Certificate-less digital signature technology for e-governance solutions

Abstract

In spite of the fact that digital signatures are an essential requirement for the implementation of e-governance solutions in any organization, its use in large-scale Government ICT implementation is negligible in India. In order to understand the reasons for the low-level acceptance of the technology, the authors performed a detailed study of a famous e-governance initiative in India. The outcome of the study revealed that the reasons are related to the challenges concerning the use of cryptographic devices carrying private keys and the complicated process of generating, maintaining, and disposing Digital Signature Certificates (DSCs). A solution for the challenges understood from the case study required the implementation of a certificate-less technology, where private keys should be generated as and when required rather than storing them on cryptographic devices. Although many solutions exist that provide certificate-less technology, there have been no practical implementations to date for the use of biometrics in implementing the solution. This paper presents the first realistic architecture to implement identity-based cryptography with biometrics using the RSA algorithm. The solution presented in the paper is capable of providing a certificate-less digital signature technology to the users where public and private keys are generated on-the-fly.