[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xcbf] [Fwd:I-DACTION:draft-nagpal-biometric-digital-signature-00.txt]
At 2002/05/16 16:01 +0100, John Larmouth wrote: >This is quite interesting! He admits it is not possible yet! This proposal is very far from reality. The probability of getting two identical biometric samples from the same person are very low, for any biometric technique, especially if the samples are captured by using different hardware devices at different times. Verification of samples against templates is a statistical comparison, not a bit-wise exact match: Verification is considered successful when the captured sample and the stored template are "similar enough" by some given criteria, not when they are *identical*, as they will usually be different, bit-wise. >But if >biometric data gets used to automatically generate your private key, >then quite clearly use of such data in protocol exchanges to recover >certificates from a database absolutely requires the data to be >encrypted, and probably in fact prevents such use. X9.84 defines how to encrypt the biometric sample contained in a message, which is useful even when the biometric sample is not used to build a private key! :-) OSS Nokalva's biometrics toolkit will support all the techniques of encryption, digital enveloping, digital signing, and MAC-based authentication that are defined in X9.84. Alessandro Triglia OSS Nokalva >So we have two very much opposed architectural approaches to the use of >biometric data. > >But I think this one is still fraught with difficulties and nowhere near >reality yet. It assumes that biometric sampling is sufficiently >consistent that repeated samples will generate the same large integer >value, to within a precision of plus or minus one. That is pretty close >to cloud cuckoo land, I think. > >We should not waste time on this. > >John L > > >Phil Griffin wrote: > > > > FYI. > > Phil > > > > -------- Original Message -------- > > Subject: I-D ACTION:draft-nagpal-biometric-digital-signature-00.txt > > Date: Tue, 14 May 2002 08:00:55 -0400 > > From: Internet-Drafts@ietf.org > > Reply-To: Internet-Drafts@ietf.org > > To: IETF-Announce: ; > > > > --NextPart > > > > A New Internet-Draft is available from the on-line Internet-Drafts > > directories. > > > > Title : Biometric based Digital Signature scheme > > Author(s) : R. Nagpal, S. Nagpal > > Filename : draft-nagpal-biometric-digital-signature-00.txt > > Pages : 6 > > Date : 13-May-02 > > > > Digital Signatures are fast emerging as a viable information security > > solution, satiating the objectives of data integrity, entity > > authentication, privacy, non-repudiation and certification. > > The technique, as it stands today, faces the problem of the > > maintenance of the secrecy of the private key. This document provides > > a conceptual framework for the establishment of a biometric-based key > > generation scheme. In this scheme, the private key is generated each > > time a document or record requires to be signed. Such generation is > > based upon a combination of biometric traits. > > > > A URL for this Internet-Draft is: > > > http://www.ietf.org/internet-drafts/draft-nagpal-biometric-digital-signature-00.txt > > > > To remove yourself from the IETF Announcement list, send a message to > > ietf-announce-request with the word unsubscribe in the body of the > > message. > > > > Internet-Drafts are also available by anonymous FTP. Login with the > > username > > "anonymous" and a password of your e-mail address. After logging in, > > type "cd internet-drafts" and then > > "get draft-nagpal-biometric-digital-signature-00.txt". > > > > A list of Internet-Drafts directories can be found in > > http://www.ietf.org/shadow.html > > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > > > Internet-Drafts can also be obtained by e-mail. > > > > Send a message to: > > mailserv@ietf.org. > > In the body type: > > "FILE > > /internet-drafts/draft-nagpal-biometric-digital-signature-00.txt". > > > > NOTE: The mail server at ietf.org can return the document in > > MIME-encoded form by using the "mpack" utility. To use this > > feature, insert the command "ENCODING mime" before the "FILE" > > command. To decode the response(s), you will need "munpack" or > > a MIME-compliant mail reader. Different MIME-compliant mail > readers > > exhibit different behavior, especially when dealing with > > "multipart" MIME messages (i.e. documents which have been split > > up into multiple messages), so check your local documentation on > > how to manipulate these messages. > > > > > > Below is the data which will enable a MIME compliant mail reader > > implementation to automatically retrieve the ASCII version of the > > Internet-Draft. > > > > --NextPart > > Content-Type: Multipart/Alternative; Boundary="OtherAccess" > > > > --OtherAccess > > Content-Type: Message/External-body; > > access-type="mail-server"; > > server="mailserv@ietf.org" > > > > Content-Type: text/plain > > Content-ID: <20020513142028.I-D@ietf.org> > > > > ENCODING mime > > FILE /internet-drafts/draft-nagpal-biometric-digital-signature-00.txt > > > > --OtherAccess > > Content-Type: Message/External-body; > > name="draft-nagpal-biometric-digital-signature-00.txt"; > > site="ftp.ietf.org"; > > access-type="anon-ftp"; > > directory="internet-drafts" > > > > Content-Type: text/plain > > Content-ID: <20020513142028.I-D@ietf.org> > > > > --OtherAccess-- > > > > --NextPart-- > > > > ---------------------------------------------------------------- > > To subscribe or unsubscribe from this elist use the subscription > > manager: <http://lists.oasis-open.org/ob/adm.pl> > >-- > Prof John Larmouth > Larmouth T&PDS Ltd > (Training and Protocol Development Services) > 1 Blueberry Road > Bowdon j.larmouth@salford.ac.uk > Cheshire WA14 3LS Tel: +44 161 928 1605 > England Fax: +44 161 928 8069 > >---------------------------------------------------------------- >To subscribe or unsubscribe from this elist use the subscription >manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC