classification
Title: Random number generator in Python core
Type: enhancement Stage: patch review
Components: Versions: Python 3.1, Python 3.2, Python 3.3, Python 2.7, Python 2.6
process
Status: closed Resolution: out of date
Dependencies: Superseder:
Assigned To: christian.heimes Nosy List: Arfrever, alex, barry, benjamin.peterson, christian.heimes, dmalcolm, georg.brandl, gvanrossum, jcea, loewis, pitrou, rhettinger
Priority: normal Keywords: patch

Created on 2012-01-03 20:24 by christian.heimes, last changed 2012-03-04 19:39 by loewis. This issue is now closed.

Files
File name Uploaded Description Edit
3106cc0a2024.diff vstinner, 2012-01-03 22:18 review
Repositories containing patches
http://hg.python.org/features/randomhash/#randomhash
Messages (10)
msg150527 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2012-01-03 20:24
All proposed fixes for a randomized hashing function raise and fall with
a good random number generator to feed the random seed. The seed must be
created very early in the startup phase of the interpreter, preferable
before the basic types are initialized. CPython already have multiple
sources for random data (win32_urandom in Modules/posixmodule.c, urandom
in Lib/os.py, Mersenne twister in Modules/_randommodule.c). However we
can't use them because they are wrapped inside Python modules which
require infrastructure like initialized base types.

Discussion at http://mail.python.org/pipermail/python-dev/2012-January/115263.html

My proposed changes are implemented in my feature fork but not yet well tested. Windows build files needs modification, too.
msg150528 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2012-01-03 20:28
(for the record, you can use the "create patch" button which creates a reviewable diff)
msg150545 - (view) Author: Martin v. Löwis (loewis) * (Python committer) Date: 2012-01-03 22:17
I disagree with that approach, basically because I disagree that we need a C implementation of MT. Platforms that don't provide /dev/urandom will just have to be less secure. Using the current time (in milliseconds if available) plus the current pid ought to be good enough as a random seed.
msg150549 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2012-01-03 22:37
We already have a C implementation of MT in Modules/_randommodule.c. I just suggest that we move the implementation to a place, where we can use it as seed.
msg150594 - (view) Author: Raymond Hettinger (rhettinger) * (Python committer) Date: 2012-01-04 07:30
Why is this listed as a release blocker?  It is questionable whether it should be done at all?  It is a very aggressive change.
msg150598 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2012-01-04 09:29
Release blocker: I was following the example in #13703. A RNG (PRNG or CSPRNG) is required for randomized hashing function.

The patch contains more than just the RNG changes. Only Include/pyrandom.h, Modules/_randommodule.c, Modules/posixmodule.c, Python/hash.c and parts of Makefile.pre.in are relevant for this tracker item. Sorry for the inconvenience!
msg150612 - (view) Author: Barry A. Warsaw (barry) * (Python committer) Date: 2012-01-04 15:02
On Jan 04, 2012, at 07:30 AM, Raymond Hettinger wrote:

>Why is this listed as a release blocker?  It is questionable whether it
>should be done at all?  It is a very aggressive change.

It's a release blocker so that the issue won't get ignored before the next
release.  That doesn't necessarily mean it must be fixed.
msg154899 - (view) Author: Georg Brandl (georg.brandl) * (Python committer) Date: 2012-03-04 15:00
Demoting from release blocker since the hash collision issue got remedied differently.

If this is not needed anymore, please close.
msg154904 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2012-03-04 18:55
Yes, this ticket can be closed unless there is an interest to include the PRNG in the core.
msg154906 - (view) Author: Martin v. Löwis (loewis) * (Python committer) Date: 2012-03-04 19:39
This is indeed out-of-date.
History
Date User Action Args
2012-03-04 19:39:31loewissetstatus: pending -> closed

messages: + msg154906
2012-03-04 18:55:50christian.heimessetstatus: open -> pending
resolution: out of date
messages: + msg154904
2012-03-04 15:00:42georg.brandlsetpriority: release blocker -> normal

messages: + msg154899
2012-01-18 18:34:33dmalcolmsetnosy: + dmalcolm
2012-01-04 15:02:57barrysetmessages: + msg150612
2012-01-04 09:39:47rhettingersetassignee: rhettinger -> christian.heimes
2012-01-04 09:29:25christian.heimessetmessages: + msg150598
2012-01-04 07:30:55rhettingersetmessages: + msg150594
2012-01-04 05:09:02jceasetnosy: + jcea
2012-01-04 02:27:07rhettingersetassignee: christian.heimes -> rhettinger

nosy: + rhettinger
2012-01-04 00:49:38Arfreversetnosy: - ezio.melotti, michael.foord
2012-01-04 00:35:15Arfreversetnosy: + ezio.melotti, Arfrever, michael.foord
2012-01-03 22:37:31christian.heimessetmessages: + msg150549
2012-01-03 22:19:44alexsetnosy: + alex
2012-01-03 22:18:27vstinnersetfiles: + 3106cc0a2024.diff
keywords: + patch
2012-01-03 22:17:04loewissetnosy: + loewis
messages: + msg150545
2012-01-03 20:31:16christian.heimeslinkissue13703 dependencies
2012-01-03 20:28:13pitrousetmessages: + msg150528
2012-01-03 20:24:33christian.heimescreate