About the Identity Management Systems Research & Development ProjectIdentity Credential Interoperability Fingerprint Technology Testing for Identity Management Research for Next Generation Biometric Measurements and Standards (NGBMS) for Identity Management Usability for Biometric Systems
Technical inquiries: ITL Inquiries Information Technology Laboratory General
NIST inquiries: Date Created: 28-Aug-2007 |
BackgroundOn August 27, 2004, the President signed Homeland Security Presidential Directive 12 (HSPD-12), entitled “Policy for a Common Identification Standard for Federal Employees and Contractors.” HSPD-12 requires the development and implementation of a government wide standard for secure and reliable forms of identification for Federal employees and contractors. As required by HSPD-12, NIST issued FIPS 201, Personal Identity Verification (PIV) of Federal Employees and Contractors. Subsequently, we have issued several Special Publications in support of FIPS 201, and continued other work that supports the PIV program. Project WorkIn FY 07, the smart card R&D activity was focused on the Secure Biometric Match-On-Card (SBMOC) Feasibility Study. Biometric Match-On-Card is an implementation of biometric matching, in this case fingerprint template matching, performed by the microprocessor in a smart card. Secure Biometric Match-On-Card combines Biometric Match-On-Card with a secure protocol between the smart card and the smart card reader. The secure protocol encrypts the biometric data sent from the reader to the card, and verifies a signature on the Yes/No match result sent from the card to the reader. The net effect of SBMOC is to implement a biometric authentication method with desirable functional, privacy, and security characteristics. The Feasibility Study was conducted to determine if these characteristics could all be met by available smart cards while also achieving a fixed performance target of less than 2.5 seconds per transaction. Hybrid SKI/PKI ResearchMessage authentication and confidentiality can be implemented using symmetric key cryptographic algorithms such as the Advanced Encryption Standard (AES). Symmetric algorithms have advantages over asymmetric algorithms such as RSA: cost/performance is at least an order-of-magnitude better; keys may be much smaller; and it is believed that symmetric algorithms will be resistant to quantum cryptanalysis. Symmetric algorithms also have the fundamental disadvantage, however, that the same key is shared among at least two parties. Security best practice requires key material to be shared among the minimal number of parties, i.e., exactly two parties, which in turn implies that a Symmetric Key Infrastructure (SKI) with N parties requires the continuous availability of at least N keys, if organized in a hub-and-spoke architecture, and possibly on the order of N^2 keys, if organized to allow direct pair-wise communication. As a consequence, well-known large-scale SKIs such as Kerberos and GSM telephony rely on the hub-and-spoke architecture. Since messages between two spokes must pass through the hub, they are practical only when the hub and all pairs of communicating parties have a high degree of connectivity. Public Key Infrastructure (PKI) has the contrasting constraints implied by the comparison of symmetric and asymmetric algorithms. Research Goals and Method In some situations, for example, Physical Access Control Systems (PACS), the speed of symmetric algorithms is highly desirable. If the user population is large (e.g., Federal employees and contractors) and geographically distributed, a centralized hub may be infeasible, and continuous connectivity cannot be assured. However, if we assume the existence of a large-scale PKI and ubiquitous issuance of PKI credentials, and the existence of trusted security modules that can be programmed to manage keys, are there hybrid SKI/PKI key management architectures with the best properties of both? Project Contacts William MacGregor Tanya Brewer |
U.S. Department of Commerce
|