Stochastic Modeling of Human-Machine Authentication Channels under Partial Information Leakage

TL;DR

This paper models PIN-based human-IoT authentication as a stochastic communication channel, quantifying reliability loss due to partial information leakage using probabilistic inference, and demonstrates significant degradation under realistic scenarios.

Contribution

It introduces a context-conditioned probabilistic inference framework for modeling partial PIN leakage, outperforming traditional sequence models in predicting missing digits.

Findings

Achieves up to 55.31% accuracy for one missing digit

Demonstrates reliability degradation under partial exposure scenarios

Outperforms standard sequence-model baselines in predictive tasks

Abstract

Reliable and secure human-machine communication is fundamental to IoT and cyber-physical ecosystems, where smartphones and wearables commonly serve as authentication controllers. PIN-based authentication can be viewed as a low-bandwidth communication channel through which users transmit numeric credentials under practical constraints. However, conventional evaluations adopt a binary view of security-treating such channels as either fully secure or fully compromised-thereby overlooking the progressive reliability degradation caused by partial information leakage in real-world IoT settings. In this paper, we model the PIN entry process as a stochastic human-IoT communication system and propose a context-conditioned probabilistic inference framework to quantify reliability loss and Quality-of-Service degradation under partial symbol exposure. The proposed approach treats missing digits as latent variables and estimates them using smoothed conditional probability distributions with fallback priors. Unlike traditional sequential models that assume contiguous positional dependencies, the method does not explicitly parameterize hidden-state transitions or emissions; instead, it performs context-driven probabilistic inference to approximate latent dependencies across digit positions. Using over one million real-world four-digit PIN samples, we evaluate single-, double-, and triple-digit leakage scenarios and derive position-dependent reliability metrics. The proposed model achieves up to 55.31% prediction accuracy for one missing digit and 12.12% for three missing digits, while consistently outperforming a standard sequence-model baseline and classical machine learning models in terms of precision, recall, and F1-score. These results formalize PIN entry as a noisy human--IoT communication channel and demonstrate substantial reliability degradation under realistic partial exposure conditions.