[pycrypto] random.uniform() method

Dwayne Litzenberger dlitz at dlitz.net
Wed Oct 10 05:15:06 EDT 2012


On Fri, Jul 13, 2012 at 09:05:07AM -0700, Artem wrote:
>Tell me please, is there a way to use random.uniform() or 
>random.random() with PyCrypto?

No.  We deliberately omitted all of the functions that return 
floating-point values from Crypto.Random.random, because they are not 
suitable for cryptographic purposes.

For example, you might think that 2**128 * random.random() has 128 bits 
of entropy, but the entropy is actually limited to the length of the 
mantissa of the double-precision binary floating-point format 
(approximately 52 bits), minus any bits lost during the conversion or 
the multiplication.

If you really wanted floating-point values, you could perhaps do 
something like this:

     random.randrange(100000) / 100.0

That will give one of 100,000 different possible floating-point numbers 
between 0 and 999.99.  However, this still doesn't work when you want 
the large numbers of possibilities that you need for cryptographic 
purposes.

A better idea might be to feed the result of random.randrange() into 
decimal.Decimal (paying close attention to the notes about precision 
settings).

But really, if you need strong random numbers, it's best to just avoid 
decimal points altogether.

What is this for?  Maybe, with more context, we could be more helpful.

Cheers,
- Dwayne

-- 
Dwayne C. Litzenberger <dlitz at dlitz.net>
  OpenPGP: 19E1 1FE8 B3CF F273 ED17  4A24 928C EC13 39C2 5CF7


More information about the pycrypto mailing list