[Python-ideas] DRAFT Re: Python's Source of Randomness and the random.py module Redux

Cory Benfield cory at lukasa.co.uk
Fri Sep 11 16:28:35 CEST 2015

On 11 September 2015 at 14:36, Steven D'Aprano <steve at pearwood.info> wrote:
> Is this a trick question?
> In the absence of any credible attack on the password based on how it
> was generated, of course it is safe.

I feel like I must have misunderstood you Steven. Didn't you just
exclude the attack vector that we're discussing here?

What we are saying is that a deterministic PRNG definitionally allows
attacks on the password based on how it was generated. The very nature
of a deterministic PRNG is that it is possible to predict subsequent
outputs based on previous ones, or at least to dramatically constrain
the search space. This is not a hypothetical attack, and it's not even
a very complicated one.

Now, it's possible that the way the system is constructed precludes
this attack, but let me tell you that vastly more engineers think that
about their systems than are actually right about it. Generally, if
the word 'password' appears anywhere near something, you want to keep
a Mersenne Twister as far away from it as possible.

The concern being highlighted in this thread is that users who don't
know what I just said (the vast majority) are at risk of writing
deeply insecure code. We think the default should be changed.

More information about the Python-ideas mailing list