SYSTEM, DEVICE, AND METHOD FOR SECURING VOICE AUTHENTICATION AND END-TO-END SPEECH INTERACTION
First Claim
1. A computing device for establishing secure voice authentication, the computing device comprising:
- a central processing unit;
a main memory that is accessible by the central processing unit;
a secure memory that is inaccessible by the central processing unit;
a speaker;
a microphone;
a communication module to receive an encrypted audio prompt from a server;
a security engine to decrypt the encrypted audio prompt and store the decrypted audio prompt in the secure memory; and
an audio engine to (i) retrieve the decrypted audio prompt from the secure memory, (ii) render the decrypted audio prompt on the speaker, (iii) capture an audio response generated by the microphone, and (iv) store the captured audio response in the secure memory,wherein the security engine to further (i) retrieve the captured audio response from the secure memory, (ii) encrypt the audio response, and (iii) store the encrypted audio response in the main memory,wherein the communication module to further transmit the encrypted audio response to the server.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, device, and system for secure end-to-end audio recognition is disclosed. A client device launches an application that connects with a server. The client device and server exchange cryptographic keys and establish a secure connection and a shared cryptographic key. The server transmits an encrypted audio prompt to the client device. The client device decrypts the encrypted audio prompt and stores the decrypted audio prompt in secure memory inaccessible to the operating system using an audio engine of the client device. The audio engine then retrieves the audio and renders it for the user through the speakers of the client device. The client device captures the user'"'"'s audio response with a microphone and stores the audio response in the secure memory. The stored audio response is encrypted and transmitted to the server.
43 Citations
31 Claims
-
1. A computing device for establishing secure voice authentication, the computing device comprising:
-
a central processing unit; a main memory that is accessible by the central processing unit; a secure memory that is inaccessible by the central processing unit; a speaker; a microphone; a communication module to receive an encrypted audio prompt from a server; a security engine to decrypt the encrypted audio prompt and store the decrypted audio prompt in the secure memory; and an audio engine to (i) retrieve the decrypted audio prompt from the secure memory, (ii) render the decrypted audio prompt on the speaker, (iii) capture an audio response generated by the microphone, and (iv) store the captured audio response in the secure memory, wherein the security engine to further (i) retrieve the captured audio response from the secure memory, (ii) encrypt the audio response, and (iii) store the encrypted audio response in the main memory, wherein the communication module to further transmit the encrypted audio response to the server. - View Dependent Claims (4, 23, 24, 25)
-
-
2-3. -3. (canceled)
-
5. (canceled)
-
6. One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, result in a computing device:
-
receiving an encrypted audio prompt from a server, the audio prompt requesting a response from a user of the computing device; decrypting, using a security engine, the encrypted audio prompt; storing, using the security engine, the decrypted audio prompt in a secure memory that is inaccessible by a central processing unit; retrieving, with an audio engine, the decrypted audio prompt from the secure memory; rendering, using the audio engine, the decrypted audio prompt on a speaker; capturing, with the audio engine, an audio response generated by a microphone; storing, using the audio engine, the captured audio response in the secure memory; encrypting the audio response using the security engine; storing, using the security engine, the encrypted audio response in a memory that is accessible by the central processing unit; and transmitting the encrypted audio response to the server. - View Dependent Claims (7, 8, 9, 10, 12, 13, 26, 27)
-
-
11. (canceled)
-
14. (canceled)
-
15. One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, result in a computing device:
-
capturing, with an audio engine, audio data generated by a microphone; storing, using the audio engine, the captured audio data in a secure memory that is inaccessible by a central processing unit; retrieving, with a security engine, the captured audio data from the secure memory; encrypting, using the security engine, the retrieved audio data; and storing the encrypted audio data in a memory that is accessible by the central processing unit. - View Dependent Claims (18, 28, 29)
-
-
16-17. -17. (canceled)
-
19. One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, result in a computing device:
-
receiving, with an audio engine, encrypted audio data from an application executed on the computing device; decrypting, using a security engine, the encrypted audio data; storing, using the security engine, the decrypted audio data in a secure memory that is inaccessible by a central processing unit; retrieving, with the audio engine, the decrypted audio data from the secure memory; and rendering, using the audio engine, the decrypted audio data on a speaker. - View Dependent Claims (22, 30, 31)
-
-
20-21. -21. (canceled)
Specification