Privacy-preserving Speaker Authentication (original) (raw)

Speaker Verification using Secure Binary Embeddings

This paper addresses privacy concerns in voice biometrics. Conventional remote speaker verification systems rely on the system to have access to the user's recordings, or features derived from them, and also a model of the user's voice. In the proposed approach, the system has access to none of them. The supervectors extracted from the user's recordings are transformed to bit strings in a way that allows the computation of approximate distances, instead of exact ones. The key to the transformation uses a hashing scheme known as Secure Binary Embeddings. An SVM classifier with a modified kernel operates on the hashes. This allows speaker verification to be performed without exposing speaker data. Experiments showed that the secure system yielded similar results as its non-private counterpart. The approach may be extended to other types of biometric authentication.

Privacy-preserving speaker verification using secure binary embeddings

2014 37th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2014

In this paper we present an adapted UBM-GMM based privacy preserving speaker verification (PPSV) system, where the system is not able to observe the speech data provided by the user and the user does not observe the models trained by the system. These privacy criteria are important in order to prevent an adversary having unauthorized access to the user's client device from impersonating a user and also from another adversary who can break into the verification system can learn about the user's speech patterns to impersonate the user in another system. We present protocols for speaker enrollment and verification which preserve privacy according to these requirements and report experiments with a prototype implementation on the YOHO dataset.

Privacy‐preserving speaker verification system based on binary I‐vectors

IET Biometrics, 2021

Speaker verification is a key technology in many services and applications like smartphones and intelligent digital assistants. These applications usually require users to transmit their recordings, features, or models from their voices over untrusted public networks which stored and processed them on cloud-based infrastructure. Furthermore, the voice signal contains a great deal of the speaker's personal and private information which raises several privacy issues. Therefore, it is necessary to develop speaker verification systems that protect the user's voice against such threats. Herein, the cancellable biometric systems have been introduced as a privacy-preserving solution. A cancellable method for speaker verification systems is proposed using speaker i-vector embeddings. This method includes two stages: (i) i-vector binarisation and (ii) the protection of the binary i-vector with a shuffling scheme derived from a user-specific key. Privacy evaluation of this method according to the standards of biometric information protection (ISO/IEC 24745) shows that the proposed cancellable speaker verification system achieves the revocability, unlinkability, and irreversibility requirements. Moreover, the cancellable system improves biometric performance compared with the unprotected system and makes it resistant to different attack scenarios. Additionally, we demonstrate that this method can also operate to protect deep neural network speaker embeddings such as x-vectors. This is an open access article under the terms of the Creative Commons Attribution License, which permits use, distribution and reproduction in any medium, provided the original work is properly cited.

Secure Binary Embeddings of Front-end Factor Analysis for Privacy Preserving Speaker Verification

Remote speaker verification services typically rely on the system to have access to the users recordings, or features derived from them, and also a model of the users voice. This conventional scheme raises several privacy concerns. In this work, we address this privacy problem in the context of a speaker verification system using a factor analysis based front-end extractor, the so-called i-vectors. Speaker verification without exposing speaker data is achieved by transforming speaker i-vectors to bit strings in a way that allows the computation of approximate distances, instead of exact ones. The key to the transformation uses a hashing scheme known as Secure Binary Embeddings. Then, a modified SVM kernel permits operating on the i-vector hashes. Experiments on sub-sets of NIST SRE 2008 showed that the secure system yielded similar results as its non-private counterpart.

Privacy-preserving speaker verification as password matching

2012

Abstract We present a text-independent privacy-preserving speaker verification system that functions similar to conventional password-based authentication. Our privacy constraints require that the system does not observe the speech input provided by the user, as this can be used by an adversary to impersonate the user in the same system or elsewhere.

Preserving Privacy in Speaker and Speech Characterisation

Computer Speech & Language

Speech recordings are a rich source of personal, sensitive data that can be used to support a plethora of diverse applications, from health profiling to biometric recognition. It is therefore essential that speech recordings are adequately protected so that they cannot be misused. Such protection, in the form of privacy-preserving technologies, is required to ensure that: (i) the biometric profiles of a given individual (e.g., across different biometric service operators) are unlinkable; (ii) leaked, encrypted biometric information is irreversible, and that (iii) biometric references are renewable. Whereas many privacy-preserving technologies have been developed for other biometric characteristics, very few solutions have been proposed to protect privacy in the case of speech signals. Despite privacy preservation this is now being mandated by recent European and international data protection regulations. With the aim of fostering progress and collaboration between researchers in the speech, biometrics and applied cryptography communities, this survey article provides an introduction to the field, starting with a legal perspective on privacy preservation in the case of speech data. It then establishes the requirements for effective privacy preservation, reviews generic cryptography-based solutions, followed by specific techniques that are applicable to speaker characterisation (biometric applications) and speech characterisation (non-biometric applications). Glancing at non-biometrics, methods are presented to avoid function creep, preventing the exploitation of biometric information, e.g., to single out an identity in speech-assisted health care via I Recent advances in speaker and language recognition and characterisation.

Voice Biometrics for User Authentication

2012

Voice biometrics for user authentication is a task in which the goal is to perform convenient, robust and secure authentication of speakers. In this work we investigate the use of state-of-theart text-independent and text-dependent speaker verification technology for user authentication. We evaluate three different authentication conditions: global digit strings, speaker specific digit stings and prompted digit strings. Harnessing the characteristics of the different types of conditions can provide benefits such as authentication transparent to the user (convenience), spoofing robustness (security) and improved accuracy (reliability). The systems were evaluated on a corpus collected by Wells Fargo Bank which consists of 750 speakers. We show how to adapt techniques such as joint factor analysis (JFA), i-vectors, Gaussian mixture models with nuisance attribute projection (GMM-NAP) and hidden Markov models with NAP (HMM-NAP) to obtain improved results for new authentication scenarios ...

New Developments in Voice Biometrics for User Authentication

Voice biometrics for user authentication is a task in which the object is to perform convenient, robust and secure authentication of speakers. In this work we investigate the use of state-of-the-art text-independent and text-dependent speaker verification technology for user authentication. We evaluate four different authentication conditions: speaker specific digit stings, global digit strings, prompted digit strings, and text-independent. Harnessing the characteristics of the different types of conditions can provide benefits such as authentication transparent to the user (convenience), spoofing robustness (security) and improved accuracy (reliability). The systems were evaluated on a corpus collected by Wells Fargo Bank which consists of 750 speakers. We show how to adapt techniques such as joint factor analysis (JFA), Gaussian mixture models with nuisance attribute projection (GMM-NAP) and hidden Markov models with NAP (HMM-NAP) to obtain improved results for new authentication scenarios and environments

Design of Voice Privacy System using Linear Prediction

2020 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC), 2020

Speaker’s identity is the most crucial information exploited (implicitly) by an Automatic Speaker Verification (ASV) system. Numerous attacks can be obliterated simultaneously if privacy preservation is exercised for a speaker’s identity. The baseline of the Voice Privacy Challenge 2020 by INTERSPEECH uses the Linear Prediction (LP) model of speech, and McAdam’s coefficient for achieving speaker de-identification. The baseline approach focuses on altering only the pole angles using McAdam’s coefficient. However, from speech acoustics and digital resonator design, the radius of the poles is associated with various energy losses. The energy losses implicitly carry speaker-specific information during speech production. To that effect, the authors have brought fine-tuned changes in both pole angle and pole radius, resulting in 18.98% higher value of EER for Vctk-test-com dataset, and 5% lower WER for Libri-test dataset compared to the baseline. This means privacy-preservation is indeed ...