On Sat, Jul 31, 2010 at 04:55:18AM -0700, John Denker wrote: > > 2. How dangerous it is to feed the pool with stale seed data in the next > > boot (i.e. in a failure mode where we do not regenerate the seed file) ? [...] > Now, to answer the question: A random-seed file should never be reused. > Never ever. > > Reusing the random-seed file makes the PRNG very much worse than it would > otherwise be. By way of illustration, suppose you are using the computer > to help you play "battleship" or "go fish" against a ten-year-old opponent. > If you use the same 'random' numbers after every reboot, the opponent is > going to notice. You are going to lose. In more-demanding situations, > against an opponent with more skill and more motivation, you are going to > lose even more miserably.
I do not think replaying a "stale" seed file at boot is any worse than not replaying that file. The real issue is how to ensure a fresh seed file. However, looking at Debian's /etc/init.d/urandom, right after writing the seed file to /dev/urandom, it immediately creates a new one by reading from the freshly seeded /dev/urandom again. There is a comment right above that section in the script: "Hm, why is the saved pool re-created at boot? [pere 2009-09-03]". Of course that is to ensure there is always a fresh seed file, even if the system crashes and cannot writte a new seed file at shutdown time. -- Met vriendelijke groet / with kind regards, Guus Sliepen <g...@debian.org>
signature.asc
Description: Digital signature