Opened 9 years ago

Last modified 9 years ago

#4468 enhancement new

— at twisted.python.randbytesVersion 1

Reported by: zooko Owned by: Glyph
Priority: normal Milestone:
Component: core Keywords: security
Cc: zooko, zooko@…, Thijs Triemstra Branch:
Author:

Description (last modified by Jean-Paul Calderone)

[source:twisted/python/randbytes.py] doesn't seem to offer a lot of functionality over os.urandom, except for two misfeatures:

  1. The option of setting fallback=True so that it will automatically fallback to insecure random numbers if it can't generate secure ones. This is a terrible idea that nobody should ever do. Behavior like that is one of the causes of the Debian OpenSSL Fiasco, for example. If anyone has a legitimate use case for this behavior I would be fascinated to hear it.
  2. The option of using PyCrypto's Crypto.Util.randpool if it is present. randpool is deprecated (according to the announcement at the top of http://www.dlitz.net/software/pycrypto/ on this date, which references this mailing list thread). I've looked at randpool a bit, and it doesn't offer any advantage over os.urandom that I can see other than the option of falling back to insecure random number generation if it can't generate secure random numbers. randpool also has a lot of other code to do some useless things about estimating entropy, sampling the current clock, and so on. I can't be sure that I understood its source code because that other stuff made it hard to understand the part I was interested in. The latest git version of PyCrypto comes with this warning: "Deprecated. Use Random.new() instead. See http://www.pycrypto.org/randpool-broken". However that link gives me a 404 Not Found.

I suspect both of these modules predate the os.urandom module that was introduced in Python 2.4. Now that Twisted no longer supports Python 2.3, perhaps the time has come to deprecate twisted.python.randbytes in favor of os.urandom.

Change History (1)

comment:1 Changed 9 years ago by Jean-Paul Calderone

Description: modified (diff)
Summary: twisted.python.randpooltwisted.python.randbytes

How about other platforms, where there is no /dev/urandom? Does Python automatically make os.urandom use whatever platform-specific random source they provide? How about future platforms which won't provide this? Or a future Linux replacement for /dev/urandom that's completely superior?

Getting rid of the non-cryptographic fallback may be a good idea, but I don't think completely eliminating this module makes sense. It's a good API for centralizing our decisions about which random number generator to use.

Note: See TracTickets for help on using tickets.