[Python-bugs-list] [ python-Bugs-502557 ] hmac module: default to sha, not md5
noreply@sourceforge.net
noreply@sourceforge.net
Wed, 06 Mar 2002 20:21:57 -0800
Bugs item #502557, was opened at 2002-01-11 17:04
You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=502557&group_id=5470
Category: Python Library
Group: Python 2.3
Status: Closed
Resolution: Wont Fix
Priority: 5
Submitted By: Jason R. Mastaler (jasonrm)
Assigned to: Nobody/Anonymous (nobody)
Summary: hmac module: default to sha, not md5
Initial Comment:
Currently the hmac module defaults to using the md5
module as its "digest module" (digestmod). I think a
better idea is to default to sha instead for the
following reasons:
* Unlike SHA-1, some partial breaks have been found in
the security of MD5. Section 1 of RFC 2104 describes
this and admits that SHA-1 is a cryptographically
stronger hash function.
* There is nothing in RFC 2104 that specifies or even
alludes to which hash function should be used by
default. So, given the weaknesses in MD5 and the fact
that we already have SHA-1 available, I think it makes
sense to use that by default instead.
I'll contribute a patch for this change if you'd like.
----------------------------------------------------------------------
>Comment By: Jason R. Mastaler (jasonrm)
Date: 2002-03-06 21:21
Message:
Logged In: YES
user_id=85984
> (I suppose that there's no easy way to tell
> which algorithm was used to create a digest?
> Otherwise changing the default wouldn't be a
> problem.)
Well, the digests are different sizes depending on
which hash function was used. 16-byte string
for md5 and a 20-byte string for sha.
I suppose I don't see what you are getting at
though?
----------------------------------------------------------------------
Comment By: Jason R. Mastaler (jasonrm)
Date: 2002-03-06 21:16
Message:
Logged In: YES
user_id=85984
> I confess that defaulting to md5 probably wasn't a
> very good idea.
[...]
> I propose to close this as "WontFix".
So, you make a poor decision, and Python users are
stuck with it forever? Forget about Python 2.2,
but why not change it for 2.3 and beyond?
----------------------------------------------------------------------
Comment By: Guido van Rossum (gvanrossum)
Date: 2002-03-06 19:17
Message:
Logged In: YES
user_id=6380
OK, closed as suggested by Gerhard. (I suppose that there's
no easy way to tell which algorithm was used to create a
digest? Otherwise changing the default wouldn't be a
problem.)
----------------------------------------------------------------------
Comment By: Gerhard Häring (ghaering)
Date: 2002-03-06 19:07
Message:
Logged In: YES
user_id=163326
As the one who submitted the hmac module originally, I
confess that defaulting to md5 probably wasn't a very good
idea. As for the background: I wrote the hmac module in the
context of an smtp auth patch to smtplib, where I only
really needed auth-cram md5. I also haven't yet seen hmac
used for sha or ripemd160 in the wild. But that's not my point.
The module is part of Python since 2.2 and people might
already using the hmac module with its current defaults. So,
changing the defaults at this point will almost certainly
break existing code, which is unacceptable.
Btw. people who are into security and need a bullet-proof
hmac algorithm aren't very likely to use the defaults anyway.
Next time I submit something to the Python standard library,
I'll try to remember that "explicit is better than
implicit", as Tim Peters put it once.
I propose to close this as "WontFix".
----------------------------------------------------------------------
You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=502557&group_id=5470