[Python-ideas] Should our default random number generator be secure?

Tim Peters tim.peters at gmail.com
Wed Sep 9 19:28:29 CEST 2015

>> So the real question is: whose use cases do you want to cater to
>> by default?
>> If you answer "crytpo", then realize the Python generator will
>> have to change every time the crypto community changes its mind
>> about what's  _currently_ "good enough". There's a long history of
>? that already.

[Donald Stufft <donald at stufft.io>]
> This is not really true in that sense that Python would need to do anything if
> the blessed generator changed.

I read Guido's message as specifically asking about Theo's "strongly
worded recommendation of [Python switching to] the OpenBSD version of
arc4random()" as its default generator. In which, case, yes, when that
specific implementation falls out of favor, Python would need to

> We'd use /dev/urandom, one of the syscalls that
> do the same thing, or the CryptGen API on Windows. Python should not have it's
> own userland CSPRNG.

I read Guido's message as asking whether Python should indeed do just that.

More information about the Python-ideas mailing list