According to the developer, previous technologies required confidential data to be encrypted with biometric data. When decrypted, the feature data extracted from biometric data would then be matched with the encrypted data. It says this can be a security risk when used across an open network, such as The Cloud.
To solve the problem, Fujitsu uses random numbers to decrypt confidential data that has been encrypted using biometric data. As a result, confidential data can be encrypted and decrypted with the user’s biometric data, removing the need for cryptographic key management.
In encryption, confidential data is converted with an error correcting code and a random number is added to the whole. That data is then further converted using an error correcting code. The 2kbit feature code extracted from the biometric data is then added to generate the encrypted data, which is registered in the server.
The decryption code, after being converted into secure data, is sent to the server. The code is generated by converting a random number using an error correcting code, then adding the feature code extracted from the biometric data. As different random numbers are used for encryption and decryption, a different, secure decryption code can be generated.
Fujitsu is now looking to improve the speed of decryption processing and to expand the types of information that can be encrypted. The team is also planning to expand the types of applicable biometrics, including fingerprints.