On 9/18/23 06:14, Guillermo Rodriguez Garcia wrote:
everything is compressed with gzip -7. This is the worst scenario.
However, even in the worst scenario due to gzip one single bit of
difference in the input generates a completely different compressed
output:
Compression (or any other deterministic manipulation of data) does not
add any entropy (or "unpredictability") since the processing is 100%
reproducible.
In terms of entropy the output of the function is as good (or as bad)
as the amount of entropy in the initial seed.
Even aside from that, using gzip as some sort of hash function is not
going to be anywhere near as good as using an actual hash function, like
sha256, sha1 or even md5.
I would expect this all goes into the kernel's own hashing inside the
RNG and so gzip or any other hash function before delivering it to the
kernel is probably irrelevant.
The name of the game is to find actually random bits, which you either
need to save from the previous boot, or obtain from hardware somehow.
The low bits of thermal sensors and multithreading scheduler timing
nanoseconds are probably your best bet if you can't rely on having a
hardware entropy generator.
-Mike C
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox