Is this secure?

mk mrkafk at gmail.com
Wed Feb 24 20:16:24 CET 2010


On 2010-02-24 20:01, Robert Kern wrote:
> I will repeat my advice to just use random.SystemRandom.choice() instead
> of trying to interpret the bytes from /dev/urandom directly.

Out of curiosity:

def gen_rand_string(length):
     prng = random.SystemRandom()
     chars = []
     for i in range(length):
         chars.append(prng.choice('abcdefghijklmnopqrstuvwxyz'))
     return ''.join(chars)

if __name__ == "__main__":
     chardict = {}
     for i in range(10000):
##        w = gen_rand_word(10)
         w = gen_rand_string(10)
         count_chars(chardict, w)
     counts = list(chardict.items())
     counts.sort(key = operator.itemgetter(1), reverse = True)
     for char, count in counts:
         print char, count


s 3966
d 3912
g 3909
h 3905
a 3901
u 3900
q 3891
m 3888
k 3884
b 3878
x 3875
v 3867
w 3864
y 3851
l 3825
z 3821
c 3819
e 3819
r 3816
n 3808
o 3797
f 3795
t 3784
p 3765
j 3730
i 3704

Better, although still not perfect.

Regards,
mk




More information about the Python-list mailing list