On Sat, Mar 28, 2009 at 9:40 AM, Aahz <aahz@pythoncraft.com> wrote:
On Fri, Mar 27, 2009, Adam Olsen wrote:
The irony is that we only seed with 128 bits, so rather than 2**19937 combinations, there's just 2**128. That drops our "safe" list size down to 34. Weee!
That's probably worth a bug report or RFE if one doesn't already exist.
It seems sufficient to me. We don't want to needlessly drain the system's entropy pool. How about a counter proposal? We add an orange or red box in the random docs that explain a few things together: * What a cryptographically secure RNG is, that ours isn't it, and that ours is unacceptable any time money or security is involved. * Specifically, 624 "iterates" allows you to predict the full state, and thus all future (and past?) output * The limitations of our default seed, and how it isn't a practical problem, overshadowed by the above two things * The limitations on shuffling a large list, how equidistance means it's not a practical problem, and is overshadowed by all of the above Some of that already exists, but is inline. IMO, security issues deserve a few flashing lights. The context of other problems also gives the proper light to shuffling's limitations. -- Adam Olsen, aka Rhamphoryncus