These are citations for your PEP (the template for which I linked to in my first messadge in this thread) Are these now the questions: Is an or the initially-posted MD5 DRBG (without a standard KDF) more optimal than the existing Mersenne Twister MTRNG variant that's in the CPython(,) standard library? Could there be additional RNGs in the Python standard library, configured with a thread local maybe? Are SHA3 DRBGs considered sufficient by NIST and/or by other experts? How do we compare sufficiency and relative performance of RNGs? google/paranoid_crypto has [NIST,] tests for RNG sufficiency, but not performance Where does RNG performance matter in Python? - uuid - secrets - turtledemo.chaos - key generation - network security protocols like TLS (though OpenSSL handles all of that (because we never finished the TLS interface PEP 543)) - experiment randomization & redundant tests for convergence given a random seed parameter Is there a good way to 3d chart the hash sufficiency metrics and the hash routine performance metrics as relative performance benchmarks? Is cryptography.io's "os.urandom() instead of other methods" recommendation still the appropriate recommendation? On Tue, Nov 15, 2022 at 9:24 AM Steven D'Aprano <steve@pearwood.info> wrote:
Wes, what purpose do you think these data dumps have?
-- Steve _______________________________________________ Python-ideas mailing list -- python-ideas@python.org To unsubscribe send an email to python-ideas-leave@python.org https://mail.python.org/mailman3/lists/python-ideas.python.org/ Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/PRKTQ6... Code of Conduct: http://python.org/psf/codeofconduct/