[Python-Dev] Confusion about os.urandom()
Matthias Andreas Benkard
mulk at gmx.net
Fri Nov 19 18:55:23 CET 2004
I was just reading through http://www.python.org/2.4/highlights.html and
noticed the following:
os.urandom() has been added for systems that support a source of
random data (entropy)
At first, I was a bit stunned about the choice of name here. Why would
anyone call this method urandom()? That confused me a bit, for, AFAICS,
under Linux at least, /dev/random is the entropy pool and /dev/urandom
is a PRNG (or rather, a source of random numbers which falls back to a
PRNG when the entropy pool runs out of numbers). So I would not expect a
method that is supposed to yield cryptographically secure random numbers
to be called `urandom()'.
Anyway, that might be non-intuitive (which is unusual in Python), but
certainly not a severe bug. But then I noticed that if I
rename /dev/urandom to something else (say, /dev/notrandomenough),
os.urandom() (in Python 2.4b2) raises a NotImplementedError:
Python 2.4b2 (#2, Nov 11 2004, 23:44:54)
[GCC 3.3.5 (Debian 1:3.3.5-2)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
Traceback (most recent call last):
File "<stdin>", line 1, in ?
File "/usr/lib/python2.4/os.py", line 693, in urandom
raise NotImplementedError("/dev/urandom (or equivalent) not found")
NotImplementedError: /dev/urandom (or equivalent) not found
Now I'm really confused. Does os.urandom() use /dev/urandom under Linux?
Either my brain has got a serious bug that makes me misunderstand the
random(4) manpage, which states that "[w]hen read, /dev/urandom device
will return as many bytes as are requested. As a result, if there is
not sufficient entropy in the entropy pool, the returned values are
theoretically vulnerable to a cryptographic attack on the algorithms
used by the driver", or the implementation of os.urandom() is severely
(BTW, I just checked Python 2.4c1. Judging from the source code, it
seems to have the same behaviour.)
That's what help(os.urandom) says:
urandom(n) -> str
Return a string of n random bytes suitable for cryptographic use.
So it should be using /dev/random rather than /dev/urandom, shouldn't
- Matthias A. Benkard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://mail.python.org/pipermail/python-dev/attachments/20041119/1a293b22/attachment.pgp
More information about the Python-Dev