Peter Kietzmann, Thomas C. Schmidt, Matthias Wählisch,
A Guideline on Pseudorandom Number Generation (PRNG) in the IoT,
Open Archive: arXiv.org, Technical Report, No. arXiv:2007.11839, July 2020.
HTML PDF BibTeX Abstract
Abstract: Security and trust are essential building blocks for the emerging Internet of Things (IoT)-both heavily rely on ubiquitously available crypto primitives with integrity and robustness. In the constrained IoT, this is a challenging desire due to limited availability of memory, CPU cycles, energy, and external data sources. Random input forms such a central crypto primitive that is used virtually everywhere, but hard to obtain on deterministically operated real-time devices without user interface. In this paper, we revisit the generation of randomness from the perspective of an IoT operating system that needs to support general purpose or crypto-secure random numbers. We analyse the potential attack surface, derive common requirements, and discuss the potentials and shortcomings of %the random subsystems in current IoT OSs. A systematic evaluation of current IoT hardware components and popular software generators based on well-established test suits and on experimental performance measurements give rise to a set of clear recommendations on how to build such a random subsystem and which generators to use.
This page generated by bibTOhtml on Fr 5. Nov 11:48:12 CET 2021