[Python-ideas] Should our default random number generator be secure?
random832 at fastmail.us
random832 at fastmail.us
Wed Sep 9 22:38:02 CEST 2015
The commit message changing libc's random functions to use arc4random is
as follows:
> Change rand(), random(), drand48(), lrand48(), mrand48(), and srand48()
> to returning strong random by default, source from arc4random(3).
> Parameters to the seeding functions are ignored, and the subsystems remain
> in strong random mode. If you wish the standardized deterministic mode,
> call srand_deterministic(), srandom_determistic(), srand48_deterministic(),
> seed48_deterministic() or lcong48_deterministic() instead.
> The re-entrant functions rand_r(), erand48(), nrand48(), jrand48() are
> unaffected by this change and remain in deterministic mode (for now).
>
> Verified as a good roadmap forward by auditing 8800 pieces of software.
> Roughly 60 pieces of software will need adaptation to request the
> deterministic mode.
>
> Violates POSIX and C89, which violate best practice in this century.
> ok guenther tedu millert
Perhaps someone could ask them for information about that audit, and how
many / what of those pieces of software were actually using these
functions in ways which made them insecure, but whose security would be
notably improved by a better random implementation (I suspect that the
main thrust of the audit, though, was on finding which ones would be
broken by taking away the default deterministic seeding).
That could tell us how typical it is for people to ignorantly use
default random functions for security-critical code with no other flaws.
More information about the Python-ideas
mailing list