random number generator thread safety

Raymond Hettinger python at rcn.com
Wed Nov 9 00:12:25 CET 2005


Mike Brown wrote:
> I have questions about thread safety in the 'random' module.
>
> When using the random.Random class (be it Mersenne Twister or Wichmann-Hill
> based), is it sufficiently thread-safe (preserving entropy and guarding
> against attack) to just have each thread work with its own random.Random
> instance? Or do I need to wrap my calls to each instance's methods to use
> locks? Wichmann-Hill in particular has the warning in its .random()
> vulnerability; do I need to make an exception for that case?

Thread-safety has nothing to do with preserving entropy or guarding
against attack.  All of the entropy in an MT sequence is contained in
the seed (upto 624 bytes) and that entropy is preserved through all
subsequent calls.

Create unique instances of MT generators when you want to be able to
reproduce the sequence later.

Nothing in the random module provides cryptographic guarantees.  If you
want crypto-strength, then use real encryption.  Search SourceForge for
patches that show how to use MD5 and other cryptographic hash functions
as a basis for random number generation.

As far as I'm concerned, there is no reason other than backwards
compatability to use the Wichmann-Hill generator -- the Mersenne
Twister is a much better generator.



Raymond




More information about the Python-list mailing list