SECURE FINGERPRINT IMAGE SYSTEM

Abstract

Herein disclosed are approaches for protecting sensitive information within a fingerprint authentication system that can be snooped and utilized to access the device, secured information, or a secured application. The approaches can utilize encryption keys and hash functions that are unique to the device in which the fingerprint authentication is being performed to protect the sensitive information that can be snooped.

Description

Claims

1. A device, comprising: an image sensor to capture an image of a fingerprint for fingerprint authentication; anda readout integrated circuit (ROIC) coupled to the image sensor, the ROIC to utilize a hash function to perform hashing of the image, wherein the hash function is unique to the device.

2. The device of claim 1, wherein a physically uncloneable function (PUF) is to produce the hash function.

3. The device of claim 2, wherein the PUF is to be used to generate a random code, and wherein the hash function is based on the random code.

4. The device of claim 1, wherein the hashing of the image via the ROIC is to produce a hashed image of the fingerprint, wherein the ROIC is to provide the hashed image to a trusted execution environment (TEE), and wherein the TEE is to utilize the hashed image as a control image for authentication of subsequent hashed images of fingerprints provided by the ROIC.

5. The device of claim 4, wherein the ROIC is to: produce a second hashed image of a second fingerprint captured by the image sensor; andprovide the second hashed image to the TEE; andwherein the TEE is to compare the second hashed image with the control image to determine whether to grant access to the device, secured information, or secured information based on the comparison of the second hashed image with the control image.

6. One or more computer-readable media having instructions stored thereon, wherein the instructions, when executed by a device, cause the device to: capture an image of a fingerprint;hash the image to produce a hashed image, wherein a hash function utilized to hash the image is unique to the device; andprovide the hashed image for fingerprint authentication.

7. The one or more computer-readable media of claim 6, wherein the hash function is generated based on a physically uncloneable function.

8. The one or more computer-readable media of claim 6, wherein to provide the hashed image for fingerprint authentication includes to provide the hashed image to a trusted execution environment (TEE) to be utilized as a control image by the TEE for fingerprint authentication of subsequent hashed images provided to the TEE.

9. The one or more computer-readable media of claim 8, wherein the instructions, when executed by the device, further cause the device to: capture an image of a second fingerprint;hash the image of the second fingerprint with the hash function to produce a second hashed image; andprovide the second hashed image to the TEE, the TEE to utilize the control image to perform fingerprint authentication of the second hashed image.

10. A device, comprising: a trusted execution environment (TEE) to determine a result of fingerprint authentication; anda readout integrated circuit (ROIC) to: generate a hash function that is unique to the device; andprovide a hashed image of a fingerprint produced by the hash function to the TEE via an interface, the hashed image to be utilized for the fingerprint authentication.

11. The device of claim 10, wherein the ROIC is further to: perform a first hash operation on an image of the fingerprint to produce the hashed image of the fingerprint;perform a second hash operation on an image of a second fingerprint to produce a hashed image of the second fingerprint; andprovide the hashed image of the second fingerprint to the TEE; andwherein the TEE is further to: store the hashed image of the fingerprint as a control image for the fingerprint authentication; andgenerate, based on a comparison of the control image with the hashed image of the second fingerprint, an indication of whether to provide access to the device, secured information, or a secured application.

12. The device of claim 10, wherein to generate the hash function comprises to generate the hash function based on a physically uncloneable function.