[Python-ideas] Add adaptive-load salt-mandatory hashing functions?

Christian Heimes lists at cheimes.de
Thu Jun 14 00:33:51 CEST 2012

Am 13.06.2012 22:38, schrieb Barry Warsaw:
> I'd love to have a PBKDF2 implementation in the stdlib.  My flufl.password
> module has an implementation donated by security expert Bob Fleck.  Any
> insecure implementation bugs are solely blamed on me though. ;)
> http://bazaar.launchpad.net/~barry/flufl.password/trunk/view/head:/flufl/password/schemes.py#L171
> The API is a little odd because it fits into the larger API for
> flufl.password, but if it's useful, I'd happily cleanup and donate the code
> for the stdlib.  OTOH, I'd be just as happy (maybe more) to get rid of it in
> favor of a stdlib implementation.

At first glance your implementation is vulnerable to side channel
attacks because you aren't using a constant time equality function. Also
you are using the least secure variant of PBKDF2 (SHA-1 instead of
SHA-256 or SHA-512). At least you are using os.urandom() as source for
the salt, which is usually fine.

Passlib supports the LDAP variants, too. [1] Outside of LDAP the
established notation is $pbkdf2-digest$rounds$salt$checksum.


More information about the Python-ideas mailing list