Again, it makes no sense to say that a CSPRNG can start "running low" on entropy.
Here's what djb has to say about this:
Cryptographers are certainly not responsible for this superstitious nonsense. Think about this for a moment: whoever wrote the /dev/random manual page seems to simultaneously believe that
(1) we can't figure out how to deterministically expand one 256-bit /dev/random output into an endless stream of unpredictable keys (this is what we need from urandom), but
(2) we _can_ figure out how to use a single key to safely encrypt many messages (this is what we need from SSL, PGP, etc.).
For a cryptographer this doesn't even pass the laugh test.
(Unless you're talking about the early boot seeding problem that /dev/urandom has on linux, which is a very real problem).
Again, it makes no sense to say that a CSPRNG can start "running low" on entropy.
Here's what djb has to say about this:
(Unless you're talking about the early boot seeding problem that /dev/urandom has on linux, which is a very real problem).For reference, here's the classic source I think you're referring to: https://www.2uo.de/myths-about-urandom