A novel protocol is proposed to address the problem of user authentication to smartcards by means of devices that are currently inexpensive. The protocol emulates expensive Match On Card (MOC) smart-cards, which can compute a biometric match, by cheap Template on Card (TOC) smartcards, which only store a biometric template. The actual match is delegated to an extension of the cryptographic module running on: the card host, which is called Cryptoki according to the PKCS#11[9] standard. Compliance to such a standard increases the portability of the protocol. Informal reasoning confirms the protocol strenghts, though its formal verification in terms of established equational techniques appears to be at hand.
展开▼
