Field of the Invention
The present invention relates to seed and key generation systems for encryption methods. More particularly, the invention relates to a seed and a key generation system for non-deterministic biometric indicia. The system does not store all necessary information for regenerating an encryption seed or generating an encryption key. Instead, the system destroys the seed and key and requires a live biometric sample to recreate the seed/key.
Description of the Related Art
Limiting access to a storage medium or device or a secure repository stored on a device is often desirable. Access to the storage device may be limited to one or more authenticated users. To authenticate a user, the user must initially enroll a biometric identifier specific to the user. This biometric identifier serves as an authentication password to verify the user's identity. When future access to the storage device is desired, the user provides the same biometric identifier, referred to as a live biometric identifier. The enrolled and live biometric identifiers are compared, and if the authentication system determines that the biometric identifiers likely belong to the same user, the system unlocks or otherwise retrieves a key for accessing the storage device.
In many authentication systems, the key is encrypted prior to being stored on the storage device or otherwise made accessible by the storage device. Encryption of the key does provide some security, as a hacker (who does not have access to the live biometric identifier for the specific user) must decrypt the key prior to accessing the device. However, decryption of the key is often elementary to skilled hackers.
Another layer of security is often added to the storage device by requiring that the key be regenerated each time access to the device is requested. However, to regenerate the key, a seed must be stored (either in encrypted or even hashed form or unencrypted or unhashed form). Similar to the encrypted key, a stored encrypted seed is still vulnerable to hackers.
In view of the concerns with storing the seed/key on the storage device or otherwise making accessible by the device, authentication systems have been developed that do not store the seed and/or key on the storage device itself. Instead, the seed and/or key is communicated or otherwise transferred to an authentication server, at which it is stored. When the user desires to access the storage device, the authentication system verifies the user's identity and transfers the seed and/or key to the device for accessing of the device. This authentication method is still vulnerable to security risks, as transferring the seed and/or key increases the potential for hacking and compromises the overall security of the encryption system.
The above security disadvantages are germane to many common encryption methods, including symmetric encryption and asymmetric encryption, and authentication systems, such as a one-time password authentication system. Specifically, supply of a password in a HOTP algorithm is particularly subject to security risks.
As is known, the HOTP algorithm is an HMAC based one-time password authentication system. OTP algorithms provide a single-use (i.e., one-time) password based on a known time, a known last password entered, and a key (or a seed for generating a key) stored by or at an authentication server. A client, which could be a storage device or software on the user side, and the authentication server run the HOTP algorithm in parallel. The authentication server running the HOTP algorithm typically uses an input key, a timer (or counter), and a known previous password to determine the next password in the algorithm's sequence. At the time of the user requesting access to the storage device or software, the storage device or software on the user will output a password. The outputted password at the user side is compared to the password, at the authentication side, determined by the HOTP algorithm to be the next password in the sequence. The comparison is performed by the authentication server. If the passwords match, the user is granted access to the storage device. The outputted password at the user side is different each time and only viable for a short time, thus making it a one-time password.
Accordingly, there is a need for an encryption system that does not store or otherwise provide access to all of the information necessary for obtaining access to a storage device. More particularly, there is a need for an encryption system that requires a live biometric identifier be provided at the time of access to the device for purposes of generating the seed and/or key—as opposed to merely authenticating an identity of the user.