Tim Peters added the comment: Raymond, while I'm in general agreement with you, note that urandom() doesn't deliver "random" bytes to begin with. A CSPRNG is still a PRNG.
For example, if the underlying urandom() generator is ChaCha20, _it_ has "only" 512 bits of state. Seeding the Twister with 2500 bytes from urandom() far exceeds the maximum possible entropy that ChaCha20's comparatively tiny 64 bytes of state can deliver (but, yes, I'm ignoring the possibility that a good urandom() implementation may fold in fresh entropy during the time MT sucks out those 2500 bytes - nevertheless, MT's state is far larger). That's why I said earlier I could live with seeding from 128 bytes - twice the size of a currently trendy urandom() implementation's state. But I'll be happiest if nothing changes here (given that Guido ruled yesterday that Python's current urandom() implementation has to be reverted to once again match Linux's non-blocking urandom() behavior). ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue27272> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
