A biometric-based scheme for enhancing security of cryptographic keys

In public key cryptography, the security of private keys is of vital importance. If a private key is ever compromised, it can be used to sign forge documents or to decrypt secret messages. Conventional methods such as password-based encryption that are used for safe custody of private keys do not provide adequate security due to very low entropy in user chosen passwords. In order to enhance the security of private keys, we propose a novel biometric-based method that dynamically regenerates the private key of a user rather than storing it directly in an encrypted form. Our proposed algorithm is capable of regenerating key lengths that can meet the current security requirements of any public key algorithm and is more secure than conventional methods of protecting private keys using password-based encryption.

[1]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[2]  Hao Feng,et al.  Private key generation from on-line handwritten signatures , 2002, Inf. Manag. Comput. Secur..

[3]  Alexander Kadyrov,et al.  The Trace Transform and Its Applications , 2001, IEEE Trans. Pattern Anal. Mach. Intell..

[4]  Hugo Krawczyk,et al.  Public-key cryptography and password protocols , 1998, CCS '98.

[5]  Qi Li,et al.  Cryptographic key generation from voice , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[6]  Sharath Pankanti,et al.  An identity-authentication system using fingerprints , 1997, Proc. IEEE.

[7]  Ville Taponen Tamper-resistant Smart Cards – Too Much To Ask For ? , 2000 .

[8]  Randall K. Nichols ICSA guide to cryptography , 1998 .

[9]  A. R. Rao,et al.  A Taxonomy for Texture Description and Identification , 1990, Springer Series in Perception Engineering.