@techreport{ksw-gpnri-20,
  author = {Peter Kietzmann and Thomas C. Schmidt and Matthias W{\"a}hlisch},
  title = {{A Guideline on Pseudorandom Number Generation (PRNG) in the IoT}},
  type = {Technical Report},
  institution = {Open Archive: arXiv.org},
  year = {2020},
  month = {July},
  number = {arXiv:2007.11839},
  abstract = {Security and trust are essential building blocks for the emerging Internet of Things (IoT)-both heavily rely on ubiquitously available crypto primitives with integrity and robustness. In the constrained IoT, this is a challenging desire due to limited availability of memory, CPU cycles, energy, and external data sources. Random input forms such a central crypto primitive that is used virtually everywhere, but hard to obtain on deterministically operated real-time devices without user interface. In this paper, we revisit the generation of randomness from the perspective of an IoT operating system that needs to support general purpose or crypto-secure random numbers. We analyse the potential attack surface, derive common requirements, and discuss the potentials and shortcomings of %the random subsystems in current IoT OSs. A systematic evaluation of current IoT hardware components and popular software generators based on well-established test suits and on experimental performance measurements give rise to a set of clear recommendations on how to build such a random subsystem and which generators to use.},
  file = {https://arxiv.org/pdf/2007.11839},
  url = {https://arxiv.org/abs/2007.11839},
  theme = {iot|nsec},
}