Skip to Main Content
In the information exchange through network, the security risks always exists, that is eavesdropping, defacing, and spoofing by the attacker. Crypthography, digital signature, and authentication are techniques oppose such attacker. PKI (public key infrastructure) enables such technique. In PKI, the public key certificate is used. This public key certificate is issued and distributed by certificate authority, but we think that the updating of expired certificate etc. are very costly for the user. It seems that the management of secret key is more serious problem than that of public key certificate for the user. As above, in the system using public key cryptography, the managements of public key and secret key are very important problem. In order to solve the above problems, we propose the scheme that stores protected secret key which is made by combination of biometrics and secret key in the smartcard in the system which uses ID-based cryptography. In our proposal, TA (trusted authority) protects the secret key using biometrics information extracted from owner of that secret key and stores it as protected secret key in smartcard which has fingerprint reading function. And we must extract the same biometrics information as that is extracted at enrollment. So, we extract the helper data from biometrics information at making protected secret key and store it in smartcard. The user can restore the secret key form protected secret key by presenting his fingerprint to smart-card that has protected secret key and helper data. In our scheme, the template is not needed for authentication. So, the problem of the leaks of the template arise in traditional biometric authentication won't arise. Also we proposed the concrete operation scheme in which our scheme is used. We show that the cost of the public key and secret key management will be reduced by using this operation scheme.
Date of Conference: 26-28 April 2007