Litcius/Paper detail

A Guideline on Pseudorandom Number Generation (PRNG) in the IoT

Peter Kietzmann, Thomas C. Schmidt, Matthias Wählisch

2021ACM Computing Surveys82 citationsDOIOpen Access PDF

Abstract

Random numbers are an essential input to many functions on the Internet of Things (IoT). Common use cases of randomness range from low-level packet transmission to advanced algorithms of artificial intelligence as well as security and trust, which heavily rely on unpredictable random sources. In the constrained IoT, though, unpredictable random sources are a challenging desire due to limited resources, deterministic real-time operations, and frequent lack of a user interface. In this article, we revisit the generation of randomness from the perspective of an IoT operating system (OS) that needs to support general purpose or crypto-secure random numbers. We analyze the potential attack surface, derive common requirements, and discuss the potentials and shortcomings of current IoT OSs. A systematic evaluation of current IoT hardware components and popular software generators based on well-established test suits and on experiments for measuring performance give rise to a set of clear recommendations on how to build such a random subsystem and which generators to use.

Topics & Concepts

RandomnessComputer scienceRandom number generationSet (abstract data type)Pseudorandom number generatorInternet of ThingsNetwork packetRandom accessSoftwareComputer securityComputer networkTransmission (telecommunications)The InternetRange (aeronautics)PseudorandomnessComputer engineeringAlohaDistributed computingPerspective (graphical)Randomness testsRandom seedCryptographyUSableChaos-based Image/Signal EncryptionCryptographic Implementations and SecurityPhysical Unclonable Functions (PUFs) and Hardware Security