Abstract

Personal identification numbers, passwords, smart cards and digital certificates are some of the means employed for user authentication in various electronic commerce applications. However, these means do not really identify a person, but only knowledge of some data or belonging of some determined object. This paper introduces the notion of biometric signature – a new approach to integrate biometrics with public key infrastructure, using biometric based digital signature generation which is secure, efficacious, fast, convenient, non‐invasive and correctly identifies the maker of a transaction. It also suggests two schemes for biometric signature using two existing and widely used digital signature algorithms, RSA and DSA, and discusses the problems associated with them individually. Speed of both schemes (based on iris recognition) is measured and compared with the help of JAVA implementation for both approaches.