[Python-ideas] Globally configurable random number generation

Stefan Krah skrah at bytereef.org
Mon Sep 14 15:43:58 CEST 2015

Nick Coghlan <ncoghlan at ...> writes:
> = Core abstraction =
> The core concept of this proposal involves classifying random number
> generators in Python as follows:
> * seedable
> * seedless
> * system
> These terms are chosen to make sense to folks that have *no idea*
> about the way different kinds of random number generator work and how
> that affects their security properties, but do know whether or not
> they need to be able to pass in a particular fixed seed in order to
> regenerate the same series of outputs.
> The guidance to Python users is then:
> * we use the seedless RNG by default as it provides the best balance
> of speed and security
> * if you need to be able to exactly reproduce output sequences, use
> the seedable RNG
> * if you know you're doing security sensitive work, use the system RNG
> directly to eliminate Python's seedless RNG as a potential source of
> vulnerabilities

Sorry, -1 on this. Theo proposed a simple API like:


Go has:


These are sane, unambiguously named APIs. I wish Python had more
of those.  If people must have their CSPRNG, please let's leave
the random module alone and introduce a crypto module like Go.

Stefan Krah

More information about the Python-ideas mailing list