Abstract
While voiceprint authentication offers convenient user authentication and access control through voice feature recognition, a critical research gap remains: existing voiceprint authentication systems fail to simultaneously achieve sound security against replay, spoofing, and adversarial attacks, preserve voice privacy leakage, and satisfy usability demand. Previous efforts have struggled to balance these issues comprehensively. To bridge this gap, we present SeVoAuth, a cloud-based Voiceprint Authentication as a Service (VAaaS) system designed to provide privacy preservation, robust security, and enhanced usability. SeVoAuth stores a synthesized voiceprint of a user in the cloud during user registration, thereby safeguarding the privacy of the real voiceprint of the user. During user authentication, SeVoAuth applies a hash function to continuously transform features of the synthesized voiceprint, dynamically generating new verification targets for voiceprint feature mapping in each authentication session. This dynamic transformation approach effectively mitigates replay, spoofing, and adversarial attacks without requiring complex user interactions. We conduct a thorough analysis on the security and privacy of SeVoAuth and proceed to implement a prototype for performance evaluation through a series of user tests. Experimental results demonstrate that SeVoAuth outperforms cutting-edge approaches, achieving an average authentication accuracy of 99.47%, and an average Precise Detection Rate (PDR) of 98.35% against various attacks. SeVoAuth is evaluated as highly secure, efficient, and user-friendly across various circumstances.