[Buildroot] [PATCH v3] package/urandom-scripts: actually credit seed files via seedrng
Jason A. Donenfeld
Jason at zx2c4.com
Fri Apr 1 10:17:51 UTC 2022
On 4/1/22, David Laight <David.Laight at aculab.com> wrote:
> But it does exactly what the old scripts thought they were doing
> and is far better that just using dd.
On the contrary, it's strictly worse, since the crediting becomes
dangerous here.
> I'm not even sure that trying to save a 'new seed' in the
> startup script is a good idea at all.
> The new seed is very likely to just be a permutation of the
> old seed - since little extra 'entropy' can have been added.
> So while it may stop complete reproducibility I'm not at
> all sure it is cryptographically sound at all.
?? You could get away with hashing the old seed together with some
constant public value and it would be sufficient here. What are you
talking about?
> If you can't rely on saving entropy at shutdown, then using
> (the equivalent of) a cron job to save every hour (or so)
> is probably useful.
Android does it every 3. And as of http://r.android.com/2050961 they
now use the SeedRNG construction.
More information about the buildroot
mailing list