Biovault: Biometrically Based Encryption

Abstract

Biometric based characteristic authentication is an asymmetric [1] authentication technology. This means that the reference biometric data generated during the enrolment process and stored in the biometric database, will never match any freshly offered biometric data exactly (100%). This is commonly accepted due to the nature of the biometric algorithm [2] central to the biometric environment. A password or pin on the other hand, is a symmetric authentication mechanism. This means that an exact match is expected, and if the offered password deviates ever so slightly from the password stored in the password database file, authenticity is rejected. Encryption technologies rely on symmetric authentication to function, as the password or pin is often used as the seed for a random number that will assist in the generation of the cipher. If the password used to encrypt the cipher is not 100% the same as the password supplied to decrypt, the cipher will not unlock. The asymmetric nature of biometrics traditionally renders biometric data unfit to be used as the secret key for an encryption algorithm. This paper introduces a system that allows biometric data to be used as the secret key in an encryption algorithm. This method relies on the BioVault infrastructure. For this reason BioVault will briefly be discussed, followed by a discussion of biometrically based encryption. © IFIP International Federation for Information Processing 2009.