Although speech recognition technology has improved significantly over the past few years, the absence of reliable voice authentication methods has negatively affected the Internet of Things (IoT). Voice-activated devices, by design, rely on personal voice biometrics for access-level security, and insecure voice authentication techniques limit the development of voice interfaces that can deal with multiple users with different privileges. Furthermore, public concerns surrounding biometric systems have been reported. Outsourcing biometric data are liable to various privacy breaches, increasing vulnerability to cyberattacks from both criminal organizations and government agencies. In this article, we address the security and privacy challenges of voice authentication for IoT by presenting an edge-based, hands-free, single-factor authentication scheme that consists of three security-based features: random phrase verification, anti-spoof verification, and text-independent speaker recognition. The use of edge technology allows the integration of this authentication scheme with resource contained IoT devices such as voice assistants. Additionally, privacy is ensured by a novel security protocol that uses chaffing and encryption techniques to protect the users' biometric data stored locally on the edge device. Finally, the scheme does not compromise the user experience as it requires only two short voice inputs.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.