Which one is safer to use? uuid, binascii.hexlify (os.urandom ()) or random.SystemRandom ()?

Question

Which one is safer to use? uuid, binascii.hexlify (os.urandom ()) or random.SystemRandom ()?

I want to create unique <client-key> and <client-secret> for users who register for the service.

So, I searched the same and came up with the following options:

uuid
binascii.hexlify (os.urandom (x))
random.SystemRandom ()

This is a stupid question, but I want to know which implementation is safer to use (with the right explanation)? What for? And what are the advantages of using it over others?

Note:
AFAIK, random.SystemRandom() uses os.urandom(x) . Therefore, the comparison is mainly done between uuid and random.SystemRandom() .

Here is what I have tried so far:

1)

 import random temp = random.SystemRandom() random_seq = ''.join(temp.choice(CHARACTER_SET) for x in range(x)) >>> 'wkdnP3EWxtEQWnB5XhqgNOr5RKL533vO7A40hsin'

2)

 import uuid str(uuid.uuid4()) >>> 'f26155d6-fa3d-4206-8e48-afe15f26048b'

I am not sure about the solution. So any help would be appreciated.

PS It would be great if any solution were available for both Python 2.x and 3.x.

+6

python python-3.x python-2.7 random sequence

Mohsin Mar 03 '17 at 12:41

source share

1 answer

Jim fasarakis hilliard · Accepted Answer · 2017-03-03T12:51:47+0000

It does not matter, they all use os.urandom both Python 3 and uuid4 just create a new UUID , passing 16 random bytes to it :

 def uuid4(): """Generate a random UUID.""" return UUID(bytes=os.urandom(16), version=4)

therefore, in terms of how randomness is generated, they are no different.

Which one is safer to use? uuid, binascii.hexlify (os.urandom ()) or random.SystemRandom ()?

More articles: