Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #103392

Re: Make a unique filesystem path, without creating the file

From Marko Rauhamaa <marko@pacujo.net>
Newsgroups comp.lang.python
Subject Re: Make a unique filesystem path, without creating the file
Date 2016-02-23 08:54 +0200
Organization A noiseless patient Spider
Message-ID <877fhvnch0.fsf@elektro.pacujo.net> (permalink)
References (7 earlier) <slrnncmllh.16b.jon+usenet@wintry.unequivocal.co.uk> <mailman.46.1456167850.20994.python-list@python.org> <slrnncmo5e.16b.jon+usenet@wintry.unequivocal.co.uk> <87vb5gmtgj.fsf@elektro.pacujo.net> <56cba8c7$0$1611$c3e8da3$5496439d@news.astraweb.com>

Show all headers | View raw

Steven D'Aprano <steve@pearwood.info>:

> On Tue, 23 Feb 2016 06:32 am, Marko Rauhamaa wrote:
>> Under Linux, /dev/random is the way to go when strong security is
>> needed. Note that /dev/random is a scarce resource on ordinary
>> systems.
>
> That's actually incorrect, but you're not the only one to have been
> mislead by the man pages.
>
> http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/

Still, mostly hypnotic repetitions.

However, it admits:

   But /dev/random also tries to keep track of how much entropy remains
   in its kernel pool, and will occasionally go on strike if it decides
   not enough remains.

That's the whole point. /dev/random will rather block the program than
lower the quality of the random numbers below a threshold. /dev/urandom
has no such qualms.

   If you use /dev/random instead of urandom, your program will
   unpredictably (or, if you’re an attacker, very predictably) hang when
   Linux gets confused about how its own RNG works.

Yes, possibly indefinitely, too.

   Using /dev/random will make your programs less stable, but it won’t
   make them any more cryptographically safe.

It is correct that you shouldn't use /dev/random as a routine source of
bulk random numbers. It is also correct that /dev/urandom depletes the
entropy pool as effectively as /dev/random. However, when you are
generating signing or encryption keys, you should use /dev/random.

As stated in <URL: https://lwn.net/Articles/606141/>:

   /dev/urandom should be used for essentially all random numbers
   required, but /dev/random is sometimes used for things like extremely
   sensitive, long-lived keys (e.g. GPG) or one-time pads.

> See also:
>
> http://www.2uo.de/myths-about-urandom/

Already addressed.


Marko

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Re: Make a unique filesystem path, without creating the file Ethan Furman <ethan@stoneleaf.us> - 2016-02-22 10:11 -0800
  Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-22 18:17 +0000
    Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 05:25 +1100
      Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-22 18:39 +0000
        Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-22 20:48 +0200
          Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-23 10:37 +1100
            Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-23 00:08 +0000
              Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 11:18 +1100
                Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-23 00:26 +0000
                Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 11:33 +1100
                Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-23 00:44 +0000
                Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 11:56 +1100
        Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 06:04 +1100
          Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 11:22 -0800
            Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-23 10:45 +1100
          Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-22 19:22 +0000
            Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-22 21:32 +0200
              Re: Make a unique filesystem path, without creating the file Random832 <random832@fastmail.com> - 2016-02-22 14:41 -0500
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-22 22:41 +0200
                Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 13:05 -0800
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-22 23:22 +0200
                Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 15:26 -0800
              Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-23 11:33 +1100
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-23 08:54 +0200
                Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 23:18 -0800
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-23 21:04 +0200
                Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-24 12:40 +1100
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-24 09:20 +0200
                Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2016-02-25 16:38 +1100
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-25 08:54 +0200
                Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2016-02-25 19:21 +1100
                Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-25 10:05 +0000
            Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 06:37 +1100
            Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-23 11:03 +1100
              Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-23 00:11 +0000
              Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 18:27 -0800
                Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 13:53 +1100
                Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 19:26 -0800
                Re: Make a unique filesystem path, without creating the file Mark Lawrence <breamoreboy@yahoo.co.uk> - 2016-02-23 08:09 +0000
                Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-23 00:22 -0800
                Re: Make a unique filesystem path, without creating the file Peter Otten <__peter__@web.de> - 2016-02-23 09:40 +0100
                Re: Make a unique filesystem path, without creating the file Mark Lawrence <breamoreboy@yahoo.co.uk> - 2016-02-23 09:00 +0000
                Re: Make a unique filesystem path, without creating the file Grant Edwards <invalid@invalid.invalid> - 2016-02-23 15:14 +0000
                Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-25 11:41 +1100
                Re: Make a unique filesystem path, without creating the file Random832 <random832@fastmail.com> - 2016-02-25 10:03 -0500
    Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-23 11:18 +1100

csiph-web