| CPC H04L 9/3231 (2013.01) [H04L 9/0869 (2013.01); H04L 9/30 (2013.01); H04L 9/3247 (2013.01); H04L 9/3271 (2013.01)] | 4 Claims |
|
1. A method of user authentication which is performed by a computing device comprising one or more processors and a memory storing one or more programs to be executed by the one or more processors, the method comprising:
acquiring biometric information of a user;
generating a random string and a helper string from the biometric information using a generate algorithm of a user authentication technique based on fuzzy extraction;
generating a secret value that corresponds to the biometric information;
generating a private key and a public key using the secret value and the random string, wherein the private key is generated through an exclusive OR between the secret key and the random string, and the public key is used for verification of a digital signature;
transmitting the public key to an authentication server; and
storing the secret value and the helper string,
wherein the transmitting of the public key comprises:
generating an attestation value defined by Fast Identity Online (FIDO) Universal Authentication Framework (UAF) protocol; and
transmitting the attestation value, together with the public key, to the authentication server, to enable 2-factor authentication in accordance with the UAF protocol from the FIDO.
|