Toward speech-generated cryptographic keys on resource constrained devices

Fabian Monrose, Michael K. Reiter, Qi Li, Daniel P. Lopresti, Chilin Shih

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Programmable mobile phones and personal digital assistants (PDAS) with microphones permit voice-driven user interfaces in which a user provides input by speaking. In this paper, we show how to exploit this capability to generate cryptographic keys on such devices. Specifically, we detail our implementation of a technique to generate a repeatable cryptographic key on a PDA from a spoken passphrase. Rather than deriving the cryptographic key from merely the passphrase that was spoken—which would constitute little more than an exercise in automatic speech recognition—we strive to generate a substantially stronger cryptographic key with entropy drawn both from the passphrase spoken and how the user speaks it. Moreover, the cryptographic key is designed to resist cryptanalysis even by an attacker who captures and reverse-engineers the device on which this key is generated. We describe the major hurdles of achieving this on an off-the-shelf PDA bearing a 206 MHZ StrongArm CPU and an inexpensive microphone. We also evaluate our approach using multiple data sets, one recorded on the device itself, to clarify the effectiveness of our implementation against various attackers.

Original languageEnglish (US)
Title of host publicationProceedings of the 11th USENIX Security Symposium
PublisherUSENIX Association
ISBN (Electronic)1931971005, 9781931971003
StatePublished - 2002
Externally publishedYes
Event11th USENIX Security Symposium - San Francisco, United States
Duration: Aug 5 2002Aug 9 2002

Publication series

NameProceedings of the 11th USENIX Security Symposium

Conference

Conference11th USENIX Security Symposium
Country/TerritoryUnited States
CitySan Francisco
Period8/5/028/9/02

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Toward speech-generated cryptographic keys on resource constrained devices'. Together they form a unique fingerprint.

Cite this