Beyond PKI: The biocryptographic key infrastructure

Abstract

Public Key Infrastructure is a widely deployed security technology for handling key distribution and validation in computer security. Despite PKI's popularity as a security solution, Phishing and other Man-in-the-Middle related attacks are accomplished with ease throughout our computer networks. The major problems with PKI come down to trust, and largely, how much faith we must place in cryptographic keys alone to establish authenticity and identity. In this chapter, we look at a novel biometric solution that mitigates this problem at both the user and certificate authority levels. More importantly, we analyze the problem of applying unprotected biometric features directly into PKI, and propose the integration of a secure, revocable biometric template protection technology that supports transactional key release. A detailed explanation of this new Biocryptographic Key Infrastructure is provided, including composition, enrollment, authentication, and revocation details. The BKI provides a new paradigm for blending elements of physical and virtual security to address network attacks that more conventional approaches have not been able to stop.