Is getting 1-2 outputs from a CSPRNG to seed another CSPRNG less entropy than getting say 5000 outputs from a CSPRNG and using that to seed?

All we need is an easy explanation of the problem, so here it is.

This question builds off of this question.
I want to create more entropy from a viable entropy source to seed another CSPRNG.
If I use

window.crypto.getRandomValues(newUint8Array(1))

To seed a CSPRNG, is that less entropy than if I used:

window.crypto.getRandomValues(newUint8Array(65536))

To seed the CSPRNG?
What I mean is if I derive 65536 bits from a CSPRNG, does that generate more entropy than if I just derived 1-2 bits from that CSPRNG?

How to solve :

I know you bored from this bug, So we are here to help you! Take a deep breath and look at the explanation of your problem. We have many solutions to this problem, But we recommend you to use the first method because it is tested & true method that will 100% work for you.

Method 1

Yes, more is more. Your terms are a bit off, as you can’t generate entropy, and a Uint8 has 8 bits, but your basic assumption is correct. A larger seed will, in theory, produce less predictable results.

In practicals terms, you would need to watch out that your input seed to the CSPRNG accepts the format you generate. For numbers, this is often limited to 32 or 64 bits. If care is not taken in the conversion from 8 bits, you can easily lose entropy. The way around that is to use a modern CSPRNG like fortuna that cannot be over-seeded and is very forgiving about input format.

Note: Use and implement method 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply