[issue27279] Add random.cryptorandom() and random.pseudorandom, deprecate os.urandom()

Thu Jun 9 06:38:26 EDT 2016

Marc-Andre Lemburg added the comment:

Resources for entropy gathering sources:

 * Kernel based devices such as /dev/random:
   https://en.wikipedia.org/wiki//dev/random

 * EGD - old entropy gathering daemon; blocks when out of
   entropy
   http://egd.sourceforge.net/
   (not maintained anymore)

   Important here is not the original implementation, but
   the Unix domain socket interface, which many applications
   support.

 * PRNG - provides the EGD interface, but feeds entropy into
   the OpenSSL pool; essentially a CPRNG with EGD interface.
   http://prngd.sourceforge.net/

 * Virtio RNG - paravirtualized device for passing host RNG
   to guest VMs (running under KVM)
   https://fedoraproject.org/wiki/Features/Virtio_RNG

 * haveged - entropy daemon which feeds entropy into the
   Linux /dev/random pool
   http://www.issihosts.com/haveged/
   https://wiki.archlinux.org/index.php/Haveged

   Whether this is useful on VMs, is contested, due to the way
   haveged works (reliance on rdtsc instructions which don't work
   well in VMs)
   http://security.stackexchange.com/questions/34523/is-it-appropriate-to-use-haveged-as-a-source-of-entropy-on-virtual-machines

 * Hardware RNG in Raspberry Pi:
   https://sites.google.com/site/astudyofentropy/project-definition/raspberry-pi-internal-hardware-random-number-generator

 * rng-tools - provides the rngd daemon to feed entropy from
   hardware RNGs into the Linux /dev/random pool
   https://wiki.archlinux.org/index.php/Rng-tools
   http://linux.die.net/man/8/rngd

----------

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue27279>
_______________________________________