A List by Author: Zdeněk Říha

e-mail:
zriha(a)fi.muni.cz
home page:
http://www.fi.muni.cz/~zriha/

Security of Biometric Authentication Systems -- Extended Version

by Václav Matyáš, Zdeněk Říha, A full version of the paper presented at conference Computer Information Systems and Industrial Management Applications 2010 June 2010, 27 pages.

FIMU-RS-2010-07. Available as Postscript, PDF.

Abstract:

This technical report outlines our views of actual security of biometric authentication and encryption systems. The attractiveness of some novel approaches like cryptographic key generation from biometric data is in some respect understandable, yet so far has lead to various shortcuts and compromises on security. The report starts with an introductory section that is followed by a section about variability of biometric characteristics, with a particular attention paid to biometrics used in large systems. The following sections then discuss the potential for biometric authentication systems, and for the use of biometrics in support of cryptographic applications as they are typically used in computer systems.

Biometric Authentication Systems

by Zdeněk Říha, Václav Matyáš, November 2000, 44 pages.

FIMU-RS-2000-08. Available as Postscript, PDF.

Abstract:

Biometrics is the name of a security hype these days. Although biometrics are not completely new, they are becoming more and more popular nowadays. The first part of the technical report explains the principle of biometric systems and describes various biometric techniques. In the second part security issues of biometric systems are discussed.

Certification

by Zdeněk Říha, December 1998, 43 pages.

FIMU-RS-98-07. Available as Postscript, PDF.

Abstract:

Certifications are specific procedures which compare references with measurements that allow a party to bind an attribute to an unknown party. There are three main types of methods that have been proposed to deal with this concern: directory methods, based on Certification Authorities: X.509 (e.g. SSL, PKIX), referral methods, based on "introducers" of keys (e.g. PGP), and collaborative methods (e.g. SKIP). All of them are described in the report.