Tim Peters added the comment: Didn't anyone here follow the discussion about the `secrets` module? PHP was crucified by security wonks for its horridly naive ways of initializing its PRNGs:
https://media.blackhat.com/bh-us-12/Briefings/Argyros/BH_US_12_Argyros_PRNG_WP.pdf Please don't even think about making Python a target of similar ridicule ;-) The only sane approach is to use an _excellent_ source of randomness for initialization, and `urandom()` is the only obvious such source. While the more the merrier, I agree 2500 utterly unpredictable bytes isn't necessary. If this has to change, use the most possible without creating other problems on a major platform, but certainly no less than 128 crypto-strength bytes. -1 on any poke-and-hope gibberish trying to brew our own out of time.time(), PID, id(), etc. That stuff is easy for a malicious program to attack. That's why Python switched to using `urandom()` to begin with, before security wonks noticed how poorly most libraries handle this. It's not about supplying "enough randomness" for applications, it's about making it computationally intractable for well-funded expert attackers to out-guess. That's why urandom() is used. ---------- nosy: +tim.peters _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue27272> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
