Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!xlned.com!feeder5.xlned.com!newsfeed.xs4all.nl!newsfeed1.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <ian.g.kelly@gmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.007
X-Spam-Evidence: '*H*': 0.99; '*S*': 0.00; 'output': 0.05; 'django,': 0.09; 'falls': 0.09; 'input,': 0.09; 'subject:language': 0.09; 'subject:string': 0.09; 'python': 0.11; 'creates': 0.14; 'expert,': 0.16; 'fallback': 0.16; 'subject:generation': 0.16; 'subject:random': 0.16; "\xc2\xa0i'm": 0.16; 'wrote:': 0.18; 'input': 0.22; 'aug': 0.22; 'email addr:gmail.com&gt;': 0.22; "i've": 0.25; '&gt;': 0.26; 'required.': 0.27; 'header:In-Reply- To:1': 0.27; 'function': 0.29; 'am,': 0.29; 'message- id:@mail.gmail.com': 0.30; 'along': 0.30; "i'm": 0.30; 'though.': 0.31; 'class': 0.32; 'case,': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'right?': 0.36; 'being': 0.38; 'to:addr:python-list': 0.38; 'heard': 0.39; 'to:addr:python.org': 0.39; 'even': 0.60; 'skip:u 10': 0.60; 'establish': 0.61; 'back': 0.62; 'more': 0.64; 'burden': 0.68; 'secret': 0.74; 'secret,': 0.84
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=3rbxFo25aMq6tN5nQZvYLK7p+eNldUN3UrnW6vcFAOk=; b=CDgl4Dqasd4lhSFd5KDENWAbsJIHBVeTbfn87zUeo5O0dGFgxZx+XyGZ9hsR02bCoq dsoItJkPlPBCUJf6ojLYWt4OftXhzC5CcYDwX2lMuVSmoYObg+328Jebe+U9mi0uDHg4 z2bDGOhwm8M/lbw6MtL0NdG9Vuerm1vAV/7pjFr9UGBvnBNouh7g/QsdfQi3mycSMeSs O1Ws/ku3YbMRgUq0zxmlixC1538PDzJ5kxlrlTY9bqUoYJ60396kFF3Mt3iXnyVW78fC DuI4vMMoP4hRHlnFxnbObJHEEQmnDERg8ADBEkE6+anrqVskTSRtCjc/iMN6VjYXN+uz DDiw==
X-Received: by 10.66.154.234 with SMTP id vr10mr36743383pab.44.1407688736123; Sun, 10 Aug 2014 09:38:56 -0700 (PDT)
MIME-Version: 1.0
In-Reply-To: <CABicbJ+iseTxkBOndUn-yRP_5R5eRDXg+_0aHjbCt9LWUJVpqg@mail.gmail.com>
References: <14d94692-2257-4dfb-a82f-f1674a839233@googlegroups.com> <CABicbJ+iseTxkBOndUn-yRP_5R5eRDXg+_0aHjbCt9LWUJVpqg@mail.gmail.com>
From: Ian Kelly <ian.g.kelly@gmail.com>
Date: Sun, 10 Aug 2014 10:38:16 -0600
Subject: Re: Template language for random string generation
To: Python <python-list@python.org>
Content-Type: multipart/alternative; boundary=047d7b6d83b81232c005004913dd
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.12818.1407688739.18130.python-list@python.org>
Lines: 45
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1407688739 news.xs4all.nl 2916 [2001:888:2000:d::a6]:49317
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:75986

--047d7b6d83b81232c005004913dd
Content-Type: text/plain; charset=UTF-8

On Aug 10, 2014 6:45 AM, "Devin Jeanpierre" <jeanpierreda@gmail.com> wrote:
> > * Uses SystemRandom class (if available, or falls back to Random)
>
> This sounds cryptographically weak. Isn't the normal thing to do to
> use a cryptographic hash function to generate a pseudorandom sequence?

You mean in the fallback case, right?  I'm no crypto expert, but I've never
heard of SystemRandom being contra-recommended for crypto, and even the
Python docs recommend it.

The output of even a cryptographically strong hash isn't going to have any
more entropy than the input, so if the input is predictable then the output
will be also.  One approach I'm aware of, which is used by Django, is to
hash the RNG state along with the time and a local secret In order to
reseed the RNG unpredictably whenever randomness is required. That creates
a configuration burden in order to establish the secret, though.

--047d7b6d83b81232c005004913dd
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">On Aug 10, 2014 6:45 AM, &quot;Devin Jeanpierre&quot; &lt;=
<a href=3D"mailto:jeanpierreda@gmail.com">jeanpierreda@gmail.com</a>&gt; wr=
ote:<br>&gt; &gt; * Uses SystemRandom class (if available, or falls back to=
 Random)<br>

&gt;<br>&gt; This sounds cryptographically weak. Isn&#39;t the normal thing=
 to do to<br>&gt; use a cryptographic hash function to generate a pseudoran=
dom sequence?<br><br>You mean in the fallback case, right? =C2=A0I&#39;m no=
 crypto expert, but I&#39;ve never heard of SystemRandom being contra-recom=
mended for crypto, and even the Python docs recommend it.<br>

<br>The output of even a cryptographically strong hash isn&#39;t going to h=
ave any more entropy than the input, so if the input is predictable then th=
e output will be also. =C2=A0One approach I&#39;m aware of, which is used b=
y Django, is to hash the RNG state along with the time and a local secret I=
n order to reseed the RNG unpredictably whenever randomness is required. Th=
at creates a configuration burden in order to establish the secret, though.=
</div>


--047d7b6d83b81232c005004913dd--