SHA-based subclass for random module
Paul Rubin
http
Fri Mar 19 17:22:05 EST 2004
Josiah Carlson <jcarlson at nospam.uci.edu> writes:
> > What's Random.random(self) supposed to do?
>
> Generate a random number using the Mersenne Twister random number
> generator.
According to the Random doc, Random.random() doesn't take an argument,
so I'm asking what the "self" is for.
> >> ciphertxt = md5.new(plaintxt).digest()
> > I think you mean update.
>
> Perhaps yes, perhaps no. Certainly the digest of both are dependant
> on two inputs (the current internal state of MD5 and the random number
> generated by MT). However, unless you can store the series of updates
> to MD5, then getstate() followed by setstate() would not be sufficient
> to get the same series of random numbers. This is also a "possible
> issue" shared by the double-sha algorithm.
Without the update, all that's happening is you're reading an MT output
and hashing it, so there's no secret state without some security assumption
on MT. And the only security assumption I'm willing to make about MT
is that it's completely insecure ;-).
> > But doesn't support all the operations specified in the Random API.
> > What's up with that?
>
> That is what the subclass was for:
> > class MD5Random(Random):
But the methods in the superclass don't do anything to manage the state
of subclass instances.
More information about the Python-list
mailing list