User-Silicon Entangled Mobile Identity Authentication

We explore mobile device touchscreen characteristics to build a user-device (UD) biometric physical unclonable function (PUF). Human user touchscreen interaction induces dynamic capacitive differences. Sensors detect current differences which are a function of both (1) a human biometric of how a shape is traced and (2) silicon foundry process transistor-level variability embedded in the touchscreen grid. This forms a physical function with input x defining a shape and output y abstracted from the measured current value stream. We argue and establish that this physical function has PUF attributes. Moreover, it provides a robust user-device biometric-based authentication mechanism. Authentication is based on geometric shapes (challenges) drawn on the touchscreen. Users trace them. The authentication layer creates a response abstract, and validates it against a user profile. Authentication accuracy is affected by the complexity of geometric shapes as well as the validation algorithm. We consider polyline shapes (simple gestures) and complex closed geometric shapes (complex gestures). Complex gestures offer higher response entropy, but are computationally less efficient with a slightly lower validation accuracy. Complex gestures achieve 99.6% accuracy compared with 100% for simple gestures. User profiles exhibit physical unclonable function (PUF) properties. Touchscreen gestures are quantized into binary strings. Gesture hamming distance is 60+ bits for 128-bit strings for different user-device profiles; it is 0 bits for the same profile. This demonstrates variability and reproducibility respectively. Montreal TestU01 tests binary string pseudorandom characteristics; the majority of tests pass showing pseudorandom number generator (PRG) characteristics.