On 15/11/13 18:42, Erik van Zijst wrote:
> How do people feel about this approach and should it be merged into
> Django? If not, then I can turn it into a library instead. Maybe at our
> size we're not in Django's sweet spot anymore. However, in their current
> version the recommended hashers are
On Tuesday, 19 November 2013 18:38:33 UTC-8, Wim Lewis wrote:
>
>
> On 19 Nov 2013, at 6:10 PM, Javier Guerra Giraldez wrote:
> > but still you get only SHA1-level strength, when the whole idea was to
> > switch to stronger crypto. if in your case SHA1 is enough, you can
> > simply keep using
On 19 Nov 2013, at 6:10 PM, Javier Guerra Giraldez wrote:
> but still you get only SHA1-level strength, when the whole idea was to
> switch to stronger crypto. if in your case SHA1 is enough, you can
> simply keep using it. if it's not enough, then you shouldn't be using
> it.
Well, it seems
Password hashing schemes are slow on purpose to prevent brute force.
Siphash wouldn't make sense because if you're switching for speed you
can just use any secure hash function.
crypt by default is much slower than PBKDF2 FWIW. You should tune the
work factor/iterations until it's fast enough
On Tue, Nov 19, 2013 at 8:48 PM, Erik van Zijst
wrote:
> You make a good point.
>
> An obvious fix would seem to be to add the username to the cache key. This
> way users cannot "use" another user's cache entry.
right, that would fix it. (i guess, i'm no security
You make a good point.
An obvious fix would seem to be to add the username to the cache key. This
way users cannot "use" another user's cache entry.
Cheers,
Erik
On Friday, 15 November 2013 11:41:43 UTC-8, Javier Guerra wrote:
>
> On Fri, Nov 15, 2013 at 2:27 PM, Marc Tamlyn
>
On Fri, Nov 15, 2013 at 2:27 PM, Marc Tamlyn wrote:
> That said, sounds an interesting solution and would make a good library.
> However I'm not knowledgeable enough to say if it is a good idea from a
> security perspective.
imagine this scenario:
an attacker gets the
I would suggest that's the kind of thing which is unlikely to get merged,
mainly for security reasons as someone could potentially configure it more
wrong than other things. It's also only useful or relevant for nonstandard
large deployments such as yourselves.
That said, sounds an interesting
We run bitbucket.org and are upgrading from SHA1 to BCrypt hashes. We offer
Basic Auth support which is used a lot. So much so that we can't handle the
increased load from these more expensive hashes. This has been the cause
behind a recent self-inflicted DOS.
BCrypt and PBKDF2 are ~4-5 orders