> On Nov 7, 2017, at 11:21 AM, Taylor R Campbell
> <campbell+netbsd-tech-k...@mumble.net> wrote:
>
>> Date: Tue, 7 Nov 2017 09:16:25 +0100
>> From: Maxime Villard <m...@m00nbsd.net>
>> ...
>> Well yes, my initial plan was two different files.
>
> What's the security goal you hope to achieve by having two different
> files that cannot be achieved by using one and deriving two subkeys
> from it?
If you use two parts of a single file that's equivalent to using two files.
If two RNGs use the same data from the file as the starting point, then you
have to argue security from the strengths of the two derivations. Presumably
they use additional entropy to make that work. If so, is the additional entropy
enough on its own? If yes, then you don't need the stored file in the first
place.
paul
