top | item 10913619

(no title)

It uses the PyCrypto package to generate random numbers. The Random class is a Fortuna generator seeded with 8 bytes from the system RNG, the PID, and time: https://github.com/dlitz/pycrypto/blob/master/lib/Crypto/Ran...

I doubt eight bytes is enough for cryptography...

If you need random bytes in Python, use os.urandom:

    secret = os.urandom(32)

https://docs.python.org/2/library/os.html#os.urandom

discuss

michwill|10 years ago

Uhh. I'd think, Crypto.Random is supposed to be secure: """Return the specified number of cryptographically-strong random bytes."""

Pretty sad if it is not the case! Interestingly enough, RNG in pycryptodome which I was using for zerodb is urandom. https://github.com/Legrandin/pycryptodome/blob/master/lib/Cr...

Would be interesting to see similar gotchas about that library (though everybody uses PyCrypto, that makes me feel a little paranoid!)

technion|10 years ago

It says something if you're using a package called PyCrypto for RNG and that happens to be an insecure approach. You would think with that name it was the right way to do it.