[Python-ideas] Python's Source of Randomness and the random.py module Redux

Akira Li 4kir4.1i at gmail.com
Thu Sep 10 20:06:28 CEST 2015

Donald Stufft <donald at stufft.io> writes:

> Essentially, there are three basic types of uses of random (the concept, not
> the module). Those are:
> 1. People/usecases who absolutely need deterministic output given a seed and
>    for whom security properties don't matter.
> 2. People/usecases who absolutely need a cryptographically random output and
>    for whom having a deterministic output is a downside.
> 3. People/usecases that fall somewhere in between where it may or may not be
>    security sensitive or it may not be known if it's security sensitive.
> The people in group #1 are currently, in the Python standard library, best
> served using the MT random source as it provides exactly the kind of determinsm
> they need. The people in group #2 are currently, in the Python standard
> library, best served using os.urandom (either directly or via
> random.SystemRandom).
> However, the third case is the one that Theo's suggestion is attempting to
> solve. In the current landscape, the security minded folks will tell these
> people to use os.urandom/random.SystemRandom and the performance or otherwise
> less security minded folks will likely tell them to just use random.py. Leaving
> these people with a random that is not cryptographically safe.

"security minded folks" [1] recommend "always use os.urandom()" and
advise against *random* module [2,3] despite being aware of
random.SystemRandom() [4]

i.e., if they are right then *random* module probably only need to care
about group #1 and avoid creating the false sense of security in group #3.

[1] https://github.com/pyca/cryptography/blob/92d8bd12609586bfa53cf8c7a691e37474aeccd1/AUTHORS.rst
[2] https://cryptography.io/en/latest/random-numbers/
[4] https://github.com/pyca/cryptography/issues/2278

More information about the Python-ideas mailing list