Does shuffle() produce uniform result ?

Steven D'Aprano steve at
Sun Sep 9 15:03:22 CEST 2007

On Sun, 09 Sep 2007 18:53:32 +1200, Lawrence D'Oliveiro wrote:

> In message <7xhcm4pl5m.fsf at>, Paul Rubin wrote:
>> Lawrence D'Oliveiro <ldo at geek-central.gen.new_zealand> writes:
>>> Except that the NSA's reputation has taken a dent since they failed to
>>> anticipate the attacks on MD5 and SHA-1.
>> NSA had nothing to do with MD5 ...
> Nevertheless, it was their job to anticipate attacks on it. After all,
> they call themselves the "National _Security_ Agency", don't they?

The NSA has many jobs, and doing public research in crypto is only one of 
them -- and a particularly small one at that. For all we know, they had 
an attack on MD5 ten years before anyone else and didn't tell anyone 
because keeping it secret made it useful for one of their other jobs.

>> ... and it's to NSA's credit that SHA-1 held up for as long as it did.
> But they have no convincing proposal for a successor. That means the gap
> between the classified and non-classified state of the art has shrunk
> down to insignificance.

I don't see how that follows. But even if it does... maybe it's because 
there is nowhere to go from here? You can't make mathematical 
breakthroughs to order.


More information about the Python-list mailing list