Skip to main content
SpringerLink
Log in

Biometric Electronic Signature Security

  • Conference paper
  • First Online:
Advances in Human Factors in Cybersecurity (AHFE 2018)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 782))

Included in the following conference series:

  • 1203 Accesses

Abstract

This paper describes the application of biometric-based cryptographic techniques to create secure electronic signatures on contract agreements of any kind or format. The described techniques couple password and biometric authentication factors to form a Biometric Authenticated Key Exchange (BAKE) protocol. The protocol provides mutual authentication and multi-factor user authentication, and defeats phishing and man-in-the-middle attacks. The operation of BAKE establishes a secure channel of communications between two parties. This channel provides confidentiality for the user’s authentication credentials and the contract agreement the user intends to sign. By including an indication of the user’s intention to conduct an electronic transaction and the user’s acceptance of the terms of the included contract agreement, the described application complies with the Uniform Electronic Transaction Act (UETA) and Electronic Signatures in Global and National Commerce (ESIGN) Act requirements. The biometric electronic signature described in this paper is suitable for use in Cloud environments and in blockchain and Distributed Ledger Technology smart contract applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Griffin, P.H.: Adaptive weak secrets for authenticated key exchange. In: Advances in Human Factors in Cybersecurity, pp. 16–25. Springer, Switzerland (2017)

    Google Scholar 

  2. International Organization for Standardization/International Electrotechnical Commission: ISO/IEC 11770-4 Information technology – Security techniques – Key Management – Part 4: Mechanism based on weak secrets (2017)

    Google Scholar 

  3. Griffin, P.H.: Biometric knowledge extraction for multi-factor authentication and key exchange. Procedia Comput. Sci. 61, 66–71 (2015). Complex Adaptive Systems Proceedings, Elsevier B.V

    Google Scholar 

  4. International Telecommunications Union - Telecommunications Standardization Sector (ITU-T): ITU-T Recommendation X.1035: Password-authenticated key exchange (PAK) protocol (2007)

    Google Scholar 

  5. Hao, F., Shahandashti, S.F.: The SPEKE protocol revisited. In: Chen, L., Mitchell, C. (eds.) Security Standardisation Research: First International Conference, SSR 2014, pp. 26–38, London, UK, 16–17 December 2014. https://eprint.iacr.org/2014/585.pdf. Accessed 24 Dec 2017

  6. Griffin, P.H.: Biometric-based cybersecurity techniques. In: Advances in Human Factors in Cybersecurity, pp. 43–53. Springer, Switzerland (2016)

    Google Scholar 

  7. Griffin, P.H.: Secure authentication on the internet of things. In: IEEE SoutheastCon, April 2017

    Google Scholar 

  8. Griffin, P.H.: Security for ambient assisted living: multi-factor authentication in the Internet of Things. In: IEEE Globecom, December 2015

    Google Scholar 

  9. Blythe, S.E.: Digital signature law of the United Nations, European Union, United Kingdom and United States: Promotion of growth in E-commerce with enhanced security. Richmond J. Law Technol. 11(2), 6 (2005). https://scholarship.richmond.edu/cgi/viewcontent.cgi?referer=https://scholar.google.com/&httpsredir=1&article=1238&context=jolt. Accessed 12 Feb 2018

  10. Griffin, P.H.: Biometric electronic signatures. Inf. Syst. Secur. Assoc. (ISSA) J. 15(11) (2017)

    Google Scholar 

  11. Stern, J.E.: The electronic signatures in global and national commerce act. Berkley Technol. Law J. 391–414 (2001)

    Google Scholar 

  12. Griffin, P.H.: Transport layer secured password-authenticated key exchange. Inf. Syst. Secur. Assoc. (ISSA) J. 13(6) (2015)

    Google Scholar 

  13. Wright, B.: Eggs in baskets: distributing risks of electronic signatures. John Marshall J. Comput. Inf. Law 15(189) (1996)

    Google Scholar 

  14. Accredited Standards Committee (ASC) X9 Financial Services: X9.84 Biometric Information Management and Security

    Google Scholar 

  15. Larmouth, J.L.: ASN.1 Complete. Morgan Kaufmann, London (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Griffin Information Security, 1625 Glenwood Avenue, Raleigh, NC, 27608, USA

    Phillip H. Griffin

Authors
  1. Phillip H. Griffin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Phillip H. Griffin .

Editor information

Editors and Affiliations

  1. University of Central Florida, Orlando, Florida, USA

    Tareq Z. Ahram

  2. Soar Technology Inc., Orlando, Florida, USA

    Denise Nicholson

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Griffin, P.H. (2019). Biometric Electronic Signature Security. In: Ahram, T., Nicholson, D. (eds) Advances in Human Factors in Cybersecurity. AHFE 2018. Advances in Intelligent Systems and Computing, vol 782. Springer, Cham. https://doi.org/10.1007/978-3-319-94782-2_2

Download citation

Publish with us

Policies and ethics

Search

Navigation