Evaluating X-Vector-Based Speaker Anonymization Under White-Box Assessment

  title={Evaluating X-Vector-Based Speaker Anonymization Under White-Box Assessment},
  author={Pierre Champion and Denis Jouvet and Anthony Larcher},
In the scenario of the Voice Privacy challenge, anonymization is achieved by converting all utterances from a source speaker to match the same target identity; this identity being randomly selected. In this context, an attacker with maximum knowledge about the anonymization system can not infer the target identity. This article proposed to constrain the target selection to a specific identity, i.e., removing the random selection of identity, to evaluate the extreme threat under a whitebox… Expand

Figures and Tables from this paper


Design Choices for X-vector Based Speaker Anonymization
A flexible pseudo-speaker selection technique is presented as a baseline for the first VoicePrivacy Challenge and several design choices for the distance metric between speakers, the region of x-vector space where the pseudo- Speaker is picked, and gender selection are explored. Expand
Evaluating Voice Conversion-Based Privacy Protection against Informed Attackers
The results show that voice conversion schemes are unable to effectively protect against an attacker that has extensive knowledge of the type of conversion and how it has been applied, but may provide some protection against less knowledgeable attackers. Expand
A Comparative Study of Speech Anonymization Metrics
It is shown that the application-independent log-likelihood-ratio cost function C min llr provides a more robust evaluation of privacy than the equal error rate (EER), and that detection-based metrics provide different information from linkability metrics. Expand
Speaker Anonymization Using X-vector and Neural Waveform Models
A new approach to speaker anonymization is presented, which exploits state-of-the-art x-vector speaker representations and uses them to derive anonymized pseudo speaker identities through the combination of multiple, random speaker x-vectors. Expand
Privacy-Preserving Adversarial Representation Learning in ASR: Reality or Illusion?
The extent to which users can be recognized based on the encoded representation of their speech as obtained by a deep encoder-decoder architecture trained for ASR is studied and adversarial training is proposed to learn representations that perform well in ASR while hiding speaker identity. Expand
Speech Pseudonymisation Assessment Using Voice Similarity Matrices
This paper proposes the first intuitive visualisation of pseudonymisation performance for speech signals and two novel metrics for objective assessment that reflect the two, key pseudonymisation requirements of de-identification and voice distinctiveness. Expand
Convolutional Neural Network Based Speaker De-Identification
Both objective and subjective experiments confirm the effectiveness of the proposed de-identification method, which maps voice of a given speaker to an average (or gender-dependent average) voice and is modeled by a new convolutional neural network (CNN) encoder-decoder architecture. Expand
A Study of F0 Modification for X-Vector Based Speech Pseudonymization Across Gender
It is found that the proposed F0 modification always improves pseudonymization and it is observed that both source and target speaker genders affect the performance gain when modifying the F0. Expand
Reversible speaker de-identification using pre-trained transformation functions
A technique is proposed in this paper in which a pool of pre-trained transformations between a set of speakers is used as follows, making it possible to produce de-identified speech in real-time with a high level of naturalness. Expand
General Framework to Evaluate Unlinkability in Biometric Template Protection Systems
This paper proposes a new general framework for the evaluation of biometric templates’ unlinkability and applies it to assess the un linkability of the four state-of-the-art techniques for biometric template protection: biometric salting, bloom filters, homomorphic encryption, and block re-mapping. Expand