[Python-ideas] Should our default random number generator be secure?

Stefan Krah skrah at bytereef.org
Tue Sep 15 14:36:04 CEST 2015

Nathaniel Smith <njs at ...> writes:
> Obviously the thing the scientists worry about is a *strict* subset of
> what the cryptographers are worried about. This is why it is silly to
> worry that a crypto RNG will cause problems for a scientific
> simulation.

Do you have links to papers analyzing chacha20 w.r.t statistical
properties?  The only information that I found is


"Fewer rounds result in poor statistical performance; ChaCha2 fails
statistical tests badly, and ChaCha4 passes TestU01 but sophisticated
mathematical analysis has shown it to exhibit some bias. ChaCha8 (and
higher) are believed to be good. Nevertheless, ChaCha needs to go to more
work to achieve satisfactory statistical quality than many other generators.
ChaCha20, being newer, has received less scrutiny from the cryptographic
community than Arc4."

Stefan Krah

More information about the Python-ideas mailing list