EGD requirement a show stopper for me

[Dave Dykstra]

On Tue, Feb 01, 2000 at 01:08:06PM -0800, Gary E. Miller wrote:
> Yo All!
> 
> A archive of the discussions on /dev/random from the linux-ipsec
> and coderpunks mailing lists is at:
> 	http://www.openpgp.net/random/index.html
> 
> They have already covered this territory at length.

The access to the archive is kind of slow so I haven't seen it all, but I
haven't spotted where they're talking about avoiding the use of
/dev/random.  Ipsec is a different situation because by its nature it will
not be portable and, unlike ssh, they can make operating system changes.

> There is also the source to a linux kernel /dev/random on that 
> website and in it's doc the recommendation is made to save the entropy.
> 
> I think the end result was that it was best to save what entropy
> that you had between sessions.    Since this saved entropy should
> just be stirred in with whatever new entropy you can find, then
> you should never be worse off even if the old entropy is compromised.
> 
> RGDS
> GARY
> 
> On Mon, 31 Jan 2000, Andre Lucas wrote:
> 
> > I'm no authority of any kind on PRNG implementations or the software
> > you've listed. So this is just a barely educated opinion. I think it's a
> > good thing to save the random seed, as if you have confidence in your
> > PRNG it's a good random value with which to initialise the generator.
> > Since my understanding is that good entropy is hard to find(tm), why
> > waste it?


Ok, maybe I'm missing something.  If you have a good initial seed to your
PRNG and you save it in a protected file the way ssh 1.2.27 does, is there
any problem with not using the EGD (or /dev/random because it's not
available)?  We could take some of the code from the EGD (ported to C) or
from some other open source package to get the initial seed, when we don't
mind spending a little extra time, and from then on do things more quickly
without the aid of an external program or driver.  Right?

- Dave Dykstra