Security of Biometric Authentication Systems -- Extended Version

by Václav Matyáš, Zdeněk Říha, A full version of the paper presented at conference Computer Information Systems and Industrial Management Applications 2010 June 2010, 27 pages.

FIMU-RS-2010-07. Available as Postscript, PDF.

Abstract:

This technical report outlines our views of actual security of biometric authentication and encryption systems. The attractiveness of some novel approaches like cryptographic key generation from biometric data is in some respect understandable, yet so far has lead to various shortcuts and compromises on security. The report starts with an introductory section that is followed by a section about variability of biometric characteristics, with a particular attention paid to biometrics used in large systems. The following sections then discuss the potential for biometric authentication systems, and for the use of biometrics in support of cryptographic applications as they are typically used in computer systems.