Cleaner key generation about book-tdd-web-dev-python HOT 6 CLOSED

Hi Nick. Wow. Neat. And Hardcore!

I like the fact that it makes the entropy really easy to see, but I worry it's a bit harder to understand for non crypto experts. Not everyone knows what base-64 encoding is, and the 256 // 8 is just baffling if you don't guess that the author is trying to make the entropy explicit...

How strongly do you feel about it? I don't want to discourage one of my very rare contributors by rejecting this outright...

How are you enjoying the book anyways?

from book-tdd-web-dev-python.

From the implementation side of things, the base64 version is faster, less obscure (have a look at how .choice() is implemented and try to find out exactly how many bytes are being read from urandom to see what I mean) and less wasteful on urandom data.

In terms of readability and educating the reader about what exactly happens, I think the original version is still better.

Note that the base64 version only reads 32 bytes from urandom, whereas the choice based one reads at least 50 bytes and then throws away the top 2 bits of each byte. The base64 one has 256 ** 32 possible keys, the original one 50 ** 50 keys - several orders of magnitude more. The base64 version would need to read 36 bytes to give the same number of possibilities - which is actually better than the choice based one, since you save >=14 urandom bytes input and the key length is only 48 bytes.

Regarding the idea of os.urandom(n) returning 8 * n bits of entropy, I don't think this is true, but then the term "entropy" has too many meanings depending on who you ask anyway ;-) See e.g. http://www.2uo.de/myths-about-urandom/ for one set of views on this.

from book-tdd-web-dev-python.

Love the book, it's helping me to break some habits (YAGNI, etc :P) as well as giving me a good walk-through of the testing functionality inside of Django (which I knew was there, but never really figured out). Speaking of Django, with a look at their SECRET_KEY generation in startproject, it's evident where you got that snippet from ;)

To calculate bits of entropy, strength, whatever...: length * log2(n_symbols). So for a 50-length string of 50 symbols, 50 * log2(50) = 282.2 bits, versus the (arbitrarily chosen, but can also be arbitrarily rechosen) 256 bits (= 32 * log2(256) ~= 43 * log2(64)). Up it to 384 perhaps, but 256 is plenty strong nowadays.

For orders, every 3.3 bits is equivalent to a power of 10 (because log2(10) = 3.32). To convert bits to combinations, just do 2**x, but talking in bits is usually more convenient and comparable to other things.

Both methods use the same PRNG source, so there is no difference in some side-channel(?) attack that exploits the weakness of the RNG.

from book-tdd-web-dev-python.

Marc-Andre (hi!), Nick, thanks very much, this has been very good for my edumecation. Am reminded of Larry Hastings' talk on PRNGs... https://duckduckgo.com/?q=larry+hastings+random+numbers&ia=videos

Hope no-one's offended if I close this and leave the code as-is?

from book-tdd-web-dev-python.

I'm OK with it for now. I'm being kinda nit-picky, but I'd do up a PR for funsies if you'd be receptive. I'm not sure how to do so against the myriad branches...

from book-tdd-web-dev-python.

I don't really want to change the version in the book, but it's an interesting discussion -- I'll tell you what, if you want to write up a blog post about it, explaining your alternative, and writing up a bit of the discussion about pros + cons, entropy, etc, then I could link to it from the book, in a little note maybe?

Or I could just link to this PR discussion, if you're not big on blogging...

from book-tdd-web-dev-python.