The present invention relates to a system that performs processes such as authentication, encryption, and signature based on biometric information specific to an individual person.
Along with evolution of information technology (IT) in all sectors of society, it is becoming increasingly important to identify and authenticate a user reliably in various scenes such as ATMs in banks, online banking, credit card payment, Web services, entering and leaving management, attendance management, use of hotels and members' facilities, etc. Conventionally, an identification and authentication method using a password, an ID card, or the like, has predominated. However, there are an increasing number of victims of identity theft by a password list attack, card counterfeiting, etc. and expectations are raised for a biometric authentication technology that identifies and authenticates an individual person based on biometric information such as fingerprints, veins, faces, and irises as a more reliable and convenient means for authentication.
With an increase in the number of systems and services that a person uses, the number of IDs, passwords, and cards that one user must manage increases accordingly and this reduces convenience; additionally, there arises a problem in which security decreases, such as recycling the same password and an increase in a risk of card theft and counterfeiting.
Because of this background, attempts are proposed to make a variety of services available only by undergoing biometric authentication; for example, UAF standards formulated by FIDO Alliance define a protocol in which, if biometric authentication is successful at a user terminal (smartphone, PC, etc.), a challenge-response authentication based on a public key encryption technology is performed between the terminal and a server through the use of a secret key within the terminal. A user should register his or her biometric information with his or her terminal beforehand, create a pair of his or her secret key and a public key for each service (e.g., Online Payment, Netbanking, etc.), and register the secret key with the terminal and the public key with each service server; subsequently, the user can utilize each service only by presenting the biometric information to his or her terminal. In this method, however, a user is required to pre-register his or her biometric information and a secret key per service with a terminal. Hence, FIDO assumes a way of use in which a user owns one or two terminals and access to each service is only made from this terminal(s) owned by the user. However, in a way of use in which one or plural terminals are shared by plural users or many and unspecified users at ATMs and POS terminals and in an office, a college, or the like and in a case where one user owns many terminals or a case where one user renews a terminal frequently, the FIDO/UAF method poses a problem in which operation for registration is complicated (reducing convenience) and a problem of increasing the risk of leakage of highly confidential and sensitive information, i.e., biometric information and secret keys (safety decreases).
Meanwhile, a technology called biometric encryption draws attention as a technology that protects biometric information that has been registered and stored and reduces the risk of leakage considerably. When registering biometric information, the biometric encryption extracts a feature metric X from the biometric information and adds random number information R to X, which is a kind of processing to conceal the feature metric X, thus creating data H which is called auxiliary information. The auxiliary information H is stored in, inter alia, a user terminal. When authentication is performed, a feature metric X′ is extracted from newly acquired biometric information and R′ is restored by executing restoration processing for auxiliary information H using X′. When and only when X′ is sufficiently close to X, correct random number information is to be restored (R=R′). Moreover, an algorithm is designed so that estimating X and R from H is sufficiently difficult, unless knowing X′ that is sufficiently close to X. By registration and matching check of a value of R or a hash value of R, authentication can be accomplished with the feature metric X extracted from the registered biometric information remaining concealed; besides, by regarding a value of R or a hash value of R as a secret key and executing processes of data encryption and decryption and generating electronic signature, encryption/decryption and electronic signature based on biometric information can be implemented without holding a secret key directly.
In combination of biometric encryption with the FIDO/UAF standards, a user is not required to store biometric information and a secret key in his or her terminal and, instead, auxiliary information H is only required to be stored. This enables it to reduce the risk of leakage of biometric information and secret keys. However, given that the above combination is applied to the way of use in which when one or plural terminals are shared by plural users or many and unspecified users, the problem in which operation for registration is complicated (reducing convenience) is still left unsolved. Furthermore, random number information R restoration processing in biometric encryption may require complicated calculation such as error correction processing and cryptographic processing and there is also a problem in which, considering the amount of calculation, it is difficult to execute restoration processing for auxiliary information relevant to a large number of users within a terminal having limited calculation capability.
Furthermore, authentication based on FIDO/UAF can be utilized only with a service server compliant with the FIDO/UAF standards. Biometric encryption can also be utilized only with a service server with its specific authentication functionality installed therein. Hence, for a variety of existing online services that use exiting authentication means such as password authentication and PKI authentication, utilizing a service only by undergoing biometric authentication without reconfiguring a server cannot be implemented by the foregoing technologies.