[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xcbf][Fwd:I-DACTION:draft-nagpal-biometric-digital-signature-00.txt]
Very much agree. But just reading your note made me think about password based encryption. There's an RSA standard for this and it is commonly used to protect a private key stored on a non secure device such as a home PC. Strikes me that a biometric based encryption might in the future be used to either augment or replace the purely password based method with a biometric. But low on my list of things to do ;-) Phil John Larmouth wrote: > > This is quite interesting! He admits it is not possible yet! But if > biometric data gets used to automatically generate your private key, > then quite clearly use of such data in protocol exchanges to recover > certificates from a database absolutely requires the data to be > encrypted, and probably in fact prevents such use. > > So we have two very much opposed architectural approaches to the use of > biometric data. > > But I think this one is still fraught with difficulties and nowhere near > reality yet. It assumes that biometric sampling is sufficiently > consistent that repeated samples will generate the same large integer > value, to within a precision of plus or minus one. That is pretty close > to cloud cuckoo land, I think. > > We should not waste time on this. > > John L > > Phil Griffin wrote: > > > > FYI. > > Phil > > > > -------- Original Message -------- > > Subject: I-D ACTION:draft-nagpal-biometric-digital-signature-00.txt > > Date: Tue, 14 May 2002 08:00:55 -0400 > > From: Internet-Drafts@ietf.org > > Reply-To: Internet-Drafts@ietf.org > > To: IETF-Announce: ; > > > > --NextPart > > > > A New Internet-Draft is available from the on-line Internet-Drafts > > directories. > > > > Title : Biometric based Digital Signature scheme > > Author(s) : R. Nagpal, S. Nagpal > > Filename : draft-nagpal-biometric-digital-signature-00.txt > > Pages : 6 > > Date : 13-May-02 > > > > Digital Signatures are fast emerging as a viable information security > > solution, satiating the objectives of data integrity, entity > > authentication, privacy, non-repudiation and certification. > > The technique, as it stands today, faces the problem of the > > maintenance of the secrecy of the private key. This document provides > > a conceptual framework for the establishment of a biometric-based key > > generation scheme. In this scheme, the private key is generated each > > time a document or record requires to be signed. Such generation is > > based upon a combination of biometric traits. > > > > A URL for this Internet-Draft is: > > http://www.ietf.org/internet-drafts/draft-nagpal-biometric-digital-signature-00.txt > > > > To remove yourself from the IETF Announcement list, send a message to > > ietf-announce-request with the word unsubscribe in the body of the > > message. > > > > Internet-Drafts are also available by anonymous FTP. Login with the > > username > > "anonymous" and a password of your e-mail address. After logging in, > > type "cd internet-drafts" and then > > "get draft-nagpal-biometric-digital-signature-00.txt". > > > > A list of Internet-Drafts directories can be found in > > http://www.ietf.org/shadow.html > > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > > > Internet-Drafts can also be obtained by e-mail. > > > > Send a message to: > > mailserv@ietf.org. > > In the body type: > > "FILE > > /internet-drafts/draft-nagpal-biometric-digital-signature-00.txt". > > > > NOTE: The mail server at ietf.org can return the document in > > MIME-encoded form by using the "mpack" utility. To use this > > feature, insert the command "ENCODING mime" before the "FILE" > > command. To decode the response(s), you will need "munpack" or > > a MIME-compliant mail reader. Different MIME-compliant mail readers > > exhibit different behavior, especially when dealing with > > "multipart" MIME messages (i.e. documents which have been split > > up into multiple messages), so check your local documentation on > > how to manipulate these messages. > > > > > > Below is the data which will enable a MIME compliant mail reader > > implementation to automatically retrieve the ASCII version of the > > Internet-Draft. > > > > --NextPart > > Content-Type: Multipart/Alternative; Boundary="OtherAccess" > > > > --OtherAccess > > Content-Type: Message/External-body; > > access-type="mail-server"; > > server="mailserv@ietf.org" > > > > Content-Type: text/plain > > Content-ID: <20020513142028.I-D@ietf.org> > > > > ENCODING mime > > FILE /internet-drafts/draft-nagpal-biometric-digital-signature-00.txt > > > > --OtherAccess > > Content-Type: Message/External-body; > > name="draft-nagpal-biometric-digital-signature-00.txt"; > > site="ftp.ietf.org"; > > access-type="anon-ftp"; > > directory="internet-drafts" > > > > Content-Type: text/plain > > Content-ID: <20020513142028.I-D@ietf.org> > > > > --OtherAccess-- > > > > --NextPart-- > > > > ---------------------------------------------------------------- > > To subscribe or unsubscribe from this elist use the subscription > > manager: <http://lists.oasis-open.org/ob/adm.pl> > > -- > Prof John Larmouth > Larmouth T&PDS Ltd > (Training and Protocol Development Services) > 1 Blueberry Road > Bowdon j.larmouth@salford.ac.uk > Cheshire WA14 3LS Tel: +44 161 928 1605 > England Fax: +44 161 928 8069 > > ---------------------------------------------------------------- > To subscribe or unsubscribe from this elist use the subscription > manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC