[Python-ideas] Should our default random number generator be secure?

Steven D'Aprano steve at pearwood.info
Thu Sep 10 03:27:07 CEST 2015

On Wed, Sep 09, 2015 at 04:09:21PM -0400, random832 at fastmail.us wrote:
> On Wed, Sep 9, 2015, at 15:07, Steven D'Aprano wrote:
> > Not really. Look at the subject line. It doesn't say "should we change 
> > from MT to arc4random?", it asks if the default random number generator 
> > should be secure. The only reason we are considering the change from MT 
> > to arc4random is to make the PRNG cryptographically secure. "Secure" is 
> > a moving target, what is secure today will not be secure tomorrow.
> Right, but we are discussing making it secure today.

No, *you* are discussing making it secure today. The rest of us are
discussing making it secure for all time.


More information about the Python-ideas mailing list