Fuzzy Identity-Based Encryption -- Privacy for the Unprepared User
Brent Waters (Stanford University)
Colloquium
Tuesday, April 12, 2005, 3:30 pm
EE-105
Abstract
Identity-Based Encryption (IBE) allows the use of an identity as a public key. For example, to encrypt a message one would only need to know the recipient's identity, e.g. the string "bob@yahoo.com", and not need access to a traditional public key infrastructure. I will present a new form of IBE that uses human biometrics as identities (public keys).
There are two primary advantages of using biometrics as public keys in an Identity-Based Encryption scheme. First, a person will naturally carry his public key with him at all times. This is very useful in a situation, such as an emergency medical visit, where a patient will be unprepared with a traditional public key. Secondly, the process of authenticating oneself to obtain a private key is very natural. One can demonstrate ownership of an identity simply by physically presenting the biometric.
In this talk I will further discuss the motivations for biometric-based IBE, the primary challenges in developing such as system, and a cryptographic solution that I call Fuzzy Identity-Based Encryption. Additionally, I will give a brief overview of other recent results I have in broadcast encryption and describe some practical applications.