Printer Friendly

How to safely use fingerprints, iris pattern as digital signatures.

Byline: ANI

Washington, August 1 (ANI): Researchers in South Africa have come up with a system that allows biometric data to be used to create a secret key for data encryption.

Describing the new technology in the International Journal of Electronic Security and Digital Forensics, Bobby Tait and Basie von Solms of the University of Johannesburg have shed some light on how biometrics-fingerprints, iris pattern, etc.-can be used to encrypt and decrypt data, so that Internet users do not have to remember endless, complicated passwords.

The researchers say that they have used the so-called BioVault infrastructure to provide a safe and secure way for "Alice" and "Bill" to share biometric tokens, and so use their fingerprints, iris pattern, or other biometric to encrypt and decrypt their data without their biometrics being intercepted.

As to how the BioVault encryption system works, the researchers say that Alice first identifies herself to the authentication server, and indicates that she wants to send an encrypted message to Bill and requests Bill's biometric key from the server.

The server then retrieves a random biometric key from Bill's stored biometric keys.

Alice later uses the biometric key to encrypt her message and sends it to Bill.

Finally, Bill receives the message sent by Alice, and decrypts the message by testing the biometric keys in his database against the received cipher text.

Given that each biometric key is unique, the researchers believe that the BioVault system can irrevocably identify and authenticate users through their keys and detect fraudulent use of biometric keys.

Tait says that the same approach could also be used to digitally sign electronic documents, files, or software executables using biometrics.

He will be presenting the team's results on this aspect of their work in the UK at the beginning of September.

"If passwords or tokens are used for authentication, only the password or token is proven as authentic - not the user that supplied the token or password. Biometrics authenticates the user directly - this was one of the drivers behind the BioVault development," he says. (ANI)

Copyright 2009 Asian News International (ANI) - All Rights Reserved.

Provided by an company
COPYRIGHT 2009 Al Bawaba (Middle East) Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2009 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Publication:Asian News International
Date:Aug 1, 2009
Previous Article:Taliban kills more civilians than the US in Afghanistan: CSM.
Next Article:'Seinfeld' cast to reunite.

Related Articles
"Don't I Know You? I'd Recognize that Fingerprint Anywhere.".
Put Your Finger on the Right Solution.
Are digital certificates secure?
VeriSign's Public Key Infrastructure Services and Sony's Industry-Leading FIU-710 Fingerprint ID Unit Provide Security Solution.
Who are you? Authentication technologies ensure users are who they claim to be.

Terms of use | Copyright © 2018 Farlex, Inc. | Feedback | For webmasters