Random numbers are an essential input to many functions on the Internet of Things (IoT). Common use cases of randomness range from low-level packet transmission to advanced algorithms of artificial intelligence as well as security and trust, which heavily rely on unpredictable random sources. In the constrained IoT, though, unpredictable random sources are a challenging desire due to limited resources, deterministic real-time operations, and frequent lack of a user interface. In this article, we revisit the generation of randomness from the perspective of an IoT operating system (OS) that needs to support general purpose or crypto-secure random numbers. We analyze the potential attack surface, derive common requirements, and discuss the potentials and shortcomings of current IoT OSs. A systematic evaluation of current IoT hardware components and popular software generators based on well-established test suits and on experiments for measuring performance give rise to a set of clear recommendations on how to build such a random subsystem and which generators to use.

中文翻译：

---

物联网中的伪随机数生成 (PRNG) 指南

随机数是物联网 (IoT) 上许多功能的基本输入。随机性的常见用例范围从低级数据包传输到高级人工智能算法以及严重依赖不可预测的随机源的安全和信任。然而，在受限的物联网中，由于资源有限、确定性实时操作和经常缺乏用户界面，不可预测的随机源是一个具有挑战性的需求。在本文中，我们从需要支持通用或加密安全随机数的 IoT 操作系统 (OS) 的角度重新审视随机性的生成。我们分析了潜在的攻击面，得出了共同的要求，并讨论了当前物联网操作系统的潜力和缺点。