Providing proof that transmitted or stored electronic data was originated by a particular user and has not been tampered with since or substituted with a forgery is not an easy problem to solve.
Authentication of public keys used to encrypt original data is traditionally done using certificates whereby a trusted third party (TPA) acts as a Certification Authority (CA) and publishes public keys and their associated owner's identities (ID's) in the form of certificates. These certificates are digitally signed using the private key of the CA so that the authenticity of a certificate may be checked by anyone using the public key of the CA.
The binding of the ID with the public key is an important issue. There are several problems with the CA approach. A central server has to be constantly available, accessible under varying traffic conditions and hacker proof. Strict security procedures need to be followed by the CA to check ID's before issuing each certificate. Also procedures need to be in place to prevent tampering of certificates. The CA has to have credible trustworthiness. Apart from checking the digital signature a user cannot directly verify the associated ID of a public key.
Other known techniques involve multi-factor authentication as recommended by government regulators (for example the US Federal Financial Institutions Examination Council). The multi-factors are typically something known (a secret number or password), something owned (a device, a computer or piece of equipment) and various types of biometric information. For example, U.S. Pat. No. 7,606,768 B2 by Graubart et al, describes a technique where the originator of a document generates a voice message which includes their ID and a secret number, a PIN. The voice message is appended to the document to form a data file. A polynomial hash of the data file is calculated and encrypted using the PIN as the basis of the encryption key. The recipient is able to authenticate the originator's ID by recognising the originator's voice in the voice message. The document is bound to the originator through the PIN encrypted hash. Provided the PIN is kept secret, a forger cannot change the document without invalidating the encrypted hash.
The disadvantage of this method described in U.S. Pat. No. 7,606,768 B2 is that while the biometric content provides strong binding to the originator's ID, the binding to the document is weak in that if a forger is able to learn the PIN then the forger can replace the document with a forged document, calculate a new encrypted hash and utilise the originator's voice message to provide authentication.
Moreover, much of current day electronic communications involves digital files and in the case of encrypted communications the encryption and decryption keys are usually stored as digital files. In many applications it is necessary to bind one or more digital files to the identity of an individual who is designated as the originator, owner or administrator of said files. An example of particular importance is the binding of a public encryption key or any shared secret to an individual to prevent impersonations such as Man In The Middle (MITM) attacks.
Conventional identity authentication systems are generally known, implementing different methods with this general aim. For example, US2003/0182585 (Mucase and Marada) discusses a technique whereby the digital file is a password and it is associated with an identity by means of the same password written by hand similar to a handwritten signature.
There is a need in some cases to provide an irrefutable association or binding of a person's identity with transmitted data by using biometrics.