Evaluating X-vector-based Speaker Anonymization under White-box Assessment
Pierre Champion (Inria), Denis Jouvet (Inria), Anthony Larcher (LIUM)
TL;DR
This paper assesses the robustness of X-vector-based speaker anonymization when the attacker has complete knowledge of the system, focusing on fixed target identities and their effectiveness in protecting speaker privacy.
Contribution
It introduces a white-box evaluation framework by fixing target identities, enabling analysis of the impact of specific targets on anonymization effectiveness.
Findings
Certain target identities provide better anonymization.
Fixed target selection reveals vulnerabilities in the anonymization process.
White-box assessment exposes potential privacy risks.
Abstract
In the scenario of the Voice Privacy challenge, anonymization is achieved by converting all utterances from a source speaker to match the same target identity; this identity being randomly selected. In this context, an attacker with maximum knowledge about the anonymization system can not infer the target identity. This article proposed to constrain the target selection to a specific identity, i.e., removing the random selection of identity, to evaluate the extreme threat under a whitebox assessment (the attacker has complete knowledge about the system). Targeting a unique identity also allows us to investigate whether some target's identities are better than others to anonymize a given speaker.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.