Systems for determining authenticated transmissions of encrypted payloads
US11431514B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | May 5, 2020 |
| Grant date | Aug 30, 2022 |
| Priority date | — |
| Expiry date | Oct 15, 2040 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0861
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
During provisioning of a biometric device, a hardware root of trust is established between the biometric device and a server. The biometric device includes a cryptographic processor with a first encryption key stored in secure storage. The first encryption key is used to establish a mutually authenticated communication channel with the server. A set of additional encryption keys between the device and the server are established via the communication channel. Biometric data generated by the biometric device is encrypted using the additional keys and digitally signed. The server receives the encrypted and signed data via the communication channel and verifies the signature. Once the signature is verified, the biometric data is then decrypted. The server then processes the decrypted biometric data. Data that does not arrive via the communication channel, that fails the verification, or that fails decryption is deleted or disregarded.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.