Reputation: 2627
Which one is more secure to use? uuid, binascii.hexlify(os.urandom()) or random.SystemRandom()?
I want to create unique <client-key> and <client-secret> for the users who registers themselves for the service.
So, I was searching for the same and came up with these options:
- uuid
- binascii.hexlify(os.urandom(x))
- random.SystemRandom()
It's a silly question but I want to know that which implementation is more secure to use (with proper explanation)? Why? And what are the advantages of using it over others?
Note:
AFAIK,
random.SystemRandom()usesos.urandom(x). So comparison is mainly betweenuuidandrandom.SystemRandom().
Here's what I've tried so far:
1)
import random
temp = random.SystemRandom()
random_seq = ''.join(temp.choice(CHARACTER_SET) for x in range(x))
>>> 'wkdnP3EWxtEQWnB5XhqgNOr5RKL533vO7A40hsin'
2)
import uuid
str(uuid.uuid4())
>>> 'f26155d6-fa3d-4206-8e48-afe15f26048b'
I'm not sure about the solution. So, any help would be appreciated.
P.S.
It'd be great if any solution is available for both Python 2.x and 3.x.
Upvotes: 10
Views: 1357
Answers (1)
Reputation: 160577
It does not make any difference, all are of them use os.urandom both in Python 3 and 2. uuid4 just instantiates a new UUID object by passing in 16 random bytes to it:
def uuid4():
"""Generate a random UUID."""
return UUID(bytes=os.urandom(16), version=4)
so from a standpoint of how the randomness is generated, these don't differ.
Upvotes: 11
Related Questions
- How to generate a random UUID which is reproducible (with a seed) in Python
- Safest way to generate a unique hash in Python
- How to generate 8 bytes unique random number in python?
- Whats the difference between os.urandom() and random?
- what is the difference between uuid4 and secrets token_bytes in python?
- Whats more random, hashlib or urandom?
- Python generate random: uuid v. md5 v. random which is most efficient or *inefficient*
- Which one better to use shortuuid or uuid?
- os.urandom or ssl.RAND_bytes?
- Comparing random and urandom