Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #103414

Re: Make a unique filesystem path, without creating the file

From Marko Rauhamaa <marko@pacujo.net>
Newsgroups comp.lang.python
Subject Re: Make a unique filesystem path, without creating the file
Date 2016-02-23 21:04 +0200
Organization A noiseless patient Spider
Message-ID <87povnl040.fsf@elektro.pacujo.net> (permalink)
References (9 earlier) <slrnncmo5e.16b.jon+usenet@wintry.unequivocal.co.uk> <87vb5gmtgj.fsf@elektro.pacujo.net> <56cba8c7$0$1611$c3e8da3$5496439d@news.astraweb.com> <877fhvnch0.fsf@elektro.pacujo.net> <87lh6bx5c2.fsf@jester.gateway.pace.com>

Show all headers | View raw

Paul Rubin <no.email@nospam.invalid>:

> Marko Rauhamaa <marko@pacujo.net> writes:
>> It is also correct that /dev/urandom depletes the entropy pool as
>> effectively as /dev/random. 
>
> I think see what's confusing you: the above is a misconception that is
> probably held by lots of people.  Entropy is not water and from a
> cryptographic standpoint there is essentially no such thing as
> "depleting" an entropy pool.  There is either enough entropy (say 256
> bits or more) in the PRNG or else there isn't.  If there's not enough,
> urandom can misbehave by giving you bad output because it doesn't block
> until more is gathered.  If there is enough, /dev/random misbehaves by
> blocking under this bogus concept of "depletion".

You are making my point. /dev/random is correct to block until
top-quality random numbers can be supplied. That's not misbehaving.

> So once /dev/random unblocks, it should never again block, the behavior
> of getrandom.

What you are saying is that /dev/random has no reason to exist (and the
GRND_RANDOM flag to getrandom() is redundant).

I'm no cryptographer and can't judge that. However, as long as the
distinction is maintained, I have to abide by the documented
characteristics.

> No really, all you've done is repeat bad advice. The people cited in
> that article are very knowledgeable and the stuff they say makes good
> mathematical sense. The stuff you say makes no sense and you haven't
> given any convincing reason for anyone to listen to you.

Thing is, neither you nor me nor the cited articles has provided any
more info than insisting on a position, my position being relying on the
documented API.

So we have

 * /dev/urandom vs /dev/random

 * getrandom(0) vs getrandom(GRND_RANDOM)

 * GCRY_STRONG_RANDOM ("Use this level for session keys and similar
   purposes") vs GCRY_VERY_STRONG_RANDOM ("Use this level for long term
   key material") (in libgcrypt)

You don't need to convince me that that distinction is silly. You need
to convince the crypto facility providers.


Marko

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Re: Make a unique filesystem path, without creating the file Ethan Furman <ethan@stoneleaf.us> - 2016-02-22 10:11 -0800
  Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-22 18:17 +0000
    Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 05:25 +1100
      Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-22 18:39 +0000
        Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-22 20:48 +0200
          Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-23 10:37 +1100
            Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-23 00:08 +0000
              Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 11:18 +1100
                Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-23 00:26 +0000
                Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 11:33 +1100
                Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-23 00:44 +0000
                Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 11:56 +1100
        Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 06:04 +1100
          Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 11:22 -0800
            Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-23 10:45 +1100
          Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-22 19:22 +0000
            Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-22 21:32 +0200
              Re: Make a unique filesystem path, without creating the file Random832 <random832@fastmail.com> - 2016-02-22 14:41 -0500
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-22 22:41 +0200
                Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 13:05 -0800
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-22 23:22 +0200
                Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 15:26 -0800
              Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-23 11:33 +1100
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-23 08:54 +0200
                Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 23:18 -0800
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-23 21:04 +0200
                Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-24 12:40 +1100
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-24 09:20 +0200
                Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2016-02-25 16:38 +1100
                Re: Make a unique filesystem path, without creating the file Marko Rauhamaa <marko@pacujo.net> - 2016-02-25 08:54 +0200
                Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2016-02-25 19:21 +1100
                Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-25 10:05 +0000
            Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 06:37 +1100
            Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-23 11:03 +1100
              Re: Make a unique filesystem path, without creating the file Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-02-23 00:11 +0000
              Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 18:27 -0800
                Re: Make a unique filesystem path, without creating the file Chris Angelico <rosuav@gmail.com> - 2016-02-23 13:53 +1100
                Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-22 19:26 -0800
                Re: Make a unique filesystem path, without creating the file Mark Lawrence <breamoreboy@yahoo.co.uk> - 2016-02-23 08:09 +0000
                Re: Make a unique filesystem path, without creating the file Paul Rubin <no.email@nospam.invalid> - 2016-02-23 00:22 -0800
                Re: Make a unique filesystem path, without creating the file Peter Otten <__peter__@web.de> - 2016-02-23 09:40 +0100
                Re: Make a unique filesystem path, without creating the file Mark Lawrence <breamoreboy@yahoo.co.uk> - 2016-02-23 09:00 +0000
                Re: Make a unique filesystem path, without creating the file Grant Edwards <invalid@invalid.invalid> - 2016-02-23 15:14 +0000
                Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-25 11:41 +1100
                Re: Make a unique filesystem path, without creating the file Random832 <random832@fastmail.com> - 2016-02-25 10:03 -0500
    Re: Make a unique filesystem path, without creating the file Steven D'Aprano <steve@pearwood.info> - 2016-02-23 11:18 +1100

csiph-web