Search code examples
python-3.xrandom

What does secrets module do to make perfect random sequences in Python


Now I have a decent knowledge of math, and I know it's possible to create pseudo-random sequences using a specific mathematics algorithm. I also know that in Python, there is a secrets module that apparently can produce random numbers. I tried tweaking around with it a little, but I still don't understand how it's supposed to work. Lets say this piece of code:

import secrets

secret_num = secrets.choice([1, 2, 3])
print(secret_num)

It's supposed to output a perfectly random number. But how is that possible using computers?


Solution

  • The documentation for the secrets module says it produces "cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets". The documentation doesn't specify how it does so exactly.

    However, a usual requirement for "cryptographically strong random numbers" is that they should be hard to guess by outside attackers. To this end, the secrets module may rely on the random number generator provided by the operating system (as secrets.SystemRandom does, for example), and how that generator works depends in turn on the operating system. But in general, a random number generator designed for information security ultimately relies on gathering hard-to-guess bits from nondeterministic sources, as further explained in the following question: