[Python-ideas] Should our default random number generator be secure?

Alexander Walters tritium-list at sdamon.com
Thu Sep 10 01:13:19 CEST 2015


In a word - No.

There is zero reason for people doing crypto to use the random module, 
therefor we should not change the random module to be cryptographically 
secure.

Don't break things and slow my code down by default for dubious reasons, 
please.

On 9/9/2015 12:35, Guido van Rossum wrote:
> I've received several long emails from Theo de Raadt (OpenBSD founder) 
> about Python's default random number generator. This is the random 
> module, and it defaults to a Mersenne Twister (MT) seeded by 2500 
> bytes of entropy taken from os.urandom().
>
> Theo's worry is that while the starting seed is fine, MT is not good 
> when random numbers are used for crypto and other security purposes. 
> I've countered that it's not meant for that (you should use 
> random.SystemRandom() or os.urandom() for that) but he counters that 
> people don't necessarily know that and are using the default 
> random.random() setup for security purposes without realizing how 
> wrong that is.
>
> There is already a warning in the docs for the random module that it's 
> not suitable for security, but -- as the meme goes -- nobody reads the 
> docs.
>
> Theo then went into technicalities that went straight over my head, 
> concluding with a strongly worded recommendation of the OpenBSD 
> version of arc4random() (which IIUC is based on something called 
> "chacha", not on "RC4" despite that being in the name). He says it is 
> very fast (but I don't know what that means).
>
> I've invited Theo to join this list but he's too busy. The two core 
> Python experts on the random module have given me opinions suggesting 
> that there's not much wrong with MT, so here I am. Who is right? What 
> should we do? Is there anything we need to do?
>
> -- 
> --Guido van Rossum (python.org/~guido <http://python.org/%7Eguido>)
>
>
> _______________________________________________
> Python-ideas mailing list
> Python-ideas at python.org
> https://mail.python.org/mailman/listinfo/python-ideas
> Code of Conduct: http://python.org/psf/codeofconduct/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20150909/4688a667/attachment.html>


More information about the Python-ideas mailing list