Abstract
This paper describes the application of biometric-based cryptographic techniques to create secure electronic signatures on contract agreements of any kind or format. The described techniques couple password and biometric authentication factors to form a Biometric Authenticated Key Exchange (BAKE) protocol. The protocol provides mutual authentication and multi-factor user authentication, and defeats phishing and man-in-the-middle attacks. The operation of BAKE establishes a secure channel of communications between two parties. This channel provides confidentiality for the user’s authentication credentials and the contract agreement the user intends to sign. By including an indication of the user’s intention to conduct an electronic transaction and the user’s acceptance of the terms of the included contract agreement, the described application complies with the Uniform Electronic Transaction Act (UETA) and Electronic Signatures in Global and National Commerce (ESIGN) Act requirements. The biometric electronic signature described in this paper is suitable for use in Cloud environments and in blockchain and Distributed Ledger Technology smart contract applications.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Griffin, P.H.: Adaptive weak secrets for authenticated key exchange. In: Advances in Human Factors in Cybersecurity, pp. 16–25. Springer, Switzerland (2017)
International Organization for Standardization/International Electrotechnical Commission: ISO/IEC 11770-4 Information technology – Security techniques – Key Management – Part 4: Mechanism based on weak secrets (2017)
Griffin, P.H.: Biometric knowledge extraction for multi-factor authentication and key exchange. Procedia Comput. Sci. 61, 66–71 (2015). Complex Adaptive Systems Proceedings, Elsevier B.V
International Telecommunications Union - Telecommunications Standardization Sector (ITU-T): ITU-T Recommendation X.1035: Password-authenticated key exchange (PAK) protocol (2007)
Hao, F., Shahandashti, S.F.: The SPEKE protocol revisited. In: Chen, L., Mitchell, C. (eds.) Security Standardisation Research: First International Conference, SSR 2014, pp. 26–38, London, UK, 16–17 December 2014. https://eprint.iacr.org/2014/585.pdf. Accessed 24 Dec 2017
Griffin, P.H.: Biometric-based cybersecurity techniques. In: Advances in Human Factors in Cybersecurity, pp. 43–53. Springer, Switzerland (2016)
Griffin, P.H.: Secure authentication on the internet of things. In: IEEE SoutheastCon, April 2017
Griffin, P.H.: Security for ambient assisted living: multi-factor authentication in the Internet of Things. In: IEEE Globecom, December 2015
Blythe, S.E.: Digital signature law of the United Nations, European Union, United Kingdom and United States: Promotion of growth in E-commerce with enhanced security. Richmond J. Law Technol. 11(2), 6 (2005). https://scholarship.richmond.edu/cgi/viewcontent.cgi?referer=https://scholar.google.com/&httpsredir=1&article=1238&context=jolt. Accessed 12 Feb 2018
Griffin, P.H.: Biometric electronic signatures. Inf. Syst. Secur. Assoc. (ISSA) J. 15(11) (2017)
Stern, J.E.: The electronic signatures in global and national commerce act. Berkley Technol. Law J. 391–414 (2001)
Griffin, P.H.: Transport layer secured password-authenticated key exchange. Inf. Syst. Secur. Assoc. (ISSA) J. 13(6) (2015)
Wright, B.: Eggs in baskets: distributing risks of electronic signatures. John Marshall J. Comput. Inf. Law 15(189) (1996)
Accredited Standards Committee (ASC) X9 Financial Services: X9.84 Biometric Information Management and Security
Larmouth, J.L.: ASN.1 Complete. Morgan Kaufmann, London (2000)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Griffin, P.H. (2019). Biometric Electronic Signature Security. In: Ahram, T., Nicholson, D. (eds) Advances in Human Factors in Cybersecurity. AHFE 2018. Advances in Intelligent Systems and Computing, vol 782. Springer, Cham. https://doi.org/10.1007/978-3-319-94782-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-94782-2_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-94781-5
Online ISBN: 978-3-319-94782-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)