Title:Entropy Collapse in Mobile Sensors: The Hidden Risks of Sensor-Based Security

Abstract:Mobile sensor data has been proposed for security-critical applications such as device pairing, proximity detection, and continuous authentication. However, the foundational premise that these signals provide sufficient entropy remains under-explored. In this work, we systematically analyse the entropy of mobile sensor data using four datasets from multiple application contexts (UCI-HAR, SHL, Relay, and PerilZIS). Using direct computation and estimation, we report entropy values (max, Shannon, collision, and min-entropy) for an exhaustive range of sensor combinations. We demonstrate that the entropy of mobile sensors remains far below what is considered secure by modern standards for security applications, even when many sensors are combined. In particular, we observe an alarming divergence between average-case Shannon entropy and worst-case min-entropy. Single-sensor min-entropy varies between 3.408-4.483 bits despite Shannon entropy being several multiples higher. We also show that redundancies between sensor modalities contribute to a ~75% reduction between Shannon and min-entropy. Indeed, min-entropy plateaus between 8.1-23.9 bits when combining up to 22 modalities, while Shannon entropy can exceed 80 bits. Adding sensors typically increases Shannon entropy but moves min-entropy by only ~1-2 bits per added modality, evidencing entropy collapse under redundancy. Our results reveal that adversaries may feasibly predict sensor signals through an exhaustive exploration of the measurement space. Our work also calls into question the widely held assumption that adding more sensors inherently yields higher security. Ultimately, we strongly urge caution when relying on mobile sensor data for security applications.