Biometrics is not a secret and crypto keys are difficult to manage. By binding crypto and biometrics we will be able to overcome those weaknesses. PKI uses asymmetric / symmetric key algorithms , whereas binding to specific users is performed by assigning private key with digital certificates issued by Certificate Authority (CA). CryptoBiometrics™ uses real- time multi-factor strong authentication , including user's biometrics, as "equivalent" of user's "private" key and user- specific 128 bit "public key". It uses the same asymmetric/symmetric key algorithms for digital signature and encryption as PKI does . CryptoBiometrics™ (US patent 7,689,832) has following important advantages: 1. Provides process capable of verifying online vs.Certificate Authority that the person appearing in the certificate is assigned with the key shown at the certificate. 2. Since protecting private key is virtually impossible in Open Internet – instead of using CA assigned private key bound to person’s identity we use biometrics attribute, that can be bound to the person’s identity as well as to the existing Crypto technology.
|
|