Frankly this is when I would start exploring supplying random data to my app myself, externally. For example, many hosting providers supply hardware random number generators. I'd find an economical one and have it dump as much entropy as you need into into AppEngine via cron. Sign the data from the host, confirm it in GAE, and store it for later as a blob.
Yes, there is a cost of splitting your application into multiple components with dependencies, but I don't know, I wouldn't feel comfortable implementing an RNG myself. And a PRNG still needs a secure seed so that only gets you so far. On the other hand you could have gigabytes of true randomness in a day's work and a few dollars per month. On Oct 7, 5:15 pm, Anh Hai Trinh <[email protected]> wrote: > On Oct 7, 4:07 pm, "Nick Johnson (Google)" <[email protected]> > wrote: > > > Hi Anh, > > Good question! There's nothing built directly in, but you have several > > options: > > - You can implement, or use an existing implementation of a well known > > cryptographically secure PRNG, such as Blum Blum Shub. > > - You can make use of one of the block ciphers provided by pycrypto to > > generate a PRNG stream - just use it in CTR mode with a random key as seed > > data. > > - You can make use of a secure hash from the hashlib module - again, start > > with a random input and increment it for each block of random data. > > Dear Nick, > > How would you advise implementing any of these approaches in > AppEngine. It is difficult because the random number is usually > needed as a nonce (not en mass, like in a simulation) and therefore > we'll need to maintain the state of the RNG, which is impossible since > we can't have long running process in AppEngine. Maybe we can store > the counter in the Datastore, and it'll need to be sharded, possibly > memcached, and will need to deal with timeout, etc. It is always > tricky to roll our own cryptographic implementation, of any kind, > securely. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
