Persist entropy pool seeds (#7675) · Issues · tails / tails

Persist entropy pool seeds

Originally created by @intrigeri on #7675 (Redmine)

As a Tails user
When I boot Tails with persistence enabled
Then when an entropy is required, it would use the entropy pool seed

Rationale

Generating entropy on a live distribution is a tough problem. And this has impact to securely generate cryptographic keys, like for example for Pidgin-OTR, using SSH or generating a PGP key. We hope to improve this situation for users who enable the persistence storage option using some randomness from the previous session to help bootstrap with some “well” generated randomness.

Technical discussion

From the discussions and research on #7642 (closed) and #5650 (closed), it seems clear that it would be good to persist entropy pool seeds (/var/lib/random-seed, /var/lib/urandom/random-seed, /var/lib/systemd/random-seed, etc.) whenever possible.

It might even be that we want to do that by default when persistence is enabled (although it’s a hard decision to make, because it breaks one of the basic assumptions of how Tails works).

Still, note that these seeds won’t be used at early boot stage, but only once persistence is enabled. We should look at pointers on #6116 and evaluate how much of a problem it is in practice, in Tails use case.

Team

Team: segfault, bertagaz

Blueprint: https://tails.boum.org/blueprint/randomness_seeding/

Subtasks

#11898 (closed)

Related issues

Related to #7642 (closed)
Related to #5650 (closed)
Related to #7646 (closed)
Related to #6116
Is duplicate of #11897

_Originally created by @intrigeri on [#7675 (Redmine)](https://public-redmine-archive.tails.boum.org/code/issues/7675)_

As a Tails user
    When I boot Tails with persistence enabled
    Then when an entropy is required, it would use the entropy pool seed

## Rationale

Generating entropy on a live distribution is a tough problem. And this
has impact to securely generate cryptographic keys, like for example for
Pidgin-OTR, using SSH or generating a PGP key. We hope to improve this
situation for users who enable the persistence storage option using some
randomness from the previous session to help bootstrap with some “well”
generated randomness.

## Technical discussion

From the discussions and research on tails/tails#7642 and tails/tails#5650, it seems clear
that it would be good to persist entropy pool seeds
(`/var/lib/random-seed`, `/var/lib/urandom/random-seed`,
`/var/lib/systemd/random-seed`, etc.) whenever possible.

It might even be that we want to do that *by default* when persistence
is enabled (although it’s a hard decision to make, because it breaks one
of the basic assumptions of how Tails works).

Still, note that these seeds won’t be used at early boot stage, but only
once persistence is enabled. We should look at pointers on tails/tails#6116 and
evaluate how much of a problem it is in practice, in Tails use case.

## Team

Team: segfault, bertagaz

Blueprint: https://tails.boum.org/blueprint/randomness_seeding/

### Subtasks

- [x] tails/tails#11898

### Related issues

- **Related to** tails/tails#7642
  - **Related to** tails/tails#5650
  - **Related to** tails/tails#7646
  - **Related to** tails/tails#6116
  - **Is duplicate of** tails/tails#11897

Edited May 15, 2020 by intrigeri

Discussion
Designs

The one place for your designs

To enable design management, you'll need to meet the requirements. If you need help, reach out to our support team for assistance.