exercism · cmccandless · Oct 24, 2017 · Oct 21, 2017 · Oct 24, 2017 · N-Parsons
diff --git a/exercises/diffie-hellman/.meta/hints.md b/exercises/diffie-hellman/.meta/hints.md
@@ -0,0 +1,16 @@
+## Should I use random or secrets?
+
+Python, as of version 3.6, includes two different random modules.
+
+The module called `random` is pseudo-random, meaning it does not generate
+true randomness, but follows an algorithm that simulates randomness.
+Since random numbers are generated through a known algorithm, they are not truly random.
+
+The `random` module is not correctly suited for cryptography and should not be used,
+precisely because it is pseudo-random.
+
+For this reason, in version 3.6, Python introduced the `secrets` module, which generates
+cryptographically strong random numbers that provide the greater security required for cryptography.
+
+Since this is only an exercise, `random` is fine to use, but note that **it would be
+very insecure if actually used for cryptography.**
diff --git a/exercises/diffie-hellman/README.md b/exercises/diffie-hellman/README.md
@@ -37,9 +37,22 @@ Bob calculates
 The calculations produce the same result!  Alice and Bob now share
 secret s.
 
-## Notes
+## Should I use random or secrets?
 
-Python, as of version 3.6, includes two different random modules. The module called `random` is pseudo-random, meaning it does not generate true randomness, but follows and algorithm that simulates randomness. Since random numbers are generated through a known algorithm, they are not truly random. The `random` module is not correctly suited for cryptography and should not be used, because it is pseudo-random. In version 3.6, Python introduced the `secrets` module, which generates cryptographically strong random numbers that provide the greater security required for cryptography. Since this is only an exercise, `random` is fine to use, but note that it would be very insecure if actually used for cryptography.
+Python, as of version 3.6, includes two different random modules.
+
+The module called `random` is pseudo-random, meaning it does not generate
+true randomness, but follows an algorithm that simulates randomness.
+Since random numbers are generated through a known algorithm, they are not truly random.
+
+The `random` module is not correctly suited for cryptography and should not be used,
+precisely because it is pseudo-random.
+
+For this reason, in version 3.6, Python introduced the `secrets` module, which generates
+cryptographically strong random numbers that provide the greater security required for cryptography.
+
+Since this is only an exercise, `random` is fine to use, but note that **it would be
+very insecure if actually used for cryptography.**
 
 ### Submitting Exercises
 

diff --git a/exercises/simple-cipher/.meta/hints.md b/exercises/simple-cipher/.meta/hints.md
@@ -0,0 +1,16 @@
+## Should I use random or secrets?
+
+Python, as of version 3.6, includes two different random modules.
+
+The module called `random` is pseudo-random, meaning it does not generate
+true randomness, but follows an algorithm that simulates randomness. 
+Since random numbers are generated through a known algorithm, they are not truly random. 
+
+The `random` module is not correctly suited for cryptography and should not be used, 
+precisely because it is pseudo-random. 
+
+For this reason, in version 3.6, Python introduced the `secrets` module, which generates
+cryptographically strong random numbers that provide the greater security required for cryptography. 
+
+Since this is only an exercise, `random` is fine to use, but note that **it would be 
+very insecure if actually used for cryptography.**
diff --git a/exercises/simple-cipher/README.md b/exercises/simple-cipher/README.md
@@ -83,6 +83,23 @@ on Wikipedia][dh] for one of the first implementations of this scheme.
 [1]: https://upload.wikimedia.org/wikipedia/commons/thumb/4/4a/Caesar_cipher_left_shift_of_3.svg/320px-Caesar_cipher_left_shift_of_3.svg.png
 [dh]: http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
 
+## Should I use random or secrets?
+
+Python, as of version 3.6, includes two different random modules.
+
+The module called `random` is pseudo-random, meaning it does not generate
+true randomness, but follows an algorithm that simulates randomness.
+Since random numbers are generated through a known algorithm, they are not truly random.
+
+The `random` module is not correctly suited for cryptography and should not be used,
+precisely because it is pseudo-random.
+
+For this reason, in version 3.6, Python introduced the `secrets` module, which generates
+cryptographically strong random numbers that provide the greater security required for cryptography.
+
+Since this is only an exercise, `random` is fine to use, but note that **it would be
+very insecure if actually used for cryptography.**
+
 ### Submitting Exercises
 
 Note that, when trying to submit an exercise, make sure the solution is in the `exercism/python/<exerciseName>` directory.