Cryptology ePrint Archive: Report 2013/304

Secure PRNG Seeding on Commercial Off-the-Shelf Microcontrollers

Anthony Van Herrewege and Vincent van der Leest and André Schaller and Stefan Katzenbeisser and Ingrid Verbauwhede

Abstract: The generation of high quality random numbers is crucial to many cryptographic applications, including cryptographic protocols, secret of keys, nonces or salts. Their values must contain enough randomness to be unpredictable to attackers. Pseudo-random number generators require initial data with high entropy as a seed to produce a large stream of high quality random data. Yet, despite the importance of randomness, proper high quality random number generation is often ignored. Primarily embedded devices often suffer from weak random number generators. In this work, we focus on identifying and evaluating SRAM in commercial off-the-shelf microcontrollers as an entropy source for PRNG seeding. We measure and evaluate the SRAM start-up patterns of two popular types of microcontrollers, a STMicroelectronics STM32F100R8 and a Microchip PIC16F1825. We also present an efficient software-only architecture for secure PRNG seeding. After analyzing over 1 000 000 measurements in total, we conclude that of these two devices, the PIC16F1825 cannot be used to securely seed a PRNG. The STM32F100R8, however, has the ability to generate very strong seeds from the noise in its SRAM start-up pattern. These seeds can then be used to ensure a PRNG generates high quality data.

Category / Keywords: implementation / pseudo-randomness, PRNG, seeding, entropy

Date: received 21 May 2013, last revised 28 May 2013

Contact author: anthony vanherrewege at esat kuleuven be

Available format(s): PDF | BibTeX Citation

Version: 20130529:000254 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]