Abstract
A novel protocol is proposed to address the problem of user authentication to smartcards by means of devices that are currently inexpensive. The protocol emulates expensive Match On Card (MOC) smartcards, which can compute a biometric match, by cheap Template on Card (TOC) smartcards, which only store a biometric template. The actual match is delegated to an extension of the cryptographic module running on the card host, which is called Cryptoki according to the PKCS#11 [9] standard. Compliance to such a standard increases the portability of the protocol. Informal reasoning confirms the protocol strenghts, though its formal verification in terms of established equational techniques appears to be at hand.
This work was partially supported by MIUR project “Tools, techniques and methodologies for the information society” and by a CSP grant for project “SeTAPS II”.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bechelli, L., Bistarelli, S., Frassi, S.: A protocol for simulating match-on-card authentication through the use of a template-on-card technology. Working draft
Bechelli, L., Bistarelli, S., Martinelli, F., Petrocchi, M., Vaccarelli, A.: Integrating biometric techniques with electronic signature for remote authentication. ERCIM News (49) (2002)
Bechelli, L., Bistarelli, S., Vaccarelli, A.: Biometrics authentication with smartcard. Technical Report 08-2002, CNR, Istituto di Informatica e Telematica, Pisa (2002)
Bechelli, L., Bistarelli, S., Vaccarelli, A.: Certificati per impronte digitali memorizzati su smartcard. Technical Report 09-2002, CNR, Istituto di Informatica e Telematica, Pisa (2002) (in Italian)
Bella, G.: Inductive Verification of Smart Card Protocols, vol. 11(1), pp. 87–132 (2003)
Bond, M., Zielinski, P.: Decimalisation table attacks for pin cracking. Technical Report UCAM-CL-TR-560, University of Cambridge, Computer Laboratory, feb (2003)
Focardi, R., Martinelli, F.: A uniform approach for the definition of security properties. In: Wing, J.M., Woodcock, J.C.P., Davies, J. (eds.) FM 1999. LNCS, vol. 1708, pp. 794–813. Springer, Heidelberg (1999)
Henderson, N.J., Hartel, P.H.: Pressure sequence - a novel method of protecting smart cards. In: Domingo-Ferrer, J., Chan, D., Watson, A. (eds.) Proceedings 4th Int. IFIP wg 8.8 Conf. Smart card research and advanced application (CARDIS), Bristol, UK, pp. 241–256. Kluwer, Dordrecht (2000)
RSA Security Inc. Pkcs#11 v2.11: Cryptographic token interface standard. Technical Report PKCS#11 v2.11 r1, RSA Security Inc., RSA Security Inc. Public-Key Cryptographic Standard (PKCS) (November 2001)
Paulson, L.C.: The Inductive Approach to Verifying Cryptographic Protocols. Journal of Computer Security 6, 85–128 (1998)
Struif, B.: Use of biometrics for user verification in electronic signature smartcards. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 220–228. Springer, Heidelberg (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bella, G., Bistarelli, S., Martinelli, F. (2005). Biometrics to Enhance Smartcard Security. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2003. Lecture Notes in Computer Science, vol 3364. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11542322_39
Download citation
DOI: https://doi.org/10.1007/11542322_39
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28389-8
Online ISBN: 978-3-540-31836-1
eBook Packages: Computer ScienceComputer Science (R0)