Is that safe to use ramdom.random() for key to encrypt?
Thomas Rachel
nutznetz-0c1b6768-bfa9-48d5-a470-7603bd3aa915 at spamschutz.glglgl.de
Tue Jun 19 07:44:47 EDT 2012
Am 18.06.2012 01:48 schrieb Paul Rubin:
> Steven D'Aprano<steve+comp.lang.python at pearwood.info> writes:
>>> /dev/urandom isn't actually cryptographically secure; it promises not to
>>> block, even if it has insufficient entropy. But in your instance...
>>
>> Correct. /dev/random is meant to be used for long-lasting
>> cryptographically-significant uses, such as keys. urandom is not.
>
> They are both ill-advised if you're doing anything really serious.
Hm?
> In practice if enough entropy has been in the system to make a key with
> /dev/random, then urandom should also be ok.
Right.
> Unfortunately the sensible
> interface is missing: block until there's enough entropy, then generate
> data cryptographically, folding in new entropy when it's available.
What am I missing? You exactly describe /dev/random's interface.
Thomas
More information about the Python-list
mailing list