Vladimír Smejkal

Implementing trustworthy dynamic biometric signature according to the electronic signature regulations

Many countries of the world exercise legal regulations, which embedded electronic signature based on asymmetric cryptography in their legislation. However, this kind of signature is cumbersome and not yet overly accepted by the public. This paper studies the possibility of replacing it by dynamic biometric signature (DBS) in relation with demands of the legal regulations (EU in particular) not only as “current” electronic signature (ES) but also as “advanced” electronic signature (AES). However, in order to satisfy the requirements for AES, whilst being implemented it must fulfill demands given by the legislation for this type of signature. The authors describe the methods how to satisfy such demands and thus build a system utilizing DBS with high level of security. Furthermore, the authors discuss the issues of uniqueness of DBS in terms of individuals characteristic motion, and hence the validity of parameters required for unique identification of the user. The study then proposes important methods for identification of an individual. The authors then conclude that DBS under the right implementation can form significant alternative to ES and AES.

Strong authentication using dynamic biometric signature

This paper examines the current status in the field of securing electronic documents through cryptographic tools such as electronic signatures, electronic mark and time stamp, especially in terms of their long-term storage and authentication. The authors propose a solution that removes the limitation in the use of certificates, which are constrained by the duration of validity. This is the use of dynamic biometric signature (DBS) as a natural and easily accessible tool for one-factor authentication. In fact, this method utilizes the analysis of several factors, however, to the user the method appears only as a one-factor method. The introduction of DBS as another variant of the legislatively supported electronic signature creates a new, considerably simpler means of signing electronic documents and eliminates the major complication in existing authentication of the documents and their storage in electronic form. Dynamic signature contains biometric information that reflects the characteristics of the signing person, i.e. the habits and behaviors. These properties represent a biometric footprint, which is unique to each individual and cannot be reproduced by counterfeiters. Verification of a person using his signature is one of the most natural biometric methods, since we are accustomed to verify everything with signature. The Dynamic biometric signature technology can provide the same level of security as is in the case of electronic signatures employing certificate-based cryptographic methods.

Development trends of electronic authentication

Electronic authentication and authorization aspects are one of burning issues tightly connected with information system security. This article provides a description of present trends in authentication and authorization methods development not only from the technological point of view but it intends to demonstrate the necessity of these methods solving in compliance with legal regulations. First part of article deals with the main features of strong authentication methods and describes their pros and cones. In description of methods is pointed to the weakest point of authentication system - the ldquoqualityrdquo of userpsilas working machine mainly in case of remote user connection and resistance of mentioned authentication techniques to attacks. Second part connects the impacts and effects of designed authentication tools with legal regulations and explains why during the authentication (and mainly authorization) process we can and have to rely on the current legal regulations that protect ICT systems, eventually provide protection of individuals and personal data.

Realization of arbitrary transfer current characteristic using transconductors CDTA

Active RC circuits with arbitrary transfer characteristics in current mode are presented in this paper. The given circuits are based on the multiple-loop feedback structure, namely on the follow-the-leader feedback structure with output summation. Modeling by signal flow graph technique is used to modify and transform the structure in current mode. Implementations by multi-output current-differencing-input transconductors (CDTA) are given. Verification and illustration are shown. The designed circuits have been simulated in PSpice and SNAP, resulting responses are confirming the theoretical assumptions.

The dynamic biometric signature — Is the biometric data in the created signature constant?

Biometric authentication methods are increasingly proving to be a sensible compromise between the demands on the user and/or the authentication tools without reducing the level of security. Dynamic biometric signature (DBS) systems record data from the handwritten signature using special tools which enable an analysis of both the static and dynamic properties associated with the typical behaviour of the signing individual. In our previous ICCST paper (Rome, 2014) we have undertaken fundamental experiments demonstrating the uniqueness of the DBS and its resistance to forgery. Limitation of this experiment was the significance homogeneity of the used test group consisting of students from the Cybernetics Department at the Technical University in Prague. Further experiments have been undertaken with the same content, but using an absolutely heterogeneous group consisting of men and women of different ages, levels of education and professions in order to show whether the uniqueness and resistance to forgery is preserved in the DBS even in this case. A no less significant aspect when assessing the properties of the DBS is the question of the immutability and duplicability of the already created biometric data. Further questions still arise as to the degree to which the characteristics of the DBS will change when the given individual is subjected to various influences. Our experiments have therefore focused on the creation of various conditions when signing and on monitoring their influence on the stability of the researched individuals DBS. In our paper we present the results of experiments that have the considerable importance in terms of DBS credibility when being used in authentication of users.

The influence of stress on biometric signature stability

This paper directly follows on from prior research into DBS, the properties of DBS, security, its resistance to forgery and its stability. Experiments under stress situations, conducted during a survival course at the University of Defence of the Czech Republic, are described herein. It was shown that a handwritten signature developed by way of long-term practice and the reinforcement of a dynamic stereotype, consisting of the physiological, anatomical and motoric properties of each and every individual, becomes automatic to such an extent that the subconscious appending of a signature protects it from outside influences to a similar degree as we proved in the past in relation to alcohol. The experiments also identified that shorter signatures (abbreviated signature, initials) show very high variability of conformity and non-conformity between individual signatures. It was proven that the quality of recognising a signature rises with the length of the information written down. It was also again confirmed that the use of a 1st signature as “practice”, not included in the results, reduced the variability of signatures among all participants.

Stability of a dynamic biometric signature created on various devices

The paper directly follows on from the prior research on the dynamic biometric signature (DBS), its properties, security, its resistance to forgery, and its stability. In our experiments, we used all the available pads produced by Signotec, which differ from each other in terms of their design, the size of the signature field, resolution, sampling rate, and even the scanning method used — a regular pen or a special pen using the ERT (Electromagnetic Resonance Technology). A less heterogenous sample was used than in the previous cases, as the objective of the experiments was to demonstrate a potential change in the DBS connected with the use of a different device, nevertheless the size of the sample means it is sufficiently statistically representative. The results showed that irrespective of the device used, the stability of scanning of the dynamic biometric signature was high for each person. The signature variability did not significantly differ between the devices for individual people. Once again it was confirmed that the use of the first signature as a “trial”, not included in the results, reduces the signature variability for each participant.

Strong Identification and Authentication Using Dynamic Biometric Signature

This paper discusses the possibility of usage of dynamic biometric signatures (DBS) as an alternative of “advanced” electronic signatures. The authors refer to the issues of uniqueness of DBS in terms of individual’s characteristic motion, and hence the validity of parameters required for methods of identification of users and their authentication in the “electronic” world. Furthermore the authors focused on the issue of the use of DBS in connection with legal acts of people and the integration of authentication tools, based on DBS in the legal systems of the EU countries. The conclusions set out in the paper are supported by the results of experiments, when panelists created their biometric samples under different conditions that may have a significant impact, especially for set-up setting of FNMR parameter (False Non-Match Rate).

Data boxes in the Czech Republic and their security

In 2009 Czech Republic introduced a completely new tool for electronic communication with public authority and consequently, individual users themselves. It is an information system (IS) for electronic delivery - IS of data boxes, which allows unambiguously identify and authenticate user, deliver a data message including attachments (any digital document) to the recipient and certify that the message has been received and the recipient has read it. The system of data boxes places a great emphasis on the user authentication. Despite of this information system utilising both one-factor and two-factor authentications, it is becoming apparent that the greatest weakness of current authentication method is the overly loose relationship between users and authentication devices. The report analyses and describes the choices and methods of authentication and user authorisation, which comply with the legislation of the Czech Republic and utilise the new developments in the multi-factor authentication. This system offers a brand new, state-guaranteed secure channel for communication between all users of data boxes, providing far higher quality security than the traditional e-mail communication.