[Python-ideas] PEP 504: Using the system RNG by default

Donald Stufft donald at stufft.io
Wed Sep 16 17:54:30 CEST 2015

On September 16, 2015 at 11:48:12 AM, Tim Peters (tim.peters at gmail.com) wrote:
> > There's something else here: some of these messages gave pointers 
> to
> web pages where "security wonks" conceded that specific uses 
> of
> SystemRandom were fine, but they couldn't recommend it anyway 
> because
> it's too hard to explain what is or isn't "safe". "Therefore" 
> users
> should only use urandom() directly. Which is insane, if for no 
> other
> reason than that users would then invent their own algorithms 
> to
> convert urandom() results into floats and ints, etc. Then they'll 
> screw up _that_ part.

That was the documentation for PyCA's cryptography module, where the only use
of random we needed was for an IV (which you can use the output of os.urandom
directly) and for an integer, which you could just use int.from_bytes and the
output of os.urandom (i.e. int.from_bytes(os.urandom(20), byteorder="big")).

It wasn't so much a general recommendation against random.SystemRandom, just
that for our particular use case os.urandom is either by itself fine, or with
a tiny bit of code on top of it fine and that's easier to explain than to try
to explain how to use the random module safely and just warn against it

Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA

More information about the Python-ideas mailing list