System, device, and method for securing voice authentication and end-to-end speech interaction
First Claim
1. The A computing device for establishing secure voice authentication, the computing device comprising:
- a central processing unit;
a main memory that is accessible by the central processing unit;
a secure memory that is inaccessible by the central processing unit;
a speaker;
a microphone;
a communication module to receive an encrypted audio prompt from a server;
a security engine to decrypt the encrypted audio prompt and store the decrypted audio prompt in the secure memory;
an audio engine to (i) retrieve the decrypted audio prompt from the secure memory, (ii) render the decrypted audio prompt on the speaker, (iii) capture an audio response generated by the microphone, and (iv) store the captured audio response in the secure memory; and
a command recognition module to correlate the captured audio response with one or more registered audio commands of the computing device,wherein the security engine to further (i) retrieve the captured audio response from the secure memory, (ii) encrypt the audio response, and (iii) store the encrypted audio response in the main memory,wherein the communication module to further transmit the encrypted audio response to the server.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, device, and system for secure end-to-end audio recognition is disclosed. A client device launches an application that connects with a server. The client device and server exchange cryptographic keys and establish a secure connection and a shared cryptographic key. The server transmits an encrypted audio prompt to the client device. The client device decrypts the encrypted audio prompt and stores the decrypted audio prompt in secure memory inaccessible to the operating system using an audio engine of the client device. The audio engine then retrieves the audio and renders it for the user through the speakers of the client device. The client device captures the user'"'"'s audio response with a microphone and stores the audio response in the secure memory. The stored audio response is encrypted and transmitted to the server.
28 Citations
19 Claims
-
1. The A computing device for establishing secure voice authentication, the computing device comprising:
-
a central processing unit; a main memory that is accessible by the central processing unit; a secure memory that is inaccessible by the central processing unit; a speaker; a microphone; a communication module to receive an encrypted audio prompt from a server; a security engine to decrypt the encrypted audio prompt and store the decrypted audio prompt in the secure memory; an audio engine to (i) retrieve the decrypted audio prompt from the secure memory, (ii) render the decrypted audio prompt on the speaker, (iii) capture an audio response generated by the microphone, and (iv) store the captured audio response in the secure memory; and a command recognition module to correlate the captured audio response with one or more registered audio commands of the computing device, wherein the security engine to further (i) retrieve the captured audio response from the secure memory, (ii) encrypt the audio response, and (iii) store the encrypted audio response in the main memory, wherein the communication module to further transmit the encrypted audio response to the server. - View Dependent Claims (2, 3, 4, 5, 14)
-
-
6. One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, result in a computing device:
-
receiving an encrypted audio prompt from a server, the audio prompt requesting a response from a user of the client computing device; decrypting, using a security engine, the encrypted audio prompt; storing, using the security engine, the decrypted audio prompt in a secure memory that is inaccessible by a central processing unit; retrieving, with an audio engine, the decrypted audio prompt from the secure memory; rendering, using the audio engine, the decrypted audio prompt on a speaker; capturing, with the audio engine, an audio response generated by a microphone; storing, using the audio engine, the captured audio response in the secure memory; correlating the audio response with a registered audio command; encrypting the audio response using the security engine; storing, using the security engine, the encrypted audio response in a memory that is accessible by the central processing unit; and transmitting the encrypted audio response to the server. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 15)
-
-
16. One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, result in a computing device:
-
capturing, with an audio co-processor different from a central processing unit of the computing device, audio data generated by a microphone; storing, using the audio co-processor, the captured audio data in a secure memory of the audio co-processor, wherein the secure memory is inaccessible by the central processing unit; retrieving, with a security co-processor different from the central processing unit, the captured audio data from the secure memory of the audio co-processor; encrypting, using the security engine co-processor, the retrieved audio data; and storing the encrypted audio data in a system memory that is accessible by the central processing unit. - View Dependent Claims (17)
-
-
18. One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, result in a computing device:
-
receiving, with an audio co-processor different from a central processing unit of the computing device, encrypted audio data from an application executed on the computing device; decrypting, using a security co-processor different from the central processing unit, the encrypted audio data; storing, using the security co-processor, the decrypted audio data in a secure memory of the audio co-processor, wherein the secure memory is inaccessible by a central processing unit; retrieving, with the audio co-processor, the decrypted audio data from the secure memory of the audio co-processor; and rendering, using the audio co-processor, the decrypted audio data on a speaker. - View Dependent Claims (19)
-
Specification