從種子派生一組種子

我需要一套種子 $ S={s_1,…, s_n} $ , 對於偽隨機函式，其中種子 $ s_i $ is used to generate a set of pseudo-random values. Obviously I need to be able to regenerate the sets of pseudo-random values, but I do not want to keep the seeds. Thus, I’d like to use a master seed to generate the other seeds.

Question: Would it be secure if I generate a seed for pseudo-random function and then use it to generate a set of seeds?

If not what a solution would be?

By secure I mean the pseudo-random values should not be distinguished from random values.

我相信它看起來類似於 unix/Linux 系統中的 random 和 urandom 函式。一旦物理熵/種子不夠，一個會阻塞，另一個會根據目前的種子生成種子。從安全的角度來看，純隨機熵應該是更好的選擇，但在實際中，我看不到種子生成的問題。如果您的初始種子是純隨機的，則在某種程度上應該無法區分……就像物理熵一樣。

引用自：https://crypto.stackexchange.com/questions/29965