Abstract
Biometric-based token authentication is an asymmetric (von Solms and Tait, 2005) authentication technology. This means that the reference token generated during the enrolment process and stored in the biometric database, will never match any freshly offered biometric token exactly (100%). This is commonly accepted due to the nature of the biometric algorithm (Wayman et al., 2004) central to the biometric environment. A password or pin on the other hand, is a symmetric authentication mechanism. This means that an exact match is expected, and if the offered password deviates ever so slightly from the password stored in the password database file, authenticity is rejected. Encryption technologies rely on symmetric authentication to function, as the password or pin is often used as the seed for a random number that will assist in the generation of the cipher. If the password used to encrypt the cipher is not 100% the same as the password supplied to decrypt, the cipher will not unlock. The asymmetric nature of biometrics traditionally renders biometric tokens unfit to be used as the secret key for an encryption algorithm. This article introduces a system that allows biometric tokens to be used as the secret key in an encryption algorithm. This method relies on the BioVault infrastructure. For this reason, BioVault will briefly be discussed, followed by a discussion of biometrically based encryption.
Original language | English |
---|---|
Pages (from-to) | 269-279 |
Number of pages | 11 |
Journal | International Journal of Electronic Security and Digital Forensics |
Volume | 2 |
Issue number | 3 |
DOIs | |
Publication status | Published - 2009 |
Keywords
- BioVault
- Biometrics
- Cipher
- Data protection
- Data security
- Encryption
- Key management
- Privacy-enhancing technology
- Secret key
ASJC Scopus subject areas
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications
- Law