Hi, I have been developing a way to authenticate users by their voice. After a lot of work and tests on my box, I'm releasing it. VoiceAuth is a module for the Linux-PAM project intended to authenticate users by their voice, instead of letting the user type his/her username/password. VoiceAuth has the following features: - Speaker dependent (one cannot login as another user by just speaking someone's password) - Password checking in various levels: + Voice password length + Fourier coefficients dependency Of course, there is a need to have an sound driver up and running, such as OSS or ALSA <http://www.alsa-project.org>. The current version works with the OSS API, but the ALSA OSS emulation is fully functional. The provided module has a few parameters the administrator can use to improve the security of the password matches, while also giving a very flexible in means of system configuration. They are: "va_dir=" Define the directory to be used as repository of the voice password files. #define DEFAULT_VOICE_AUTH_DIR "/etc/security/voiceauth" "audiodev=" Define the audio device to be used when dealing with the microphone. #define DEFAULT_AUDIO_DEVICE "/dev/dsp" "mixerdev=" Define the mixer device to be used. #define DEFAULT_MIXER_DEVICE "/dev/mixer" "mic_level=" Set the default mixer volume. The default value (-1) means the microphone volume should not be modified. #define DEFAULT_MIC_LEVEL -1 "igain_level=" Set the default input gain. The default value (-1) means the input gain level should not be modified. #define DEFAULT_IGAIN_LEVEL -1 "silence_level=" Set the silence level. This can be used on a well-known environment, where the noise volume is always the same (I don't know of any, but..). This value can be overwritten by the application: the module can calibrate this level on every authentication. #define DEFAULT_SILENCE_LEVEL 32760 "silence_threshold=" Set the silence threshold, that is: the first data up to ($silence_level * (1 + $silence_threshold)) will be defined as the start of the speaking. #define DEFAULT_SILENCE_THRESHOLD 0.05 "corr_threshold=" Define the correlation threshold. This is one of the most important variables: it will tell the module if the password spoken by the user is the same as the stored one. Values smaller than 0.9 can authenticate wrong passwords. #define DEFAULT_CORR_THRESHOLD 0.9 "passwd_maxlen_diff=" Define the max difference in length between the stored password and the spoken one. This variable must be greater than 1.0. See the sources for more information about how this variable is used. #define DEFAULT_PASSWD_MAXDIFF 1.35 Some additional applications were also developed, in order to assist the module. Since all I needed was to put it working, some things like cryptography still doesn't exist, but they will appear on the next release, probably by storing the coefficients, rather than the entire password in 'plain spell'. The applications are composed by a passwd-like program, to deal with the new 'va_passwd', a login-like program and a 'playpasswd', to aid on this first stage of the module: it is very helpful to discover if the password is being stored correctly. So, I'm asking every PAM-user and developer to help on testing and giving any suggestions about the module itself, since this is my first contact with PAM. The module can be downloaded from http://cscience.org/~lucasvr/Projects/voiceauth.html . Thanks in advance, Lucas Correia Villa Real _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
