Steven D'Aprano <steve+comp.lang.pyt...@pearwood.info> writes: >> /dev/urandom isn't actually cryptographically secure; it promises not to >> block, even if it has insufficient entropy. But in your instance... > > Correct. /dev/random is meant to be used for long-lasting > cryptographically-significant uses, such as keys. urandom is not.
They are both ill-advised if you're doing anything really serious. In practice if enough entropy has been in the system to make a key with /dev/random, then urandom should also be ok. Unfortunately the sensible interface is missing: block until there's enough entropy, then generate data cryptographically, folding in new entropy when it's available. http://web.archive.org/web/20081003041432/http://www.pinkas.net/PAPERS/gpr06.pdf has gory details of how random/urandom work. If you're really paranoid, get one of these: http://www.entropykey.co.uk/ -- http://mail.python.org/mailman/listinfo/python-list
