ES2572159T3 - Un método de asignación de un secreto a un testigo de seguridad, un método de operación de un testigo de seguridad, un medio de almacenamiento y un testigo de seguridad - Google Patents
Un método de asignación de un secreto a un testigo de seguridad, un método de operación de un testigo de seguridad, un medio de almacenamiento y un testigo de seguridadInfo
- Publication number
- ES2572159T3 ES2572159T3 ES09175755T ES09175755T ES2572159T3 ES 2572159 T3 ES2572159 T3 ES 2572159T3 ES 09175755 T ES09175755 T ES 09175755T ES 09175755 T ES09175755 T ES 09175755T ES 2572159 T3 ES2572159 T3 ES 2572159T3
- Authority
- ES
- Spain
- Prior art keywords
- security token
- secret
- biometric data
- assigning
- storage medium
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1025—Identification of user by a PIN code
- G07F7/1091—Use of an encrypted form of the PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/34—Encoding or coding, e.g. Huffman coding or error correction
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Accounting & Taxation (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Biodiversity & Conservation Biology (AREA)
- Life Sciences & Earth Sciences (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
- Collating Specific Patterns (AREA)
- Lock And Its Accessories (AREA)
Abstract
Un método de operación de un testigo de seguridad para realizar una operación criptográfica, el testigo de seguridad (100) que tiene asignado al mismo un secreto cifrado biométricamente, el método de operación del testigo de seguridad que comprende: - recibir unos segundos datos biométricos (108') del rasgo biométrico de la persona y una pseudo identidad (PI) mediante el testigo de seguridad, - almacenar los segundos datos biométricos (108') en el testigo de seguridad, - leer el secreto cifrado biométricamente desde una memoria (112) del testigo de seguridad (100), - descifrar biométricamente el secreto usando los segundos datos biométricos (108') mediante el testigo de seguridad (100), - comparar la pseudo identidad (PI) con un valor de comprobación aleatoria (114) del secreto no cifrado, - usar el secreto para realizar la operación criptográfica en caso de que la pseudo identidad (PI) sea idéntica con el valor de comprobación aleatoria (114) del secreto no cifrado, - borrar el secreto descifrado y los segundos datos biométricos (108').
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP09175755.9A EP2323308B1 (en) | 2009-11-12 | 2009-11-12 | A method of assigning a secret to a security token, a method of operating a security token, storage medium and security token |
Publications (1)
Publication Number | Publication Date |
---|---|
ES2572159T3 true ES2572159T3 (es) | 2016-05-30 |
Family
ID=42026738
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
ES09175755T Active ES2572159T3 (es) | 2009-11-12 | 2009-11-12 | Un método de asignación de un secreto a un testigo de seguridad, un método de operación de un testigo de seguridad, un medio de almacenamiento y un testigo de seguridad |
Country Status (8)
Country | Link |
---|---|
US (1) | US20120303966A1 (es) |
EP (1) | EP2323308B1 (es) |
CN (1) | CN102640450B (es) |
AU (1) | AU2010318058B2 (es) |
BR (1) | BR112012009933A2 (es) |
CA (1) | CA2780717C (es) |
ES (1) | ES2572159T3 (es) |
WO (1) | WO2011057983A1 (es) |
Families Citing this family (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2987529B1 (fr) * | 2012-02-27 | 2014-03-14 | Morpho | Procede de verification d'identite d'un utilisateur d'un terminal communiquant et systeme associe |
FR2988196B1 (fr) * | 2012-03-19 | 2014-03-28 | Morpho | Procede d'authentification d'un individu porteur d'un objet d'identification |
US9710664B2 (en) | 2012-09-07 | 2017-07-18 | Amrita Vishwa Vidyapeetham | Security layer and methods for protecting tenant data in a cloud-mediated computing network |
CN103152157A (zh) * | 2013-02-04 | 2013-06-12 | 快车科技有限公司 | 一种安全密保方法及相关装置 |
CN103178961B (zh) * | 2013-02-04 | 2017-05-17 | 快车科技有限公司 | 一种安全信息交互方法及相关装置 |
CN103200009A (zh) * | 2013-04-11 | 2013-07-10 | 迪士恩信息科技(上海)有限公司 | 一种指纹加解密***及方法 |
CN105471575B (zh) | 2014-09-05 | 2020-11-03 | 创新先进技术有限公司 | 一种信息加密、解密方法及装置 |
CN105099712B (zh) | 2015-09-17 | 2018-11-20 | 深圳三元色数码科技有限公司 | 一种基于双码验证的数据加密方法 |
US9916432B2 (en) * | 2015-10-16 | 2018-03-13 | Nokia Technologies Oy | Storing and retrieving cryptographic keys from biometric data |
JP6682816B2 (ja) * | 2015-11-16 | 2020-04-15 | 富士通株式会社 | 秘匿情報記憶方法、情報処理端末、及び秘匿情報記憶プログラム |
JP6507115B2 (ja) * | 2016-03-22 | 2019-04-24 | 株式会社日立製作所 | 1:n生体認証・暗号・署名システム |
US10505733B2 (en) * | 2017-09-25 | 2019-12-10 | Citrix Systems, Inc. | Generating and managing a composite identity token for multi-service use |
US20190349363A1 (en) * | 2018-05-14 | 2019-11-14 | GM Global Technology Operations LLC | Biometric authentication with enhanced biometric data protection |
CA3058242C (en) | 2019-03-29 | 2022-05-31 | Alibaba Group Holding Limited | Managing cryptographic keys based on identity information |
EP3622665B1 (en) | 2019-03-29 | 2021-07-28 | Advanced New Technologies Co., Ltd. | Cryptography chip with identity verification |
AU2019204711B2 (en) | 2019-03-29 | 2020-07-02 | Advanced New Technologies Co., Ltd. | Securely performing cryptographic operations |
KR102381153B1 (ko) | 2019-03-29 | 2022-03-30 | 어드밴스드 뉴 테크놀로지스 씨오., 엘티디. | 신원 정보에 기초한 암호화 키 관리 |
US10757574B1 (en) * | 2019-12-26 | 2020-08-25 | Capital One Services, Llc | Multi-factor authentication providing a credential via a contactless card for secure messaging |
Family Cites Families (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020124176A1 (en) * | 1998-12-14 | 2002-09-05 | Michael Epstein | Biometric identification mechanism that preserves the integrity of the biometric information |
DE19923807A1 (de) * | 1999-05-19 | 2000-11-23 | Deutsche Telekom Ag | Verfahren zur Erhöhung der Sicherheit bei digitalen Unterschriften |
DE19940341A1 (de) * | 1999-08-25 | 2001-03-01 | Kolja Vogel | Verfahren zum Schutz von Daten |
US20030219121A1 (en) * | 2002-05-24 | 2003-11-27 | Ncipher Corporation, Ltd | Biometric key generation for secure storage |
ATE343273T1 (de) * | 2002-05-31 | 2006-11-15 | Scient Generics Ltd | Biometrisches authentifizierungssystem |
US20040034784A1 (en) * | 2002-08-15 | 2004-02-19 | Fedronic Dominique Louis Joseph | System and method to facilitate separate cardholder and system access to resources controlled by a smart card |
EP1576567A1 (en) * | 2002-12-18 | 2005-09-21 | Koninklijke Philips Electronics N.V. | Key synchronization in a visual cryptographic system |
US20070180261A1 (en) * | 2004-06-09 | 2007-08-02 | Koninklijke Philips Electronics, N.V. | Biometric template protection and feature handling |
US20060242423A1 (en) * | 2005-04-22 | 2006-10-26 | Kussmaul John W | Isolated authentication device and associated methods |
KR100714303B1 (ko) * | 2005-12-09 | 2007-05-07 | 한국전자통신연구원 | 특징점을 은닉하는 지문 인식 방법 및 그 장치 |
EP1811421A1 (en) * | 2005-12-29 | 2007-07-25 | AXSionics AG | Security token and method for authentication of a user with the security token |
SG139580A1 (en) * | 2006-07-20 | 2008-02-29 | Privylink Pte Ltd | Method for generating cryptographic key from biometric data |
US7930543B2 (en) * | 2006-08-18 | 2011-04-19 | Medtronic, Inc. | Secure telemetric link |
WO2009009788A1 (en) * | 2007-07-12 | 2009-01-15 | Jobmann Brian C | Identity authentication and secured access systems, components, and methods |
US8479013B2 (en) * | 2008-01-18 | 2013-07-02 | Photonic Data Security, Llc | Secure portable data transport and storage system |
-
2009
- 2009-11-12 ES ES09175755T patent/ES2572159T3/es active Active
- 2009-11-12 EP EP09175755.9A patent/EP2323308B1/en active Active
-
2010
- 2010-11-08 US US13/504,932 patent/US20120303966A1/en not_active Abandoned
- 2010-11-08 CA CA2780717A patent/CA2780717C/en not_active Expired - Fee Related
- 2010-11-08 BR BR112012009933A patent/BR112012009933A2/pt not_active Application Discontinuation
- 2010-11-08 WO PCT/EP2010/067002 patent/WO2011057983A1/en active Application Filing
- 2010-11-08 AU AU2010318058A patent/AU2010318058B2/en not_active Ceased
- 2010-11-08 CN CN201080050906.4A patent/CN102640450B/zh not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
EP2323308A1 (en) | 2011-05-18 |
EP2323308B1 (en) | 2016-03-23 |
CA2780717C (en) | 2015-08-11 |
CN102640450B (zh) | 2015-11-25 |
CN102640450A (zh) | 2012-08-15 |
BR112012009933A2 (pt) | 2016-03-08 |
AU2010318058A1 (en) | 2012-05-03 |
AU2010318058B2 (en) | 2015-07-23 |
US20120303966A1 (en) | 2012-11-29 |
CA2780717A1 (en) | 2011-05-19 |
WO2011057983A1 (en) | 2011-05-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
ES2572159T3 (es) | Un método de asignación de un secreto a un testigo de seguridad, un método de operación de un testigo de seguridad, un medio de almacenamiento y un testigo de seguridad | |
BR112017002747A2 (pt) | método implementado por computador, e, sistema de computador. | |
AR097524A1 (es) | Encriptación de datos y tarjeta inteligente que almacena datos encriptados | |
EA201891822A1 (ru) | Безопасность персональных устройств с использованием криптографии на основе эллиптических кривых для разделения секрета | |
BR112018004741A2 (pt) | método, e, dispositivo de acesso | |
CL2018002363A1 (es) | Determinación de un secreto común para el intercambio seguro de información y claves criptográficas deterministas y jerárquicas. | |
AR072975A1 (es) | Modulo integrado de seguridad criptografica para un nodo de red | |
MY176966A (en) | Biometric template security and key generation | |
ES2602827T3 (es) | Circuito de criptografía, protegido particularmente contra los ataques por observación de fugas de información mediante su cifrado | |
NZ714230A (en) | System and methods for encrypting data | |
EP4236203A3 (en) | Data security using request-supplied keys | |
PE20070934A1 (es) | Sistema en un chip seguro | |
WO2015157735A3 (en) | Content encryption and decryption | |
BR112016012359A2 (pt) | Método e sistema para transmissão segura de mensagens de serviço de notificação remota para dispositivos móveis sem elementos seguros | |
BRPI0700267A (pt) | método de comunicação entre um roteador e um hospedeiro, roteador para comunicação com um hospedeiro, e, hospedeiro para comunicação com um roteador | |
JP2013531436A5 (es) | ||
WO2014083335A3 (en) | A method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors | |
WO2008148784A3 (fr) | Procedes et dispositifs cryptographiques de generation pseudo-aleatoire de chiffrement de donnees et de hachage cryptographique d'un message | |
BR112018071634A2 (pt) | utilização de região isolada de segurança baseada em hardware para impedir pirataria e fraude em dispositivos eletrônicos | |
SA517381726B1 (ar) | إخفاء المعلومات في التشويش | |
WO2010011921A3 (en) | Http authentication and authorization management | |
GB201210004D0 (en) | Random number distruibution | |
WO2008135996A3 (en) | Safe self-destruction of data | |
CN105205407A (zh) | 一种电子证加密解密方法 | |
UY36412A (es) | Técnica de encriptación simétrica polialgorítmica |