The Secrets Module of Python
A unique module explained with some programs
One of the most interesting built-in modules in Python is secrets which were released in Python 3.6. It is popularly known to produce data that are close to true randomness. With the help of this package, you can produce cryptographically strong data. Some data produced with this method can be used in passwords, tokens, OTP( One Time Password). In this article, let us learn about the secrets module and its methods and how it is different from random modules.
Why is the secrets module better than the random module? Although you can generate random data from a random module, it is not non-deterministic data. Data that is produced from the random modules can be determined easily by finding the seed that is used to produce the data. Any data that can be determined cannot be considered secure data. Secrets module is an excellent secure source to produce random data.
Secrets choice Method:
A program to generate a 7 digit OTP(One Time Password) with secrets package:
This module produces data that are strong and it is from a secure source of randomness. OTP is used for some secure transactions, it is crucial to produce strong cryptographic data.
import secrets
import string
OTP = ''
digit = string.digits
for i in range(6):
OTP +=str(''.join(secrets.choice(digit)))
print(OTP)
Output:
Secrets compare_digest Method:
A program to use compare_digest and avoid timing attacks using
A timing attack is a type of security attack which uses time to determine secure data like passwords. This attack determines a password or a token using the time required for a processor to compare the character in the password in its database with the input password. With compare_digest you can reduce the risk of timing attack.
import secrets
print(secrets.compare_digest('password123','password123'))
It returns an output as True. It works similarly to string comparison.
Secrets token_urlsafe Method:
A program to create a secure link to reset a password
We require a secure link for some data transactions or password reset. By using this method we can produce that link that is secure. With this method, you can pass the required bytes as attributes. In the example notice that 7 bytes of the token should be the output.
print(dir(secrets))
url = 'https://mywebsite.com/reset=' + secrets.token_urlsafe(7)
print(url)
Output:
Secrets randbelow() method
A program to generate an integer below the specified value.
The randbelow()
method returns data below the given value. By specifying the exclusive upper bound we exclude the value specified and only the values below it are allowed. In my example, I have specified an exclusive upper bound condition and the output must be below 5.
import secrets
num = secrets.randbelow(exclusive_upper_bound=5)
print(num)
Output: It will return a random integer below 5.
Secrets randbit method:
A program to return a random integer in the 8 bits range
The randbit method returns a random integer value in the specified bits. In the example, we require a random number in 8 bits and the output must be in the [0–255] range.
import secrets
num = secrets.randbits(8)
print(num)
Output: It returns a random integer between [0–255].
Program to check all the methods present in the Secrets module:
Check all the methods present in the secrets module. These methods associated with the secrets module are interesting. Try working with the module and produce random data with the secrets module.
import secrets
print(dir(secrets))
Conclusion: There are few methods with which you can produce random data like random method, HRNG( hardware random number generator). But only by using the secrets module, you can produce data that is strong cryptographic data because of a secure source of randomness. For the complete documentation check this link.
Here is a link for a subscription to read thousands of articles with Medium. Please consider subscription and support many writers.