[Python-ideas] PEP 504: Using the system RNG by default

Nick Coghlan ncoghlan at gmail.com
Tue Sep 15 16:47:34 CEST 2015


Hi folks,

Based on the feedback in the recent threads, I've written a draft PEP
that dispenses with the userspace CSPRNG idea, and instead proposes:

* defaulting to using the system RNG for the module level random API
in Python 3.6+
* implicitly switching to the deterministic PRNG if you call
random.seed(), random.getstate() or random.setstate() (this implicit
fallback would trigger a silent-by-default deprecation warning in 3.6,
and a visible-by-default runtime warning after 2.7 goes EOL)
* providing random.system and random.seedable submodules so you can
explicitly opt in to using the one you want without having to manage
your own RNG instances

That approach would provide a definite security improvement over the
status quo, while restricting the compatibility break to a performance
regression in applications that use the module level API without
calling seed(), getstate() or setstate(). It would also allow the
current security warning in the random module documentation to be
moved towards the end of the module, in a section dedicated to
determinism and reproducibility.

The full PEP should be up shortly at
https://www.python.org/dev/peps/pep-0504/, but caching is still a
problem when uploading new PEPs, so if that 404s, try
http://legacy.python.org/dev/peps/pep-0504/

Regards,
Nick.

-- 
Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia


More information about the Python-ideas mailing list