random

[Tim Peters]

[Eugene Leitl, quoting remarkably little]
>> If you want truly random bits, they're available for the asking; for
>> example, at
>>
>>     http://www.fourmilab.ch/hotbits/

> Tim is being unnecessarily cruel to a person who asked a perfectly valid
> question.

Sorry, but I think I gave him several perfectly valid answers, including but
not limited to the last one you quoted.

> Of course a deterministic process can't produce true random sequences,
> but only pseudorandom sequences, which must pass a number of statistical
> randomness tests to be called "random". The more tests the generator
> passes, the more random it is.

And I explicitly said Python's Wichmann-Hill passes most tests for
randomness, while strong implying C rand() did not (which it doesn't), and
that other generators pass more.

> IN cryptography, where's there is a demand to inject entropy from a
> physical source (/dev/dsp, /dev/video, head timing of a harddrive,
> keystrokes, mouse movement, hardware random number generators, and
> similiar which are pooled in /dev/random) it is compressed,
> cryptohashed, and added to the state of the random number generator
> to make guessing the internal state harder.
>
> I don't see the reason why a cryptohash such as md5 initialized with
> some appropriate number and kept feed its own output would not do
> nicely for purposes in question.

And this is newbie-friendly <wink>?  I don't see any reason why
random.random() would not do for the purposes in question.

it's-6-after-all<wink>-ly y'rs  - tim