The present invention relates to a method for generating an encryption key using biometrics authentication and restoring the encryption key as well as to a personal authentication system using the method. More specifically, the present invention relates to a method for providing personal authentication by registering an encryption key for personal authentication with features of a finger print and a personal authentication system based on generation of an encryption key using biometrics information and the biometric information enabling both stable generation of an encryption key and high security against attackers.
In a user authentication system using biometrics information, biometrics information is acquired from a user, data generally referred to amounts of characteristic is extracted from the information and registered when a user makes a registration in the system. This registered information is referred to as template. When the user is to be authenticated, again biometrics information is acquired from the user, an amount of characteristic is extracted from the information, and amounts of characteristic is compared with the template to determine whether the user has been registered in the system. When a user at a client side is to be authenticated based on biometric information by a server via a network, typically the server stores the template. The client acquires biometrics information from the user when the user is to be authenticated, extracts amounts of characteristic and sends the amounts of characteristics to the server, while the server compares the amounts of characteristic to the temperature which determines whether the user has been registered in the system.
Because the template is used to identify each user, strict management is required in terms of personal information, and therefore the management cost is very high. Even when the template is put under strict management, many users are apt to have psychological resistance against registration of a template from a view point of protection of privacy. Furthermore, one type of biometrics information acquired from a user is limited in the number (for instance, finger prints acquired from one user is 10). When a template is leaked and there is the possibility of falsification, the template cannot easily be changed like an encryption key, and if the same biometrics information is registered in different systems, the security in other systems may be lost. As described above, in personal authentication using biometrics information, there always exist the problems relating to privacy and security.
To solve the problems as described above, there is the approach based on a combination of authentication utilizing the encryption technique such PKI (Public Key Infrastructure) and as that using biometrics information. In this approach, a template and a secret key are stored in a tamper-proof device carried by a user such as an IC card, the biometrics information acquired from the user when the user is registered in the system is compared with template in the tamper-proof device, and when a result of verification is successful, the secret key is activated and the server authenticates the tamper-proof device by means of the challenge and response. In this method, however, each user is required to carry a tamper-proof device having the verifying function or the PKI function such as an IC card, and there is the problem that the system cost increases for the number of users.
To address this problem, there has been proposed the approach in which a secret key is directly generated from biometrics information. In this approach, it is not necessary to store a template or a secret key, nor is required an expensive tamper-proof device, yet the requirements for privacy and security are satisfied. More specifically, auxiliary information based on biometrics information of and a secret key for each user is prepared and recorded when the user is registered in the system, the secret key is restored from the biometrics information newly acquired from the user and the auxiliary information when the user is to be authenticated, and the server authenticates the client, for instance, by means of challenge and response. In this approach, the original information or a secrete key cannot be guessed from the auxiliary information, and therefore it is not necessary to store biometrics information or a secret key in a tamper-proof device, which makes it possible to associate authentication using biometrics information with the encryption technique.