Cryptography Reference
In-Depth Information
handwriting dynamics. (Unfortunately, two points work against practice: first,
BioID does not exist anymore; the reject ratio was too high. And in the second
case, the system checks only for signatures due to data privacy and acceptance
reasons.) Variability would actually be important: imagine that Bob gets hired
by the competitor and logs himself in with the same word he used at the BioID
system. His old company would be very tempted to gain access using his known
BioID record. But certainly the old company is unable to calculate a record for
newly spoken words from the old one.
Also, when using Smartpen, a user can choose what he writes on paper.
Mnemonically advantageous would be something related to the purpose of
authenticating: for example, the name of your bank, followed by the last three
digits of your account number.
I see the future of biometrics in variable characteristics, or at least combined
methods, and not in either fingerprint, gait, or facial geometry alone. Such data
should not be used exclusively, and the concept should consider that a fingertip
can be cut, or a face can change due to many things, such as a swollen eye.
Biometrics can doubtlessly make our lives somewhat simpler and more secure
at the same time, provided it is applied properly.
If you are interested in learning more about this topic, I recommend the fasci-
nating topic [WoodBiom].
6.7 Trojan Cryptography
In this section, you will be presented with a new trend in cryptographic devel-
opment that might represent a great risk for users of encryption systems, but
which has earned little notice in practice, as things typically are with cryp-
tology. I felt this personally: 'positive' articles in magazines like [Wobsymm]
received a vivid echo, while nobody responded to [Wobtroja].
What is Trojan cryptography about? First of all, you won't find this term in the
literature. It is a name I use for cryptographic software or hardware that has
a backdoor built in knowingly and without the users being aware of it . (More
specifically, Trojan cryptography denotes the algorithms and/or protocols such
software or hardware uses.) The analogy with the Trojan horses used by hackers
is obvious: Trojan horses are apparently harmless programs but undermine the
user's security with fraudulent intention. The same purpose is pursued with
Trojan cryptography. Presumably the first scientific study of such methods is
Search WWH ::




Custom Search