On Mon, 2019-02-25 at 19:37 +0200, Uoti Urpala wrote: [...] > Generally you don't ever > need to use /dev/random instead of /dev/urandom unless you make > assumptions about cryptography failing. [...]
I think I agree with that, but there is no way to add entropy that
unblocks getrandom() without also unblocking /dev/random. If the seed
files used in two different boots are somewhat correlated, and the
entropy estimation doesn't account for that, the output of /dev/random
may also be somewhat correlated between the boots, which is not
supposed to happen.
Ben.
--
Ben Hutchings
The obvious mathematical breakthrough [to break modern encryption]
would be development of an easy way to factor large prime numbers.
- Bill Gates
signature.asc
Description: This is a digitally signed message part
