[Python-ideas] PEP 504: Using the system RNG by default

David Mertz mertz at gnosis.cx
Wed Sep 16 09:43:59 CEST 2015

On Sep 15, 2015 11:00 PM, "Nick Coghlan" <ncoghlan at gmail.com> wrote:
> "But *why* can't I use the random module for security sensitive
> tasks?" argument as it is at anything else. I'd like the answer to
> that question to eventually be "Sure, you can use the random module
> for security sensitive tasks, so let's talk about something more
> important, like why you're collecting and storing all this sensitive
> personally identifiable information in the first place".

I believe this attitude makes overall security WORSE, not better. Giving a
false assurance that simply using a certain cryptographic building block
makes your application secure makes it less likely applications will fail
to undergo genuine security analysis.

Hence I affirmatively PREFER a random module that explicitly proclaims that
it is non-cryptographic.  Someone who figures out enough to use
random.SystemRandom, or a future crypto.random, or the like is more likely
to think about why they are doing so, and what doing so does and does NOT
assure them off.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20150916/e7892be8/attachment.html>

More information about the Python-ideas mailing list