[Python-Dev] [Python-checkins] cpython: Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl
Terry Reedy
tjreedy at udel.edu
Tue May 24 19:52:59 CEST 2011
On 5/24/2011 12:06 PM, Victor Stinner wrote:
> Le mardi 24 mai 2011 à 11:27 -0400, Terry Reedy a écrit :
>>>
>>> +.. function:: RAND_bytes(num)
>>> +
>>> + Returns *num* cryptographically strong pseudo-random bytes.
>>> +
>>> + .. versionadded:: 3.3
>>> +
>>> +.. function:: RAND_pseudo_bytes(num)
>>> +
>>> + Returns (bytes, is_cryptographic): bytes are *num* pseudo-random bytes,
>>> + is_cryptographic is True if the bytes generated are cryptographically
>>> + strong.
>>> +
>>> + .. versionadded:: 3.3
>>
>> I am curious what 'cryptographically strong' means, what the real
>> difference is between the above two functions, and how these do not
>> duplicate what is in random.random.
>
> An important feature of a CPRNG (cryptographic pseudo-random number
> generator) is that even if you know all of its output, you cannot
> rebuild its internal state to guess next (or maybe previous number). The
> CPRNG can for example hash its output using SHA-1: you will have to
> "break" the SHA-1 hash (maybe using "salt").
So it is presumably slower. I still do not get RAND_pseudo_bytes, which
somehow decides internally what to do.
> Another important feature is that even if you know the internal state,
> you will not be able to guess all previous and next numbers, because the
> internal state is regulary updated using an external source of entropy.
> Use RAND_add() to do that explicitly.
>
> We may add a link to Wikipedia:
> http://en.wikipedia.org/wiki/CPRNG
That would be helpful
>
> Read the "Requirements" section, it's maybe more correct than my
> explanation:
> http://en.wikipedia.org/wiki/CPRNG#Requirements
>
> About the random module, it must not be used to generate passwords or
> certificates, because it is easy to rebuild the internal state of a
> Mersenne Twister generator if you know the previous 624 numbers. Since
> you know the state, it's also easy to generate all next numbers. Seed a
> Mersenne Twister PRNG doesn't help. See my Hasard project if you would
> like to learn more about PRNG ;-)
>
> We may also add a link from random to SSL.RAND_bytes() and
> SSL.RAND_pseudo_bytes().
--
Terry Jan Reedy
More information about the Python-Dev
mailing list