A Proposal of Key Management Scheme and Its Operation Using Anonymous Biometrics on ID-based Infrastructure

In the information exchange through network, the security risks always exist, that is eavesdropping, defacing, and spoofing by the attacker. PKI (Public Key Infrastructure) will prevent such attacks. But key management is very serious problem in PKI. The public key certificate is issued and distributed by certificate authority, but we think that the updating of expired certificate etc. are very costly for users. And secret key management is more serious problem. In order to solve above problems, we propose the scheme that stores protected secret key which is made by combination of biometrics and secret key in the smartcard in IDbased cryptography system. The user can restore the secret key from protected secret key by presenting his fingerprint to smartcard that has protected secret key and helper data. In our scheme, the template is not need for authentication. So, the problem of the template leakage won't arise. Lastly, we proposed the concrete operation scheme in which our scheme is used and how to make signature or authentication by applying our scheme. We show that the cost of the public key and secret key management will be reduced by using this operation scheme.