Method of Dynamically Encrypting Fingerprint Data and Related Fingerprint Sensor
A dynamic encryption type fingerprint sensor includes a capacitive array sensing fingerprints and producing fingerprint data, an embedded non-volatile memory (eNVM) storing a one-time code (OTC) and an encryption algorithm indicator, and a logic algorithm circuit encrypting the fingerprint data produced by the capacitive array according to the OTC and the encryption algorithm indicator. The logic algorithm circuit includes an encryption circuit having a plurality of logic encryption circuits selected using the encryption algorithm indicator, the encryption circuit encrypting the fingerprint data using selected logic encryption circuits of the plurality of logic encryption circuits according to the OTC. A control circuit is used for controlling operation of the capacitive array, the eNVM, and the logic algorithm circuit.
This application claims the benefit of U.S. Provisional Application No. 62/100,485, filed on Jan. 7, 2015. The above-mentioned application is hereby incorporated by reference.
BACKGROUND OF THE INVENTION1. Field of the Invention
The invention relates to a fingerprint sensor, and more particularly, to a fingerprint sensor that dynamically selects an encryption type and encrypts fingerprint data using a one-time code (OTC).
2. Description of the Prior Art
Fingerprint sensors are used to sense fingerprint data and send the fingerprint to a processor, such as an application processor or a microcontroller unit (MCU). Currently the way that sensed fingerprint data is transferred from the fingerprint sensor to the processor cannot safely protect the fingerprint data from being read and misused by unauthorized parties.
Please refer to
It is therefore one of the primary objectives of the claimed invention to provide a dynamic encryption method for fingerprint data in order to protect the fingerprint data from unauthorized parties. The dynamic encryption method can be integrated into a fingerprint sensor for conveniently encrypting fingerprint data sensed by the fingerprint sensor.
According to an exemplary embodiment of the claimed invention, a dynamic encryption type fingerprint sensor is disclosed. The dynamic encryption type fingerprint sensor includes a capacitive array sensing fingerprints and producing fingerprint data, an embedded non-volatile memory (eNVM) storing a one-time code (OTC) and an encryption algorithm indicator, and a logic algorithm circuit encrypting the fingerprint data produced by the capacitive array according to the OTC and the encryption algorithm indicator. The logic algorithm circuit comprises an encryption circuit comprising a plurality of logic encryption circuits selected using the encryption algorithm indicator, the encryption circuit encrypting the fingerprint data using selected logic encryption circuits of the plurality of logic encryption circuits according to the OTC. A control circuit is used for controlling operation of the capacitive array, the eNVM, and the logic algorithm circuit.
According to another exemplary embodiment of the claimed invention, a method of dynamically encrypting fingerprint data with a fingerprint sensor is disclosed. The method includes sensing fingerprints with a capacitive array of the fingerprint sensor and producing corresponding fingerprint data, receiving an encryption algorithm indicator and a one-time code (OTC) , selecting one or more logic encryption circuits of a plurality of logic encryption circuits using the encryption algorithm indicator, and encrypting the fingerprint data produced by the capacitive array with the one or more selected logic encryption circuits according to the OTC.
It is an advantage that the present invention provides a way to dynamically select an encryption type that is used to encrypt fingerprint data using the OTC. This encryption method provides two layers of protection. First, using the OTC for encryption makes it harder for an unauthorized party to decrypt the fingerprint data. Second, dynamically selecting the logic encryption circuits using the encryption algorithm indicator for performing the encryption also adds a second layer of protection. One would have to know both the OTC and the selected logic encryption circuits that were used for encrypting the fingerprint data in order to decrypt the corresponding encrypted fingerprint data.
These and other objectives of the present invention will no doubt become obvious to those of ordinary skill in the art after reading the following detailed description of the preferred embodiment that is illustrated in the various figures and drawings.
The present invention seeks to encrypt fingerprint data in a manner that provides solid protection and prevents the encrypted fingerprint data from being viewed by unauthorized parties.
Please refer to
Please refer to
Please refer to
Please note that the processor 22 will also need to store its own identical copy of both the OTC 72 and the encryption algorithm indicator 74 that are stored in the eNVM 34. That is, in order for the processor 22 to be able to decrypt the encrypted fingerprint data received from the fingerprint sensor 30 along the transmission path 24, the processor 22 will need to have the same OTC 72 and encryption algorithm indicator 74 for being able to successfully perform decryption. In an embodiment, the processor can provide the OTC 72 to the fingerprint sensor 30 instead of the new OTC generation circuit 60 being used for generating a new OTC 72 to replace the previous OTC 72. The OTC 72 can either be encrypted or non-encrypted when it is stored in the eNVM 34 or when it is received from the processor 22.
Please refer to
Step 100: Start.
Step 102: The capacitive array 38 of the fingerprint sensor 30 senses fingerprints to produce fingerprint data.
Step 104: The capacitive array 38 supplies the fingerprint data to the logic algorithm circuit 32, and the eNVM 34 supplies both the OTC 72 and the encryption algorithm indicator 74 to the logic algorithm circuit 32.
Step 106: The encryption circuit 50 of the logic algorithm circuit 32 encrypts the fingerprint data according to the OTC 72 and the encryption algorithm indicator 74. The encryption circuit 50 selects one or more logic encryption circuits 52, 54 according to the encryption algorithm indicator 74 and uses the selected logic encryption circuits 52, 54 for encrypting the fingerprint data according to the OTC 72.
Step 108: The encrypted fingerprint data is output from the fingerprint sensor 30 to the processor 22 via the transmission path 24.
Step 110: A new OTC 72 is generated using the new OTC generation circuit 60 or is received from the processor 22, and the new OTC 72 is stored in the eNVM 34. The OTC 72 is only used once, so after the OTC 72 is used for encrypting fingerprint data, a new OTC 72 is stored in the eNVM 34. If the new OTC generation circuit 60 is used for generating the OTC 72, the new OTC generation circuit 60 can generate the new OTC 72 randomly or based on a previous value of the OTC 72. For example, if the new OTC 72 is generated based on a previous value of the OTC 72, the previous value of the OTC 72 can be altered using simple logic operations in order to create the new OTC 72. Meanwhile, the processor 22 will create the same new OTC 72 that is created by the new OTC generation circuit 60.
Step 112: End.
The encryption algorithm indicator 74 stored in the eNVM 34 can be updated as often as desired. The update can take place periodically, such as every week or every day, or can take place after each time the logic algorithm circuit 32 is used for encrypting fingerprint data. When the encryption algorithm indicator 74 is updated, the processor 22 sends the updated encryption algorithm indicator 74 to the fingerprint sensor 30, and the updated encryption algorithm indicator 74 is stored in the eNVM 34.
Since the processor 22 maintains a copy of the same OTC 72 and encryption algorithm indicator 74 that are used in the fingerprint sensor 30, the processor 22 is able to successfully decrypt the encrypted fingerprint data that the processor 22 receives from the fingerprint sensor 30 in order to verify the fingerprint data. The encryption algorithm indicator 74 will indicate to the processor 22 which of the logic encryption circuits 52, 54 were used for encrypting the fingerprint data. The processor 22 does not necessarily need to have its own logic encryption circuits 52, 54 since the processor 22 can be a general purpose processor capable of executing a variety of varying and complex instructions. The processor 22 is able to perform the same logic operations as the logic encryption circuits 52, 54 in reverse for decrypting the encrypted fingerprint data.
In summary, the present invention provides away to dynamically select an encryption type that is used to encrypt fingerprint data using the OTC 72. Since the OTC 72 is only used a single time, this makes it harder for an unauthorized party to decrypt the fingerprint data. Also, dynamically selecting the logic encryption circuits 52, 54 using the encryption algorithm indicator 74 for performing the encryption also adds a second layer of protection. One would have to know both the OTC 72 and the selected logic encryption circuits 52, 54 that were used for encrypting the fingerprint data in order to decrypt the corresponding encrypted fingerprint data. Furthermore, the fingerprint sensor 30 can be formed on a single chip, making it simple for product manufacturers to take advantage of the dynamic encryption functions of the fingerprint sensor 30 when designing products that make use of the fingerprint sensor 30.
Those skilled in the art will readily observe that numerous modifications and alterations of the device and method may be made while retaining the teachings of the invention. Accordingly, the above disclosure should be construed as limited only by the metes and bounds of the appended claims.
Claims
1. A dynamic encryption type fingerprint sensor, comprising:
- a capacitive array sensing fingerprints and producing fingerprint data;
- an embedded non-volatile memory (eNVM) storing a one-time code (OTC) and an encryption algorithm indicator;
- a logic algorithm circuit encrypting the fingerprint data produced by the capacitive array according to the OTC and the encryption algorithm indicator, the logic algorithm circuit comprising: an encryption circuit comprising a plurality of logic encryption circuits selected using the encryption algorithm indicator, the encryption circuit encrypting the fingerprint data using selected logic encryption circuits of the plurality of logic encryption circuits according to the OTC; and
- a control circuit for controlling operation of the capacitive array, the eNVM, and the logic algorithm circuit.
2. The dynamic encryption type fingerprint sensor of claim 1, wherein one or more of the plurality of logic encryption circuits is selected using the encryption algorithm indicator, and the one or more selected logic encryption circuits encrypt the fingerprint data according to the OTC.
3. The dynamic encryption type fingerprint sensor of claim 1, wherein the encryption algorithm indicator is updated periodically, and an updated encryption algorithm indicator is stored in the eNVM.
4. The dynamic encryption type fingerprint sensor of claim 1, wherein the encryption algorithm indicator is updated after every time the logic algorithm circuit is used for encrypting fingerprint data, and an updated encryption algorithm indicator is stored in the eNVM.
5. The dynamic encryption type fingerprint sensor of claim 1, wherein the OTC is encrypted.
6. The dynamic encryption type fingerprint sensor of claim 1, wherein the OTC is received from outside the dynamic encryption type fingerprint sensor.
7. The dynamic encryption type fingerprint sensor of claim 1, wherein the logic algorithm circuit further comprises a new OTC generation circuit for generating a new OTC after the OTC has been used for encrypting fingerprint data.
8. The dynamic encryption type fingerprint sensor of claim 7, wherein new OTC is generated randomly or generated based on a previous value of the OTC.
9. The dynamic encryption type fingerprint sensor of claim 1, wherein the dynamic encryption type fingerprint sensor is formed on a single chip.
10. The dynamic encryption type fingerprint sensor of claim 1, wherein the eNVM further stores a product identification of the dynamic encryption type fingerprint sensor to identify the dynamic encryption type fingerprint sensor.
11. A method of dynamically encrypting fingerprint data with a fingerprint sensor, the method comprising:
- sensing fingerprints with a capacitive array of the fingerprint sensor and producing corresponding fingerprint data;
- receiving an encryption algorithm indicator and a one-time code (OTC);
- selecting one or more logic encryption circuits of a plurality of logic encryption circuits using the encryption algorithm indicator; and
- encrypting the fingerprint data produced by the capacitive array with the one or more selected logic encryption circuits according to the OTC.
12. The method of claim 11, wherein the OTC and the encryption algorithm indicator are stored in an embedded non-volatile memory (eNVM) of the fingerprint sensor.
13. The method of claim 12, wherein the encryption algorithm indicator is updated periodically, and an updated encryption algorithm indicator is stored in the eNVM.
14. The method of claim 12, wherein the encryption algorithm indicator is updated after every time the logic algorithm circuit is used for encrypting fingerprint data, and an updated encryption algorithm indicator is stored in the eNVM.
15. The method of claim 12, wherein the eNVM further stores a product identification of the fingerprint sensor to identify the fingerprint sensor.
16. The method of claim 11, wherein the OTC is encrypted.
17. The method of claim 11, wherein the OTC is received from outside the fingerprint sensor.
18. The method of claim 11, further comprising generating a new OTC after the OTC has been used for encrypting fingerprint data.
19. The method of claim 18, wherein new OTC is generated randomly or generated based on a previous value of the OTC.
20. The method of claim 11, wherein the fingerprint sensor is formed on a single chip.
Type: Application
Filed: Jan 6, 2016
Publication Date: Jul 7, 2016
Inventors: Hsin-Chou Liu (Kaohsiung City), Hung-Hsiang Wang (Hsinchu County)
Application Number: 14/989,777