[Python-bugs-list] [ python-Bugs-502557 ] hmac module: default to sha, not md5
noreply@sourceforge.net
noreply@sourceforge.net
Fri, 11 Jan 2002 16:04:50 -0800
Bugs item #502557, was opened at 2002-01-11 16:04
You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=502557&group_id=5470
Category: Python Library
Group: Python 2.3
Status: Open
Resolution: None
Priority: 5
Submitted By: Jason R. Mastaler (jasonrm)
Assigned to: Nobody/Anonymous (nobody)
Summary: hmac module: default to sha, not md5
Initial Comment:
Currently the hmac module defaults to using the md5
module as its "digest module" (digestmod). I think a
better idea is to default to sha instead for the
following reasons:
* Unlike SHA-1, some partial breaks have been found in
the security of MD5. Section 1 of RFC 2104 describes
this and admits that SHA-1 is a cryptographically
stronger hash function.
* There is nothing in RFC 2104 that specifies or even
alludes to which hash function should be used by
default. So, given the weaknesses in MD5 and the fact
that we already have SHA-1 available, I think it makes
sense to use that by default instead.
I'll contribute a patch for this change if you'd like.
----------------------------------------------------------------------
You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=502557&group_id=5470