[Q]:Generate Unique ID's

[Paul Rubin]

"Tim Peters" <tim.one at comcast.net> writes:
> > I think that using the Mersenne twister was a mistake given that it
> > replaced the WH generator that was already unsatisfactory.  I think
> > they should have stopped fooling around and used a cryptographic RNG.
> > Replacing an unsatisfactory RNG with a semi-satisfactory one doesn't
> > seem that worthwhile a move.
> 
> The bit-for-bit reproducibility of a PRNG is vital in many applications of
> RNGs, for debugging and verification.  Cryptography is just one application
> of RNGs, and its needs are extreme.  On the box I'm typing at right now (an
> 866 MHz Pentium III), there's also that the Twister generates pseudo-random
> numbers much faster from Python than the Intel HW RNG generates them from
> pure C code -- monitoring thermal noise in a physical system is a
> time-consuming process.

Yes, sorry, I should have said cryptographic PRNG.  For example, using
iterated SHA to generate a pseudorandom stream starting (optionally)
from a user-supplied seed would be completely deterministic and
reproduceable, and given the existing C implementation of SHA that's
already in Python, any speed difference between SHA and Mersenne
Twister is unlikely to be noticeable in any Python application.
Seeding an SHA stream with a few dozen bytes of physical entropy from
that Intel hardware should make the SHA PRNG stream as good in
practice as a true physical RNG stream.

Mersenne Twister may or may not be safe from accidental correlations
in its output leaking through to affect an application, but it
certainly wasn't designed to thwart deliberate, expensive, adversarial
searches for such correlations the way SHA was (designing against an
adversary is the definition of a cryptographic function).  If SHA can
withstand attack by a resource-intensive adversary, it's almost
certainly free from any meaningful accidental correlations.

Why settle for "gee, it's probably ok for most applications" (Mersenne
Twister) when you can use something with no serious speed
disadvantage, that's designed to withstand the most determined attacks
that a national-government-scale adversary can muster (SHA)?  That's
what I don't understand.