Another new Python 3.6 feature is the addition of the secrets module, a replacement for random when generating cryptographically strong random numbers.
When creating random numbers for with passwords or encryption, the secret module will offer the most secure source of randomness that your operating system can provide.
The secrets module is broken into two sections, random numbers and generating tokens.
Random Numbers
- class secrets.SystemRandom
- secrets.choice(sequence)
- secrets.randbelow(n)
- secrets.randbits(k)
Generating Tokens
- secrets.token_bytes([nbytes=None])
- token_hex([nbytes=None])
- token_urlsafe([nbytes=None])
I'm not going to go into the use of these as this is more to bring awareness of the availability of the module than a complete tutorial on cryptography.
I will talk about the two most common parts of the module that will be most interesting to most.
class secrets.SystemRandom
The class SystemRandom offers the most secure known way of generating random numbers for the platform you are using.
Using secrets.SystemRandom is similar to using the random module.
import secrets
rnd = secrets.SystemRandom()
rnd.random()
You want to make sure you call SystemRandom class from secrets module as the random module also has a SystemRandom.
secrets.choice(sequence)
The last part of the module I will go over is the choice method. This method securely returns a random element from a sequence. This is useful when automatically generating random alphanumeric passwords or any random sequence based on an existing sequence.
import secrets
import string
alphanumeric = string.ascii_letters + string.digits
secrets.choice(alphanumeric)
This will return a random letter/numeric from the sequence alphanumeric which consists of all US alphabet characters (upper and lower) and the numbers 0-9.
Keep in mind these class and functions exist in the random module so make sure you prefix all calls with secrets to assure you are using the correct module.
You can read more about the secrets module here
My Python Tips Series
Why you should vote me as witness
Witness & Administrator of four full nodes
My recent popular posts
STEEM, STEEM Power, Vests, and Steem Dollars. wtf is this shit?
The truth and lies about 25% curation, why what you know is FAKE NEWS
WTF is a hardware wallet, and why should you have one?
GINABOT - The Secret to your Sanity on Steemit
How to calculate post rewards
Use SSH all the time? Time for a big boy SSH Client
How to change your recovery account
How curation rewards work and how to be a kick ass curator
Markdown 101 - How to make kick ass posts on Steemit
Work ON your business, not in your business! - How to succeed as a small business
You are not entitled to an audience, you need to earn it!
How to properly setup SSH Key Authentication - If you are logging into your server with root, you are doing it wrong!
Building a Portable Game Console
Upvote and resteemid done man
I showed my friend this python secret and he is more than happy... Nice one
@themarkymark, have you seen @berniesanders' post? Also, @buildawhale upvoted it.
Great post! This 'secret' library sounds perfect for password, private key, and token generation.
Yes, I did.
@themarkymark you not witness yet? for some reason I thught that you a witness
I am a witness.
got confused because of the animation where Malcolm Reynolds shooting to vote
What is the difference between running a full node and running a witness node? I've seen people say that this is two different things. Are you a witness if you run a witness node or a full node? I'm bit confused.
Witness node is what produces blocks and is used to secure the blockchain.
A full node is what is used to handle calls to the blockchain. It hosts the API to allow applications to query the blockchain and to make changes.
Then you have a seed node which is read only to help speed up the network.
Ok that makes sense. Thanks for the info. Is there anywhere where I can go to like a discord channel or some forum where the witnesses interact with each other? I am very interested in becoming a witness, I just can't afford a sizable server at the moment, but I have a few years of unix sysadmin experience both Linux and BSD. I would like to chat to the other witnesses and potentially become one in the future if I can afford a bigger server.
Nice article and all, but I still wouldn't wanna use python for generating cryptographic secrets just because of personal paranoia. Would be curious to see where secrets gets its entropy from.
Btw have a look at : https://www.random.org/
I found a python wrapper for their JSON RPC service which can be used to generate passwords etc. See: https://github.com/mitchchn/randomapi
That being said be very careful when generating cryptographic secrets or when generating entropy.
Always remember that entropy cannot be detected, but the lack of entropy can be detected.
Cool! I'm pretty sure I had heard of this module before, but I don't often program with Python 3.6 in mind. I'll have to try to remember to add some conditionals for when a script using randomness and encryption is run on Python 3.6.
Great article. This library will help us generating password, secret codes.