Home Did you know ? How to generate Cryptographically secure random numbers and data in Python

How to generate Cryptographically secure random numbers and data in Python

by Mic Johnson

In Python, we can generate random numbers by simply using the random module. However, the random numbers generated by using the several functions available from the random module are safeguarded cryptographically. A secure random number generator is essential and is widely used in the data security field.

This tutorial will discuss the several methods available to generate Cryptographically secure random numbers and data in Python.

Using the os.urandom() function

The os.urandom() function can be utilized to create a string that has a size random bytes. It is efficiently used in Cryptography. The quality of the data that is returned by this function depends on the implementation done by the device’s operating system.

This function is contained within the OS module that provides some essential functions to interact with the operating system of the device.

By default, the os.random() module creates a string that has random bytes. To convert the given string of random bytes into the data type that we want, the struct.unpack() function can be used. 

The syntax for the struct.unpack() function is:

<pre code = "Python">
    struct.unpack(format, buffer)
</pre>

This function contains two parameters:

  • The format parameter, which specifies the desired format in which we want to convert the given string of bytes.
  • The buffer parameter, which specifies the source of the bytes. In this case, the source of bytes is the os.urandom() function.

The following code uses the os.urandom() function along with the struct.unpack() function to generate cryptographically secure random numbers and data in Python.

<pre code = "Python">
    import os
    import struct
    print(struct.unpack('i', os.urandom(4)))
</pre>

The above code provides the following output:

<pre>
    (1777399085,)
</pre>

We should note that this program will generate a random value every time the user runs the code. Therefore, the output of this program might be different every time the code is run.

Using the random.SystemRandom class

The random.SystemRandom class indirectly uses the os.random() function for the purpose of generating random numbers with the help of sources that are provided by the operating system.

When we use the os.random() module, it returns a string of bytes which we then convert to our desired format. SystemRandom does this automatically and takes out the need for manual work.

The following code uses the random.SystemRandom class to generate cryptographically secure random numbers and data in Python.

<pre code = "Python">
from random import SystemRandom
x = SystemRandom()
print(x.random())
</pre>

The above code provides the following output:

<pre>
0.9991833919779453
</pre>

Explanation:

  • Firstly, the class is imported from the random module.
  • Then, the random.SystemRandom() function is utilized to create an instance of the SystemRandom class.
  • Finally, all the functions of the random module are available to use on the created instance.
  • In the above code, we use the random.random() function to help generate a random number between 0 and 1 in Python.

We should note that the random.SystemRandom class ultimately uses the os.random() function only, which means that the quality of data by using this way will only be as good as the implementation of the os.random() function by the system. 

Using the secrets module

The secrets module was first introduced in Python 3.6 and is utilized to generate secure and cryptographically stable random numbers and is used in important security-related data like passwords, security tokens, URLs, account authentication, etc.

It is known to be the most secure way available for generating random numbers for security purposes and is available to use in all the versions released after Python 3.6.

The secrets.randbelow(n) function is utilized to generate a random integer that will be in the range of 0 to n, n being the parameter that will be passed as an argument in the function.

The following code uses the secrets.randbelow() function to generate cryptographically secure random numbers and data in Python.

<pre code = "Python">
import secrets
x = secrets.randbelow(30)
print(x)
</pre>

The above code provides the following output:

<pre>
23
</pre>

If you want to generate a secure random number between 1 and 10 in python, you can use below code.

<pre code = "Python">
import secrets
x = secrets.randbelow(11)
print(x)
</pre>

The above code provides the following output:

<pre>
7
</pre>

The pseudo-random number generator, which particularly uses the random module, is better used in the fields of modeling and simulation, but when it comes to cryptography and security, the secrets module should be preferred to any other method as it provides the most secure data possible.

You may also like

Leave a Comment

Latest Hacking News