CN109802942A - A kind of voiceprint authentication method and system, mobile terminal of secret protection - Google Patents
A kind of voiceprint authentication method and system, mobile terminal of secret protection Download PDFInfo
- Publication number
- CN109802942A CN109802942A CN201811543836.0A CN201811543836A CN109802942A CN 109802942 A CN109802942 A CN 109802942A CN 201811543836 A CN201811543836 A CN 201811543836A CN 109802942 A CN109802942 A CN 109802942A
- Authority
- CN
- China
- Prior art keywords
- user
- client
- server
- module
- registration
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Collating Specific Patterns (AREA)
Abstract
The invention belongs to field of information security technology, disclose the voiceprint authentication method and system, mobile terminal of a kind of secret protection;When registration, client acquires user speech information and identity information, extracts vocal print feature vector, and the feature vector encrypted and identity information are merged into registration user's template and are sent to server-side;Server-side will register the storage of user's template, complete registration;When login authentication, client acquires user speech information and identity information, is encrypted feature vector using certification i-vector Encryption Algorithm, and the feature vector encrypted and identity information are merged into certification user's template and are sent to server-side.Server-side will authenticate user's template and registration user's template is compared calculating, obtains authentication result and returns to client.The present invention realizes the user data secret protection in voiceprint in the case where not influencing voiceprint efficiency, can be used in real life providing privacy efficient vocal print accession authorization system for user.
Description
Technical field
The invention belongs to the voiceprint authentication method and system of field of information security technology more particularly to a kind of secret protection,
Mobile terminal.
Background technique
Currently, the prior art commonly used in the trade be such that currently, the prior art commonly used in the trade be such that with
Information technology and artificial intelligence it is increasingly developed, the authentication based on biological characteristic is the main of the present and following authentication
Developing direction.Voiceprint is since it is inexpensive, non-contact, can be long-range and the advantages such as be easily achieved, the ground in authentication
Position increasingly increases.However, there are many security threats for voiceprint authentication system.Especially: being provided once attacker obtains service
Person stores the vocal print template data of users in the database, then these attacker/ISPs can be according to these moulds
The maximum spoofing attack that impends in other voiceprint authentication systems of plate data generates corresponding voice fake user and passes through
The detection of every voiceprint authentication system.Accordingly, it is considered to arrive the demand of secret protection and authentication efficiency, a secret protection is realized
Voiceprint authentication system is challenging.In order to find out a kind of solution to the problems described above, there has been proposed some solutions
Scheme, in which: the prior art one " voiceprint authentication method and device based on artificial intelligence " discloses a kind of based on artificial intelligence
Voiceprint authentication method and device.This method is specifically to allow user to read one section of special sound, and user speech is divided into N
Section.It classifies by sex model and N sections of voices determines the gender label of user;And according to gender label and N sections of speech productions
The registration sound-groove model of user.By first obtaining the gender label of the user, different moulds is used according to the gender label later
Type, so that improving availability of the vocal print password as authentication means when logging in, is mentioned with generating corresponding registration sound-groove model
The high performance of voice print matching.But this method, since designer is inconsiderate, there are sound-groove models not to encrypt, user data
Privacy does not have protected problem.Once sound-groove model is stolen, not only privacy of user can be leaked, and attacker can also disguise oneself as
User authenticates, and will cause high risks.
In conclusion problem of the existing technology is: existing voiceprint authentication method exist certification accuracy with communicate
Expense and time overhead cannot be considered in terms of, and user data is without encryption;It will cause privacy of user leakage in the application, and be easy to be forged
Rate height is attacked and admitted one's mistake to vocal print or communication overhead is big.
Solve the difficulty and meaning of above-mentioned technical problem: traditional voiceprint authentication technology does not have encrypting module, once system
Leakage privacy of user is easy for by attack, while attacker can also pretend user and authenticate, and greatly improve system risk.
And homomorphic cryptography technology can bring biggish communication overhead and calculate the time, it is quasi- to be unable to satisfy voiceprint requirement using technology
The characteristics of true rate is high, needs rapid authentication.Therefore, it is necessary to the encryption methods for the new and effective secret protection of voiceprint, can
In the case where not influencing voiceprint efficiency and accuracy rate, realizes the protection of privacy of user data, be stolen even if data
It can not be utilized.
Summary of the invention
In view of the problems of the existing technology, the present invention provides a kind of voiceprint authentication method of secret protection and system,
Mobile terminal.
The invention is realized in this way a kind of voiceprint authentication system of secret protection, the voiceprint of the secret protection
System includes:
Client, for the acquisition of user's voice print database and identity information, key needed for generating and saving encryption, and
It is local that safe encryption is carried out to voice print database and identity information, then it is uploaded to server-side;
Server-side pre-sets the matrix to be used in calculating for completing system initialization;And it stores and has encrypted
The registration voice print database and identity information data of user receive the user that has encrypted and when user applies for login authentication
Certification voice print database and identity information data, then compare calculating, and authentication result is returned into client.
The client further comprises:
Key management module, including key generate submodule, trusted storage module;It is carried out for generating Security Encryption module
Required key when computations, and the key storage generated when registering is extracted into use in certification in local;
Security Encryption module, including registration encryption submodule, authenticated encryption submodule;For respectively registration when and certification
When to vocal print feature vector sum subscriber identity information encrypting and transmitting to server-side;
User information acquisition module, including voice print database acquire submodule, identity information acquisition submodule;It is used for acquiring
The voice messaging and identity information at family, and generate vocal print feature vector.
The server-side further comprises:
Information storage module, including encryption vector sub-module stored, identity information sub-module stored;For storing client
The vocal print feature vector sum subscriber identity information encrypted uploaded, and the vocal print inputted when authentication phase provides user's registration
Feature vector;
Authentication module, including authentication information computational submodule;For user carry out authentication when, comparing calculation
The vocal print feature vector inputted when the vocal print feature vector sum registration inputted when certification, generates authentication result and is sent to client
End;
System initialization module, including background model generates submodule, projection matrix generates submodule;For completing system
Initialization step, training universal background model matrix, training projection matrix, extended projection matrix are then sent to client.
Another object of the present invention is to provide a kind of secret protections of voiceprint authentication system for executing the secret protection
Voiceprint authentication method, the voiceprint authentication method of the secret protection includes:
Step 1, system initialization, server-side generates registration and authentication phase needs the matrix used and is sent to client
End;
Step 2, user's voiceprint registration step, client collect the identity information of user and the feature vector of voice, so
Generate key at random afterwards and be sent to Security Encryption module and trusted storage module, by Security Encryption module by identity information and
Server-side is uploaded to after feature vector encryption;
Step 3, user's voiceprint step, client collect the speech feature vector of user and are sent to security module,
Security Encryption module extracts key encrypted feature vector from trusted storage module, is then uploaded to server-side.Server-side is according to note
Volumes finally sends result to client according to authentication result is calculated.
Further, the voiceprint authentication method of the secret protection specifically includes:
Step 1, system initialization step:
(1) server-side training universal background model matrix ubm;
(2) server-side learns total factor space from background data and obtains matrix tv;
(3) server-side training LDA projection matrix P;
(4) P is extended to (m+2+2 × Z) × (n+2+2 × Z) dimension matrix P by server-sideex:
Wherein Z is the integer and Z >=1 that a user can set;
(5) server-side sending metrix ubm, tv, PexTo client;
Step 2, user's voiceprint registration step:
(1) client extracts feature vector w from the speech utterance of usere, we=[we1,we2,…,wem] be a m tie up to
Amount, the size of each element are l bit and the identity information I for obtaining user's inputi, usual m=600or400, l=
32or64;
(2) client is by { we,IiIt is sent to Security Encryption module;
(3) client generates key M at random1,M2Random vector H is tieed up with a n+2+2Z, wherein M1,M2It is two (n+2+
2Z) × (n+2+2Z) tie up random invertible matrix;Client is by { M1,M2, H } and it is sent to security module;
(4) Security Encryption module calculates the above parameter using registration i-vector Encryption Algorithm, obtains Ci,Ce;
(5) client is by key M1,M2, H is sent to trusted storage module;
(6) client is by { Ii,Ci,CeIt is uploaded to server-side;
Step 3, user's voiceprint step:
(1) client extracts feature vector w from the speech utterance of usera;
(2) client is by { wa,IiIt is sent to Security Encryption module;
(3) client is by { M1,M2, H, r } and from trusted storage module it is sent to Security Encryption module;
(4) Security Encryption module calculates the above parameter using certification i-vector Encryption Algorithm, obtains CH,CM,Ca;
(5) client is by { Ii,CH,CM,CaIt is uploaded to server-side;
(6) server-side is according to IiLog-on data calculate:
(7) if score >=θ, by certification, server-side sends result to client.
Further, registration i-vector Encryption Algorithm specifically includes:
(1) client is by weIt is extended to (m+2+2Z) dimensional vector wE, (m+1), (m+3) ..., (m+1+2Z) a element
Value be r1,r2,...,rZAnd (m+2), the value of (m+4) ..., (m+2+2Z) a element are 1, wherein r1,r2,...,rZFor
Random number and composition random vector r;
(2) channel compensation:
(3) vector diagonalization: D=diay (Te);
(4) random permutation: WD=D × A, A are random (n+2+2Z) × (n+2+2Z) matrix and Ai×HT=1, A=[A1,
A2,...A(n+2+2Z)];
(5) it encrypts: Ci=M1×WD×M2;
(6) modulus:
Further, certification i-vector Encryption Algorithm specifically includes:
(1) w is extendedaTo wA,wA=< wa,-1,r1,-1,...,rZ>;
(2) channel compensation:
(3) it is calculated
(4) it encrypts:
(5) modulus: Ca=| | Ta||。
Another object of the present invention is to provide a kind of mobile terminals of voiceprint authentication method using the secret protection.
In conclusion advantages of the present invention and good effect are as follows: the present invention realizes the secret protection of data resource;In number
According to encrypting before transmission to it, and maintain encrypted state in data processing, substantially increase data privacy and
Safety prevents the leaking data of server-side, and leakage loss is preferably minimized.The present invention can resist multiple network attack
Means, such as man-in-the-middle attack can be resisted, it maliciously distorts, Replay Attack etc., greatly strengthens the safety of data transmission;It adopts
With TrustZone technology, it ensure that key in local safety, is difficult to realize the destruction of attacker more.
High certification accuracy rate is realized, in simulation test, invention achieves 99.93% certification accuracy rate,
In 10 actual tests, 90% certification accuracy rate is also reached;Experiment shows that the present invention compared to existing invention, is put down
The registion time for only needing 0.954 second and 0.021 second authenticated time, compared with the time that the scheme of non-secret protection needs
Amplification very little, almost can be ignored, therefore illustrate that feasibility of the invention is very strong;Paillier is based on another simultaneously
The scheme of homomorphic cryptography is compared, and communication overhead of the invention reduces 200 times, saves machine function, can be suitble to completely more
The case where user concurrent.
Detailed description of the invention
Fig. 1 is the voiceprint authentication system structural schematic diagram of secret protection provided in an embodiment of the present invention.
Fig. 2 is the voiceprint authentication method flow chart of secret protection provided in an embodiment of the present invention.
Fig. 3 is System Initialization Procedure figure provided in an embodiment of the present invention.
Fig. 4 is user's voiceprint registration flow chart provided in an embodiment of the present invention.
Fig. 5 is user's voiceprint flow chart provided in an embodiment of the present invention.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to embodiments, to the present invention
It is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to
Limit the present invention.
The present invention realizes the secret protection of data resource;It is encrypted before data transmission, and in data processing
Encrypted state is maintained in journey, substantially increases privacy and the safety of data, prevents the leaking data of server-side, and will
Leakage loss is preferably minimized.
Application principle of the invention is explained in detail with reference to the accompanying drawing.
As shown in Figure 1, the voiceprint authentication system of secret protection provided in an embodiment of the present invention includes:
Client for typing user information and voice and is extracted feature vector, and is sent after feature vector is encrypted
To server-side.
Server-side, for saving user information and encrypted speech feature vector, and calculate in certification feature to
The matching degree of amount returns to an authentication result.
Client further comprises:
Key management module, including key generate submodule, trusted storage submodule (TrustZone);Pacify for generating
Full encrypting module carries out key required when computations, and the key storage generated when registering is mentioned in local in certification
Take out use.
Security Encryption module, including registration encryption submodule, authenticated encryption submodule;For respectively registration when and certification
When to vocal print feature vector sum subscriber identity information encrypting and transmitting to server-side.
User information acquisition module, including voice print database acquire submodule, identity information acquisition submodule;It is used for acquiring
The voice messaging and identity information at family, and generate vocal print feature vector.
Server-side further comprises:
Information storage module, including encryption vector sub-module stored, identity information sub-module stored;For storing client
The vocal print feature vector sum subscriber identity information encrypted uploaded, and the vocal print inputted when authentication phase provides user's registration
Feature vector.
Authentication module, including authentication information computational submodule;For user carry out authentication when, comparing calculation
The vocal print feature vector inputted when the vocal print feature vector sum registration inputted when certification, generates authentication result and is sent to client
End.
System initialization module, including background model generates submodule, projection matrix generates submodule;For completing system
Initialization step, training universal background model matrix, training projection matrix, extended projection matrix are then sent to client.
As shown in Fig. 2, the voiceprint authentication method of secret protection provided in an embodiment of the present invention the following steps are included:
S201: system initialization, server-side generates registration and authentication phase needs the matrix used and is sent to client;
S202: user's voiceprint registration step, client collect the identity information of user and the feature vector of voice, then
The random key that generates simultaneously is sent to Security Encryption module and trusted storage module (TrustZone), by Security Encryption module by body
Server-side is uploaded to after part information and feature vector encryption;
S203: user's voiceprint step, client collect the speech feature vector of user and are sent to security module, pacify
Full module extracts key encrypted feature vector from memory module, is then uploaded to server-side.Server-side is calculated according to log-on data
Authentication result finally sends result to client.
Application principle of the invention is further described with reference to the accompanying drawing.
As shown in Figure 1, the voiceprint authentication system of secret protection provided in an embodiment of the present invention includes client and server-side
Two component parts.Wherein:
Client is responsible for the acquisition of user's voice print database and identity information, key needed for generating encryption, and local right
Voice print database and identity information carry out safe encryption, are then uploaded to server-side.
Server-side completes system initialization, pre-sets the matrix to be used in calculating.And store the use encrypted
The registration voice print database and identity information data at family, and when user applies for login authentication, receive recognizing for the user encrypted
Voice print database and identity information data are demonstrate,proved, then compares calculating, and authentication result is returned into client.
Client, comprising: user information acquisition module, key management module, Security Encryption module.
The user information acquisition module, for acquiring the voiceprint and identity information of user, and generate vocal print feature to
Measure weWith identity information Ii, then by { we,IiIt is sent to Security Encryption module.
The key management module, for generating key M at random1,M2Get up with H and by key storage, is then sent to safety
Encrypting module.
The Security Encryption module is used in user's registration, by the vocal print feature vector w of usereWith identity information IiEncryption
Generate Ci,Ce, then it is uploaded to server-side;In user log-in authentication, by the vocal print feature vector w of useraWith identity information Ii
Encryption generates CH,CM,Ca, then it is uploaded to server-side.
Server-side, comprising: information storage module, authentication module, system initialization module.
The information storage module, for storing user's vocal print feature vector encrypted that client uploads in registration
Ci,CeWith identity information Ii, and carry out authentication calculations are extracted when user carries out login authentication.
The authentication module, for when user applies for login authentication operation, when to certification the vocal print feature that inputs to
Measure CH,CM,CaWith the vocal print feature vector C inputted when registrationi,CeIt is compared calculating, and authentication result is returned into client.
It is empty to learn total factor for training universal background model matrix ubm from background data for the system initialization module
Between obtain matrix tv, training LDA projection matrix P is simultaneously extended to Pex, complete system initialization step.
As shown in Figure 3-Figure 5, the voiceprint authentication method of secret protection of the present invention, includes the following steps:
Step 1, system initialization.
1.1) server-side training universal background model matrix ubm;
1.2) server-side learns total factor space from background data and obtains matrix tv;
1.3) server-side training LDA projection matrix P;
1.4) P is extended to (m+2+2 × Z) × (n+2+2 × Z) dimension matrix P by server-sideex:
Wherein Z is the integer and Z >=1 that a user can set;
1.5) server-side sending metrix ubm, tv, PexTo client;
Step 2, user's voiceprint registration step.
2.1) client extracts feature vector w from the speech utterance of usere, we=[we1,we2,…,wem] be a m tie up to
Amount, the size of each element are l bit and the identity information I of useri.Usual m=600or400, l=32or64.
2.2) client is by { we,IiIt is sent to Security Encryption module;
2.3) client generates key M at random1,M2Random vector H is tieed up with a n+2+2Z, wherein M1,M2It is two (n+2
+ 2Z) × random the invertible matrix of (n+2+2Z) dimension.Then client is by { M1,M2, H } and it is sent to security module;
2.4) security module calculates the above parameter using i-vector Encryption Algorithm, obtains Ci,Ce.Encryption Algorithm is specifically such as
Under:
2.4.1) client is by weIt is extended to (m+2+2Z) dimensional vector wE, (m+1), (m+3) ..., (m+1+2Z) is a
The value of element is r1,r2,...,rZAnd (m+2), the value of (m+4) ..., (m+2+2Z) a element are 1, wherein r1,r2,...,
rZFor random number and composition random vector r.
2.4.2) channel compensation:
2.4.3) vector diagonalization: D=diay (Te);
2.4.4) random permutation: WD=D × A, A are random (n+2+2Z) × (n+2+2Z) matrix and Ai×HT=1, A=
[A1,A2,...A(n+2+2Z)];
2.4.5 it) encrypts: Ci=M1×WD×M2;
2.4.6) modulus:
2.5) client is by key M1,M2, H, r are sent to trusted storage module (TrustZone);
2.6) client is by { Ii,Ci,CeIt is uploaded to server-side;
Step 3, user's vocal print login authentication step.
3.1) client extracts feature vector w from the speech utterance of useraAnd obtain the identity information of user's input
Ii;
3.2) client is by { wa,IiIt is sent to security module;
3.3) client is by { M1,M2, H, r } and from trusted storage module (TrustZone) it is sent to security module;
3.4) security module calculates the above parameter using i-vector Encryption Algorithm, obtains CH,CM,Ca.Specific Encryption Algorithm
It is as follows:
3.4.1) extension waTo wA,wA=< wa,-1,r1,-1,...,rZ>;
3.4.2) channel compensation:
3.4.3 it) is calculated
3.4.4) encryption:
3.4.5) modulus: Ca=| | Ta||;
3.5) client is by { Ii,CH,CM,CaIt is uploaded to server-side;
3.6) server-side is according to IiLog-on data calculate:
If score >=θ, by certification, server-side sends result to client.
Application principle of the invention is further described combined with specific embodiments below.
A. registering functional
After user inputs mailbox in the interface of pc client, " Start Record " button is clicked.User carries out later
Voice input (is recommended 4-6 seconds), and clicking " End Record " button terminates to record.End user clicks " Sign up " and completes note
Volume." registration " button is clicked, into enrollment page into main interface for cell phone client.Microphone is clicked in enrollment page
Icon is recorded.It has recorded the point of articulation and has hit registration button.For cell phone client, into after application program, homepage is clicked
" registration " button inputs mailbox in new page, clicks recording microphone.After terminating recording, clicks registration button and complete registration.Through
It is all correct successfully in the progress of given client end to cross test above-mentioned steps function.
B. login function
After user inputs mailbox in the interface of pc client, " Start Record " button is clicked.User says one later
Section words (are recommended 4-6 seconds), and clicking " End Record " button terminates to record.End user clicks " Signin " completion and logs in.It is right
" logging in " button is clicked, into login page into homepage in cell phone client.Microphone icon is clicked in login page,
It records.It has recorded the point of articulation and has hit Button Login.For cell phone client, into after application program, " the logging in " of homepage is clicked
Button inputs mailbox in new page, clicks recording microphone.After terminating recording, clicks Button Login completion and log in.By test
Above-mentioned steps function is all correct successfully to be carried out at given client end.
C. voiceprint
Server-side reads the voiceprint of registration phase after receiving the checking request of user from database, according to
After certain process calculates, client is transmitted verification result to.User is stated to be oneself true body in certification by the present invention
The certification of part is known as true certification.Attacker certification when state be others' identity certification be known as palm off certification.The present invention
Two kinds of situations of TIMIT voice data collection and practical personal recording have been used to carry out functional test.TIMIT data set is at voice
Using quite extensively in reason experiment.Having carried out 25992 tests altogether, (wherein 228 times are true authentication proof, remaining recognizes for personation
Card).In practical individual's recording test, the present invention has carried out altogether 10 certifications (wherein 5 true certifications, 5 personations certification).
Test result on TIMIT is accuracy of system identification 0%, refuses sincere 7.02%, accuracy rate 99.93%.In practical individual's recording test, very
Real certification 4 successes, 1 failure, 5 personations certification all failures.Therefore the accuracy rate of 10 tests of the present invention is 90%.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention
Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.
Claims (8)
1. a kind of voiceprint authentication system of secret protection, which is characterized in that the voiceprint authentication system of the secret protection includes:
Client, for the acquisition of user's voice print database and identity information, key needed for generating and saving encryption, and in local
Safe encryption is carried out to voice print database and identity information, is then uploaded to server-side;
Server-side pre-sets the matrix to be used in calculating for completing system initialization;And store the use encrypted
The registration voice print database and identity information data at family, and when user applies for login authentication, receive recognizing for the user encrypted
Voice print database and identity information data are demonstrate,proved, then compares calculating, and authentication result is returned into client.
2. the voiceprint authentication system of secret protection as described in claim 1, which is characterized in that the client is further wrapped
It includes:
Key management module, including key generate submodule, trusted storage module;It is encrypted for generating Security Encryption module
Required key when calculating, and the key storage generated when registering is extracted into use in certification in local;
Security Encryption module, including registration encryption submodule, authenticated encryption submodule;For respectively registration when and certification when pair
Vocal print feature vector sum subscriber identity information encrypting and transmitting is to server-side;
User information acquisition module, including voice print database acquire submodule, identity information acquisition submodule;For acquiring user's
Voice messaging and identity information, and generate vocal print feature vector.
3. the voiceprint authentication system of secret protection as described in claim 1, which is characterized in that the server-side is further wrapped
It includes:
Information storage module, including encryption vector sub-module stored, identity information sub-module stored;It is uploaded for storing client
The vocal print feature vector sum subscriber identity information encrypted, and the vocal print feature that inputs when authentication phase provides user's registration
Vector;
Authentication module, including authentication information computational submodule;For when user carries out authentication, comparing calculation to be authenticated
When input the registration of vocal print feature vector sum when the vocal print feature vector that inputs, generate authentication result and be simultaneously sent to client;
System initialization module, including background model generates submodule, projection matrix generates submodule;It is initial for completing system
Change step, training universal background model matrix trains projection matrix, and extended projection matrix is then sent to client.
4. a kind of perform claim requires the voiceprint authentication method of the secret protection of the voiceprint authentication system of 1 secret protection,
It is characterized in that, the voiceprint authentication method of the secret protection includes:
Step 1, system initialization, server-side generates registration and authentication phase needs the matrix used and is sent to client;
Step 2, user's voiceprint registration step, client collect user identity information and voice feature vector, then with
Machine generates key and is simultaneously sent to Security Encryption module and trusted storage module, by Security Encryption module by identity information and feature
Server-side is uploaded to after vector encryption;
Step 3, user's voiceprint step, client collect the speech feature vector of user and are sent to security module, safety
Encrypting module extracts key encrypted feature vector from trusted storage module, is then uploaded to server-side;Server-side is according to registration number
According to authentication result is calculated, client is finally sent result to.
5. the voiceprint authentication method of secret protection as claimed in claim 4, which is characterized in that the vocal print of the secret protection is recognized
Card method specifically includes:
Step 1, system initialization step:
(1) server-side training universal background model matrix ubm;
(2) server-side learns total factor space from background data and obtains matrix tv;
(3) server-side training LDA projection matrix P;
(4) P is extended to (m+2+2 × Z) × (n+2+2 × Z) dimension matrix P by server-sideex:
Wherein Z is the integer and Z >=1 that a user can set;
(5) server-side sending metrix ubm, tv, PexTo client;
Step 2, user's voiceprint registration step:
(1) client extracts feature vector w from the speech utterance of usere, we=[we1,we2,…,wem] it is a m dimensional vector, often
The size of a element is l bit and the identity information I for obtaining user's inputi, usual m=600or400l=32or64
(2) client is by { we,IiIt is sent to Security Encryption module;
(3) client generates key M at random1,M2Random vector H is tieed up with a n+2+2Z, wherein M1,M2Be two (n+2+2Z) ×
(n+2+2Z) random invertible matrix is tieed up;Client is by { M1,M2, H } and it is sent to security module;
(4) Security Encryption module calculates the above parameter using registration i-vector Encryption Algorithm, obtains Ci,Ce;
(5) client is by key M1,M2, H is sent to trusted storage module;
(6) client is by { Ii,Ci,CeIt is uploaded to server-side;
Step 3, user's voiceprint step:
(1) client extracts feature vector w from the speech utterance of usera;
(2) client is by { wa,IiIt is sent to Security Encryption module;
(3) client is by { M1,M2, H, r } and from trusted storage module it is sent to Security Encryption module;
(4) Security Encryption module calculates the above parameter using certification i-vector Encryption Algorithm, obtains CH,CM,Ca;
(5) client is by { Ii,CH,CM,CaIt is uploaded to server-side;
(6) server-side is according to IiLog-on data calculate:
(7) if score >=θ, by certification, server-side sends result to client.
6. the voiceprint authentication method of secret protection as claimed in claim 4, which is characterized in that registration i-vector Encryption Algorithm
It specifically includes:
(1) client is by weIt is extended to (m+2+2Z) dimensional vector wE, (m+1), the value of (m+3) ..., (m+1+2Z) a element
For r1,r2,...,rZAnd (m+2), the value of (m+4) ..., (m+2+2Z) a element are 1, wherein r1,r2,...,rZIt is random
Number and composition random vector r;
(2) channel compensation:
(3) vector diagonalization: D=diay (Te);
(4) random permutation: WD=D × A, A are random (n+2+2Z) × (n+2+2Z) matrix and Ai×HT=1, A=[A1,A2,
...A(n+2+2Z)];
(5) it encrypts: Ci=M1×WD×M2;
(6) modulus:
7. the voiceprint authentication method of secret protection as claimed in claim 4, which is characterized in that certification i-vector Encryption Algorithm
It specifically includes:
(1) w is extendedaTo wA,wA=< wa,-1,r1,-1,...,rZ>;
(2) channel compensation:
(3) it is calculated
(4) it encrypts:
(5) modulus: Ca=| | Ta||。
8. a kind of mobile terminal of the voiceprint authentication method using secret protection described in claim 4~7 any one.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811543836.0A CN109802942B (en) | 2018-12-17 | 2018-12-17 | Voiceprint authentication method with privacy protection function |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811543836.0A CN109802942B (en) | 2018-12-17 | 2018-12-17 | Voiceprint authentication method with privacy protection function |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109802942A true CN109802942A (en) | 2019-05-24 |
| CN109802942B CN109802942B (en) | 2021-06-25 |
Family
ID=66556902
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811543836.0A Active CN109802942B (en) | 2018-12-17 | 2018-12-17 | Voiceprint authentication method with privacy protection function |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109802942B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110659468A (en) * | 2019-08-21 | 2020-01-07 | 江苏大学 | File encryption and decryption system based on C/S architecture and speaker identification technology |
| CN111314919A (en) * | 2020-03-19 | 2020-06-19 | 西安电子科技大学 | Enhanced 5G authentication method for protecting user identity privacy at authentication server |
| CN111400688A (en) * | 2020-03-20 | 2020-07-10 | 山东大学 | Method for realizing mobile terminal voice identity verification by adopting TrustZone technology |
| CN111478774A (en) * | 2020-04-09 | 2020-07-31 | 山东确信信息产业股份有限公司 | Secret key authorization method and system based on voice authentication |
| CN111881432A (en) * | 2020-07-23 | 2020-11-03 | 湖南三湘银行股份有限公司 | Bank identity recognition system based on voice recognition |
| CN112054997A (en) * | 2020-08-06 | 2020-12-08 | 上海博泰悦臻电子设备制造有限公司 | Voiceprint login authentication method and related product thereof |
| CN112187477A (en) * | 2020-10-11 | 2021-01-05 | 桂林电子科技大学 | Iris privacy authentication method |
| CN113158213A (en) * | 2021-04-30 | 2021-07-23 | 重庆市科学技术研究院 | Data transmission method and system based on in-vivo verification |
| CN115766115A (en) * | 2022-10-28 | 2023-03-07 | 支付宝(杭州)信息技术有限公司 | Identity authentication method and device, storage medium and electronic equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050089172A1 (en) * | 2003-10-24 | 2005-04-28 | Aruze Corporation | Vocal print authentication system and vocal print authentication program |
| CN103124269A (en) * | 2013-03-05 | 2013-05-29 | 桂林电子科技大学 | Bidirectional identity authentication method based on dynamic password and biologic features under cloud environment |
| CN104092695A (en) * | 2014-07-21 | 2014-10-08 | 电子科技大学 | Frame for improving uploading and downloading of voiceprint encryption files |
| CN107800725A (en) * | 2017-12-11 | 2018-03-13 | 公安部第研究所 | A kind of digital certificate remote online managing device and method |
-
2018
- 2018-12-17 CN CN201811543836.0A patent/CN109802942B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050089172A1 (en) * | 2003-10-24 | 2005-04-28 | Aruze Corporation | Vocal print authentication system and vocal print authentication program |
| CN103124269A (en) * | 2013-03-05 | 2013-05-29 | 桂林电子科技大学 | Bidirectional identity authentication method based on dynamic password and biologic features under cloud environment |
| CN104092695A (en) * | 2014-07-21 | 2014-10-08 | 电子科技大学 | Frame for improving uploading and downloading of voiceprint encryption files |
| CN107800725A (en) * | 2017-12-11 | 2018-03-13 | 公安部第研究所 | A kind of digital certificate remote online managing device and method |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110659468A (en) * | 2019-08-21 | 2020-01-07 | 江苏大学 | File encryption and decryption system based on C/S architecture and speaker identification technology |
| CN110659468B (en) * | 2019-08-21 | 2022-02-15 | 江苏大学 | File encryption and decryption system based on C/S architecture and speaker identification technology |
| CN111314919A (en) * | 2020-03-19 | 2020-06-19 | 西安电子科技大学 | Enhanced 5G authentication method for protecting user identity privacy at authentication server |
| CN111314919B (en) * | 2020-03-19 | 2022-03-22 | 西安电子科技大学 | Enhanced 5G authentication method for protecting user identity privacy at authentication server |
| CN111400688A (en) * | 2020-03-20 | 2020-07-10 | 山东大学 | Method for realizing mobile terminal voice identity verification by adopting TrustZone technology |
| CN111478774A (en) * | 2020-04-09 | 2020-07-31 | 山东确信信息产业股份有限公司 | Secret key authorization method and system based on voice authentication |
| CN111881432A (en) * | 2020-07-23 | 2020-11-03 | 湖南三湘银行股份有限公司 | Bank identity recognition system based on voice recognition |
| CN112054997A (en) * | 2020-08-06 | 2020-12-08 | 上海博泰悦臻电子设备制造有限公司 | Voiceprint login authentication method and related product thereof |
| CN112187477A (en) * | 2020-10-11 | 2021-01-05 | 桂林电子科技大学 | Iris privacy authentication method |
| CN113158213A (en) * | 2021-04-30 | 2021-07-23 | 重庆市科学技术研究院 | Data transmission method and system based on in-vivo verification |
| CN115766115A (en) * | 2022-10-28 | 2023-03-07 | 支付宝(杭州)信息技术有限公司 | Identity authentication method and device, storage medium and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109802942B (en) | 2021-06-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109802942A (en) | A kind of voiceprint authentication method and system, mobile terminal of secret protection | |
| Jiang et al. | Unified biometric privacy preserving three-factor authentication and key agreement for cloud-assisted autonomous vehicles | |
| CN112926092B (en) | Privacy-protecting identity information storage and identity authentication method and device | |
| Jiang et al. | Three-factor authentication protocol using physical unclonable function for IoV | |
| CN106330850B (en) | Security verification method based on biological characteristics, client and server | |
| WO2018090183A1 (en) | Identity authentication method, terminal device, authentication server and electronic device | |
| CN101159554B (en) | Biometric authentication system, enrollment terminal, authentication terminal and authentication server | |
| KR101755995B1 (en) | Method and system for feature vector based remote biometric verification using homomorphic encryption | |
| CN109040139A (en) | A kind of identity authorization system and method based on block chain and intelligent contract | |
| CN103201998A (en) | Data processing for securing local resources in a mobile device | |
| CN109918881A (en) | The online face authentication method and system of secret protection, intelligent movable equipment | |
| CN110166424A (en) | Internet of things oriented services secret protection method for recognizing sound-groove and system, mobile terminal | |
| CN112383401B (en) | User name generation method and system for providing identity authentication service | |
| Martínez et al. | Secure crypto-biometric system for cloud computing | |
| CN104639528A (en) | DBA (database administrator) mobile client counterattack method and DBA mobile client counterattack device | |
| CN104901808A (en) | Voiceprint authentication system and method based on time type dynamic password | |
| CN108667801A (en) | A kind of Internet of Things access identity safety certifying method and system | |
| Tian et al. | Pribioauth: Privacy-preserving biometric-based remote user authentication | |
| CN114996727A (en) | Biological feature privacy encryption method and system based on palm print and palm vein recognition | |
| CN108989038A (en) | It is a kind of for the identification equipment of geographic position authentication, system and method | |
| CN114547589A (en) | Privacy-protecting user registration and user authentication method and device | |
| Li et al. | Efficient and privacy-preserving speaker recognition for cybertwin-driven 6G | |
| Verma et al. | A novel model to enhance the data security in cloud environment | |
| JP2002269047A (en) | Sound user authentication system | |
| Cavoukian et al. | Keynote paper: Biometric encryption: Technology for strong authentication, security and privacy |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220216 Address after: 710000 room 004, F2002, 20 / F, block 4-A, Xixian financial port, Fengdong new town energy gold trade zone, Xixian new area, Xi'an City, Shaanxi Province Patentee after: Shaanxi Songyuan Mingrui Information Technology Co.,Ltd. Address before: 710071 Xi'an Electronic and Science University, 2 Taibai South Road, Shaanxi, Xi'an Patentee before: XIDIAN University |
|
| TR01 | Transfer of patent right |