1. Erik Grinaker
  2. Revelation
  3. Issues
Issue #82 new

Python random module should probably not be used for password generator

Brian Marshall
created an issue

Python docs for random http://docs.python.org/library/random.html say that:

The Mersenne Twister is one of the most extensively tested random number generators in existence. However, being completely deterministic, it is not suitable for all purposes, and is completely unsuitable for cryptographic purposes.

To me, this means that it's probably not a good idea to be using random.choice() and random.shuffle() as the only source of randomness in src/lib/util.py:generate_password(), since the passwords are potentially vulnerable to an informed attacker.

os.urandom() is the best bet, I think. It's already used for encrypting the file, are there any reasons why it shouldn't be used for generating secure passwords as well?

Comments (8)

  1. mikel

    os.urandom() is used at file encrypting level to provide a full random source as it won't be used by the user.

    The generate_password() is used to provide a password to the user so instead of using os.urandom() and then filter it to avoid some punctuation chars or chars like 'I/l' or '0/O' a custom password generation process. The generated password is checked using check_password function to confirm the validity of the generated password based on user needs (currently just length and punctuation chars can be modified by user).

  2. Brian Marshall reporter

    That's true, although check_password() isn't enough to ensure the strength of a password if the PRNG is flawed, even if the passwords appear random. The PRNG being used in this case is deterministic based on software state, and its results are potentially reproducible if enough info is known. That's not true of os.urandom().

    There's a random.SystemRandom class which implements the normal random functions but with os.urandom() as its source. I think that's the best solution.

  3. Brian Marshall reporter

    I thought I'd mention this here as well since it's related, but util.py:random_string() should probably be updated to use SystemRandom as well. Especially since random_string() is used for encryption in the datahandlers.

  4. Log in to comment