Security-wise, PBKDF2 is currently one of the leading key derivation functions, and has no known security issues. Though the original PBKDF2 specification uses the SHA-1 message digest, it is not vulnerable to any of the known weaknesses of SHA-1 , and can be safely used. However, for those still concerned, SHA-256 and SHA-512 versions are offered as well. PBKDF2-SHA512 is one of the three hashes Passlib recommends for new applications.
All of these classes can be used directly as follows:
>>> from passlib.hash import pbkdf2_sha256 >>> # generate new salt, encrypt password >>> hash = pbkdf2_sha256.encrypt("password") >>> hash '$pbkdf2-sha256$6400$0ZrzXitFSGltTQnBWOsdAw$Y11AchqV4b0sUisdZd0Xr97KWoymNE0LNNrnEgY4H9M' >>> # same, but with an explicit number of rounds and salt length >>> pbkdf2_sha256.encrypt("password", rounds=8000, salt_size=10) '$pbkdf2-sha256$8000$XAuBMIYQQogxRg$tRRlz8hYn63B9LYiCd6PRo6FMiunY9ozmMMI3srxeRE' >>> # verify the password >>> pbkdf2_sha256.verify("password", hash) True >>> pbkdf2_sha256.verify("wrong", hash) False
This class implements a generic PBKDF2-HMAC-SHA256-based password hash, and follows the Password Hash Interface.
It supports a variable-length salt, and a variable number of rounds.
except for the choice of message digest, this class is the same as pbkdf2_sha256.
An example pbkdf2_sha256 hash (of password):
All of the pbkdf2 hashes defined by passlib follow the same format, $pbkdf2-digest$rounds$salt$checksum.
The algorithm used by all of these schemes is deliberately identical and simple: The password is encoded into UTF-8 if not already encoded, and run through pbkdf2() along with the decoded salt, the number of rounds, and a prf built from HMAC + the respective message digest. The result is then encoded using ab64_encode().
|||The specification for the PBKDF2 algorithm - http://tools.ietf.org/html/rfc2898#section-5.2, part of RFC 2898.|
|||While SHA1 has fallen to collision attacks, HMAC-SHA1 as used by PBKDF2 is still considered secure - http://www.schneier.com/blog/archives/2005/02/sha1_broken.html.|