Re: [Python-Dev] [Python-checkins] cpython: Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl

Tue, 24 May 2011 11:00:59 -0700 

On 5/24/2011 12:06 PM, Victor Stinner wrote:

Le mardi 24 mai 2011 à 11:27 -0400, Terry Reedy a écrit :


+.. function:: RAND_bytes(num)
+
+   Returns *num* cryptographically strong pseudo-random bytes.
+
+   .. versionadded:: 3.3
+
+.. function:: RAND_pseudo_bytes(num)
+
+   Returns (bytes, is_cryptographic): bytes are *num* pseudo-random bytes,
+   is_cryptographic is True if the bytes generated are cryptographically
+   strong.
+
+   .. versionadded:: 3.3


I am curious what 'cryptographically strong' means, what the real
difference is between the above two functions, and how these do not
duplicate what is in random.random.


An important feature of a CPRNG (cryptographic pseudo-random number
generator) is that even if you know all of its output, you cannot
rebuild its internal state to guess next (or maybe previous number). The
CPRNG can for example hash its output using SHA-1: you will have to
"break" the SHA-1 hash (maybe using "salt").



So it is presumably slower. I still do not get RAND_pseudo_bytes, which 
somehow decides internally what to do.



 Another important feature is that even if you know the internal state,
you will not be able to guess all previous and next numbers, because the
internal state is regulary updated using an external source of entropy.
Use RAND_add() to do that explicitly.

We may add a link to Wikipedia:
http://en.wikipedia.org/wiki/CPRNG


That would be helpful


Read the "Requirements" section, it's maybe more correct than my
explanation:
http://en.wikipedia.org/wiki/CPRNG#Requirements

About the random module, it must not be used to generate passwords or
certificates, because it is easy to rebuild the internal state of a
Mersenne Twister generator if you know the previous 624 numbers. Since
you know the state, it's also easy to generate all next numbers. Seed a
Mersenne Twister PRNG doesn't help. See my Hasard project if you would
like to learn more about PRNG ;-)

We may also add a link from random to SSL.RAND_bytes() and
SSL.RAND_pseudo_bytes().


--
Terry Jan Reedy


_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com






















					Reply via email to