[Python-ideas] Should our default random number generator be secure?

Tim Peters tim.peters at gmail.com
Wed Sep 9 20:16:29 CEST 2015

[Stefan Krah <skrah at bytereef.org>]
> From Theo's forwarded mail I also got the impression that he wanted
> us to use OpenBSD code to implement our own CSPRNG, use that for
> the default functions in the random module and add new functions
> for reproducible random numbers that use the MT.

I read it the same way on all counts.

> My intuition is that if someone just uses a random() function
> without checking if it's cryptographically secure then the
> application will probably have other holes as well.  I mean,
> for example no one is going to use C's rand() function for crypto.

Yes, if they're not checking the random() docs first, they're a total
crypto moron - in which case it's insane to believe they'll do
anything else related to crypto-strength requirements right either.

It's hard to make something idiot-proof even if your target audience
is bona fide crypto experts ;-)

More information about the Python-ideas mailing list