Moonshine: An Online Randomness Distiller for Zero-Involvement Authentication

TL;DR

This paper introduces Moonshine, an efficient randomness distiller that significantly improves environmental noise-based key generation for device authentication, nearly doubling key quality compared to existing methods.

Contribution

It provides an information-theoretic analysis of environmental noise sources and presents a novel algorithm that enhances key extraction efficiency in context-based authentication.

Findings

Common algorithms extract only about 10% of available randomness.

Moonshine nearly doubles the quality of generated keys.

Keys produced pass the NIST test suite for real-world use.

Abstract

Context-based authentication is a method for transparently validating another device's legitimacy to join a network based on location. Devices can pair with one another by continuously harvesting environmental noise to generate a random key with no user involvement. However, there are gaps in our understanding of the theoretical limitations of environmental noise harvesting, making it difficult for researchers to build efficient algorithms for sampling environmental noise and distilling keys from that noise. This work explores the information-theoretic capacity of context-based authentication mechanisms to generate random bit strings from environmental noise sources with known properties. Using only mild assumptions about the source process's characteristics, we demonstrate that commonly-used bit extraction algorithms extract only about 10% of the available randomness from a source noise process. We present an efficient algorithm to improve the quality of keys generated by context-based methods and evaluate it on real key extraction hardware. Moonshine is a randomness distiller which is more efficient at extracting bits from an environmental entropy source than existing methods. Our techniques nearly double the quality of keys as measured by the NIST test suite, producing keys that can be used in real-world authentication scenarios.