Browse Prior Art Database

Use of Biometric Data to Control Use of Cryptographic Keys

IP.com Disclosure Number: IPCOM000108827D
Original Publication Date: 1992-Jun-01
Included in the Prior Art Database: 2005-Mar-23
Document File: 2 page(s) / 94K

Publishing Venue

IBM

Related People

Johnson, DB: AUTHOR [+5]

Abstract

The present invention uses the extended control vector concept as described in U.S. Patent 4,924,515, which describes how the control vector can be extended to a control vector of arbitrary length. From two to four extra encryption operations are required for each 64-bit block in the control vector. Thus, the additional processing overhead increases linearly with control vector length. A control vector of arbitrary length is first operated on using a non-secret one-way function, such as a Modification Detection Code (MDC) algorithm described in U.S. Patent 4,908,861 to calculate a 128-bit hashed, one-way function of the control vector. This 128-bit result is then combined with key KK to produce two variant keys of KKL and KKR in exactly the same manner in which a 128-bit control vector is combined with KK.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

Use of Biometric Data to Control Use of Cryptographic Keys

       The present invention uses the extended control vector
concept as described in U.S. Patent 4,924,515, which describes how
the control vector can be extended to a control vector of arbitrary
length.  From two to four extra encryption operations are required
for each 64-bit block in the control vector.  Thus, the additional
processing overhead increases linearly with control vector length.  A
control vector of arbitrary length is first operated on using a
non-secret one-way function, such as a Modification Detection Code
(MDC) algorithm described in U.S. Patent 4,908,861 to calculate a
128-bit hashed, one-way function of the control vector.  This 128-bit
result is then combined with key KK to produce two variant keys of
KKL and KKR in exactly the same manner in which a 128-bit control
vector is combined with KK.  More precisely, if M denotes the 128-bit
MDC calculated on the control vector, then the left-hand 64 bits of M
are Exclusive ORed with the left-hand part of KK and the right-hand
64 bits of M are Exclusive ORed with the right-hand part of KK.
Otherwise, the arbitrary length control vector is conceptually the
same as the 128-bit control vector.

      Let C denote a control vector of arbitrary length. U. S. Patent
4,924,515 on extended control vectors describes two possible
architectural specifications for C.  Firstly, C will admit a
specification where the field information in C is positional (i.e.,
it depends on its position relative to a left- or right-hand origin
point).  Secondly, C will admit a tag-oriented specification wherein
the fields in C consist of a tag and a datum.  In such a
specification, the fields are not positional, but can occur in any
order.  Moreover, only those fields required for managing and
controlling a key need to be specified in the control vector.
Mixtures of positional and tag-oriented specifications are possible,
and are embraced by the present definition of the arbitrary length
control vector.

      Control vector checking for a 128-bit control vector is exactly
the same as control vector checking...