Abstract
Although biometrics can be an useful component for access control, the security they procure is often overestimated, as if they were a magic tool whose simple use will automatically prevent each and every type of attack. Biometrics are not secure unless they are embedded in a strong cryptographic protocol, whose design pays special attention to their specificities. In particular, smart card reveals to be an useful and efficient partner of biometrics for such a protocol. This paper reviews and discusses the most important issues raised by biometrics and presents a secure authentication protocol skeleton.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Alexandre, T. J. (1997). Biometrics on smart cards: An approach to keyboard behavioral signature. Future Generations Computer Systems, 13 (1): 19–26.
Calabrese, C. (1999). The trouble with biometrics.;login:, 24 (4): 56–61.
Coppersmith, D. (1996). Finding a small root of a univariate modular equation. In Maurer, U., editor, Advances in Cryptology - EUROCRYPT’96, volume 1070 of LNCS, pages 155–165. Springer-Verlag.
Coppersmith, D. (1997). Small solutions to polynomial equations, and low exponent RSA vulnerabilities. Journal of Cryptology, 10 (4): 233–260.
FINREAD (1999). Financial transactional IC card reader project. http://www.ispo.cec.be/isis/98finrea.htm.
Frankel, Y. (2000). Biometric identification and authentication with privacy preservation. In RSA Conference 2000.
Infineon (2000). FingerTlP. http://www.infineon.com/products/chipcds/portfol/biometr/faq.htm“
Jain, A. K., Ross, A., and Prabhakar, S. (1998). Biometrics-based web access. Technical Report TR98–33, Michigan State University.
Jutla, C. S. (1998). On finding small solutions of modular multivariate polynomial equations. In Nyberg, K., editor, Advances in Cryptology - EUROCRYPT’98, volume 1403 of LNCS, pages 158–170. Springer-Verlag.
Lamport, L. (1981). Password authentication with insecure communication. Communications of the ACM, 24 (11): 770–772.
Megglé, C. (2000). Personal communication.
Misarsky, J.-F. (1999). Cryptanalyse et spécification de schémas de signature RSA avec redondance. PhD thesis, Université de Caen.
Patarin, J. (1995). Some serious protocol failures for RSA with exponent e of less than 32 bits. In Luminy Workshop on Cryptography. http://www.cp8.bull.net/sct/uk/partners/bull/page/c_publication.html
Schneier, B. (1998). Biometrics: Truths and fictions. Crypto-Gram, August 15. http://www.counterpane.com
STMicroelectronics (1999). Biometric subsystem in smartcard environment. Exhibitor Workshop in CARTES’99.
Vandenwauver, M. (1998). Practical Network Security Aspects. PhD thesis, Katholieke Universiteit Leuven.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Hachez, G., Quisquater, JJ., Koeune, F. (2000). Biometrics, Access Control, Smart Cards: A Not So Simple Combination. In: Domingo-Ferrer, J., Chan, D., Watson, A. (eds) Smart Card Research and Advanced Applications. IFIP — The International Federation for Information Processing, vol 52. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35528-3_16
Download citation
DOI: https://doi.org/10.1007/978-0-387-35528-3_16
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-6526-7
Online ISBN: 978-0-387-35528-3
eBook Packages: Springer Book Archive