Secure Remote Authentication Using Biometrics

Biometrics offer a potential source of high-entropy, secret information. Before such data can be used in cryptographic protocols, however, two issues must be addressed: biometric data are not uniformly distributed, and are not exactly reproducible. Recent work most notably that of the authors has shown how these obstacles may be overcome using public information which is reliably sent from a server to the (Human) user. Subsequent work of the author has shown how to extend these techniques - in the random oracle model - to enable unidirectional authentication from the user to the server without the assumption of a reliable channel.