling "enable” information is generated which activates a second "Match” comparison.
  • the enabling "enable” information assumes a state such to disable the second "Match” comparison. In this second case, it may be concluded that the subject does not correspond to the user recorded with the ID label .
  • Match comparison carries out a biometric comparison, for example of classic type, between the value SlO, i.e. the features collected in the verification step related to the second reading J2, and the reconstructed value S8.
  • This second comparison can give a positive outcome
  • the recording method 100 and the verification method 200 can be implemented in basic processing modules which are compatible in basic modules for creating different levels of security, complexity and for using a greater number of biometric traits.
  • Figures 3 and 4 refer to the parallel composition and respectively show a parallel recording module 300 and a parallel verification module 400, different from those described with reference to figures 1 and 2.
  • the parallel composition offers a simple method for utilising different biometric traits for creating the ID label.
  • the multi-modality level implemented is greater than that occurring by the standard approach, given that more than two biometric data points are treated.
  • the first biometric input group (I, , I ⁇ , ... , I N ), is composed using a composition function (Compositionl) .
  • a second composition function (Composition2) is equally used for the second group - ⁇ he out P uts of the two composition functions act as input for a recording module 100' , analogous to that of figure 1 described above.
  • the system is N+M-modal.
  • the blocks Fl and F2 of the recording module 100' do not carry out any operation in this module. In fact, the operations of feature extractions and processing are incorporated in the Compositionl and Composition2 blocks.
  • the composition functions Compositionl and Composition2 can be implemented in different ways.
  • the parallel verification module (figure 4) comprises a base verification module 200', whose inputs are fed by the same composition functions (COmPOsItIOn 1 and Composition 2 ) which operate on biometric verification readings Jl, J2, ..., J N+M -
  • the processing blocks Coding 1 and Coding 2 can carry out operations related to the digital representation of the entering values (analogous, for example, to those of the block PP3) or they can also not be provided, considering that the feature extraction procedures are carried out inside the Composition 1 and Composition 2 blocks.
  • the base modules can also be composed in hierarchical structures, as shown in figures 5 and 6.
  • FIG. 5 shows an example of a recording module 500 of two-level hierarchy type.
  • the biometric input data I 2 and I 3 are used to create a first ID 1 label by means of a base recording module 100, identical or analogous to that already described.
  • the ID 1 label is used in place of a biometric trait in a second base recording module 100b (analogous to that 100) together with a third biometric input data I 3 , leading to the creation of a second label ID 2 .
  • the hierarchical composition permits different security levels.
  • the block F2 contained inside the base recording module 100b does not carry out any operation, in this particular case.
  • Figure 6 shows the structure of the hierarchical verification module 600.
  • the biometric data J2 and J3 can usually be requested to verify the first ID 1 label.
  • a third biometric sample Jl should also be requested to verify the second ID 2 label as well (of course when the verification of ID 1 was successful) .
  • the module 600 comprises two base verification modules 200a and 200b.
  • the inputs ID 1 , J2 and J3 are verified by the first base verification module 200a in an analogous manner to that described for the module 200.
  • the output of the first base verification module 200a is possibly used to enable the functioning of the second base verification module 200b.
  • This output can also be used as first security level authentication signal.
  • the identity of the user can be verified in the second module 200b using also the first label IDl, second label ID2 and third biometric data Jl as input.
  • the output of the second verification module 200b (it too with architecture analogous to the module 200) is the second security level authentication signal.
  • the values SIl, S12, S13, S14, S15, and S16 present in the second verification module 200b are the result of processing analogous to that which produced the already described values S3, S5, S6, S7, S8 and S9, respectively.
  • For the Coding 3 block considerations analogous to those made for the Coding 1 and Coding 2 blocks are valid. It is to be observed how it is possible to construct more complex systems by using each composition method (parallel and hierarchical) recursively or by combining the methods in an iterative manner.
  • the recording and verification method in accordance with the invention has all of the advantages associated with multimodal techniques, since the authentication can function by using at least two biometric traits, for example iris and finger prints. Nonetheless, the technique in accordance with the invention is advantageous with respect to traditional multimodal techniques.
  • a combination value such as the value S5
  • a function of cryptographic type which acts on at least two operands which contain the information content of the separate biometric readings, permits obtaining an ID label from which it is not possible to reconstruct the separate biometric characteristics in the absence of the user himself .
  • the use of this function which "combines" in a cryptographic manner the operands obtained beginning from the read biometric characteristics, permits avoiding the use of external encrypting keys whose management is burdensome.
  • the ID label does not contain any classical encrypting, of any biometric trait of the possessor, thus no Public Key Infrastructure is required.
  • the described method also brings the following advantages with regard to other techniques of conventional type.
  • the subject is also identified/verified by a classic biometric matching system (such as that employable in the Match step and this is not possible by means of the use of the fuzzy commitment scheme, since such methodology of the prior art usually returns only a binary response, and not a biometric trait nor a set of biometric features.
  • ID label obtained by means of at least one function of cryptographic type is present on the document, where the biometric trait (s) or biometric features are not present, as already said.
  • the described recording (also called enrolment) and verification method can be public since that does not harm the security of its practical implementation.
  • the selected code imposes a further constraint on the Fl and F2 methods used for which the condition n ⁇ (l-2r )n ⁇ must be valid.
  • the same code is applied to Sl, so to obtain cSl.
  • K-It 1 98 random words are placed after the new code word derived from S2.
  • the ID is constructed by putting S3 and S5 together.
  • S 7 and S 4 will differ by a number of only ⁇ 1 n i wor ds.
  • the constraint on the used methods Fl and F2 would be n 2 ⁇ n ⁇ -r ⁇ ⁇ ⁇ in this case. ******

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Collating Specific Patterns (AREA)

Abstract

L'invention décrit un procédé (100) pour générer des informations de sécurité associées à une entité à enregistrer, qui consiste en ce qui suit : effectuer des lectures biométriques sur ladite entité à enregistrer pou acquérir une première (I1) et une deuxième (I2) informations de détection, séparées entre elles; traiter (FI, PPl; F2, PP2, ECE) les informations et obtenir une première (cSI) et une deuxième (S4) valeurs comprenant le contenu biométrique associé respectif desdites informations; appliquer une fonction de type cryptographique avec au moins deux opérandes (RFI) aux première (cSI) et deuxième (S4) valeurs, obtenir une valeur combinée (S5) à partir de laquelle (IFI) une étiquette de sécurité (ID) de ladite entité à enregistrer est générée.
PCT/IT2007/000235 2006-03-31 2007-03-29 Procédé pour générer et vérifier des informations de sécurité obtenues au moyen de lectures biométriques WO2007113888A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ITMI2006A000641 2006-03-31
IT000641A ITMI20060641A1 (it) 2006-03-31 2006-03-31 Metodo di generazione e di verifica di una informazione di sicurezza ottenuta mediante letture biometriche

Publications (1)

Publication Number Publication Date
WO2007113888A1 true WO2007113888A1 (fr) 2007-10-11

Family

ID=38326300

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IT2007/000235 WO2007113888A1 (fr) 2006-03-31 2007-03-29 Procédé pour générer et vérifier des informations de sécurité obtenues au moyen de lectures biométriques

Country Status (2)

Country Link
IT (1) ITMI20060641A1 (fr)
WO (1) WO2007113888A1 (fr)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9094211B2 (en) 2011-08-26 2015-07-28 Life Technologies Corporation Systems and methods for identifying an individual
FR3017732A1 (fr) * 2014-02-17 2015-08-21 Morpho Procede d'identification et/ou d'authentification d'un individu a partir de son reseau veineux
WO2018178087A1 (fr) * 2017-03-30 2018-10-04 Bundesrepublik Deutschland, Vertreten Durch Das Bundesministerium Des Innern, Vertreten Durch Das Bundesamt Für Sicherheit In Der Informationstechnik Liaison d'objets assistée par la biométrie
KR20190058834A (ko) * 2017-11-22 2019-05-30 서울대학교산학협력단 패리티 검사 행렬에 기초한 오류 복원 기법을 이용하는 전자 서명 장치 및 방법
WO2022042969A1 (fr) * 2020-08-24 2022-03-03 Nchain Licensing Ag Graine bio-extraite
CN115830748A (zh) * 2022-11-24 2023-03-21 远峰科技股份有限公司 智能座舱数字钥匙定位校准方法及装置
CN116781397A (zh) * 2023-07-24 2023-09-19 深圳建安润星安全技术有限公司 基于生物识别的互联网信息安防方法及平台

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6202151B1 (en) * 1997-05-09 2001-03-13 Gte Service Corporation System and method for authenticating electronic transactions using biometric certificates
US20020070844A1 (en) * 1999-12-14 2002-06-13 Davida George I. Perfectly secure authorization and passive identification with an error tolerant biometric system
GB2402791A (en) * 2003-06-09 2004-12-15 Seiko Epson Corp User identification using two or more sources of biometric data in combination with a user entered code
FR2871910A1 (fr) * 2004-06-22 2005-12-23 Sagem Procede de codage de donnees biometriques, procede de controle d'identite et dispositifs pour la mise en oeuvre des procedes

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6202151B1 (en) * 1997-05-09 2001-03-13 Gte Service Corporation System and method for authenticating electronic transactions using biometric certificates
US20020070844A1 (en) * 1999-12-14 2002-06-13 Davida George I. Perfectly secure authorization and passive identification with an error tolerant biometric system
GB2402791A (en) * 2003-06-09 2004-12-15 Seiko Epson Corp User identification using two or more sources of biometric data in combination with a user entered code
FR2871910A1 (fr) * 2004-06-22 2005-12-23 Sagem Procede de codage de donnees biometriques, procede de controle d'identite et dispositifs pour la mise en oeuvre des procedes

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
FENG HAO ET AL: "COMBINING CRYPTOGRAPHYWITH BIOMETRICS EFFECTIVELY", TECHNICAL REPORT - UNIVERSITY OF CAMBRIDGE. COMPUTER LABORATORY, XX, XX, vol. 28, no. 640, July 2005 (2005-07-01), pages 1 - 17, XP009072846 *
KEVENAAR T A M ET AL: "Face Recognition with Renewable and Privacy Preserving Binary Templates", AUTOMATIC IDENTIFICATION ADVANCED TECHNOLOGIES, 2005. FOURTH IEEE WORKSHOP ON BUFFALO, NY, USA 17-18 OCT. 2005, PISCATAWAY, NJ, USA,IEEE, 17 October 2005 (2005-10-17), pages 21 - 26, XP010856491, ISBN: 0-7695-2475-3 *

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11636190B2 (en) 2011-08-26 2023-04-25 Life Technologies Corporation Systems and methods for identifying an individual
US9520999B2 (en) 2011-08-26 2016-12-13 Life Technologies Corporation Systems and methods for identifying an individual
US10733277B2 (en) 2011-08-26 2020-08-04 Life Technologies Corporation Systems and methods for identifying an individual
US9094211B2 (en) 2011-08-26 2015-07-28 Life Technologies Corporation Systems and methods for identifying an individual
FR3017732A1 (fr) * 2014-02-17 2015-08-21 Morpho Procede d'identification et/ou d'authentification d'un individu a partir de son reseau veineux
WO2018178087A1 (fr) * 2017-03-30 2018-10-04 Bundesrepublik Deutschland, Vertreten Durch Das Bundesministerium Des Innern, Vertreten Durch Das Bundesamt Für Sicherheit In Der Informationstechnik Liaison d'objets assistée par la biométrie
KR20190058834A (ko) * 2017-11-22 2019-05-30 서울대학교산학협력단 패리티 검사 행렬에 기초한 오류 복원 기법을 이용하는 전자 서명 장치 및 방법
KR102001407B1 (ko) 2017-11-22 2019-07-18 서울대학교산학협력단 패리티 검사 행렬에 기초한 오류 복원 기법을 이용하는 전자 서명 장치 및 방법
WO2022042969A1 (fr) * 2020-08-24 2022-03-03 Nchain Licensing Ag Graine bio-extraite
CN115830748A (zh) * 2022-11-24 2023-03-21 远峰科技股份有限公司 智能座舱数字钥匙定位校准方法及装置
CN115830748B (zh) * 2022-11-24 2023-11-24 远峰科技股份有限公司 智能座舱数字钥匙定位校准方法及装置
CN116781397A (zh) * 2023-07-24 2023-09-19 深圳建安润星安全技术有限公司 基于生物识别的互联网信息安防方法及平台
CN116781397B (zh) * 2023-07-24 2024-03-15 深圳建安润星安全技术有限公司 基于生物识别的互联网信息安防方法及平台

Also Published As

Publication number Publication date
ITMI20060641A1 (it) 2007-10-01

Similar Documents

Publication Publication Date Title
Uludag et al. Biometric cryptosystems: issues and challenges
Sutcu et al. Protecting biometric templates with sketch: Theory and practice
Lee et al. Biometric key binding: Fuzzy vault based on iris images
Chen et al. Biometric based cryptographic key generation from faces
Uludag et al. Securing fingerprint template: Fuzzy vault with helper data
Hoang et al. Gait authentication on mobile phone using biometric cryptosystem and fuzzy commitment scheme
Cimato et al. Privacy-aware biometrics: Design and implementation of a multimodal verification system
Ponce-Hernandez et al. Fuzzy vault scheme based on fixed-length templates applied to dynamic signature verification
Eskander et al. A bio-cryptographic system based on offline signature images
WO2007113888A1 (fr) Procédé pour générer et vérifier des informations de sécurité obtenues au moyen de lectures biométriques
Rathgeb et al. An iris-based interval-mapping scheme for biometric key generation
Suresh et al. Two-factor-based RSA key generation from fingerprint biometrics and password for secure communication
Rathgeb et al. Context-based texture analysis for secure revocable iris-biometric key generation
Cimato et al. A multi-biometric verification system for the privacy protection of iris templates
Meenakshi et al. Security analysis of password hardened multimodal biometric fuzzy vault
Ziauddin et al. Robust iris verification for key management
Liu et al. Palmprint based multidimensional fuzzy vault scheme
Fouad et al. A fuzzy vault implementation for securing revocable iris templates
Cimato et al. Privacy in biometrics
Patel et al. Hybrid feature level approach for multi-biometric cryptosystem
Ponce-Hernandez et al. Template protection approaches: Fuzzy Vault scheme
Sutcu et al. Secure sketches for protecting biometric templates
Soltane et al. A review regarding the biometrics cryptography challenging design and strategies
JP4843146B2 (ja) 秘密情報保管方法および秘密情報復元方法並びにデータ暗号化/復号化装置およびデータ復号化装置
Tian et al. Fingerprint-based identity authentication and digital media protection in network environment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07736739

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07736739

Country of ref document: EP

Kind code of ref document: A1