Mike Brown wrote: > I have questions about thread safety in the 'random' module. > > When using the random.Random class (be it Mersenne Twister or Wichmann-Hill > based), is it sufficiently thread-safe (preserving entropy and guarding > against attack) to just have each thread work with its own random.Random > instance? Or do I need to wrap my calls to each instance's methods to use > locks? Wichmann-Hill in particular has the warning in its .random() > vulnerability; do I need to make an exception for that case?
Thread-safety has nothing to do with preserving entropy or guarding against attack. All of the entropy in an MT sequence is contained in the seed (upto 624 bytes) and that entropy is preserved through all subsequent calls. Create unique instances of MT generators when you want to be able to reproduce the sequence later. Nothing in the random module provides cryptographic guarantees. If you want crypto-strength, then use real encryption. Search SourceForge for patches that show how to use MD5 and other cryptographic hash functions as a basis for random number generation. As far as I'm concerned, there is no reason other than backwards compatability to use the Wichmann-Hill generator -- the Mersenne Twister is a much better generator. Raymond -- http://mail.python.org/mailman/listinfo/python-list