[go: up one dir, main page]

WO2017091133A1 - Method and system for secure storage of information - Google Patents

Method and system for secure storage of information Download PDF

Info

Publication number
WO2017091133A1
WO2017091133A1 PCT/SE2016/051158 SE2016051158W WO2017091133A1 WO 2017091133 A1 WO2017091133 A1 WO 2017091133A1 SE 2016051158 W SE2016051158 W SE 2016051158W WO 2017091133 A1 WO2017091133 A1 WO 2017091133A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
user device
user
biometric
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/SE2016/051158
Other languages
French (fr)
Inventor
Philip LUNDIN
Aysajan Abidin
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Authentico Technologies AB
Original Assignee
Authentico Technologies AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Authentico Technologies AB filed Critical Authentico Technologies AB
Publication of WO2017091133A1 publication Critical patent/WO2017091133A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Definitions

  • the present invention relates to a method and a system for secure storage of information.
  • the present invention relates to the secure storage of sensitive information on a user device comprising a biometric reader.
  • internet users When internet users perform online transactions such as an online purchase or when logging in to an online service provider, they are often required to provide sensitive information to the service provider. For example, when internet users want to buy something online or pay for services online, they are often presented with two choices. Either the users have to manually enter personal information along with credit card information, or the users can register themselves at the online store or service provider and save credit card information and/or other personal information there, so that they do not need to enter their credit card information each time they pay for the goods or services consumed. All that is needed is to login to the website of an online store or service provider.
  • a method for secure storage of information in a user device comprising a biometric reader; the method comprising the steps of: entering information X on a user device; acquiring biometric information b from a user using the biometric reader of the user device; generating a key R and a helper string P using the biometric reading b by means of a fuzzy extractor generation algorithm;
  • the information may for example be an information string, such as a string of characters manually input by the user on the user device.
  • the information may also comprise an image, a file structure etc. located on or acquired by the user device.
  • the present invention can be applied for any type of digitally encoded information.
  • the user device may for example be a smartphone comprising a biometric reader such as a fingerprint sensor.
  • a biometric reader such as a fingerprint sensor
  • other types of user devices comprising other types of biometric readers, such as a retinal scanner, can be used in various embodiments of the present invention.
  • the user device may be a card reader terminal, or a dedicated login terminal where one or more users may enter sensitive information.
  • a fuzzy extractor is a method for generating strong keys from a fuzzy input such a biometric reading.
  • the basic principle of operation of a fuzzy extractor is that a generation algorithm converts biometric data into random strings, which makes it possible to apply cryptographic techniques for biometric security, to encrypt and authenticate information with biometric inputs as a key.
  • a first biometric reading b is stored as a biometric template.
  • the encrypted information can be recovered if a second biometric reading b' is sufficiently similar to the template biometric reading b using a reproduction algorithm of the fuzzy extractor. The precise amount by how much the second biometric reading b' may differ from the biometric template b for the two readings to be considered a match, i.e.
  • b ⁇ b is determined by the specific fuzzy extractor algorithms used and can be selected based on requirement of the application in which the fuzzy extractor is implemented. Accordingly, it is in principle sufficient that b' is approximately similar to b for X to be extracted, hence the term "fuzzy".
  • the local computing device may for example be a stationary computer, a laptop, a tablet computer or the like.
  • the secure connection between the user device and the local computing device may be a wired connection, e.g. via USB, or a wireless connection such as WiFi, Bluetooth or the like, where sufficient encryption or secure communication protocols are employed.
  • the present invention is based on the realization that a fuzzy extractor functionality in a user device comprising biometric reader can provide a convenient way for a user to securely store sensitive information on the user device.
  • a fuzzy extractor functionality in a user device comprising biometric reader can provide a convenient way for a user to securely store sensitive information on the user device.
  • the present invention provides a simple but secure solution for handling sensitive information on the user side so that the users do not have to manually perform the tedious task of entering the sensitive information without resorting themselves to the potentially dangerous approach of storing sensitive information on the service providers.
  • the information may comprise credit card information enabling a purchase.
  • the credit card information can be enrolled and securely stored on the user device such that when the credit card number is required to complete an online purchase or online booking initiated on the local computer, the credit card number can readily be provided to the local computer from the user device by acquiring a biometric reading from the user.
  • the information may comprise personal identifying information enabling an identification of a user.
  • the personal identifying information may be selected from the group comprising passport information, identification card information, DNA information and biometric information, which all represent types of information that a user may want to store securely on a user device. Accordingly, there can be different types of information that may be used for online
  • the stored information may also relate to the health status of a user, it may comprise passwords, bank account numbers, IP-addresses and the like. Thereby, since a user may be hesitant to allow such personal information to be stored in a database of a service provider, embodiments of the present invention allow safe storage on a user device for all types of sensitive personal information.
  • the method may further comprise, after the step of providing the information X from the user device to the local computing device, deleting R and X from the user device.
  • the method may further comprise performing the following steps in the local computer: initiating an interaction with a remote server; receiving a request for the information X from the remote server; requesting the information X from the user device; receiving the information X from the user device; and providing the
  • the described steps performed in the local computer represent an online transaction which can be exemplified by an online purchase.
  • the transaction can be initiated by a user of the local computing device such as a laptop by initiating a payment in an online store handled by a remote server.
  • the remote server may request credit card information from the user, where the credit card information is represented by the information X securely stored on the user device.
  • the users enters biometric information on the user device, using the biometric reader, thereby enabling reproduction of the credit card number using the fuzzy generator reproduction algorithm as described above.
  • the credit card information is reproduced by the user device, it can be transmitted securely to the local computing device, which in turn provides the credit card information, and possibly also other required information, to the remote server to finalize the purchase.
  • the connection between the local computing deice and the remote server is not within the scope of the present invention, it can be assumed that the connection is secured using any known secure protocol or encryption.
  • the interaction with the remote server may also comprise an online identity verification operation, where the identity of the user is verified by the remote server.
  • the interaction may be part of a login operation of a bank where
  • the interaction may also represent logging in to any other online service provider requiring a secure login.
  • a system for secure storage of information comprising a user device comprising a biometric reader and a storage unit, wherein said user device is configured to: receive information X; acquire a biometric reading b from a user using the biometric reader of the user device; generate a key R and a helper string P using the biometric reading b by means of a fuzzy extractor generation algorithm; store P on a storage unit of the user device; encrypt the information X using the key R resulting in a cipher text C; store the cipher text C on the storage unit of the user device; and delete the information X, the biometric reading b and the key R from the user device; the system further comprising a local computing device configured to: request the information X from the user device; wherein the user device is configured to
  • the user device may be a smartphone comprising a fingerprint sensor, thereby enabling safe storage of sensitive information such as credit card number.
  • the system could be based on commercially available products with the added functionality of encrypting the fingerprint information to provide a simple and secure way for a user to securely store sensitive using readily available products.
  • a method for secure storage of information in a user device comprising a biometric reader and a Physical Unclonable Function, PUF.
  • the method comprises the steps of: entering information X on a user device; acquiring biometric information b from a user using the biometric reader of the user device;
  • PUF Physical Unclonable Function
  • the PUF is a function that is embodied in a physical structure and is easy to evaluate but hard to predict. An individual PUF device must be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it.
  • PUF which are the hardware analog of a one-way function, or essentially random functions bound to a physical device in such a way that it is computationally and physically infeasible to predict the output of the function without actually evaluating it using the physical device. It should be understood that the output from the PUF will be slightly different for each time the password is provided as an input, i.e. including a randomness component, hence the use of a fuzzy extractor for the PUF output.
  • Providing an input for the PUF may comprise requesting an input from the user, such as a password.
  • the input for the PUF may be a fixed input based on the configuration of the user device, which may be referred to as weak PUF.
  • weak PUF the user does not provide any input. Instead the device itself generates the key R p based on a challenge which is hardwired into the device.
  • the information can be decrypted by providing the biometric reading and the correct input to the PUF.
  • a system for secure storage of information comprising a user device comprising a biometric reader, a physical unclonable function, PUF, and a storage unit.
  • the user device is configured to: receive information X; acquire biometric information b from a user using the biometric reader of the user device;
  • a system which is capable of securely storing information using a combination of a biometric reading and a PUF to form a key, in combination with a Fuzzy extractor algorithm.
  • a local computing device configured to: request the information X from the user device; wherein the user device is configured to, when requested by the local computing device: acquire biometric information b' from the user and if b' is
  • Figs. 1 a-b are flow charts schematically illustrating methods according to embodiments of the invention.
  • Fig. 2 is a flow chart schematically illustrating a method according to an embodiment of the invention
  • FIGs. 3a-b schematically illustrates a user device and a system used in embodiments of the invention.
  • Fig. 4 is a flow chart schematically illustrating a method according to an embodiment of the invention.
  • Figs. 1 and 2 are flow charts outlining the general steps of methods according to various embodiments of the invention. The method will be described with reference to Fig. 3a illustrating a user device 300 and to Fig. 3b illustrating a system 302.
  • Fig. 1 a schematically illustrates the enrollment of an information string X on a user device 300 in the form of a smartphone.
  • the information string X can be considered to be a credit card number which is entered manually by a user.
  • the information to be stored securely on the user device may also be input by a camera of the user device, for example using a QR-code, or the information may be already stored on the user device but in a clear-text form.
  • the information X is entered 100 in a dedicated input field 304 of the user device 300.
  • the user may initiate the storage, for example by touching a corresponding icon 306.
  • This in turn prompts the user to provide biometric information using the fingerprint sensor 308 of the smartphone.
  • the fingerprint sensor 306 is illustrated as being integrated in the display of the smartphone 300.
  • the fingerprint sensor, or another type of biometric reader may equally well be arranged in other parts of a user device such as on the side, on the backside, integrated in a pushbutton etc.
  • a key R and a helper string P is generated 104, using the biometric reading b, by means of a fuzzy extractor generation algorithm.
  • helper string P does not contain any information about R, it can only be used to recover R when a matching biometric reading is provide.
  • the generation operation can be denoted (R,P) ⁇ — gen(b), where gen represents the fuzzy extractor generation algorithm.
  • the helper string P is stored 106 in a memory of the smartphone 300.
  • C is stored 1 10 in the smartphone 300 and X, b and R are deleted 1 12 from the memory of the smartphone 300.
  • X, b and R are preferably deleted permanently such that the information X, b and R is not recoverable from the smartphone 300, since a key feature of the present method is that the original sensitive information is not stored on the device. It is also important that the biometric information b is not stored on the user device, since this could be used to circumvent features requiring biometric sensor verification.
  • Fig. 1 b illustrates the following steps of the method where the local computing device 302, here a stationary computer 302, requests 1 14 the information Xfrom the smartphone 300.
  • the smartphone 300 receives 1 16 the request for X, the user is prompted to provide a fingerprint and a biometric reading b' is acquired 1 18.
  • a key R' which is equal to the original key R can be reproduced 122, using the public helper string P, only if b' is sufficiently similar to the original biometric template b (i.e. if b' ⁇ b), which can be denoted R' ⁇ — rep(b', P), where rep represents the fuzzy extractor reproduction algorithm.
  • a characterizing feature of a fuzzy extractor method is that the originally generated key R can be extracted even if the second biometric reading b' is not strictly identical to the biometric template b.
  • the cipher text C can be decrypted to acquire 124 the information X.
  • the information can be provided 126 from the smartphone 300 to the computer 302 via a wired or wireless secure connection.
  • both X and R are deleted from the user device such that the
  • FIG. 2 and Fig. 3b schematically illustrates an online transaction using the above described securely stored information X.
  • credit card information is stored as X on the user device.
  • the remote server requests 204 that the user provides credit card information (X) and the stationary computer 302 in turn sends a request 206 to the user device 300 asking for the credit card information X.
  • the user is then prompted to provide a fingerprint reading b', and if b' matches the fingerprint template b, the credit card information is acquired 208 and transmitted via a secure connection to the computer 302, which will then be provided to the computer 302.
  • the computer 302 receives 210 the credit card information X which is forwarded to the remote server 310, preferably via a secure connection. Once received 212, the credit card information can be processed by the remote server to complete the online purchase.
  • Fig. 4 schematically illustrates the enrollment of an information string X on a user device 300, here in the form of a smartphone.
  • the method is in many ways similar to the method discussed with reference to Fig. 1 a, with the additional inclusion of a PUF as will be described below.
  • The comprises entering information X, 400, on a user device, acquiring biometric information b, 402, from a user using the biometric reader of the user device and generating, 406, a key R b and a helper string P b using the biometric reading b by means of a fuzzy extractor generation algorithm.
  • an input for the PUF is provided, such as a password, to generate404, a PUF output, p, to generate, 406, a key R p and a helper string P p using the PUF output p by means of a fuzzy extractor generation algorithm.
  • the information X is encrypted, 412, using the key R resulting in a cipher text C, followed by storing, 414, the cipher text C on the user device and deleting, 416, the information X, the biometric reading b, the PUF output p, and the keys R b and R p from the user device.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Collating Specific Patterns (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The present invention relates to a method for secure storage of information in a user device comprising a biometric reader; the method comprises entering information X on a user device; acquiring biometric information b from a user; generating a key Rand a helper string P using the biometric reading b by means of a fuzzy extractor generation algorithm; storing P on the user device; encrypting X using R resulting in a cipher text C; storing Con the user device; and deleting X, the biometric reading b and the key R from the user device. The method further comprises, in a local computing device, requesting X from the user device; in the user device, acquiring biometric information b' from the user; if b' is approximately equal to b, reproducing R' = R from b' and P using a fuzzy extractor reproduction algorithm; decrypting C, using R, to acquire the X; and providing the information X from the user device to the local computing device via a secure connection.

Description

METHOD AND SYSTEM FOR SECURE STORAGE OF INFORMATION
Field of the Invention
The present invention relates to a method and a system for secure storage of information. In particular, the present invention relates to the secure storage of sensitive information on a user device comprising a biometric reader.
Background of the Invention
When internet users perform online transactions such as an online purchase or when logging in to an online service provider, they are often required to provide sensitive information to the service provider. For example, when internet users want to buy something online or pay for services online, they are often presented with two choices. Either the users have to manually enter personal information along with credit card information, or the users can register themselves at the online store or service provider and save credit card information and/or other personal information there, so that they do not need to enter their credit card information each time they pay for the goods or services consumed. All that is needed is to login to the website of an online store or service provider.
Due to the inconvenience of manually entering information such as the credit card information, the latter option is the most widely chosen option by the users. In the latter approach, however, the users need to trust that the service providers or online stores put in place adequate security measures to protect the credit card information in their database from being stolen, and to encrypt the information so that it stays secure even if the database is compromised. As can be witnessed today, many service providers do not in employ sufficient security measures to protect sensitive information like credit card information. Or even when they do, the security measures may be easy to bypass by smart, dedicated attackers/hackers. Moreover, new
vulnerabilities in security solutions believed to be secure are continuously discovered. Accordingly, there is a need for secure storage of sensitive information which is sufficiently easy to use to be attractive to the user.
Summary
In view of above-mentioned and other drawbacks of the prior art, it is an objective of the present invention to provide a method and system for secure storage of information in user device, where the secure information can be requested from the user deice by a local computing device.
According to a first aspect of the invention, there is provided a method for secure storage of information in a user device comprising a biometric reader; the method comprising the steps of: entering information X on a user device; acquiring biometric information b from a user using the biometric reader of the user device; generating a key R and a helper string P using the biometric reading b by means of a fuzzy extractor generation algorithm;
storing P on the user device; encrypting the information X using the key R resulting in a cipher text C; storing the cipher text C on the user device; and deleting the information X, the biometric reading b and the key R from the user device. The method further comprises, in a local computing device, requesting the information X from the user device; in the user device, acquiring biometric information b' from the user; if b' is approximately equal to b, reproducing R' = R from b' and P using a fuzzy extractor reproduction algorithm; decrypting the cipher text C, using R, to acquire the information X; and providing the information X from the user device to the local computing device via a secure connection.
In the present context, the information may for example be an information string, such as a string of characters manually input by the user on the user device. The information may also comprise an image, a file structure etc. located on or acquired by the user device. In principle, the present invention can be applied for any type of digitally encoded information.
The user device may for example be a smartphone comprising a biometric reader such as a fingerprint sensor. However, also other types of user devices comprising other types of biometric readers, such as a retinal scanner, can be used in various embodiments of the present invention. For example, the user device may be a card reader terminal, or a dedicated login terminal where one or more users may enter sensitive information.
A fuzzy extractor is a method for generating strong keys from a fuzzy input such a biometric reading. The basic principle of operation of a fuzzy extractor is that a generation algorithm converts biometric data into random strings, which makes it possible to apply cryptographic techniques for biometric security, to encrypt and authenticate information with biometric inputs as a key. A first biometric reading b is stored as a biometric template. Based on a public helper string P, the encrypted information can be recovered if a second biometric reading b' is sufficiently similar to the template biometric reading b using a reproduction algorithm of the fuzzy extractor. The precise amount by how much the second biometric reading b' may differ from the biometric template b for the two readings to be considered a match, i.e. b ~ b, is determined by the specific fuzzy extractor algorithms used and can be selected based on requirement of the application in which the fuzzy extractor is implemented. Accordingly, it is in principle sufficient that b' is approximately similar to b for X to be extracted, hence the term "fuzzy".
In the present context, the local computing device may for example be a stationary computer, a laptop, a tablet computer or the like.
The secure connection between the user device and the local computing device may be a wired connection, e.g. via USB, or a wireless connection such as WiFi, Bluetooth or the like, where sufficient encryption or secure communication protocols are employed.
The present invention is based on the realization that a fuzzy extractor functionality in a user device comprising biometric reader can provide a convenient way for a user to securely store sensitive information on the user device. As more and more handheld devices such as smartphones come equipped with biometric readers, and in particular with fingerprint sensors, new opportunities for protecting user information arise.
In particular, the present invention provides a simple but secure solution for handling sensitive information on the user side so that the users do not have to manually perform the tedious task of entering the sensitive information without resorting themselves to the potentially dangerous approach of storing sensitive information on the service providers.
According to one embodiment of the invention, the information may comprise credit card information enabling a purchase. Thereby, the credit card information can be enrolled and securely stored on the user device such that when the credit card number is required to complete an online purchase or online booking initiated on the local computer, the credit card number can readily be provided to the local computer from the user device by acquiring a biometric reading from the user.
In one embodiment of the invention the information may comprise personal identifying information enabling an identification of a user. For example, the personal identifying information may be selected from the group comprising passport information, identification card information, DNA information and biometric information, which all represent types of information that a user may want to store securely on a user device. Accordingly, there can be different types of information that may be used for online
authentication and verification. The stored information may also relate to the health status of a user, it may comprise passwords, bank account numbers, IP-addresses and the like. Thereby, since a user may be hesitant to allow such personal information to be stored in a database of a service provider, embodiments of the present invention allow safe storage on a user device for all types of sensitive personal information.
According to one embodiment of the invention, the method may further comprise, after the step of providing the information X from the user device to the local computing device, deleting R and X from the user device. To ensure that no sensitive information remains on the user device after retrieval of the stored information X, the reproduced key R'=R is deleted from the user device once the information X has been retrieved and the information X is deleted from the user device after it has been provided to the local computing device.
According to one embodiment of the invention, the method may further comprise performing the following steps in the local computer: initiating an interaction with a remote server; receiving a request for the information X from the remote server; requesting the information X from the user device; receiving the information X from the user device; and providing the
information X to the remote server. The described steps performed in the local computer represent an online transaction which can be exemplified by an online purchase. The transaction can be initiated by a user of the local computing device such as a laptop by initiating a payment in an online store handled by a remote server. Next, the remote server may request credit card information from the user, where the credit card information is represented by the information X securely stored on the user device. To retrieve the credit card information, the users enters biometric information on the user device, using the biometric reader, thereby enabling reproduction of the credit card number using the fuzzy generator reproduction algorithm as described above. Once the credit card information is reproduced by the user device, it can be transmitted securely to the local computing device, which in turn provides the credit card information, and possibly also other required information, to the remote server to finalize the purchase. Even though the connection between the local computing deice and the remote server is not within the scope of the present invention, it can be assumed that the connection is secured using any known secure protocol or encryption.
According to one embodiment of the invention, the interaction with the remote server may also comprise an online identity verification operation, where the identity of the user is verified by the remote server. For example, the interaction may be part of a login operation of a bank where
authentication of the identity of the user is crucial. The interaction may also represent logging in to any other online service provider requiring a secure login.
However, regardless of the specific security solution used by a remote service provider, various embodiments of the present invention offers a convenient and secure method of storing sensitive information on user device comprising a biometric sensor. According to a second aspect of the invention, there is provided a system for secure storage of information comprising a user device comprising a biometric reader and a storage unit, wherein said user device is configured to: receive information X; acquire a biometric reading b from a user using the biometric reader of the user device; generate a key R and a helper string P using the biometric reading b by means of a fuzzy extractor generation algorithm; store P on a storage unit of the user device; encrypt the information X using the key R resulting in a cipher text C; store the cipher text C on the storage unit of the user device; and delete the information X, the biometric reading b and the key R from the user device; the system further comprising a local computing device configured to: request the information X from the user device; wherein the user device is configured to, when requested by the local computing device, acquire biometric information b' from the user using the biometric reader, and if b' is approximately equal to b, reproduce R' = R from b' and P using a fuzzy extractor reproduction algorithm; decrypt the cipher text C, using R, to acquire the information X; and provide the information X from the user device to the local computing device via a secure connection.
In the above system, the user device may be a smartphone comprising a fingerprint sensor, thereby enabling safe storage of sensitive information such as credit card number. Accordingly, the system could be based on commercially available products with the added functionality of encrypting the fingerprint information to provide a simple and secure way for a user to securely store sensitive using readily available products.
Further effects and features of the second aspect of the invention are largely analogous to those described above in connection with the first aspect of the invention.
According a third aspect of the invention, there is provided a method for secure storage of information in a user device comprising a biometric reader and a Physical Unclonable Function, PUF. The method comprises the steps of: entering information X on a user device; acquiring biometric information b from a user using the biometric reader of the user device;
generating a key Rb and a helper string Pb using the biometric reading b by means of a fuzzy extractor generation algorithm; providing an input for the PUF; generating an output from the PUF, p; generating a key Rp and a helper string Pp using the PUF output p by means of a fuzzy extractor generation algorithm; forming a key R by combining Rb and Rp using an XOR operation, R = Rb XOR Rp; storing Pb and Pp on the user device; encrypting the information X using the key R resulting in a cipher text C; storing the cipher text C on the user device; deleting the information X, the biometric reading b , the PUF output p, and the keys Rb and Rp from the user device.
By using a Physical Unclonable Function (PUF), an additional layer of security is added to the secure storage of information, since both a biometric reading and an output from the PUF is required to provide the key for decrypting the information.
The PUF is a function that is embodied in a physical structure and is easy to evaluate but hard to predict. An individual PUF device must be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it. In this respect PUF, which are the hardware analog of a one-way function, or essentially random functions bound to a physical device in such a way that it is computationally and physically infeasible to predict the output of the function without actually evaluating it using the physical device. It should be understood that the output from the PUF will be slightly different for each time the password is provided as an input, i.e. including a randomness component, hence the use of a fuzzy extractor for the PUF output.
Providing an input for the PUF may comprise requesting an input from the user, such as a password. Alternatively, the input for the PUF may be a fixed input based on the configuration of the user device, which may be referred to as weak PUF. In case of a weak PUF, the user does not provide any input. Instead the device itself generates the key Rp based on a challenge which is hardwired into the device.
According to one embodiment of the invention, the method may further comprise, in a local computing device, requesting the information X from the user device; in the user device: acquiring biometric information b' from the user and if b' is approximately equal to b, reproducing Rb' = Rb from b' and Pb using a fuzzy extractor reproduction algorithm; acquiring PUF output p' from the user and if p' is approximately equal to p, reproducing Rp' = Rp from p' and Pp using a fuzzy extractor reproduction algorithm; forming the key R as R = Rb XOR Rp; decrypting the cipher text C, using R, to acquire the information X; and providing the information X from the user device to the local computing device via a secure connection.
Hereby, the information can be decrypted by providing the biometric reading and the correct input to the PUF.
Further effects and features of the third aspect of the invention are largely analogous to those described above in connection with the first and second aspects of the invention.
According to a fourth aspect of the invention, there is provided a system for secure storage of information comprising a user device comprising a biometric reader, a physical unclonable function, PUF, and a storage unit. The user device is configured to: receive information X; acquire biometric information b from a user using the biometric reader of the user device;
generate a key Rb and a helper string Pb using the biometric reading b by means of a fuzzy extractor generation algorithm; provide an input for the PUF, generate an output from the PUF, p; generate a key Rp and a helper string Pp using the PUF output by means of a fuzzy extractor generation algorithm; form a key R by combining Rb and Rp using an XOR operation, R = Rb XOR Rp; store P and PP on the user device; encrypt the information X using the key R resulting in a cipher text C; store the cipher text C on the user device; and delete the information X, the biometric reading b , the PUF output p, and the keys R and Rp from the user device.
Hereby, a system is provided which is capable of securely storing information using a combination of a biometric reading and a PUF to form a key, in combination with a Fuzzy extractor algorithm.
According to one embodiment of the invention, the system may further comprise a local computing device configured to: request the information X from the user device; wherein the user device is configured to, when requested by the local computing device: acquire biometric information b' from the user and if b' is approximately equal to b, reproducing Rb' = Rb from b' and Pb using a fuzzy extractor reproduction algorithm; acquire PUF output p' from the user and if p' is approximately equal to p, reproducing Rp' = Rp from p' and Pp using a fuzzy extractor reproduction algorithm; form the key R as R = Rb XOR Rp; decrypt the cipher text C, using R, to acquire the information X; and provide the information X from the user device to the local computing device via a secure connection.
Further effects and features of the fourth aspect of the invention are largely analogous to those described above in connection with the first, second and third aspects of the invention.
Further features of, and advantages with, the present invention will become apparent when studying the appended claims and the following description. The skilled person realizes that different features of the present invention may be combined to create embodiments other than those described in the following, without departing from the scope of the present invention.
Brief Description of the Drawings
These and other aspects of the present invention will now be described in more detail, with reference to the appended drawings showing an example embodiment of the invention, wherein:
Figs. 1 a-b are flow charts schematically illustrating methods according to embodiments of the invention;
Fig. 2 is a flow chart schematically illustrating a method according to an embodiment of the invention;
Figs. 3a-b schematically illustrates a user device and a system used in embodiments of the invention; and
Fig. 4 is a flow chart schematically illustrating a method according to an embodiment of the invention.
Detailed Description of Example Embodiments In the present detailed description, various embodiments of the method and system according to the present invention are mainly described with reference to a smartphone comprising a fingerprint sensor for acquiring biometric information. However, the general principles of the invention are applicable to a wide range of user devices comprising a biometric sensor and a storage unit for secure storage of sensitive information.
Figs. 1 and 2 are flow charts outlining the general steps of methods according to various embodiments of the invention. The method will be described with reference to Fig. 3a illustrating a user device 300 and to Fig. 3b illustrating a system 302.
Fig. 1 a schematically illustrates the enrollment of an information string X on a user device 300 in the form of a smartphone. In the present example, the information string X can be considered to be a credit card number which is entered manually by a user. However, the information to be stored securely on the user device may also be input by a camera of the user device, for example using a QR-code, or the information may be already stored on the user device but in a clear-text form.
As a first step, the information X is entered 100 in a dedicated input field 304 of the user device 300. Next, the user may initiate the storage, for example by touching a corresponding icon 306. This in turn prompts the user to provide biometric information using the fingerprint sensor 308 of the smartphone. Here, the fingerprint sensor 306 is illustrated as being integrated in the display of the smartphone 300. However, the fingerprint sensor, or another type of biometric reader, may equally well be arranged in other parts of a user device such as on the side, on the backside, integrated in a pushbutton etc. Once the biometric information b is acquired 102, a key R and a helper string P is generated 104, using the biometric reading b, by means of a fuzzy extractor generation algorithm. Note that the helper string P does not contain any information about R, it can only be used to recover R when a matching biometric reading is provide. The generation operation can be denoted (R,P) <— gen(b), where gen represents the fuzzy extractor generation algorithm. Next, the helper string P is stored 106 in a memory of the smartphone 300. The information X is encrypted 108 using the key R resulting in a cipher text C, where the encryption operation is denoted R, C = EDCR(X).
In the following, C is stored 1 10 in the smartphone 300 and X, b and R are deleted 1 12 from the memory of the smartphone 300. Note that X, b and R are preferably deleted permanently such that the information X, b and R is not recoverable from the smartphone 300, since a key feature of the present method is that the original sensitive information is not stored on the device. It is also important that the biometric information b is not stored on the user device, since this could be used to circumvent features requiring biometric sensor verification. Once the cipher text C and the public helper string P are stored on the smartphone 300, the enrollment phase is completed.
Fig. 1 b illustrates the following steps of the method where the local computing device 302, here a stationary computer 302, requests 1 14 the information Xfrom the smartphone 300. When the smartphone 300 receives 1 16 the request for X, the user is prompted to provide a fingerprint and a biometric reading b' is acquired 1 18.
Using a fuzzy extractor reproduction algorithm, a key R' which is equal to the original key R can be reproduced 122, using the public helper string P, only if b' is sufficiently similar to the original biometric template b (i.e. if b' ~ b), which can be denoted R' <— rep(b', P), where rep represents the fuzzy extractor reproduction algorithm. A characterizing feature of a fuzzy extractor method is that the originally generated key R can be extracted even if the second biometric reading b' is not strictly identical to the biometric template b. When the key R is available, the cipher text C can be decrypted to acquire 124 the information X. The decryption operation can be denoted R, X = DecR(C).
Finally, the information can be provided 126 from the smartphone 300 to the computer 302 via a wired or wireless secure connection.
Once the information X has been provided to the local computing device, both X and R are deleted from the user device such that the
information X is once again securely stored and only retrievable by means of a successful biometric identification. It should further be noted that the key R' is deleted from the user device even if it is not equal to R.
Fig. 2 and Fig. 3b schematically illustrates an online transaction using the above described securely stored information X.
It is assumed that credit card information is stored as X on the user device. When the user initiates an interaction 202 with a remote server 310, for example when a user wants to pay for a product in an online web shop, the remote server requests 204 that the user provides credit card information (X) and the stationary computer 302 in turn sends a request 206 to the user device 300 asking for the credit card information X. The user is then prompted to provide a fingerprint reading b', and if b' matches the fingerprint template b, the credit card information is acquired 208 and transmitted via a secure connection to the computer 302, which will then be provided to the computer 302. The computer 302 receives 210 the credit card information X which is forwarded to the remote server 310, preferably via a secure connection. Once received 212, the credit card information can be processed by the remote server to complete the online purchase.
Accordingly, a simple but secure solution to handle credit card information on the user side is provided so that the user does not need to manually perform the tedious task of entering the credit card information and without resorting to the potentially dangerous approach of storing sensitive information at the service providers.
Fig. 4 schematically illustrates the enrollment of an information string X on a user device 300, here in the form of a smartphone. The method is in many ways similar to the method discussed with reference to Fig. 1 a, with the additional inclusion of a PUF as will be described below.
The comprises entering information X, 400, on a user device, acquiring biometric information b, 402, from a user using the biometric reader of the user device and generating, 406, a key Rb and a helper string Pb using the biometric reading b by means of a fuzzy extractor generation algorithm.
Next, an input for the PUF is provided, such as a password, to generate404, a PUF output, p, to generate, 406, a key Rp and a helper string Pp using the PUF output p by means of a fuzzy extractor generation algorithm.
The next step comprises forming, 408, a key R by combining Rb and Rp using an XOR operation, R = Rb XOR Rp and storing, 410, Pb and Pp on the user device.
In a following step, the information X is encrypted, 412, using the key R resulting in a cipher text C, followed by storing, 414, the cipher text C on the user device and deleting, 416, the information X, the biometric reading b, the PUF output p, and the keys Rb and Rp from the user device.
Further aspects of the method described in Fig. 4 are similar to those discusses above in relation to Figs. 1 -3.
Even though the invention has been described with reference to specific exemplifying embodiments thereof, many different alterations, modifications and the like will become apparent for those skilled in the art. Also, it should be noted that parts of the system and method may be omitted, interchanged or arranged in various ways, the system and method yet being able to perform the functionality of the present invention.
Additionally, variations to the disclosed embodiments can be understood and effected by the skilled person in practicing the claimed invention, from a study of the drawings, the disclosure, and the appended claims. In the claims, the word "comprising" does not exclude other elements or steps, and the indefinite article "a" or "an" does not exclude a plurality. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Claims

1 . A method for secure storage of information in a user device comprising a biometric reader; the method comprising the steps of:
entering information X on a user device;
acquiring biometric information b from a user using the biometric reader of the user device;
generating a key R and a helper string P using the biometric reading b by means of a fuzzy extractor generation algorithm;
storing P on the user device;
encrypting the information X using the key R resulting in a cipher text
C;
storing the cipher text C on the user device;
deleting the information X, the biometric reading b and the key R from the user device;
in a local computing device, requesting the information X from the user device;
in the user device, acquiring biometric information b' from the user and if b' is approximately equal to b, reproducing R' = R from b' and P using a fuzzy extractor reproduction algorithm;
decrypting the cipher text C, using R, to acquire the information X; and providing the information X from the user device to the local computing device via a secure connection.
2. The method according to claim 1 , wherein the information comprises credit card information enabling a purchase.
3. The method according to claim 1 , wherein the information comprises personal identifying information enabling an identification of a user.
4. The method according to claim 3, wherein the personal identifying information is selected from the group comprising passport information, identification card information, DNA information and biometric information.
5. The method according to any one of the preceding claims, further comprising, after the step of providing the information X from the user device to the local computing device, deleting R and X from the user device.
6. The method according to any one of the preceding claims, further comprising the steps of, in the local computing device:
initiating an interaction with a remote server;
receiving a request for the information X from the remote server;
requesting the information X from the user device;
receiving the information X from the user device; and
providing the information X to the remote server.
7. The method according to claim 6, wherein the interaction with the remote server comprises an online purchase.
8. The method according to claim 6, wherein the interaction with the remote server comprises an online identity verification operation, where the identity of the user is verified by the remote server.
9. The method according to claim 8, wherein the online identity verification is part of a login operation of an online website.
10. A system for secure storage of information comprising a user device comprising a biometric reader and a storage unit, wherein said user device is configured to:
receive information X;
acquire a biometric reading b from a user using the biometric reader of the user device; generate a key R and a helper string P using the biometric reading b by means of a fuzzy extractor generation algorithm;
store P on a storage unit of the user device;
encrypt the information X using the key R resulting in a cipher text C; store the cipher text C on the storage unit of the user device; and delete the information X, the biometric reading b and the key R from the user device; the system further comprising a local computing device configured to:
request the information X from the user device;
wherein the user device is configured to, when requested by the local computing device, acquire biometric information b' from the user using the biometric reader, and if b' is approximately equal to b, reproduce R' = R from b' and P using a fuzzy extractor reproduction algorithm; decrypt the cipher text C, using R, to acquire the information X; and provide the information X from the user device to the local computing device via a secure connection.
1 1 . The system according to claim 10, wherein the user device is a smartphone.
12. The system according to claim 10 or 1 1 , wherein the biometric reader is a fingerprint sensor.
13. The system according to any one of claims 10 to 12, wherein the user device comprises a wireless communication module configured to communicate securely with a wireless communications module of said local computing device.
14. The system according to any one of claims 10 to 13, wherein the local computing device is a stationary computer, a laptop or a tablet computer.
15. The system according to any one of claims 10 to 14, further comprising a remote server, wherein the remote sever is configured to request the information X from the local computing device in response to a user interaction initiated from the local computing device; wherein the local computing device is configured to:
request the information X from the user device;
receive the information X from the user device; and
provide the information X to the remote server.
16. The system according to claim 15, wherein the remote server is a web host for an online website.
17. A method for secure storage of information in a user device comprising a biometric reader and a Physical Unclonable Function, PUF; the method comprising the steps of:
entering information X on a user device;
acquiring biometric information b from a user using the biometric reader of the user device;
generating a key Rb and a helper string Pb using the biometric reading b by means of a fuzzy extractor generation algorithm;
providing an input for the PUF;
generating an output from the PUF, p;
generating a key Rp and a helper string Pp using the PUF output p by means of a fuzzy extractor generation algorithm;
forming a key R by combining Rb and Rp using an XOR operation, R =
Rb XOR Rp;
storing Pb and Pp on the user device;
encrypting the information X using the key R resulting in a cipher text
C;
storing the cipher text C on the user device;
deleting the information X, the biometric reading b , the PUF output p, and the keys Rb and Rp from the user device.
18. The method according to claim 17, further comprising, in a local computing device, requesting the information X from the user device;
in the user device:
acquiring biometric information b' from the user and if b' is
approximately equal to b, reproducing Rb' = Rb from b' and Pb using a fuzzy extractor reproduction algorithm;
acquiring PUF output p' from the user and if p' is approximately equal to p, reproducing Rp' = Rp from p' and Pp using a fuzzy extractor reproduction algorithm;
forming the key R as R = Rb XOR Rp;
decrypting the cipher text C, using R, to acquire the information X; and providing the information X from the user device to the local computing device via a secure connection.
19. A system for secure storage of information comprising a user device comprising a biometric reader, a physical unclonable function, PUF, and a storage unit, wherein said user device is configured to:
receive information X;
acquire biometric information b from a user using the biometric reader of the user device;
generate a key Rb and a helper string Pb using the biometric reading b by means of a fuzzy extractor generation algorithm;
provide an input for the PUF;
generate an output from the PUF, p;
generate a key Rp and a helper string Pp using the PUF output by means of a fuzzy extractor generation algorithm;
form a key R by combining R and Rp using an XOR operation, R = Rb XOR Rp;
store P and PP on the user device;
encrypt the information X using the key R resulting in a cipher text C; store the cipher text C on the user device; and delete the information X, the biometric reading b , the PUF output p, and the keys Rb and Rp from the user device.
20. The system according to claim 19, further comprising a local computing device configured to:
request the information X from the user device;
wherein the user device is configured to, when requested by the local computing device:
acquire biometric information b' from the user and if b' is approximately equal to b, reproducing Rb' = Rb from b' and Pb using a fuzzy extractor reproduction algorithm;
acquire PUF output p' from the user and if p' is approximately equal to p, reproducing Rp' = Rp from p' and Pp using a fuzzy extractor reproduction algorithm;
form the key R as R = Rb XOR Rp
decrypt the cipher text C, using R, to acquire the information X; and provide the information X from the user device to the local computing device via a secure connection.
PCT/SE2016/051158 2015-11-23 2016-11-23 Method and system for secure storage of information Ceased WO2017091133A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SE1551518-2 2015-11-23
SE1551518A SE1551518A1 (en) 2015-11-23 2015-11-23 Method and system for secure storage of information

Publications (1)

Publication Number Publication Date
WO2017091133A1 true WO2017091133A1 (en) 2017-06-01

Family

ID=58763797

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2016/051158 Ceased WO2017091133A1 (en) 2015-11-23 2016-11-23 Method and system for secure storage of information

Country Status (2)

Country Link
SE (1) SE1551518A1 (en)
WO (1) WO2017091133A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190268158A1 (en) * 2018-02-23 2019-08-29 General Dynamics Information Technology, Inc. Systems and methods for providing mobile identification of individuals
CN110692215A (en) * 2017-07-17 2020-01-14 赫尔实验室有限公司 Reusable Fuzzy Extractor Based on Learning Hypothesis with Errors Against Quantum Attacks
WO2022122130A1 (en) * 2020-12-08 2022-06-16 Telefonaktiebolaget Lm Ericsson (Publ) Authentication device and method for authenticating a user

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110191837A1 (en) * 2008-09-26 2011-08-04 Koninklijke Philips Electronics N.V. Authenticating a device and a user
US8516269B1 (en) * 2010-07-28 2013-08-20 Sandia Corporation Hardware device to physical structure binding and authentication
US8868923B1 (en) * 2010-07-28 2014-10-21 Sandia Corporation Multi-factor authentication
WO2015153559A1 (en) * 2014-03-31 2015-10-08 Wi-Lan Labs, Inc. System and method for biometric key management

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110191837A1 (en) * 2008-09-26 2011-08-04 Koninklijke Philips Electronics N.V. Authenticating a device and a user
US8516269B1 (en) * 2010-07-28 2013-08-20 Sandia Corporation Hardware device to physical structure binding and authentication
US8868923B1 (en) * 2010-07-28 2014-10-21 Sandia Corporation Multi-factor authentication
WO2015153559A1 (en) * 2014-03-31 2015-10-08 Wi-Lan Labs, Inc. System and method for biometric key management

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HE DEBIAO; ET AL.: "Enhanced three-factor security protocol for consumer USB mass storage devices", IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, 1 February 2014 (2014-02-01), XP011544338 *
HUANG XINYI; ET AL.: "Robust Multi-Factor Authentication for Fragile Communications", IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 1 November 2014 (2014-11-01), XP011564316 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110692215A (en) * 2017-07-17 2020-01-14 赫尔实验室有限公司 Reusable Fuzzy Extractor Based on Learning Hypothesis with Errors Against Quantum Attacks
US20190268158A1 (en) * 2018-02-23 2019-08-29 General Dynamics Information Technology, Inc. Systems and methods for providing mobile identification of individuals
WO2022122130A1 (en) * 2020-12-08 2022-06-16 Telefonaktiebolaget Lm Ericsson (Publ) Authentication device and method for authenticating a user

Also Published As

Publication number Publication date
SE1551518A1 (en) 2017-05-24

Similar Documents

Publication Publication Date Title
US11743041B2 (en) Technologies for private key recovery in distributed ledger systems
US11824991B2 (en) Securing transactions with a blockchain network
CN107409049B (en) Method and apparatus for securing mobile applications
US9876646B2 (en) User identification management system and method
CN112425114B (en) Password manager protected by public key-private key pair
EP2648163B1 (en) A personalized biometric identification and non-repudiation system
US9741033B2 (en) System and method for point of sale payment data credentials management using out-of-band authentication
US9858401B2 (en) Securing transactions against cyberattacks
US20160180075A1 (en) Registration and authentication of computing devices using a digital skeleton key
WO2015188424A1 (en) Key storage device and method for using same
US20140258718A1 (en) Method and system for secure transmission of biometric data
KR20200092950A (en) Match the center of the fingerprint in 2 steps
WO2021249527A1 (en) Method and apparatus for implementing motopay, and electronic device
KR102342354B1 (en) The Method for Non-face-to-face Identification utilizing the Shared-ID and the Convenient-Safe-OTP
WO2017091133A1 (en) Method and system for secure storage of information
WO2016013924A1 (en) System and method of mutual authentication using barcode
TWI844338B (en) Passwordless authentication method and computer program product
CN119416192B (en) Personal data security protection method, electronic device and storage medium
HK40034070A (en) Method and device for realizing motopay and electronic equipment
BR112017014014B1 (en) TOKEN CUSTOMIZATION METHOD AND SYSTEM

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16868986

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16868986

Country of ref document: EP

Kind code of ref document: A1