| CPC G06F 21/53 (2013.01) [G06F 21/32 (2013.01); G06F 21/34 (2013.01); H04L 9/3263 (2013.01)] | 19 Claims |
|
1. A computer-implemented method, comprising:
determining, by a trusted execution environment (TEE) running on one or more application processors of a biometric device, a first digital signature using a first device private key resident to the TEE;
determining, by a cryptographic processor of a cryptographic subsystem of the biometric device, a second digital signature using a second device private key resident to the cryptographic subsystem;
providing, by the application processors of the biometric device, a first message to a server that is remote from the biometric device, the first message comprising the first digital signature and the second digital signature;
determining, by second one or more processors of the server, a device identifier associated with the biometric device;
obtaining, by the second one or more processors of the server and from a database storing device public keys of devices provisioned to communicate with the server, a list of public keys associated with the device identifier, the list of device public keys comprising:
a first device public key corresponding to the TEE; and
a second device public key corresponding to the cryptographic subsystem;
validating, by the second one or more processors of the server, the first digital signature using the first device public key;
validating, by the second one or more processors of the server, the second digital signature using the second device public key;
determining, by the second one or more processors of the server, a server public key and a server private key;
providing, by the second one or more processors of the server, the server public key to the biometric device;
deriving, by the TEE of the biometric device, a session key based at least in part on the first device private key and the server public key;
obtaining, by the TEE of the biometric device, a biometric input from a user;
determining, by the TEE of the biometric device, digital biometric data for the user;
determining, by the TEE of the biometric device, device-attested biometric data, comprising encrypting the digital biometric data using the session key;
providing, by the TEE of the biometric device, the device-attested biometric data to the server;
deriving, by the second one or more processors of the server, the session key based at least in part on the server private key and the first device public key;
establishing a cryptographically protected communications session between the biometric device and the server, using the session key:
determining, by the second one or more processors of the server, the digital biometric data, comprising decrypting the device-attested biometric data using the session key; and
performing, by the second one or more processors of the server, a sensitive operation based at least in part on the digital biometric data.
|