Privacy-Preserving iVector-Based Speaker Verification

Rahulamathavan, Yogachandran; Sutharsini, Kunaraj R; Ray, Indranil Ghosh; Lu, Rongxing; Rajarajan, Muttukrishnan

doi:10.1109/taslp.2018.2882731

Cited by 22 publications

(17 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…FAR = 0.0%, FRR = 1.19% and ERR = 0.59% [48] Iris [49][50][51] Classification accuracy higher than 99.9%. FAR = 0,00001%, FRR = 0.1% [52] Retina [53,54] The true acceptance rate 98.148% [55] Face [56,57] FAR = 0,1%, FRR = 7% [52] Keystroke dynamics [58][59][60] Classification accuracy 92.60% [61] Signature dynamics [62,63] Average FAR = 5.125%, FRR = 5.5%, AER = 5.31% [64] Speech [65][66][67] Classification accuracy up to 99%. EER = 1% [68] The analysis of the presented values of the accuracy of authentication does not allow us to speak of a single use of features, however, it makes relevant their use within multimodal authentication (for example, face + iris [69], face and vein arrangement on finger, fingerprint, and voice [70], complex parameters of fingers and palms [71,72]) and the construction of ensembles of various types [73,74].…”

Section: Biometric Characteristic Papers Resultsmentioning

confidence: 99%

Information Security Methods—Modern Research Directions

et al. 2019

View full text Add to dashboard Cite

In Tomsk University of Control Systems and Radioelectronics (TUSUR) one of the main areas of research is information security. The work is carried out by a scientific group under the guidance of Professor Shelupanov. One of the directions is the development of a comprehensive approach to assessing the security of the information systems. This direction includes the construction of an information security threats model and a protection system model, which allow to compile a complete list of threats and methods of protection against them. The main directions of information security tools development are dynamic methods of biometrics, methods for generating prime numbers for data encryption, steganography, methods and means of data protection in Internet of Things (IoT) systems. The article presents the main results of research in the listed areas of information security. The resultant properties in symmetric cryptography are based on the properties of the power of the generating functions. The authors have obtained symmetric principles for the development of primality testing algorithms, as discussed in the Appendix.Symmetry 2018, 10, x FOR PEER REVIEW 3 of 33 Ported to AMR system devices, IPsec ensures mutual authentication of network devices using the IKEv2 protocol. Optionally, the network can be configured based on the EAP-PSK protocol. During configuration, the devices receive network addresses and authentication keys, at which point the execution of EAP-PSK is stopped and data is transferred via IPsec. Another option is to use pre-installed certificates on the devices. In this case, the initial configuration is done manually, but the network does not require EAP-PSK to be used.Data integrity control and encryption during transmission are provided by ESP, which is the protocol used in IPsec at the transport level. This protocol ensures the security of both the data transmitted and packet headers at the network level.This approach makes it possible to ensure reliable authentication of the AMR system devices and the security of the data to be transmitted and opens a wide range of options for the configuration of network operation; however, it cannot be used in networks with heterogeneous communication channels. The EAP-PSK-based approach offers less flexibility but is suitable for networks with heterogeneous communication channels. For an AMR system, a list of threats was proposed based on the developed methodology. Threats to the confidentiality of the system are threats related to the collection of information about the system. This can be a list of devices, software versions, authentication data, access control policies, network addresses, interaction protocols, etc. Threats to the integrity of the automated system for commercial accounting are: substitution of an object, substitution of a communication channel, deletion of an object, destruction of a communication channel, addition of an unauthorized object, creation of an unauthorized communication channel; change of communication channel or object settings...

show abstract

Section: Biometric Characteristic Papers Resultsmentioning

confidence: 99%

Information Security Methods—Modern Research Directions

et al. 2019

View full text Add to dashboard Cite

show abstract

“…Also, this method is not secure against a malicious user that can just send the encryption of an accepting score to AS operator . Another solution by Rahulamathavan et al (2019) does not rely on HE but uses randomization of feature vectors in combination with a privacy-preserving scalar product protocol (Lu et al, 2014). However, this architecture is completely insecure because the protocol of Lu et al (2014) was irreparably broken in Schneider & Treiber (2019).…”

Section: Related Workmentioning

confidence: 99%

Privacy-preserving PLDA speaker verification using outsourced secure computation

Treiber

Nautsch

Kolberg

et al. 2019

Speech Communication

View full text Add to dashboard Cite

The usage of biometric recognition has become prevalent in various verification processes, ranging from unlocking mobile devices to verifying bank transactions. Automatic speaker verification (ASV) allows an individual to verify its identity towards an online service provider by comparing freshly sampled speech data to reference information stored on the service provider's server. Due to the sensitive nature of biometric data, the storage and usage thereof is subject to recent EU regulations introduced as means to protect the privacy of individuals enrolled in an automatic biometric verification system. Stored biometric data need to be unlinkable, irreversible, and renewable to satisfy international standards. Preserving privacy in ASV is also important because, contrary to other biometric characteristics such as fingerprints, speech data can be used to infer a lot of sensitive information about the data subject. As a result, some architectures have been proposed to enable privacy-preserving ASV in the encrypted domain. Recently, homomorphic encryption (HE) was proposed to protect both subject features and vendor models in an embedding-based ASV. This architecture improves on previous privacy-preserving ASV by using (probabilistic) embeddings (i-vectors) and by additionally protecting the vendor's model. However, the usage of HE comes with a rather heavy overhead and significantly slows down the verification process. In this work, we align the cryptographic notion of outsourced secure two-party computation to embedding-based ASV. Our architecture protects biometric information in ASV and can also be used for any automatic biometric verification task. We show that unlinkability, irreversibility, and renewability are granted. Compared to the HE solution, our architecture results in considerably lower communication and computation overhead. Our architecture has been implemented and is experimentally evaluated on the NIST i-vector challenge 2014 using the cosine distance and log-likelihood ratio (LLR) scores from probabilistic linear discriminant analysis (PLDA) and two-covariance (2Cov) comparators. The results show that verification accuracy is retained while e ciency is improved. For instance, a PLDA verification with an embedding dimension of 200 takes about 77 milliseconds over a LAN. This is an improvement of more than 3000⇥ over the HE-based solution and shows that privacy of subject and vendor data can be preserved in ASV while retaining practical verification times. Moreover, our system is secure against malicious client devices.

show abstract

“…Privacy concerns are considered as one of the major challenges in speaker recognition applications [24] as it involves the complete sharing of speech data, which can bring threatening consequences to people's privacy. Federated learning can avoid privacy infringement by involving multiple participants to collaboratively learn a shared model without revealing their local data.…”

Section: Introductionmentioning

confidence: 99%

Federated Learning for Privacy-Preserving Speaker Recognition

Woubie

Bäckström

2021

IEEE Access

View full text Add to dashboard Cite

The state-of-the-art speaker recognition systems are usually trained on a single computer using speech data collected from multiple users. However, these speech samples may contain private information which users may not be willing to share. To overcome potential breaches of privacy, we investigate the use of federated learning with and without secure aggregators both for supervised and unsupervised speaker recognition systems. Federated learning enables training of a shared model without sharing private data by training the models on edge devices where the data resides. In the proposed system, each edge device trains an individual model which is subsequently sent to a secure aggregator or directly to the main server. To provide contrasting data without the need for transmitting data, we use a generative adversarial network to generate imposter data at the edge. Afterwards, the secure aggregator or the main server merges the individual models, builds a global model and transmits the global model to the edge devices. Experimental results on Voxceleb-1 dataset show that the use of federated learning both for supervised and unsupervised speaker recognition systems provides two advantages. Firstly, it retains privacy since the raw data does not leave the edge devices. Secondly, experimental results show that the aggregated model provides a better average equal error rate than the individual models when the federated model does not use a secure aggregator. Thus, our results quantify the challenges in practical application of privacypreserving training of speaker training, in particular in terms of the trade-off between privacy and accuracy.

show abstract

Privacy-Preserving iVector-Based Speaker Verification

Cited by 22 publications

References 16 publications

Information Security Methods—Modern Research Directions

Information Security Methods—Modern Research Directions

Privacy-preserving PLDA speaker verification using outsourced secure computation

Federated Learning for Privacy-Preserving Speaker Recognition

Contact Info

Product

Resources

About