2

This question builds off of this question.
I want to create more entropy from a viable entropy source to seed another CSPRNG.
If I use

window.crypto.getRandomValues(newUint8Array(1))

To seed a CSPRNG, is that less entropy than if I used:

window.crypto.getRandomValues(newUint8Array(65536))

To seed the CSPRNG?
What I mean is if I derive 65536 bits from a CSPRNG, does that generate more entropy than if I just derived 1-2 bits from that CSPRNG?

Marcel
  • 3,536
  • 1
  • 19
  • 37
  • I will not "generate" more entropy, but "transfer" more entropy from the first one to the second one. If you do not use another source for the second (CS)PRNG, it will never get more than the first one had. – Marcel Aug 28 '19 at 04:54

1 Answers1

2

Yes, more is more. Your terms are a bit off, as you can't generate entropy, and a Uint8 has 8 bits, but your basic assumption is correct. A larger seed will, in theory, produce less predictable results.

In practicals terms, you would need to watch out that your input seed to the CSPRNG accepts the format you generate. For numbers, this is often limited to 32 or 64 bits. If care is not taken in the conversion from 8 bits, you can easily lose entropy. The way around that is to use a modern CSPRNG like fortuna that cannot be over-seeded and is very forgiving about input format.

dandavis
  • 2,693
  • 10
  • 16
  • Note though that CSPRNG's commonly have a state size. If you seed it more entropy than the state size then the amount of entropy should already be at the max entropy and adding more will not do anything useful. Commonly 128-256 bits of entropy should enough. Adding additional seed after a number of usages of the PRNG makes more sense. – Maarten Bodewes Sep 06 '19 at 01:12