Message 291968 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	pitrou, rhettinger, serhiy.storchaka, vstinner
Date	2017-04-20.12:18:33
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1492690713.9.0.174397056768.issue30030@psf.upfronthosting.co.za>
In-reply-to

Content
"Generating every name consumes about 16 random bytes. This can exhaust the system entropy and slowdown other applications." Crys and Alex_Gaynor confirmed me on IRC that these two assumptions are both wrong. See for example https://www.2uo.de/myths-about-urandom/ Q: But that's good! /dev/random gives out exactly as much randomness as it has entropy in its pool. /dev/urandom will give you insecure random numbers, even though it has long run out of entropy. A: Fact: No. Even disregarding issues like availability and subsequent manipulation by users, the issue of entropy “running low” is a straw man. About 256 bits of entropy are enough to get computationally secure numbers for a long, long time. -- About performance, well, it's not exactly "wrong" but "inaccurate". Abusing /dev/urandom only hurt other applications which also abuse /dev/urandom. Such use case is very unlikely. * The bad performance of concurrent /dev/urandom reader was analyzed by an old article of 2014, but see comments: http://drsnyder.us/2014/04/16/linux-dev-urandom-and-concurrency.html * The performance issue was fixed in Linux 4.8, https://github.com/torvalds/linux/commit/1e7f583af67be4ff091d0aeb863c649efd7a9112

"Generating every name consumes about 16 random bytes. This can exhaust the system entropy and slowdown other applications."

Crys and Alex_Gaynor confirmed me on IRC that these two assumptions are both wrong.

See for example https://www.2uo.de/myths-about-urandom/

Q: But that's good! /dev/random gives out exactly as much randomness as it has entropy in its pool. /dev/urandom will give you insecure random numbers, even though it has long run out of entropy.

A:  Fact: No. Even disregarding issues like availability and subsequent manipulation by users, the issue of entropy “running low” is a straw man. About 256 bits of entropy are enough to get computationally secure numbers for a long, long time. 

--

About performance, well, it's not exactly "wrong" but "inaccurate". Abusing /dev/urandom only hurt other applications which also abuse /dev/urandom. Such use case is very unlikely.

* The bad performance of concurrent /dev/urandom reader was analyzed by an old article of 2014, but see comments:
  http://drsnyder.us/2014/04/16/linux-dev-urandom-and-concurrency.html
* The performance issue was fixed in Linux 4.8, https://github.com/torvalds/linux/commit/1e7f583af67be4ff091d0aeb863c649efd7a9112

History
Date	User	Action	Args
2017-04-20 12:18:33	vstinner	set	recipients: + vstinner, rhettinger, pitrou, serhiy.storchaka
2017-04-20 12:18:33	vstinner	set	messageid: <1492690713.9.0.174397056768.issue30030@psf.upfronthosting.co.za>
2017-04-20 12:18:33	vstinner	link	issue30030 messages
2017-04-20 12:18:33	vstinner	create