5

My app on Android uses the built-in motion sensors to collect seed-data for the PRNG (java.security.SecureRandom) that is later to be used for key-generation. The user is told to shake the device so the incoming data should be somewhat pretty random. Also, too slow movements are ignored in order to avoid getting only 0s as seed if the device was not moved during the time of "recording".

In detail: Teh length of the movement-vector is calculated ($l = sqrt(x^2 + y^2 + z^2)$) and $9.81$ is subtracted from it in order to ignore gravity. If $l$ is less than 81% of the sensors Peek value the set of values is ignored. Otherwise the resulting values for x, y, z are beeing muliplied by $2^{28}$ (because bit-shifting is not supported on floats in Java), then XORed. These values then fill an array like that:

dataStack[dataSetsRecorded++ % dataStack.length] ^= value;

The question is: is that a high entropy or can this be predicted (e.g. because most phone users would shake the phone up and down but not sidewise and tablet users would rather tilt than shake the device)? Thanks :)

marstato
  • 518
  • 3
  • 14

1 Answers1

0

Read Toward Sensor-Based Random Number Generation for Mobile and IoT Devices, if it's not too late(!)

In summary, the extracted table below shows their findings. Those were that the three accelerometers in combination provided a good 24 bits of entropy for randomness extraction. The good bits are the black boxes in the table as per the note below it. The team got fairly good random results from their scheme.

heat map

I'd add the proviso that they used aggregated data from 37 devices. The results for a single device might vary...

Paul Uszak
  • 15,905
  • 2
  • 32
  • 83