Bio-cryptographic protocols with bipartite biotokens

Abstract

Cryptographic protocols are the foundation of secure network infrastructure, facilitating authentication, transactions, and data integrity. In traditional cryptographic protocols, generated keys (and, in most cases, passwords) are used. The utility of biometrics as a convenient and reliable method for authentication has emerged in recent years, but little work has been performed on a serious integration of biometrics with cryptographic protocols. In this paper, we review the notion of revocable biotokens, explain their nesting properties, and extend them to bipartite bitokens and use these to develop protocols for transactions, digital signatures, and a biometric version of Kerberos. We show bipartite biotokens offer a convenient enhancement to keys and passwords, allowing for tighter auditing and non-repudiation, as well as protection from phishing and man-in-the-middle attacks.