trying to get hash from os.urandom
Paul Rubin
http
Mon Jan 23 16:39:21 EST 2006
Grzegorz Smith <gregtech at wp.pl> writes:
> '\xec2a\xe2\xe2\xeb_\n',"\x9f\\]'\xad|\xe6\xeb",'\xb0\xf8\xd3\xa0>01\xaf'.
> How can I convert this to hash? i change python defaultencoding from ascii
> to utf-8 and try convert this to unicode object but I only get:
Don't use totally arbitrary 8-bit characters in passwords. If you
just want (say) random lowercase letters, do something like (untested):
import string,os
random_letter = string.lowercase[ord(os.urandom(1)) % 26]
for as many letters as you want in the word.
Note that the letters won't be perfectly equally probable because the
character codes are 0..255 and you get some of the residues mod 26
slightly more often than others. Obviously you can avoid that
nonuniformity in various ways, but the effect on the password entropy
is minimal even if you do nothing.
IMO it's better to use words than strings of letters. Try something
like (untested):
import binascii,os
short_words = [w.strip() for w in file('/usr/dict/words') if len(w) < 8]
assert len(short_words) > 5000
passphrase = []
for i in range(2): # we will generate a 2-word phrase
# generate a random 64 bit integer
a = int(binascii.hexlify(os.urandom(8)), 16)
passphrase.append(short_words[a % len(short_words)])
passphrase = ' '.join(passphrase)
If you want to use the phrase as a cryptography key, use 6 or so words
instead of 2 words.
> Any help i will appreciated. Does anyone use os.urandom to cryptography?
Yes, all the time.
More information about the Python-list
mailing list