[145507] in cryptography@c2.net mail archive
Re: Persisting /dev/random state across reboots
daemon@ATHENA.MIT.EDU (Paul Wouters)
Thu Jul 29 16:55:06 2010
Date: Thu, 29 Jul 2010 16:31:57 -0400 (EDT)
From: Paul Wouters <paul@xelerance.com>
To: Richard Salz <rsalz@us.ibm.com>
cc: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <OFD5E803DB.7638E3CA-ON8525776F.006C7332-8525776F.006CABEB@us.ibm.com>
On Thu, 29 Jul 2010, Richard Salz wrote:
> At shutdown, a process copies /dev/random to /var/random-seed which is
> used on reboots.
> Is this a good, bad, or "shrug, whatever" idea?
> I suppose the idea is that "all startup procs look the same" ?
"better then not".
A lot of (pseudo)random comes from disk or network interrupts. These are often
similar during stock system startup. It is even more important if there is no
harddisk but flashdisk, which is not contribting to entropy of the system. This
was a big issue for "openwrt" (a Linux on Linksys routers) which booted so
similarly every time that there was not enough random left at all.
By saving the entropy from a longer run system at shutdown, you increase the
entropy of the next boot by adding randomness from the previous state(s)
Paul
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
