C＃中的语音密码 [英] voice password in C#

问题描述

如何使用c＃进行语音密码应用请帮助

解决方案

从安全角度来看，这个想法非常糟糕，但你可以做到。



首先，您需要使用 System.Speech.Recognition 。您需要引用程序集System.Speech.dll，它随.NET Framework一起提供并且可以在GAC中找到，因此要添加引用，如果Visual Studio的添加引用对话框，则使用.NET选项卡。从这里开始（一切都在文档和代码示例中解释）：

http://msdn.microsoft.com/en-us/library/system.speech.recognition.aspx [ ^ ]。



您还需要自由安装可再发行的Microsoft Speech Platform语言包，其中一个或多个：

http ：//www.microsoft.com/download/en/details.aspx？id = 27224 [ ^ ]。



身份验证的安全问题是你应该创建一些字典（称为语法，但实质上这只是一些语言中真正存在的单词的字典，因为你需要最简单的语法）。这更好的是密码短语列表，而不是单个单词。问题是：你必须将所有这些单词存储在某个地方。事件，如果您可以以某种方式加密单词，它们都应该在识别和认证之前以语法的形式提交给语音识别引擎。此时非常容易受到攻击，因为可以对客户端进行逆向工程，并在解密后监视此数据。字典不能太长，所以很容易尝试所有条目并选择密码。



文本模式认证中不存在这个问题。好的密码不是任何语言的单词，不能发音，它应该组合字母，数字和标点字符。此外，原始形式的密码根本不存储在任何地方 - 它永远不需要进行身份验证。其中一个接受的是使用加密哈希函数（ http://en.wikipedia.org/wiki / Cryptographic_hash_function [ ^ ]）密码。只有哈希值存储在服务器部分上，哈希值与哈希值进行比较。从其散列中找到原始单词是不可行，因此即使拥有对所有服务器数据的完全访问权限，也无法知道密码。



毋庸置疑，使用语音密码首先是不安全的，因为它很容易窃听声音，声音...... :-)

-SA

how can i make voice password application using c# please help

解决方案

The idea is pretty bad from the standpoint of security, but you can do it.

First of all, you need to use System.Speech.Recognition. You need to reference the assembly "System.Speech.dll", which comes with .NET Framework and is found in GAC, so to add a reference, you use the tab ".NET" if the "Add Reference" dialog of Visual Studio. Start here (everything is explained in documentation and code samples):
http://msdn.microsoft.com/en-us/library/system.speech.recognition.aspx[^].

You will also need to install freely redistributable Microsoft Speech Platform language pack, one or more of them:
http://www.microsoft.com/download/en/details.aspx?id=27224[^].

The safety problem of authentication is that you should create some dictionary (called grammar, but essentially this is just a dictionary of really existing words in some language, as you need the simplest case of grammar). This shold better be the list of pass phrases, not individual words. The problem is: you have to store all these words somewhere. Event if you can encrypt the words somehow, they all should be submitted in the form of the grammar to the speech recognition engine before recognition and authentication. This moment if very vulnerable, as it is possible to reverse engineer the client and spy on this data after it was decrypted. The dictionary cannot be very long, so it's easy to try out all of the entries and pick the password.

This problems does not exist in the text-mode authentication. The good password is not a word in any language and cannot be pronounced, it should combine letters, digits and punctuation characters. Moreover, the password in its original form is not stored anywhere at all — it is never need for authentication. One of the approached to this is using cryptographic hash function (http://en.wikipedia.org/wiki/Cryptographic_hash_function[^]) of a password. Only the hash is stored on the server part, and hash is compared with hash. It is infeasible to find an original word from its hash, so nobody can know the password even having full access to all server data.

Needless to say, using a voice password is first of all unsafe just because it's pretty easy to eavesdrop the voice, acoustically… :-)

—SA

这篇关于C＃中的语音密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！