This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author tim.peters
Recipients christian.heimes, dstufft, martin.panter, tim.peters, vstinner
Date 2016-06-09.03:20:48
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1465442449.0.0.161949003819.issue27272@psf.upfronthosting.co.za>
In-reply-to
Content
Didn't anyone here follow the discussion about the `secrets` module?  PHP was crucified by security wonks for its horridly naive ways of initializing its PRNGs:

https://media.blackhat.com/bh-us-12/Briefings/Argyros/BH_US_12_Argyros_PRNG_WP.pdf

Please don't even think about making Python a target of similar ridicule ;-)

The only sane approach is to use an _excellent_ source of randomness for initialization, and `urandom()` is the only obvious such source.  While the more the merrier, I agree 2500 utterly unpredictable bytes isn't necessary.

If this has to change, use the most possible without creating other problems on a major platform, but certainly no less than 128 crypto-strength bytes.

-1 on any poke-and-hope gibberish trying to brew our own out of time.time(), PID, id(), etc.  That stuff is easy for a malicious program to attack.  That's why Python switched to using `urandom()` to begin with, before security wonks noticed how poorly most libraries handle this.

It's not about supplying "enough randomness" for applications, it's about making it computationally intractable for well-funded expert attackers to out-guess.  That's why urandom() is used.
History
Date User Action Args
2016-06-09 03:20:49tim.peterssetrecipients: + tim.peters, vstinner, christian.heimes, martin.panter, dstufft
2016-06-09 03:20:48tim.peterssetmessageid: <1465442449.0.0.161949003819.issue27272@psf.upfronthosting.co.za>
2016-06-09 03:20:48tim.peterslinkissue27272 messages
2016-06-09 03:20:48tim.peterscreate