Skip to content

Commit 4529546

Browse files
BethanyGBethanyG
authored
Updated instruction append and corrected formatting. (#4218)
1 parent 772e9be commit 4529546

2 files changed

Lines changed: 37 additions & 19 deletions

File tree

exercises/practice/diffie-hellman/.docs/instructions.append.md

Lines changed: 19 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,25 @@
1-
# Should I use random or secrets?
1+
# Instructions Append
22

3-
Python, as of version 3.6, includes two different random modules.
3+
## Should I use random or secrets here?
44

5-
The module called `random` is pseudo-random, meaning it does not generate
6-
true randomness, but follows an algorithm that simulates randomness.
7-
Since random numbers are generated through a known algorithm, they are not truly random.
5+
As of Python 3.6, there are two different modules for producing "random" numbers:
86

9-
The `random` module is not correctly suited for cryptography and should not be used,
7+
The module called [`random`][random] is [_pseudo-random_][pseudo-random], meaning it **does not** generate
8+
true randomness, but follows an algorithm that _simulates_ randomness.
9+
Since these "random numbers" are generated through a known algorithm, they are not truly random.
10+
As a result, th `random` module is not correctly suited for cryptography and should not be used,
1011
precisely because it is pseudo-random.
1112

12-
For this reason, in version 3.6, Python introduced the `secrets` module, which generates
13-
cryptographically strong random numbers that provide the greater security required for cryptography.
1413

15-
Since this is only an exercise, `random` is fine to use, but note that **it would be
16-
very insecure if actually used for cryptography.**
14+
The module called [`secrets`][secrets] generates
15+
[cryptographically strong][crypto-strong] "random" numbers that provide the greater security required for cryptography.
16+
They are still pseudo-random in the strictest sense — but they have guarantees that the numbers they produce are absolutely unpredictable.
17+
18+
19+
Since this is only a practice exercise, using the `random` module is fine, but note that **it would be
20+
very insecure if actually used for cryptography.**
21+
22+
[crypto-strong]: https://cryptobook.nakov.com/secure-random-generators/secure-random-generators-csprng
23+
[pseudo-random]: https://en.wikipedia.org/wiki/Pseudorandomness
24+
[random]: https://docs.python.org/3/library/random.html
25+
[secrets]: https://docs.python.org/3/library/secrets.html

exercises/practice/simple-cipher/.docs/instructions.append.md

Lines changed: 18 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,25 @@
1-
# Should I use random or secrets?
1+
# Instructions Append
22

3-
Python, as of version 3.6, includes two different random modules.
3+
## Should I use random or secrets here?
44

5-
The module called `random` is pseudo-random, meaning it does not generate
6-
true randomness, but follows an algorithm that simulates randomness.
7-
Since random numbers are generated through a known algorithm, they are not truly random.
5+
As of Python 3.6, there are two different modules for producing "random" numbers:
86

9-
The `random` module is not correctly suited for cryptography and should not be used,
7+
The module called [`random`][random] is [_pseudo-random_][pseudo-random], meaning it **does not** generate
8+
true randomness, but follows an algorithm that _simulates_ randomness.
9+
Since these "random numbers" are generated through a known algorithm, they are not truly random.
10+
As a result, th `random` module is not correctly suited for cryptography and should not be used,
1011
precisely because it is pseudo-random.
1112

12-
For this reason, in version 3.6, Python introduced the `secrets` module, which generates
13-
cryptographically strong random numbers that provide the greater security required for cryptography.
1413

15-
Since this is only an exercise, `random` is fine to use, but note that **it would be
14+
The module called [`secrets`][secrets] generates
15+
[cryptographically strong][crypto-strong] "random" numbers that provide the greater security required for cryptography.
16+
They are still pseudo-random in the strictest sense — but they have guarantees that the numbers they produce are absolutely unpredictable.
17+
18+
19+
Since this is only a practice exercise, using the `random` module is fine, but note that **it would be
1620
very insecure if actually used for cryptography.**
21+
22+
[crypto-strong]: https://cryptobook.nakov.com/secure-random-generators/secure-random-generators-csprng
23+
[pseudo-random]: https://en.wikipedia.org/wiki/Pseudorandomness
24+
[random]: https://docs.python.org/3/library/random.html
25+
[secrets]: https://docs.python.org/3/library/secrets.html

0 commit comments

Comments
 (0)