Voice-Based User-Device Physical Unclonable Functions for Mobile Device Authentication

In this paper, a novel voice-based User-Device (UD-) physical unclonable function (PUF) is demonstrated. In traditional PUFs, variability of challenge-response pairs (CRPs) only comes from physical randomness of silicon. Recently, a new type of PUF, touch screen-based UD-PUF was proposed, which entangles human user biometric variability with the silicon variability. Any silicon-based mobile device sensor which is a UI element can potentially seed such a UD-PUF. Having multiple orthogonal sensor space UD-PUFs helps robustness. If one UD-PUF behaves poorly in certain environmental conditions, another one might behave well. In voice UD-PUF, challenges are single words chosen by the user. The user speaks the challenge word into the microphone of the mobile device. The speech has natural human biometric variability. Raw microphone output data of analog to digital converter (ADC) also reflects the silicon variability. This voice microphone data sequence can be quantized into a binary sequence leading to a PUF—a physical randomness derived, unclonable function. To ensure reproducibility, a background noise reduction algorithm, a statistical error correction, and a frequency domain canonical representation are utilized. Both variability and reproducibility of this voice UD-PUF are evaluated. Several authentication algorithms are proposed in this paper. Pixel-matching authentication algorithm provides an average 15.33% false positive rate and an average 12.30% false negative rate while frame-count authentication algorithm provides an average 6.27% false positive rate and an average 13.23% false negative rate. For variability, we show 250+ bits Hamming distance, on average, between 512 bits binary responses of different (user, device, challenge) combinations. We also assess the pseudorandom number generation properties of voice UD-PUF by putting its binary responses through UMontreal TESTU01 suite of tests. The best voice UD-PUF algorithm passed all 26 randomness tests.