Charles-François Natali added the comment: > It doesn't look like OpenSSL's PRNG is much faster than /dev/urandom if > Python keeps a persistent fd: > > $ python3.3 prng.py > loops: 1000000 > bytes: 16 > /dev/urandom (fd) 1.2181 > os.urandom() 3.2892 > RAND_pseudo_bytes 1.2924 > RAND_bytes 1.2945
Except that your benchmark uses 4096-bytes buffering for /dev/urandom with a persistent FD, which is not the case with the implementation proposed in #issue18756. Without buffering (i.e. one read() syscall per invokation), the numbers change: $ ./python ~/prng.py loops: 100000 bytes: 16 /dev/urandom (fd) 1.37106 os.urandom() 1.4446 RAND_pseudo_bytes 0.83635 RAND_bytes 0.75604 Also, you use CLOCK_PROCESS_CPUTIME_ID which only accounts for CPU time, not wall-clock time, but it doesn't change much. > Some crypto experts also say that the PRNG of a stock OpenSSL build is sub > par. The algorithm is neither standardized by NIST nor carefully developed > by a cryptographer. FIPS builds of OpenSSL have a better PRNG. That's an implementation detail, it could very well improve. But I don't have a strong feeling, so if that's not deemed useful, I won't take it personally :-) ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue18811> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
