trying to get hash from os.urandom

Robert Kern robert.kern at gmail.com
Mon Jan 23 16:46:46 EST 2006


Paul Rubin wrote:

> IMO it's better to use words than strings of letters.  Try something
> like (untested):
> 
>    import binascii,os
>    short_words = [w.strip() for w in file('/usr/dict/words') if len(w) < 8]
>    assert len(short_words) > 5000
>    passphrase = []
> 
>    for i in range(2):   # we will generate a 2-word phrase
>       # generate a random 64 bit integer
>       a = int(binascii.hexlify(os.urandom(8)), 16)
>       passphrase.append(short_words[a % len(short_words)])
>    passphrase = ' '.join(passphrase)
> 
> If you want to use the phrase as a cryptography key, use 6 or so words
> instead of 2 words.

Indeed. I like to generate {64,128}-bit-strong passphrases using the RFC1751
module provided with pycrypto.

-- 
Robert Kern
robert.kern at gmail.com

"In the fields of hell where the grass grows high
 Are the graves of dreams allowed to die."
  -- Richard Harter




More information about the Python-list mailing list