A variation of the following biometric authentication protocol was experimentally tested several years ago at immigration checkpoints in major U.S. airports. A user registers in person by showing her credentials (e.g., passport and visa) to the registration authority and giving her fingerprint (a "palmprint" was actually used). The registration authority then issues to the user a tamper-resistant

smartcard that stores the reference fingerprint vector and can execute the matching algorithm. The checkpoint is equipped with a tamper resistant admission device that contains a fingerprint reader and a smartcard reader. The user inserts her smartcard and provides her fingerprint to the device, which forwards it to the smartcard. The smartcard executes the comparison algorithms and outputs the result ("match" or "no match") to the device, which admits or rejects the user accord ingly.

Clearly, an attacker can defeat this scheme by programming a smartcard that always outputs "match.". Show how to modify the scheme to make it more secure. Namely, the ad mission device needs to make sure that it is interacting with a valid smartcard issued by the registration authority. You can assume that the smartcard can perform cryptographic com putations and that the admission device knows the public key of the registration authority. The attacker can program smartcards and is allowed to have an input-output interaction with a valid smartcard but cannot obtain the data stored inside it.

There are several valid solutions. One solution is to have the registration au
thority give the smartcard a copy of the reference fingerprint signed by the registration
authority, and then have the fingerprint comparison performed by the admission device,
not the smartcard. In this way, the admission authority knows the reference fingerprint
is valid (by checking the RA's signature on it) and that the person's fingerprint matches.
Another solution is to have the registration authority issue public/private key pairs to each
valid smartcard and additionally give it a signed copy of this public key. When a smartcard
is inserted, it gives the admission authority its (signed) public key, which the admission
authority validates. Then, when the admission authority reads the fingerpint, it encrypts
it using this smartcard's public key and sends this ciphertext to the smartcard. The smart
card then responds with the match or no-match response, along with a decrypted version
of the fingerprint ciphertext that was just sent by the admission authority. In this way, the
admission authority is assured that the smartcard has a valid public/private key pair and
that it knows its associated private key (since it used it to decrypt the fingerprint); hence,
the admission authority can have a higher degree of trust that the smartcard performed a
valid test on the fingerprint.