trying to get hash from os.urandom

Discussion in 'Python' started by Grzegorz Smith, Jan 23, 2006.

  1. Hi all
    I'm writing small python module which will be a password generator. I read
    that python can use system random generator on machine whit *nix os. So i
    start using os.urandom and when i generate random string i get something
    like this: urandom(8) ->
    '\xec2a\xe2\xe2\xeb_\n',"\x9f\\]'\xad|\xe6\xeb",'\xb0\xf8\xd3\xa0>01\xaf'.
    How can I convert this to hash? i change python defaultencoding from ascii
    to utf-8 and try convert this to unicode object but I only get:
    '\xb4\xa8b\xed\xb9Y-\xf3'
    Any help i will appreciated. Does anyone use os.urandom to cryptography?
    Gregor
     
    Grzegorz Smith, Jan 23, 2006
    #1
    1. Advertising

  2. Grzegorz Smith

    Paul Rubin Guest

    Grzegorz Smith <> writes:
    > '\xec2a\xe2\xe2\xeb_\n',"\x9f\\]'\xad|\xe6\xeb",'\xb0\xf8\xd3\xa0>01\xaf'.
    > How can I convert this to hash? i change python defaultencoding from ascii
    > to utf-8 and try convert this to unicode object but I only get:


    Don't use totally arbitrary 8-bit characters in passwords. If you
    just want (say) random lowercase letters, do something like (untested):

    import string,os
    random_letter = string.lowercase[ord(os.urandom(1)) % 26]

    for as many letters as you want in the word.

    Note that the letters won't be perfectly equally probable because the
    character codes are 0..255 and you get some of the residues mod 26
    slightly more often than others. Obviously you can avoid that
    nonuniformity in various ways, but the effect on the password entropy
    is minimal even if you do nothing.

    IMO it's better to use words than strings of letters. Try something
    like (untested):

    import binascii,os
    short_words = [w.strip() for w in file('/usr/dict/words') if len(w) < 8]
    assert len(short_words) > 5000
    passphrase = []

    for i in range(2): # we will generate a 2-word phrase
    # generate a random 64 bit integer
    a = int(binascii.hexlify(os.urandom(8)), 16)
    passphrase.append(short_words[a % len(short_words)])
    passphrase = ' '.join(passphrase)

    If you want to use the phrase as a cryptography key, use 6 or so words
    instead of 2 words.

    > Any help i will appreciated. Does anyone use os.urandom to cryptography?


    Yes, all the time.
     
    Paul Rubin, Jan 23, 2006
    #2
    1. Advertising

  3. Grzegorz Smith

    Robert Kern Guest

    Paul Rubin wrote:

    > IMO it's better to use words than strings of letters. Try something
    > like (untested):
    >
    > import binascii,os
    > short_words = [w.strip() for w in file('/usr/dict/words') if len(w) < 8]
    > assert len(short_words) > 5000
    > passphrase = []
    >
    > for i in range(2): # we will generate a 2-word phrase
    > # generate a random 64 bit integer
    > a = int(binascii.hexlify(os.urandom(8)), 16)
    > passphrase.append(short_words[a % len(short_words)])
    > passphrase = ' '.join(passphrase)
    >
    > If you want to use the phrase as a cryptography key, use 6 or so words
    > instead of 2 words.


    Indeed. I like to generate {64,128}-bit-strong passphrases using the RFC1751
    module provided with pycrypto.

    --
    Robert Kern


    "In the fields of hell where the grass grows high
    Are the graves of dreams allowed to die."
    -- Richard Harter
     
    Robert Kern, Jan 23, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ron Peterson

    /dev/urandom vs. /dev/random

    Ron Peterson, Jan 7, 2005, in forum: C Programming
    Replies:
    21
    Views:
    1,544
    Keith Thompson
    Jan 13, 2005
  2. gert
    Replies:
    7
    Views:
    628
  3. rp
    Replies:
    1
    Views:
    539
    red floyd
    Nov 10, 2011
  4. Mike Boone
    Replies:
    0
    Views:
    150
    Mike Boone
    Dec 22, 2007
  5. Michele Dondi
    Replies:
    1
    Views:
    144
    Anno Siegel
    Feb 22, 2004
Loading...

Share This Page