Chris Angelico <ros...@gmail.com> writes: > On Tue, Nov 20, 2018 at 7:31 AM Robert Girault <r...@dev.null> wrote: >> Nice. So Python's random.random() does indeed use mt19937. Since it's >> been broken for years, why isn't it replaced by something newer like >> ChaCha20? Is it due to backward compatibility? That would make sense. > > What exactly do you mean by "broken"?
I mean the fact that with 624 samples from the generator, you can determine the rest of the sequence completely. Sorry about mentioning ChaCha20. That was misleading. I should've said something newer like mrtg32k3a or xorshift*. > If you're generating random numbers for any sort of security purpose, > you probably should look at this: > > https://docs.python.org/3/library/secrets.html > > (New in 3.6, though, hence the "probably". If you need to support 3.5 > or older - including 2.7 - then you can't use that.) Thanks for the reference! I'm not particularly interested in security at the moment, but I would like an expert's confirmation that some of these algorithms arent't replaced due to backward compatibility. We could easily replace them, but I think we shouldn't: some people still depend on these algorithms for their experiment. Are there other reasons? -- https://mail.python.org/mailman/listinfo/python-list
