[cryptography] pypass, a HMAC-based passphrase generator

Jack Lloyd lloyd at randombit.net
Wed Sep 29 20:42:30 EDT 2010


On Wed, Sep 29, 2010 at 04:31:57PM -0700, travis+ml-rbcryptography at subspacefield.org wrote:
> Should I use PBKDF2 instead of hashing master pass?

Without it, it would be pretty easy for someone with access to a
single site password to go backwards. It would be slightly complicated
by not knowing the hint, but for most cases it would be pretty easy to
guess (example, example.com, and username at example.com would probably
be the most likely, in that order). And knowing the master secret
gives you everything, so...

One problem with using PBKDF2 is the requirement to have some salt,
which would seem to require keeping state - but you can just use the
hint + generation counter for that instead, and use the PBKDF2 output
directly. With the salt user-specified, as long as you kept the
iterations count constant you could remain state/configuration free
(for this reason I'd suggest a large value, at least 100K). Your
current scheme is, basically, PBKDF2 with an iteration count of one.

A usability suggestion: truncating to 12 chars by default is probably
fine; most sites don't like hugely long passes, and 12 chars * 6
bits/char = 72 bits, which almost certainly exceeds the entropy of the
passphrase anyway.

As to the module issue, I've used this PBKDF2 implementation in the
past: http://matt.ucc.asn.au/src/pbkdf2.py -- it's very small and
self-contained, easy to just include verbatim into your script.

-Jack



More information about the cryptography mailing list