voice password in C#

Question

1.00/5 (2 votes)

See more:

C#

how can i make voice password application using c# please help

Posted 23-Mar-12 13:33pm

mahmoudadel

Updated 9-Jun-16 4:55am

Add a Solution

Comments

El_Codero 23-Mar-12 20:11pm

Question not clear for me. Do you mean when user speaks a word as passwort (which would be so insecure) or really analyizing users voice if matches to stored sample voice (i.e. example sentence to analyize his voice)?

Sergey Alexandrovich Kryukov 23-Mar-12 21:04pm

Totally agree. It's unsafe, and not just because it could be listened by a spy acoustically.

Nevertheless, it's possible. I answered on how to do it and explained why else it is unsafe, please see.
--SA

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sergey Alexandrovich Kryukov · Accepted Answer · 2012-03-23T14:58:00

The idea is pretty bad from the standpoint of security, but you can do it.

First of all, you need to use System.Speech.Recognition. You need to reference the assembly "System.Speech.dll", which comes with .NET Framework and is found in GAC, so to add a reference, you use the tab ".NET" if the "Add Reference" dialog of Visual Studio. Start here (everything is explained in documentation and code samples):
http://msdn.microsoft.com/en-us/library/system.speech.recognition.aspx[^].

You will also need to install freely redistributable Microsoft Speech Platform language pack, one or more of them:
http://www.microsoft.com/download/en/details.aspx?id=27224[^].

The safety problem of authentication is that you should create some dictionary (called grammar, but essentially this is just a dictionary of really existing words in some language, as you need the simplest case of grammar). This shold better be the list of pass phrases, not individual words. The problem is: you have to store all these words somewhere. Event if you can encrypt the words somehow, they all should be submitted in the form of the grammar to the speech recognition engine before recognition and authentication. This moment if very vulnerable, as it is possible to reverse engineer the client and spy on this data after it was decrypted. The dictionary cannot be very long, so it's easy to try out all of the entries and pick the password.

This problems does not exist in the text-mode authentication. The good password is not a word in any language and cannot be pronounced, it should combine letters, digits and punctuation characters. Moreover, the password in its original form is not stored anywhere at all — it is never need for authentication. One of the approached to this is using cryptographic hash function (http://en.wikipedia.org/wiki/Cryptographic_hash_function[^]) of a password. Only the hash is stored on the server part, and hash is compared with hash. It is infeasible to find an original word from its hash, so nobody can know the password even having full access to all server data.

Needless to say, using a voice password is first of all unsafe just because it's pretty easy to eavesdrop the voice, acoustically… :-)

—SA