Bonn-Aachen International Center
for Information Technology





city life
cosec >students >Teaching >Summer 2009  

Cryptographic passports & biometrics

Corresponding entry in Aachen Campus, Bonn University (Lecture, Tutorial).


Prof. Dr. Joachim von zur Gathen


Michael Nüsken


Konstantin Ziegler

Time & Place


Pre-exam meeting: 18 August 2009, 1100, b-it cafeteria.

The exam will be on

The make-up exam will be on

For a post-exam meeting arrange an appointment to review our ranking of your exam.

Links & Literature

Notes and exercises

The lecture notes (PDF) contain all slides, the white board on the PKI and the white board picture from the preexam session. (Only the two additional pages: PDF.) However, some information can only be found in Doc 9303 and related documentation. A good basis for the biometrics is chapter 2 in the book Wayman et. al. (2005).


On Monday, 27 April 2009, we have the unique opportunity to visit the Eurocrypt 2009.

We will meet at 845 in the morning in the Martim Hotel Cologne at Heumarkt 20, 50667 Cologne. As I do not yet know the location: our meeting point is in front of the room where the first lecture takes place, leftmost rear entry. Travel information can be found on the conference's website.

Note that the first talk starts at 900, so please be on time.

Possible connections to get there:


4+2 SWS, 8 credits. Optionally, 3+2 SWS, 6 credits.

Successful completion of the course yields 8 credit points. For students who only want 6 credit points, a breakpoint at about 3/4 of the teaching time will be defined, and only the course material up to that point will be relevant for their exams and grades.


None. Basic knowledge in cryptography might be helpful, as for example the parallel course Cryptography. Yet, this is not required.


Passports shall carry more and more sensitive information in a easily accessible way in the future. This information may, apart from name, origin and the like, contain fingerprints or retina scans. And it is stored in electronic form, and it can be accessed by wireless transmissions. This raises a lot of new problems:

The course will try to give an overview what and how things are implemented. We will discuss the concerns of and threats to holders, society and government. Biometrical information has long been used to identify persons. Already, in 1901 Scotland Yard started to use fingerprints to identify criminals. Since then various other methods have been introduced: iris scan, face recognition, retina scans, hand geometry to name just the most prominent. Since about 1965 people have tried to automate all these identification methods. This has shown many difficulties. It is still not clear which information identify a person: for example, though it is widely believed that fingerprints do, only few scientific studies are available. And it turns out to be pretty difficult to find a reliable automatic pattern matcher. Mind that it is not like searching a given fixed string in a dictionary. You have to find the template(s) that are most similar to a given one, or tell that there is none within given bounds.

Imprint, webmaster & more