[Python-ideas] Should our default random number generator be secure?

Tim Peters tim.peters at gmail.com
Wed Sep 9 21:20:52 CEST 2015

[Steven D'Aprano <steve at pearwood.info>]
> ...
> Question, aimed at anyone, not necessarily random832 -- one desirable
> property of PRNGs is that you can repeat a sequence of values if you
> re-seed with a known value. Does arc4random keep that property? I think
> that it is important that the default RNG be deterministic when given a
> known seed. (I'm happy for the default seed to be unpredictable.)

"arc4random" is ill-defined.  From what I gathered, it's the case that
"pure chacha" variants can be seeded to get a reproducible sequence
"in theory", but that not all implementations support that.

Specifically, the OpenBSD implementation being "sold" here does not and cannot:


"Does not" because there is no API to either request or set a seed.

"Cannot" because:

    The subsystem is re-seeded from the kernel random number
    subsystem using getentropy(2) on a regular basis

Other variants skip that last part.

More information about the Python-ideas mailing list