[pycrypto] What to do about RandomPool

Dwayne C. Litzenberger dlitz at dlitz.net
Tue Aug 5 21:48:52 CST 2008


On Tue, Jul 22, 2008 at 08:08:17AM -0700, Paul Hoffman wrote:
> Would there be any objection to replacing RandomPool with a simple 
> wrapper around os.urandom? A quick benchmark shows that reading from 
> /dev/urandom on Linux is about 10-50x faster than using RandomPool.

Although nobody objected here, a few people on ##crypto (irc.freenode.net) 
didn't seem too thrilled with the idea, and as I work more on PyCrypto, I'm 
thinking that just replacing RandomPool from under people might not be such 
a great idea.  For one thing, it would break the few people's code who were 
actually using it correctly, which I think is somewhat unfair to them.

Instead, I think I'll just issue a DeprecationWarning when the randpool 
module is imported.

Also, after looking a bit more at OS-provided random generators, I'm 
starting to think that just returning their output might not be such a 
great idea.  There just doesn't seem to be any reason to trust them very 
far.

What I think I'll do is provide a Fortuna implementation, then provide a 
proper RNG on top of Fortuna that runs in its own thread and updates itself 
periodically.  Furthermore, whenever its .get_bytes() method is called, it 
will request random bytes from the OS and XOR them with Fortuna's output 
before returning them.  That way, as long as either of them produces random 
numbers, the output will be random.

But first I need to recover my Fortuna implementation from an older copy, 
since "bzr rebase" just deleted my current version.  I have tried to be 
patient with bzr, but this might be the last straw that makes me finally 
switch to git.

-- 
Dwayne C. Litzenberger <dlitz at dlitz.net>
  Key-signing key   - 19E1 1FE8 B3CF F273 ED17  4A24 928C EC13 39C2 5CF7
  Annual key (2008) - 4B2A FD82 FC7D 9E38 38D9  179F 1C11 B877 E780 4B45
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.dlitz.net/pipermail/pycrypto/attachments/20080805/75504984/attachment.pgp 


More information about the pycrypto mailing list