Search for: All records

Ensuring that technological advancements benefit all groups of people equally is crucial. The first step towards fairness is identifying existing inequalities. The naive comparison of group error rates may lead to wrong conclusions. We introduce a new method to determine whether a speaker verification system is fair toward several population subgroups. We propose to model miss and false alarm probabilities as a function of multiple factors, including the population group effects, e.g., male and female, and a series of confounding variables, e.g., speaker effects, language, nationality, etc. This model can estimate error rates related to a group effect without the influence of confounding effects. We experiment with a synthetic dataset where we control group and confounding effects. Our metric achieves significantly lower false positive and false negative rates w.r.t. baseline. We also experiment with VoxCeleb and NIST SRE21 datasets on different ASV systems and present our conclusions. 

The hallmark of the information age is the ease with which information is stored, accessed, and shared throughout the globe. This is enabled, in large part, by the simplicity of duplicating digital information without error. Unfortunately, an ever-growing consequence is the global threat to security and privacy enabled by our digital reliance. Specifically, modern secure communications and authentication suffer from formidable threats arising from the potential for copying of secret keys stored in digital media. With relatively little transfer of information, an attacker can impersonate a legitimate user, publish malicious software that is automatically accepted as safe by millions of computers, or eavesdrop on countless digital exchanges. To address this vulnerability, a new class of cryptographic devices known as physical unclonable functions (PUFs) are being developed. PUFs are modern realizations of an ancient concept, the physical key, and offer an attractive alternative for digital key storage. A user derives a digital key from the PUF’s physical behavior, which is sensitive to physical idiosyncrasies that are beyond fabrication tolerances. Thus, unlike conventional physical keys, a PUF cannot be duplicated and only the holder can extract the digital key. However, emerging machine learning (ML) methods are remarkably adept at learning behavior via training, and if such algorithms can learn to emulate a PUF, then the security is compromised. Unfortunately, such attacks are highly successful against conventional electronic PUFs. Here, we investigate ML attacks against a nonlinear silicon photonic PUF, a novel design that leverages nonlinear optical interactions in chaotic silicon microcavities. First, we investigate these devices’ resistance to cloning during fabrication and demonstrate their use as a source of large volumes of cryptographic key material. Next, we demonstrate that silicon photonic PUFs exhibit resistance to state-of-the-art ML attacks due to their nonlinearity and finally validate this resistance in an encryption scenario. 

We demonstrate that nonlinear silicon photonic Physical Unclonable Functions (PUFs) are resistant to adversarial deep learning attacks. We find that this resistance is rooted in the optical nonlinearity of the silicon photonic PUF token.