Hi all,
I am investigating the Android init procedure (one version, one
device, not in general) and I found an interesting line about the
initialization of the /dev/urandom (seeding, I suppose).
cat /proc/cmdline > /dev/urandom
Therefore, I developed a more sophisticated way to do that initialisation:
# RAF: seeding the urandom device with some data and a few bits of randomness.
# The randomness is put at the beginning of some text data, which is going
# to be compressed. It is expected that the whole compressed data will be
# way different each time, even if a great part of the input is constant.
# Moreover, the size of the randomness changes each time into a range of
# [32, 64] bytes, and this adds more unpredictability. Like a hash, the
# compression algorithm will produce a way different binary output by just
# changing a few bytes and initial conditions.
{
n=$((33 + ${RANDOM:-15}%32))
dd if=/dev/random bs=$n count=1 2>&1
cat /proc/cmdline /proc/*stat /init*
} | pigz -$((1 + n%9))c > /dev/urandom &
I wish to ask people here in this m-list, because I know that there
are Linux experts here, two questions:
1. initialise the /dev/urandom is necessary? Or the kernel provided
itself but is it better?
2. In your opinion, the script above can provide a reasonable
unpredictable initialisation?
In case the /dev/urandom initialisation is a necessity (or a best
practice), does it make sense to add it into busybox as an option or
as an application?
Best regards, R-
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
