[Cryptography-dev] Is SHA-1 secure when used in HMAC and PBKDF2?
Paul Kehrer
paul.l.kehrer at gmail.com
Wed Mar 15 17:14:17 EDT 2017
Echoing Alex's comments, SHA1's problems do not affect HMAC constructions
so there's no current security issue. That said, optics in cryptography can
be important (as you're seeing with your user requests now). You will save
yourself a great deal of low grade noise in the future by simply switching
now.
On March 15, 2017 at 1:53:24 PM, Alex Gaynor (alex.gaynor at gmail.com) wrote:
Hi David,
You're correct that HMAC's security is still fine when used with SHA-1,
HMAC-MD5 is even secure believe it or not.
That said, I'd generally recommend people migrate to HMAC-SHA-256 anyways,
to make analyzing their software easier.
Alex
On Wed, Mar 15, 2017 at 1:48 PM, David Lord <davidism at gmail.com> wrote:
> Hello cryptography,
>
> Over at the Flask repos, we've had a number of requests to use SHA-256
> instead of SHA-1 in a couple places.
> Werkzeug defaults to SHA-1 as part of PBKDF2 to generate password hashes.
> ItsDangerous defaults to SHA-1 as part of HMAC signatures.
>
> After some discussion I concluded that as used in those two methods,
> SHA-1's collision issues were not relevant.
> However, I'd like to get a second opinion from the cryptography experts.
>
> I can change the default to SHA-256, but if it's not actually making
> things more secure then that's just increasing time and space for no reason.
>
> Thanks,
> David
>
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev
>
>
--
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
"The people's good is the highest law." -- Cicero
GPG Key fingerprint: D1B3 ADC0 E023 8CA6
_______________________________________________
Cryptography-dev mailing list
Cryptography-dev at python.org
https://mail.python.org/mailman/listinfo/cryptography-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20170315/9805ea42/attachment.html>
More information about the Cryptography-dev
mailing list