SHA-based subclass for random module

[Holger Duerer]

>>>>> "Raymond" == Raymond Hettinger <python at rcn.com> writes:
  [...]
 
    >> I don't know what getrandbits does exactly.  But if it uses the
    >> normal PRNG code, doesn't that mean that your plaintext still
    >> has only 32 bits of entropy?  I.e. if you want to do an
    >> inversion lookup table, you would only have to calculate the
    >> 2^32 possible outcomes of this call and not all 2^128
    >> theoretically possible ones?

    Raymond> genrandbits() pulls as many bits as requested out of the
    Raymond> underlying generator.  The Mersenne Twister carries 624
    Raymond> words of internal state (about 20000 bits) so it is
    Raymond> capable of supplying all the bits needed for this
    Raymond> application.

    Raymond> So, yes, the plaintext will span the 2^128 possibilities.

Well, I am aware that the state is larger.  But my understanding from
a quick glance at the code was that you seed it with only an unsigned
long (automatically done with time(NULL) for you if you don't provide
a seed -- even worse at it reduces the search space dramatically).

So when assuming the worst-case scenario, namely that you instantiate
a new object of your class right at the beginning of the program (or
at some determinate other point, but not at some undetermined other
point, when other components have already stirred the twister's stated
by an unknown amount) then the call to getrandbits can only produce
2^32 different outcomes, right?

     Holger