[Python-ideas] Should our default random number generator be secure?
Tim Peters
tim.peters at gmail.com
Fri Sep 11 19:16:12 CEST 2015
[Steven D'Aprano]
>>> The default MT is certainly deterministic, and although only the output
>>> of random() itself is guaranteed to be reproducible, the other methods
>>> are *usually* stable in practice.
>>>
>>> There's a jumpahead method too,
[Tim]
>> Not in Python.
[Steve]
> It is there, up to Python 2.7. I hadn't noticed it was gone in Python 3.
Yes, there's something _called_ `,jumpahead()`, for backward
compatibility with the old WIchmann-Hill generator. But what it does
for MT is "eh - no idea what to do, so let's just make stuff up":
def jumpahead(self, n):
"""Change the internal state to one that is likely far away
from the current state. This method will not be in Py3.x,
so it is better to simply reseed.
"""
# The super.jumpahead() method uses shuffling to change state,
# so it needs a large and "interesting" n to work with. Here,
# we use hashing to create a large n for the shuffle.
s = repr(n) + repr(self.getstate())
n = int(_hashlib.new('sha512', s).hexdigest(), 16)
super(Random, self).jumpahead(n)
I doubt there's anything that can be proved about the result of doing
that - except that it's almost certain it won't bear any relationship
to what calling the generator `n` times instead would have done ;-)
More information about the Python-ideas
mailing list