Will Python Systemrandom / Os.urandom Always Have Enough Entropy For Good Crypto
Solution 1:
There's a subtle difference between the output of /dev/random and /dev/urandom. As has been pointed out, /dev/urandom doesn't block. That's because it gets its output from a pseudo-random number generator, seeded from the 'real' random numbers in /dev/random.
The output of /dev/urandom will almost always be sufficiently random -- it's a high-quality PRNG with a random seed. If you really need a better source of random data, you could consider getting a system with a hardware random number generator -- my netbook has a VIA C7 in it, which can generate quite a lot of properly random data (I get a consistent 99.9kb/s out of /dev/random, 545kb/s out of /dev/urandom).
As an aside, if you're generating passwords then you might want to look at pwgen -- it makes nice pronounceable passwords for you :).
Solution 2:
/dev/random/ will block on read if it needs more entropy. /dev/urandom/ won't. So yes, if you use it too fast you'll run low on entropy. Probably still quite hard to guess, of course, but if you're really concerned you can read bytes from /dev/random/ instead. Ideally, with a non-blocking read loop and a progress indicator so you can move the mouse around and generate entropy if needed.
Solution 3:
You might want to read this about why /dev/urandom is the way to go:
Post a Comment for "Will Python Systemrandom / Os.urandom Always Have Enough Entropy For Good Crypto"