SYSTEM, DEVICE, AND METHOD FOR SECURING VOICE AUTHENTICATION AND END-TO-END SPEECH INTERACTION

US 20140093083A1
Filed: 09/28/2012
Published: 04/03/2014
Est. Priority Date: 09/28/2012
Status: Active Grant

First Claim

Patent Images

1. A computing device for establishing secure voice authentication, the computing device comprising:

a central processing unit;

a main memory that is accessible by the central processing unit;

a secure memory that is inaccessible by the central processing unit;

a speaker;

a microphone;

a communication module to receive an encrypted audio prompt from a server;

a security engine to decrypt the encrypted audio prompt and store the decrypted audio prompt in the secure memory; and

an audio engine to (i) retrieve the decrypted audio prompt from the secure memory, (ii) render the decrypted audio prompt on the speaker, (iii) capture an audio response generated by the microphone, and (iv) store the captured audio response in the secure memory,wherein the security engine to further (i) retrieve the captured audio response from the secure memory, (ii) encrypt the audio response, and (iii) store the encrypted audio response in the main memory,wherein the communication module to further transmit the encrypted audio response to the server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, device, and system for secure end-to-end audio recognition is disclosed. A client device launches an application that connects with a server. The client device and server exchange cryptographic keys and establish a secure connection and a shared cryptographic key. The server transmits an encrypted audio prompt to the client device. The client device decrypts the encrypted audio prompt and stores the decrypted audio prompt in secure memory inaccessible to the operating system using an audio engine of the client device. The audio engine then retrieves the audio and renders it for the user through the speakers of the client device. The client device captures the user'"'"'s audio response with a microphone and stores the audio response in the secure memory. The stored audio response is encrypted and transmitted to the server.

43 Citations

View as Search Results

31 Claims

1. A computing device for establishing secure voice authentication, the computing device comprising:
- a central processing unit;
  
  a main memory that is accessible by the central processing unit;
  
  a secure memory that is inaccessible by the central processing unit;
  
  a speaker;
  
  a microphone;
  
  a communication module to receive an encrypted audio prompt from a server;
  
  a security engine to decrypt the encrypted audio prompt and store the decrypted audio prompt in the secure memory; and
  
  an audio engine to (i) retrieve the decrypted audio prompt from the secure memory, (ii) render the decrypted audio prompt on the speaker, (iii) capture an audio response generated by the microphone, and (iv) store the captured audio response in the secure memory,wherein the security engine to further (i) retrieve the captured audio response from the secure memory, (ii) encrypt the audio response, and (iii) store the encrypted audio response in the main memory,wherein the communication module to further transmit the encrypted audio response to the server.
- View Dependent Claims (4, 23, 24, 25)
- - 4. The computing device of claim 1, further comprising a command recognition module to correlate the captured audio response with one or more registered audio commands of the computing device.
  - 23. The computing device of claim 1, wherein the audio engine comprises an audio co-processor, different from the central processing unit, to:
    - retrieve the decrypted audio prompt from the secure memory;
      
      render the decrypted audio prompt on the speaker;
      
      capture the audio response generated by the microphone; and
      
      store the captured audio response in the secure memory.
  - 24. The computing device of claim 23, wherein the security engine comprises a security co-processor, different from the central processing unit, to:
    - decrypt the encrypted audio prompt;
      
      store the decrypted audio prompt in the secure memory;
      
      retrieve the captured audio response from the secure memory;
      
      encrypt the audio response; and
      
      store the encrypted audio response in the main memory.
  - 25. The computing device of claim 23, further comprising:
    - an audio capture pipeline to securely transmit audio data captured by the microphone from the microphone to the audio co-processor; and
      
      an audio render pipeline to securely transmit audio data to be rendered on the speaker from the audio co-processor to the speaker,wherein the audio capture pipeline and the audio render pipeline are inaccessible by the central processing unit.

2-3. -3. (canceled)

5. (canceled)

6. One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, result in a computing device:
- receiving an encrypted audio prompt from a server, the audio prompt requesting a response from a user of the computing device;
  
  decrypting, using a security engine, the encrypted audio prompt;
  
  storing, using the security engine, the decrypted audio prompt in a secure memory that is inaccessible by a central processing unit;
  
  retrieving, with an audio engine, the decrypted audio prompt from the secure memory;
  
  rendering, using the audio engine, the decrypted audio prompt on a speaker;
  
  capturing, with the audio engine, an audio response generated by a microphone;
  
  storing, using the audio engine, the captured audio response in the secure memory;
  
  encrypting the audio response using the security engine;
  
  storing, using the security engine, the encrypted audio response in a memory that is accessible by the central processing unit; and
  
  transmitting the encrypted audio response to the server.
- View Dependent Claims (7, 8, 9, 10, 12, 13, 26, 27)
- - 7. The one or more non-transitory machine-readable storage media of claim 6, wherein receiving the encrypted audio prompt from the server comprises receiving the encrypted audio prompt with an audio recognition application of the computing device.
  - 8. The one or more non-transitory machine readable storage media of claim 6, wherein decrypting the encrypted audio prompt comprises decrypting the encrypted audio prompt using a cryptographic key shared with the server.
  - 9. The one or more non-transitory machine-readable storage media of claim 6, wherein encrypting the audio response comprises encrypting the audio response using a cryptographic key shared with the server.
  - 10. The one or more non-transitory machine readable storage media of claim 6, wherein the plurality of instructions further result in the computing device:
    - encoding, with the audio engine, the captured audio response, wherein storing the captured audio response in the secure memory comprises storing the encoded captured audio response; and
      
      decoding, with the audio engine, the decrypted audio prompt, wherein rendering the decrypted audio prompt on the speaker comprises rendering the decoded decrypted audio prompt.
  - 12. The one or more non-transitory machine-readable storage media of claim 8, wherein the plurality of instructions further result in the computing device:
    - generating a private-public key pair comprising a client public key and a client private key;
      
      transmitting the client public key, with a public key certificate signed by a hardware private key (i) stored in the security engine and (ii) corresponding with a hardware public key stored in a public key database accessible to the server, to the server;
      
      receiving, from the server, the shared cryptographic key encrypted with the client public key; and
      
      decrypting the shared cryptographic key using the client private key.
  - 13. The one or more non-transitory machine-readable storage media of claim 6, wherein the plurality of instructions further result in the computing device correlating the audio response with a registered audio command.
  - 26. The one or more non-transitory machine-readable storage media of claim 6, wherein:
    - retrieving the decrypted audio prompt comprises retrieving, with an audio co-processor different from the central processing unit, the decrypted audio prompt from the secure memory;
      
      rendering the decrypted audio prompt comprises rendering, by the audio-coprocessor, the decrypted audio prompt on a speaker;
      
      capturing the audio response comprises capturing, by the audio co-processor, an audio response generated by a microphone; and
      
      storing the captured audio response comprises storing, by the audio co-processor, the captured audio response in the secure memory.
  - 27. The one or more non-transitory machine-readable storage media of claim 26, wherein:
    - rendering the decrypted audio prompt comprises transmitting the decrypted audio prompt from the audio co-processor to the speaker over a secure audio render pipeline inaccessible by the central processing unit; and
      
      capturing the audio response comprises transmitting the audio response from the microphone to the audio co-processor over a secure audio capture pipeline inaccessible by the central processing unit.

11. (canceled)

14. (canceled)

15. One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, result in a computing device:
- capturing, with an audio engine, audio data generated by a microphone;
  
  storing, using the audio engine, the captured audio data in a secure memory that is inaccessible by a central processing unit;
  
  retrieving, with a security engine, the captured audio data from the secure memory;
  
  encrypting, using the security engine, the retrieved audio data; and
  
  storing the encrypted audio data in a memory that is accessible by the central processing unit.
- View Dependent Claims (18, 28, 29)
- - 18. The one or more non-transitory machine-readable storage media of claim 15, wherein retrieving the captured audio data from the secure memory comprises retrieving the captured audio data from secure memory of the security engine.
  - 28. The one or more non-transitory machine-readable storage media of claim 15, wherein:
    - capturing the audio data comprises capturing, by an audio co-processor different from the central processing unit, audio data generated by a microphone; and
      
      storing the captured audio data comprise storing, by the audio co-processor, the captured audio data in a secure memory that is inaccessible by the central processing unit.
  - 29. The one or more non-transitory machine-readable storage media of claim 28, wherein capturing the audio data comprises transmitting the audio data generated by the microphone from the microphone to the audio co-processor over a secure audio capture pipeline inaccessible by the central processing unit.

16-17. -17. (canceled)

19. One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, result in a computing device:
- receiving, with an audio engine, encrypted audio data from an application executed on the computing device;
  
  decrypting, using a security engine, the encrypted audio data;
  
  storing, using the security engine, the decrypted audio data in a secure memory that is inaccessible by a central processing unit;
  
  retrieving, with the audio engine, the decrypted audio data from the secure memory; and
  
  rendering, using the audio engine, the decrypted audio data on a speaker.
- View Dependent Claims (22, 30, 31)
- - 22. The one or more non-transitory machine-readable storage media of claim 19, wherein storing the decrypted audio data in the secure memory comprises storing the decrypted audio data in a secure memory of the security engine.
  - 30. The one or more non-transitory machine-readable storage media of claim 19, wherein:
    - retrieving the decrypted audio data comprises retrieving, by an audio co-processor different from the central processing unit, the decrypted audio data from the secure memory; and
      
      rendering the decrypted audio data comprises rendering, by the audio co-processor, the decrypted audio data on a speaker.
  - 31. The one or more non-transitory machine-readable storage media of claim 30, wherein rendering the decrypted audio data comprises transmitting the decrypted audio data from the audio co-processor to the speaker over a secure audio render pipeline inaccessible by the central processing unit.

20-21. -21. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Dadu, Saurabh, Prakash, Gyan, Poornachandran, Rajesh, Rishi, Karthik K.

Granted Patent

US 9,124,386 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/275
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/62   Protecting access to data v...

H04K 1/00   Secret communication

SYSTEM, DEVICE, AND METHOD FOR SECURING VOICE AUTHENTICATION AND END-TO-END SPEECH INTERACTION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

43 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM, DEVICE, AND METHOD FOR SECURING VOICE AUTHENTICATION AND END-TO-END SPEECH INTERACTION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

43 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links