Another security question

Ben Bacarisse ben.usenet at bsb.me.uk
Fri Dec 23 08:33:53 EST 2016


"Frank Millman" <frank at chagford.com> writes:
<snip>
> ... Here are my thoughts on improving this.
>
> 1. Generate a 'salt' for each password. There seem to be two ways in
> the standard library to do this -
>    import os
>    salt = os.urandom(16)
>
>    import secrets
>    salt = secrets.token_bytes(16)
>
>    My guess is that it will not make much difference which I use.
>
> 2. Store the salt in the database along with the user-id and hashed
> password for each user.
>
> 3. Generate the password from the string supplied by the user as follows -
>    from hashlib import blake2b
>    password = blake2b('my_password'.encode('utf-8'), salt=salt).digest()
>
> The hashlib docs have the following warning -
>
> "Salted hashing (or just hashing) with BLAKE2 or any other
> general-purpose cryptographic hash function, such as SHA-256, is not
> suitable for hashing passwords. See BLAKE2 FAQ for more information."

As stated, this is confusing as BLAKE2's site lists several password
hashing schemes that use it!  The point is that you should not use
*only* a simple salted hash because it's too efficient and therefore
open to brute-force attacks.  The hashing schemes that use BLAKE2 are
deliberately designed to be costly.

> I propose to ignore this warning. I feel that, for my purposes, the
> above procedure is adequate.
>
> Does all this sound reasonable?

That depends on the purposes, of course, so it's hard to offer advice.

-- 
Ben.


More information about the Python-list mailing list