[Catalog-sig] Mandatory Reset of PyPI Passwords
Donald Stufft
donald.stufft at gmail.com
Wed Feb 13 21:54:27 CET 2013
On Wednesday, February 13, 2013 at 3:36 PM, Antoine Pitrou wrote:
> Donald Stufft <donald.stufft <at> gmail.com (http://gmail.com)> writes:
> >
> > Why is it worse? SHA1 isn't terribly broken AFAIK.
> >
> > Because you lower the available entropy, "birthday paradox".
>
> How so? Collisions are highly unlikely on a non-broken 160-bit hash function.
> I don't understand how the birthday paradox is a practical problem.
>
> Regards
>
> Antoine.
Sorry I was wrong about why. I asked the Security Researcher at work (I'm not
an expert, I just implement solutions the experts come up with ;) )
bcrypt(sha1(plaintext)) is bad because sha1 shouldn't be used because it's been
"broken". bcrypt(sha256(plaintext)) is better than just plain bcrypt(plaintext) because
because only considers a maximum number of characters (I believe it's in the 50's).
So basically bcrypt of a hash is secure as long as the hash is secure, but
sha1 shouldn't be considered secure anymore.
However Passlib doesn't have a bcrypt + hash backend and I would be loathe
to suggest PyPI permanently switch to a custom untested/not widely used
backend.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/catalog-sig/attachments/20130213/c0289d4e/attachment.html>
More information about the Catalog-SIG
mailing list