Biometrics is not a secret and crypto keys are
difficult to manage. By binding crypto and
biometrics we will be able to overcome those
weaknesses.
PKI uses asymmetric / symmetric key algorithms ,
whereas binding to specific users is performed by
assigning private key with digital certificates
issued by Certificate Authority (CA).
CryptoBiometrics™ uses real- time multi-factor
strong authentication , including user's biometrics,
as "equivalent" of user's "private" key and user-
specific 128 bit "public key". It uses the same
asymmetric/symmetric key algorithms for digital
signature and encryption as PKI does .
CryptoBiometrics™ (US patent 7,689,832) has
following important advantages:
1. Provides process capable of verifying online
vs.Certificate Authority that the person appearing
in the certificate is assigned with the key shown
at the certificate.
2. Since protecting private key is virtually
impossible in Open Internet – instead of using
CA assigned private key bound to person’s
identity we use biometrics attribute, that can be
bound to the person’s identity as well as to the
existing Crypto technology.
|
|
