On Sat, 16 Jun 2012 19:15:34 -0700, Yesterday Paid wrote: > I'm making cipher program with random.seed(), random.random() as the key > table of encryption. > I'm not good at security things and don't know much about the algorithm > used by random module.
Start by reading the Fine Manual: http://docs.python.org/library/random.html which answers your question: "it is not suitable for all purposes, and is completely unsuitable for cryptographic purposes." Please don't write yet another broken cipher program that doesn't work. Use a proper one that has been mathematically analysed by professionals. I don't mean to cast aspersions on you, but any fool can write a cipher program that *they* can't break themselves. It takes many years of study to design a cipher that professionals can't break. At the very least, start with PyCrypto. http://pypi.python.org/pypi/pycrypto If all you want is to play around obfuscating data, you might be interested in my toy encryption module: http://pypi.python.org/pypi/obfuscate/ (which is also completely unsuitable for cryptographic purposes, but may be useful if you have some interest in the history of cryptography). > Is it really random or safe enough to keep my data safe? Safe from what? What is your threat model? Are you worried about your little sister reading your diary? Or the NSA discovering your plans to assassinate the President? Or something in between? Python's random module is not cryptographically strong, which means that it will probably take an organisation like the NSA, MI5, ASIO, Mossad, etc. about 10 or 20 minutes to crack your password. But your little sister will probably take a hundred million years to guess it. -- Steven -- http://mail.python.org/mailman/listinfo/python-list