Capture more entropy in random key generation

[mflaxman]

Hey @vbuterin, awesome library you've created. Thanks for putting it out there!

I was making some changes to bitmerchant and come across what I think is a weakness in your library. It's only a minor flaw, but I don't think this is behaving as you intended. Please see commit to understand what I'm doing, here is an example for clarity:

In [1]: import time

In [2]: example = time.time()

In [3]: example
Out[3]: 1399315452.479661

In [4]: int(example)  # destroys trailing 6 digits after decimal and makes this 10**6 times easier to brute-force
Out[4]: 1399315452

In [5]: int(example)**7  # not effective at preventing a brute force attack, as raising an int to the power of 7 is a trivial operation
Out[5]: 10505322981003921900367286428848137945904829534197528783971401728L

In [6]: int(example*1000000)  # captures all 6 trailing digits
Out[6]: 1399315452479661

The odds of a compromised CSPRNG are low, but I think this PR only improves pybitcointools with no downsides. I think your usage of time.time() is really clever, and this PR will improve the efficacy of that technique by 10**6.

You can see the bitmerchant discussion here.

---

As a side note, I'm not sure I agree with using random.randrange here. From the docs:

Warning: The pseudo-random generators of this module should not be used for security purposes. Use os.urandom() or SystemRandom if you require a cryptographically secure pseudo-random number generator.

Since it's adding entropy, I can't see it doing any harm either.

[reiven]

Nice proposal @mflaxman !

[mflaxman]

Thanks @reiven!

[vbuterin]

Done, thanks!

https://github.com/vbuterin/pybitcointools/commit/82359ba9992a146c67be97d5c01ea1a2488bd226

On Tue, Aug 12, 2014 at 4:50 PM, Michael Flaxman notifications@github.com wrote:

Thanks @reiven https://github.com/reiven!

— Reply to this email directly or view it on GitHub https://github.com/vbuterin/pybitcointools/pull/20#issuecomment-51975271 .