About the Identity Systems Research Project

IDMS Program

Standards & Metrics

Global eID

Technical inquiries: ITL Inquiries

Information Technology Laboratory
NIST, 100 Bureau Drive, Stop 8900,
Gaithersburg, MD 20899-8900.

General NIST inquiries:
Public Inquiries Unit

ITL website comments:
ITL Webmaster

(301) 975-NIST (6478)
TTY (301) 975-8295

Date Created: 28-Aug-2007
Last Date Modified: 22-Feb-2008 22-Feb-2008
IDMS Program Webmaster

Background

On August 27, 2004, the President signed Homeland Security Presidential Directive 12 (HSPD-12), entitled “Policy for a Common Identification Standard for Federal Employees and Contractors.” HSPD-12 requires the development and implementation of a government wide standard for secure and reliable forms of identification for Federal employees and contractors. As required by HSPD-12, NIST issued FIPS 201, Personal Identity Verification (PIV) of Federal Employees and Contractors. Subsequently, we have issued several Special Publications in support of FIPS 201, and continued other work that supports the PIV program.

Project Work

In FY 07, the smart card R&D activity was focused on the Secure Biometric Match-On-Card (SBMOC) Feasibility Study.  Biometric Match-On-Card is an implementation of biometric matching, in this case fingerprint template matching, performed by the microprocessor in a smart card.  Secure Biometric Match-On-Card combines Biometric Match-On-Card with a secure protocol between the smart card and the smart card reader.  The secure protocol encrypts the biometric data sent from the reader to the card, and verifies a signature on the Yes/No match result sent from the card to the reader.  The net effect of SBMOC is to implement a biometric authentication method with desirable functional, privacy, and security characteristics.  The Feasibility Study was conducted to determine if these characteristics could all be met by available smart cards while also achieving a fixed performance target of less than 2.5 seconds per transaction.

Positive results from the SBMOC Feasibility Study will substantially reduce the technical risk of procurements of SBMOC components, and could enable the addition of an SBMOC method to the HSPD-12 (i.e., FIPS 201) use cases.  Such a method could perform biometric authentication over contactless communication between the smart card and reader.  The results of the SBMOC Feasibility Study, together with the results of the MINEX II biometric accuracy testing program conducted by the ITL Information Access Division, provide a thorough look at the technical practicality of SBMOC today.  The results of the SBMOC Feasibility Study will be published in NISTIR 7452.

Hybrid SKI/PKI Research

Message authentication and confidentiality can be implemented using symmetric key cryptographic algorithms such as the Advanced Encryption Standard (AES).  Symmetric algorithms have advantages over asymmetric algorithms such as RSA:  cost/performance is at least an order-of-magnitude better; keys may be much smaller; and it is believed that symmetric algorithms will be resistant to quantum cryptanalysis.  Symmetric algorithms also have the fundamental disadvantage, however, that the same key is shared among at least two parties.  Security best practice requires key material to be shared among the minimal number of parties, i.e., exactly two parties, which in turn implies that a Symmetric Key Infrastructure (SKI) with N parties requires the continuous availability of at least N keys, if organized in a hub-and-spoke architecture, and possibly on the order of N^2 keys, if organized to allow direct pair-wise communication.  As a consequence, well-known large-scale SKIs such as Kerberos and GSM telephony rely on the hub-and-spoke architecture.  Since messages between two spokes must pass through the hub, they are practical only when the hub and all pairs of communicating parties have a high degree of connectivity.  Public Key Infrastructure (PKI) has the contrasting constraints implied by the comparison of symmetric and asymmetric algorithms.

Research Goals and Method

In some situations, for example, Physical Access Control Systems (PACS), the speed of symmetric algorithms is highly desirable.  If the user population is large (e.g., Federal employees and contractors) and geographically distributed, a centralized hub may be infeasible, and continuous connectivity cannot be assured.  However, if we assume the existence of a large-scale PKI and ubiquitous issuance of PKI credentials, and the existence of trusted security modules that can be programmed to manage keys, are there hybrid SKI/PKI key management architectures with the best properties of both?
The immediate goal of this research will be an exploration and analysis of alternative hybrid SKI/PKI key management architectures.  The work will begin by developing a set of evaluation criteria based on the known characteristics of PKI and SKI separately.  Hybrid approaches will be described and analyzed against the criteria.  Conclusions of the work will include recommendations for evolution of the FIPS 201 standard suite and other identity management programs.

Timeline & Deliverables

Although the deliverable will be produced incrementally, they may be assembled and published as a single NIST publication.

Project Contact

Mr. William MacGregor
william.macgregor (at) nist.gov
T: (301) 975-8721