Abstract
Biometric based characteristic authentication is an asymmetric [1] authentication technology. This means that the reference biometric data generated during the enrolment process and stored in the biometric database, will never match any freshly offered biometric data exactly (100%). This is commonly accepted due to the nature of the biometric algorithm [2] central to the biometric environment.
A password or pin on the other hand, is a symmetric authentication mechanism. This means that an exact match is expected, and if the offered password deviates ever so slightly from the password stored in the password database file, authenticity is rejected.
Encryption technologies rely on symmetric authentication to function, as the password or pin is often used as the seed for a random number that will assist in the generation of the cipher. If the password used to encrypt the cipher is not 100% the same as the password supplied to decrypt, the cipher will not unlock.
The asymmetric nature of biometrics traditionally renders biometric data unfit to be used as the secret key for an encryption algorithm.
This paper introduces a system that allows biometric data to be used as the secret key in an encryption algorithm. This method relies on the BioVault infrastructure. For this reason BioVault will briefly be discussed, followed by a discussion of biometrically based encryption.
Keywords
Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Tait, B.L., von Solms, S.H.: Solving the problem of replay in Biometrics- An electronic commerce Example. In: Proceedings of 5th IFIP Conference on Challenges of expanding internet: E-commerce, E-business, and E-government (I3E 2005), October 28-30, pp. 468–479. Springer, Heidelberg (2005)
Wayman, J., Jain, A., Maltoni, D., Maio, D.: BiometricSystems: Technology, Design and Performance Evaluation, 1st edn. Springer, Heidelberg (2004)
Pfleeger, C.P., Pfleeger, S.L.: Security in Computing, 3rd edn. Prentice Hall, Englewood Cliffs, ISBN 0-13-035548-8
Ebay online Auction, http://www.ebay.com/ , http://www.ebay.co.uk
PayPal online payment environment, http://www.paypal.com
Tait, B.L., von Solms, S.H.: BioVault: a Secure Networked Biometric protocol, D.Com Dissertation, University of Johannesburg (2008)
Tait, B.L., von Solms, S.H.: Secure Biometrically Based Authentication Protocol for a Public Network Environment. In: Proceedings for the 4th International Conference on Global E-Security, University of East-London, Docklands, United Kingdom, June 23-25, pp. 238–246 (2008)
Wolinsky, H.: Tagging products and people. Despite much controversy, radiofrequency identification chips have great potential. EGE. Ethical Aspects of ICT Implants in the Human Body MEMO/05/97, Brussels, Belgium, March 17 (2005b)
EGE. Ethical Aspects of ICT Implants in the Human Body: Opinion Presented to the Commission by the European Group on Ethics. MEMO/05/97. European Group on Ethics in Science and New Technologies, Brussels, Belgium, March 17 (2005b)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Tait, B.L., von Solms, S.H. (2009). Biovault: Biometrically Based Encryption. In: Godart, C., Gronau, N., Sharma, S., Canals, G. (eds) Software Services for e-Business and e-Society. I3E 2009. IFIP Advances in Information and Communication Technology, vol 305. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04280-5_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-04280-5_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04279-9
Online ISBN: 978-3-642-04280-5
eBook Packages: Computer ScienceComputer Science (R0)