Title :
Beyond PKI: The Biocryptographic Key Infrastructure
Author :
Scheirer, W. ; Bishop, B. ; Boult, T.
Author_Institution :
Dept. of Comput. Sci., Univ. of Colorado at Colorado Springs, Colorado Springs, CO, USA
Abstract :
Public Key Infrastructure is a widely deployed security technology for handling key distribution and validation in computer security. Despite PKI´s popularity as a security solution, Phishing and other Man-in-the-Middle related network attacks are accomplished with ease. The major problems with PKI come down to trust, and largely, how much faith we must place in cryptographic keys alone to establish authenticity and identity. In this paper, we look at a novel biometric solution that mitigates this problem at both the user and certificate authority levels. More importantly, we examine the trouble with the placement of unprotected biometric features directly into PKI, and propose the integration of a secure, revocable biometric template protection technology that supports transactional key release. A detailed explanation of this new Biocryptographic Key Infrastructure is provided, including composition, enrollment, authentication, and revocation details.
Keywords :
biometrics (access control); computer crime; computer network security; public key cryptography; PKI; biocryptographic key infrastructure; certificate authority levels; computer security; man-in-the-middle network attacks; phishing; public key infrastructure; revocable biometric template protection technology; Authentication; Bioinformatics; Encoding; Protocols; Public key;
Conference_Titel :
Information Forensics and Security (WIFS), 2010 IEEE International Workshop on
Conference_Location :
Seattle, WA
Print_ISBN :
978-1-4244-9078-3
DOI :
10.1109/WIFS.2010.5711435
