US-12627484-B2 - Biometry with challenge response pair mechanism

Abstract

Methods for the encoding an encryption key for secure storage are disclosed. The methods rely on the use of unclonable, one-way functions, such as images of biological objects that may be measured according to challenges to result in responses. A biometric print of a biological object is measured with a set of n challenges resulting in n responses. The responses are an ordered sequence, with each response having a fixed position in the sequence. A key is generated of bit length n. A subset of m responses in the full set of n responses is selected, where the selected responses correspond to positions of is in the key. The response subset is stored. The key is then used, and deleted. A party wishing to re-generate the key generates the same set of challenges, measures the same biological object with the challenges a second time, and generates a second set of n responses. Responses in the stored subset of m responses will match responses in the second set of n responses at certain positions in second set of n responses. These matching positions correspond to 1s in the key. The non-matching positions correspond to 0s. Thus, comparison between the response sets recovers the key.

Inventors

• Bertrand F CAMBOU
• Jeffrey Hoffstein

Assignees

• ARIZONA BOARD OF REGENTS ON BEHALF OF NORTHERN ARIZONA UNIVERSITY
• BROWN UNIVERSITY

Dates

Publication Date

20260512

Application Date

20240417

Claims (13)

1. 1 . A method of generating and sharing a cryptographic key between a client and a server device, comprising: executing an enrollment procedure comprising: generating a sequence of seeds; deriving, from the sequence of seeds, a first ordered sequence of n challenges specifying measurement instructions for a biometric print; making a first biometric print of a biological object, and measuring the first biometric print in accordance with the first ordered sequence of n challenges resulting in a first ordered sequence of n responses; storing the sequence of seeds at each of the client and server devices, and storing the ordered sequence of n responses at the server device; and executing a key exchange procedure comprising: deriving, from the sequence of seeds, the first ordered sequence of n challenges; making a second biometric print of the biological object, and measuring the second biometric print in accordance with the ordered sequence of n challenge instructions resulting in a second ordered sequence of n responses; generating a binary first key of n bit length; selecting, within the second ordered sequence of n responses those responses having a position in the sequence corresponding to the positions of a first binary symbol in the first key, resulting in m responses; sending the m responses to the server; comparing each of the m responses to each response in the first ordered sequence of n responses to determine matches; generating a second binary key of n bit length by: on the basis of the comparison, determining positions of responses in the first ordered sequence of n responses that match responses in the subset of m responses, assigning the first binary symbol to those positions, and assigning a second binary symbol to the remaining positions.
2. 2 . The method of claim 1 , wherein generating the sequence of seeds comprises generating n seeds with a random number generator.
3. 3 . The method of claim 2 , wherein generating the sequence of seeds further comprises generating the sequence of seeds with a user supplied password.
4. 4 . The method of claim 1 , wherein the biological object is a human face.
5. 5 . The method of claim 4 , wherein the biological object is the face of the user of the terminal device.
6. 6 . The method of claim 4 , wherein the first and second biometric prints are images of the face.
7. 7 . The method of claim 6 , wherein the first ordered sequence of n challenges specifying measurement instructions for a biometric print specify instructions for measuring a distance from one or more points in a coordinate space to one or more facial landmarks.
8. 8 . The method of claim 1 , wherein the biological object is one of a finger, palm, iris, or retina.
9. 9 . The method of claim 1 , wherein generating a binary first key of n bit length comprises generating a binary first key of n bit length with a random number generator.
10. 10 . The method of claim 1 , wherein the first the first binary symbol is a 1.
11. 11 . The method of claim 1 , wherein deriving, from the sequence of seeds, a first ordered sequence of n challenges specifying measurement instructions for a biometric print comprises hashing each seed in the sequence with a password.
12. 12 . The method of claim 1 , wherein comparing each of the m responses to each response in the first ordered sequence of n responses to determine matches comprises computing a Hamming distance between each of the m responses and each response in the first ordered sequence of n responses and determining a match when the Hamming distance is below a predetermined threshold.
13. 13 . The method of claim 1 , wherein making the first and second biometric print of the biological object comprises taking an image of the biological object with a camera at the terminal device.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS The present application claims priority to U.S. Provisional Application 63/459,933 entitled “Biometry With Challenge-Response-Pair Mechanism,” filed Apr. 17, 2024, the entirety of which is incorporated herein by reference. The present application also claims priority to U.S. Provisional Application 63/459,938 entitled “Protocols with Noisy Response-Based Cryptographic Subkeys,” filed on Apr. 17, 2024, the entirety of which is incorporated herein by reference. The present application is a continuation-in-part of U.S. patent application Ser. No. 18/397,975, entitled “Pseudo-Homomorphic Authentication of Users with Biometry,” filed Dec. 27, 2023, which is incorporated by reference in its entirety. STATEMENT REGARDING FEDERALLY-SPONSORED RESEARCH Not Applicable. BACKGROUND Central organizations managing networks of computing devices, such as private enterprises, financial organizations, financial transaction networks, governments, and various other commercial entities face ongoing challenges by malicious actors seeking to gain access to secure systems with sensitive information. Such entities generally implement stringent methods to prevent malicious use and to ensure that only authorized users have access to sensitive systems. Examples include requests to users and client devices to frequently change passwords, supply tokens generated by multi-factor authentication and mandatory software updates. Users of such systems are accustomed to handle such mandatory requests in a routine manner, without verifying that the server managing security is legitimate. Many methods have been suggested for the generation of session keys for encrypting communications between remote users (also described herein as users, clients and/or terminal devices) and central devices (also described herein as servers). Once such method is disclosed in U.S. patent application Ser. No. 17/879,697, entitled, “PUF-Protected Pseudo-Homomorphic Methods to Generate Session Keys,” filed on Aug. 2, 2022 and published as 2023/0045288 on Feb. 9, 2023. That application, which is incorporated herein by reference in its entirety, discusses systems and methods for using physical unclonable functions (PUFs) to enable a user to authenticate a server, or a server to authenticate a user, and to generate session keys to enable authenticated communication between a client (user) and server. In one embodiment described in that application, the generation of session keys, initiated by client devices, is based on the use of PUFs embedded in the server. During an initial setup, the client device selects a set of passwords and a set of random numbers to hash the passwords multiple times. The server uses the resulting stream as a set of challenges to generate a set of responses from the PUF, which are stored as reference. To generate a session key, the client device picks a new set of random numbers which are smaller than the initial set of random numbers, to hash its password multiple times; the resulting messages are sent to the server. Using its PUF and the initial responses, the server can find the differences between both random numbers which are used to generate a shared session key. This method is pseudo-homomorphic because the computations never disclose the original passwords. Without the PUF, it is not possible to analyze the information and generate shared keys. U.S. Pat. No. 10,503,890, entitled “Authentication of Images Extracted from Unclonable Objects,” filed as Ser. No. 15/434,967 on Feb. 16, 2017 and published as 2017/0235938 on Aug. 17, 2017, describes how an unclonable and unique physical object, which may be a biological object, can be used for authentication using a CRP mechanism quite similar to the way physical unclonable functions (PUFs) are operating. That patent and publication are incorporated herein by reference in its entirety. According to that disclosure, the responses generated from the image of the unclonable object are then compared with the responses generated from the image kept as references. The CRP mechanism described in this publication is usable with any image of an unclonable object, including biological objects, such as images of human faces, irises, retinal vasculature and fingerprints. What is common to these previously disclosed methods is the use of physical objects as one-way functions capable of generating responses to challenges, similar to cryptographic hash functions, but with certain improvements. In the case of PUFs, the challenges are generally specifications for measurement parameters of physical properties of the PUF. In the case of PUF arrays, the challenges may be sets of addresses of individual PUF elements that are to be measured, and conditions for measurement. Thus, the challenges specify how the PUF is to be measured, and the responses are physical characteristics of the PUF devices that are measured. In the case of a physical object, which may include a biological