Am 18.06.2012 01:48 schrieb Paul Rubin:
Steven D'Aprano<steve+comp.lang.pyt...@pearwood.info> writes:
/dev/urandom isn't actually cryptographically secure; it promises not to
block, even if it has insufficient entropy. But in your instance...
Correct. /dev/random is meant to be used for long-lasting
cryptographically-significant uses, such as keys. urandom is not.
They are both ill-advised if you're doing anything really serious.
Hm?
> In practice if enough entropy has been in the system to make a key with
/dev/random, then urandom should also be ok.
Right.
> Unfortunately the sensible
interface is missing: block until there's enough entropy, then generate
data cryptographically, folding in new entropy when it's available.
What am I missing? You exactly describe /dev/random's interface.
Thomas
--
http://mail.python.org/mailman/listinfo/python-list
