Does RIOT contain a CSPRNG subsysem?


I’m a security researcher trying to find if RIOT contains a cryptographically secure pseudorandom number generator (CSPRNG) subsystem. Other IoT operating systems use mbed TLS’s mbedtls_ctr_drbg_random for this, which operates similarly to Linux’s /dev/urandom, for example.

I didn’t see anything to this effect when browsing the RIOT code, but it’s large and might have missed something. Thanks!

Hi @altf4, short answer is no, but it is under development. That does not mean that RIOT excludes CSPRNGs. There are many crypto-secure generators available: SHAxPRNG, Fortuna, NIST DRBGs from varying crypto-libraries that we support (e.g, relic, tinycrypt, wolfcrypt) and of course hardware based CSPRNGs (e.g. ATECC608 secure element). For seed generation, we took some actions already:

This paper gives a clear picture about our random implementation plans. Furthermore, this video presents our concept of a unified integration of crypto- hardware and software, which is ongoing.

Does that help already?

Perfect! I’m putting together a kind of “feature matrix” when it comes to this in IoT OS’s. So I’ll be sure to check back in when it’s finished. Thanks a lot!