Voice authentication using short phrases: Examining accuracy, security and privacy issues

Johnson, R. C.; Boult, Terrance E.; Scheirer, Walter J.

doi:10.1109/btas.2013.6712713

Cited by 10 publications

(8 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Also, the verification of the content of the spoken phrase can serve as a form of security against replay attacks, as older phrases cannot be reused. Another variation of this scheme is to challenge the users with various questions and use voice responses to extract both context information and voice print to enhance system's performance and increase security against replay attacks [158]. An interesting attack vector for M-V-B schemes is computerized imitation [156] (either by targeted impersonation or physical observation).…”

Section: M-v-b Schemes: Text-independent Speaker Authenticationmentioning

confidence: 99%

“…This concept was introduced in a system called "text-constrained" speaker recognition [166]. Another example of this is to use a challengeresponse based authentication protocol where the model is created based on a limited number of short-phrases [158]. In whisper authentication, one important question to address is its usability: is it convenient and non-intrusive to use?…”

Section: Avenues For Researchmentioning

confidence: 99%

See 1 more Smart Citation

Emerging NUI-Based Methods for User Authentication: A New Taxonomy and Survey

Sae-Bae

Memon

et al. 2019

IEEE Trans. Biom. Behav. Identity Sci.

View full text Add to dashboard Cite

As the convenience and cost benefits of Natural User Interface (NUI) technologies are hastening their wide adoption, computing devices equipped with such interfaces are becoming ubiquitous. Used for a broad range of applications, from accessing email and bank accounts to home automation and interacting with a healthcare provider, such devices require, more than ever before, a secure yet convenient user authentication mechanism. This paper introduces a new taxonomy and presents a survey of "point-of-entry" user-device authentication mechanisms that employ a natural user interaction. The taxonomy allows a grouping of the surveyed techniques based on the sensor type used to capture user input, the actuator a user applies during interaction, and the credential type used for authentication. A set of security and usability evaluation criteria are then proposed based on the Bonneau, Herley, Van Oorschot and Stajano framework. An analysis of a selection of techniques and, more importantly, the broader taxonomy elements they belong to, based on these evaluation criteria, are provided. This analysis and taxonomy provide a framework for the comparison of different authentication alternatives given an application and a targeted threat model. Similarly, the taxonomy and analysis also offer insights into possibly unexplored, yet potentially rewarding, research avenues for NUI-based user authentication that could be explored.

show abstract

Section: M-v-b Schemes: Text-independent Speaker Authenticationmentioning

confidence: 99%

Section: Avenues For Researchmentioning

confidence: 99%

Emerging NUI-Based Methods for User Authentication: A New Taxonomy and Survey

Sae-Bae

Memon

et al. 2019

IEEE Trans. Biom. Behav. Identity Sci.

View full text Add to dashboard Cite

show abstract

“…Vaulted Voice Verification, introduced in [15] and expanded on in [16], is a voice-based extension of a technique called Vaulted Verification, which was developed for privacy and security enhanced biometric identification [2,17]. Vaulted Voice Verification is an extension of the Vaulted Verification concept, combining it with with technology for speaker identification and with recognition techniques from the voice community [18,19,20,21].…”

Section: Introduction and Related Workmentioning

confidence: 99%

With vaulted voice verification my voice is my key

Johnson

Boult

2013

2013 IEEE International Conference on Technologies for Homeland Security (HST)

Self Cite

View full text Add to dashboard Cite

Those who handle sensitive information from time to time need a device that can communicate securely. They also need the ability to verify the recipient of the information. For such secure communication to take place, they must securely exchange a key, often with someone they do not already know.Biometrics have been gaining widespread adoption in an effort to verify the end users identity. We extend this to key exchange. Vaulted Voice Verification, a recently introduced voice-based biometric protocol, has been shown to securely and remotely verify a user while also maintaining the privacy of the user. However Vaulted Voice Verification as originally proposed was not well suited for the exchange of larger keys. We present an index-based Vaulted Voice Verification which significantly reduces communication overhead and allows the transmission of keys that are suitable for biometrically authenticated secure communication.

show abstract

“…There have been several variations of the VV protocol over the years, including extensions to iris [26], fingerprint [2], and voice [12,11,10] biometrics. The latter extensions incorporated public key cryptography, and reduced communication overhead by using index tables.…”

Section: Introductionmentioning

confidence: 99%

CALIPER: Continuous Authentication Layered with Integrated PKI Encoding Recognition

Rudd

Boult

2016

2016 IEEE Conference on Computer Vision and Pattern Recognition Workshops (CVPRW)

Self Cite

View full text Add to dashboard Cite

Architectures relying on continuous authentication require a secure way to challenge the user's identity without trusting that the Continuous Authentication Subsystem (CAS) has not been compromised, i.e., that the response to the layer which manages service/application access is not fake. In this paper, we introduce the CALIPER protocol, in which a separate Continuous Access Verification Entity (CAVE) directly challenges the user's identity in a continuous authentication regime. Instead of simply returning authentication probabilities or confidence scores, CALIPER's CAS uses live hard and soft biometric samples from the user to extract a cryptographic private key embedded in a challenge posed by the CAVE. The CAS then uses this key to sign a response to the CAVE. CALIPER supports multiple modalities, key lengths, and security levels and can be applied in two scenarios: One where the CAS must authenticate its user to a CAVE running on a remote server (device-server) for access to remote application data, and another where the CAS must authenticate its user to a locally running trusted computing module (TCM) for access to local application data (device-TCM). We further demonstrate that CALIPER can leverage device hardware resources to enable privacy and security even when the device's kernel is compromised, and we show how this authentication protocol can even be expanded to obfuscate direct kernel object manipulation (DKOM) malwares.

show abstract

Voice authentication using short phrases: Examining accuracy, security and privacy issues

Cited by 10 publications

References 14 publications

Emerging NUI-Based Methods for User Authentication: A New Taxonomy and Survey

Emerging NUI-Based Methods for User Authentication: A New Taxonomy and Survey

With vaulted voice verification my voice is my key

CALIPER: Continuous Authentication Layered with Integrated PKI Encoding Recognition

Contact Info

Product

Resources

About