Will python SystemRandom / os.urandom always have enough entropy for good crypto

Question

I have a password generator:

import random, string

def gen_pass():
    foo = random.SystemRandom()
    length = 64
    chars = string.letters + string.digit         


        

Answer 1

There's a subtle difference between the output of /dev/random and /dev/urandom. As has been pointed out, /dev/urandom doesn't block. That's because it gets its output from a pseudo-random number generator, seeded from the 'real' random numbers in /dev/random.

The output of /dev/urandom will almost always be sufficiently random -- it's a high-quality PRNG with a random seed. If you really need a better source of random data, you could consider getting a system with a hardware random number generator -- my netbook has a VIA C7 in it, which can generate quite a lot of properly random data (I get a consistent 99.9kb/s out of /dev/random, 545kb/s out of /dev/urandom).

As an aside, if you're generating passwords then you might want to look at pwgen -- it makes nice pronounceable passwords for you :).

Answer 2

/dev/random/ will block on read if it needs more entropy. /dev/urandom/ won't. So yes, if you use it too fast you'll run low on entropy. Probably still quite hard to guess, of course, but if you're really concerned you can read bytes from /dev/random/ instead. Ideally, with a non-blocking read loop and a progress indicator so you can move the mouse around and generate entropy if needed.

Answer 3

You might want to read this about why /dev/urandom is the way to go:

http://www.2uo.de/myths-about-urandom/