This research explores creating a secure verification scheme using voice as a biometric identifier. One of the major contributions of this thesis is the adaptation of the Vaulted Verification protocol to voice. This is achieved by integrating theories from the vision community with those of the voice community. Another contribution of this thesis is the expansion of the challenge-response protocol, introduced in Vaulted Verification, to allow for the natural variations that occur in voice, by way of different types of challenges. This research also contributes to the speaker recognition community by utilizing both text dependent and text independent speaker recognition in a novel way.
Vaulted Verification is a protocol that addresses privacy concerns for a mobile/remote environment by allowing a user to be remotely identified without their template being transmitted when verification takes place. The main idea behind Vaulted Verification is to split the enrollment template into parts, create artificial chaff, and force the client to chose between matching pairs of the real and the chaff. During the verification phase, the server presents the client with a real block and a matching chaff block in a random order. The client must decide the order of the blocks in order to return the correct response to the server. The correct response given to the server includes sending a hash of the function derived from the ordered bitstring and other information. After all the blocks have been sent and responses given, the server then evaluates the response and a decision is made. As with most biometric verification systems, Vaulted Verification is based on the stability of the biometric that it is utilizing. Because of this, there is an inherent invariability in the creation of the template. The templates created must use an ever-increasing amount of permutations, encryption-, obfuscations, etc to remain secure. With this research, we use the variability of speech to increase the complexity without adding additional computational steps.
Vaulted Verification as originally purposed does not work with voice; it is limited face and iris data. By changing perspective on how the templates are generated, and the challenge-response is implemented, this research shows that there exists a structure by which voice can be authenticated in the same spirit as Vaulted Verification did with face and iris. Furthermore, the challenge-response protocol is generalized; first for voice, and then to be independent of a specific biometric identifier all together. For further enhancement of the security, discriminative capabilities and the flexibility of this protocol, speech recognition text dependent and text independent modeling are integrated. The user is not only identified by what they say when answering the challengeresponse questions and the way they sound when speaking certain words, but also by how their voice sounds overall at certain times. This enhances the difficulty for an attacker trying to gain access.
This research also explores key exchange via challenge-response between remote parties using biometric identifiers, such as voice, to verify the identity of the parties during the exchange.
The major contributions of this research include: adaptation of Vaulted Verification to voice, extension of the challenge-response protocol to include different types of challenges, mixing text-dependent and text-independent models into a protocol to enhance the overall robustness of speaker verification, creation of an index-based challenge-response protocol in which no biometric data leaves the remote device, a privacy-enhanced biometrically authenticated remote key exchange protocol, and a security and privacy evaluation of these technologies using a newly created dataset.
List of publications: