05-11-2015 | By Paul Whytock
Traditionally it has always been the mysterious gypsy character that would read your palm but recent developments by the Fujitsu Labs now means that biometric data such as the veins in your hand can be turned into cryptographic keys.
And this is a development that could further strengthen existing yet potentially vulnerable palm-based security ID systems.
Current conventional methods using biometric data do have an inherent weakness because it is often necessary to transmit the data through a network which could in itself be compromised.
What Fujitsu Labs have done is create a system that uses random numbers to switch biometric data into a cryptographic key which can be used in both encryption and decryption cycles. This is important because is it means confidential data using biometric data is protected when passing through a network.
But contactless palm vein recognition technology is nothing new and was first demonstrated back in 2002 and is widely used. It works by extracting feature data from biometric data. With previous technologies, confidential data was encrypted with this feature data, but when decrypting, the feature data extracted from biometric data would usually be matched with the encrypted data. This does not present a problem when used in a personal device, such as a laptop or smartphone, but when used via an open network such as in the cloud, a more secure decryption technology is necessary to prevent leaks of biometric data.
Fujitsu Laboratories has developed technology to decrypt confidential data that has been encrypted using biometric data converted using random numbers. As a result, confidential data can be encrypted and decrypted just with the user's biometric data, which means cryptographic key management is no longer required.
Error-correcting codes where used for the encryption method to compensate for errors that are typically generated in a network transmission route. The system creates different random numbers for encryption and decryption and by using these protects both confidential data and biometric data.
Because the biometric data used for encryption and decryption are converted with random numbers it is possible to securely manage a person's confidential data using biometric data, while preventing the unconverted biometric data from leaking over the network. This means the use of encryption technology using biometrics can now be expanded to cloud services across open networks.