Issue 19254: Python implementation of PBKDF2_HMAC

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/63453

classification

Title:	Python implementation of PBKDF2_HMAC
Type:	enhancement	Stage:	resolved
Components:	Library (Lib)	Versions:	Python 3.4

process

Status:	closed	Resolution:	fixed
Dependencies:		Superseder:
Assigned To:		Nosy List:	christian.heimes, pitrou, python-dev, serhiy.storchaka, skrah
Priority:	normal	Keywords:	patch

Created on 2013-10-13 21:31 by christian.heimes, last changed 2022-04-11 14:57 by admin. This issue is now closed.

Files
File name	Uploaded	Description	Edit
pbkdf2_py.patch	christian.heimes, 2013-10-13 21:31		review
pbkdf2_py2.patch	christian.heimes, 2013-10-14 10:33		review
pbkdf2_py3.patch	christian.heimes, 2013-10-14 10:58		review

Messages (7)
msg199808 - (view)	Author: Christian Heimes (christian.heimes) *	Date: 2013-10-13 21:31
The patch provides a Python implementation of pbkdf2_hmac with Python's hmac module. Although I'm using some tricks it's more than six times slower than OpenSSL's implementation.
msg199859 - (view)	Author: Christian Heimes (christian.heimes) *	Date: 2013-10-14 10:33
Here is an optimized version with inline HMAC. Contrary to the implementations in OpenSSL, PyCrypto, and pbkdf2.py the length of the password has almost no impact on the runtime of my implementation.
msg199863 - (view)	Author: Christian Heimes (christian.heimes) *	Date: 2013-10-14 10:58
I have optimized XOR and now it's even faster than OpenSSL's code for reasonable long passwords. :(
msg199876 - (view)	Author: Antoine Pitrou (pitrou) *	Date: 2013-10-14 11:58
> I have optimized XOR and now it's even faster than OpenSSL's code for > reasonable long passwords. :( Uh... and it gives the right results? Perhaps OpenSSL should be reimplemented in Python :-) If your code is resistant to timing attacks, I suppose we don't need the C implementation anymore? Or does it have a larger startup cost? (what is a "reasonably long password" for you? 10 chars or 64? :-))
msg199881 - (view)	Author: Serhiy Storchaka (serhiy.storchaka) *	Date: 2013-10-14 12:40
Christian, does you noticed my comments on Rietveld?
msg200408 - (view)	Author: Roundup Robot (python-dev)	Date: 2013-10-19 12:12
New changeset e73627483d2f by Christian Heimes in branch 'default': Issue #19254: Provide an optimized Python implementation of PBKDF2_HMAC http://hg.python.org/cpython/rev/e73627483d2f
msg200409 - (view)	Author: Christian Heimes (christian.heimes) *	Date: 2013-10-19 12:13
Serhiy, I have taken your review into account. I still need to use memoryview() in order to handle all types that are supported by the format char "y*".

History
Date	User	Action	Args
2022-04-11 14:57:51	admin	set	github: 63453
2013-10-19 12:13:41	christian.heimes	set	status: open -> closed messages: + msg200409 components: + Library (Lib) resolution: fixed stage: patch review -> resolved
2013-10-19 12:12:12	python-dev	set	nosy: + python-dev messages: + msg200408
2013-10-14 12:40:09	serhiy.storchaka	set	nosy: + serhiy.storchaka messages: + msg199881
2013-10-14 11:58:39	pitrou	set	nosy: + pitrou messages: + msg199876
2013-10-14 11:02:43	skrah	set	nosy: + skrah
2013-10-14 10:58:40	christian.heimes	set	files: + pbkdf2_py3.patch messages: + msg199863
2013-10-14 10:33:34	christian.heimes	set	files: + pbkdf2_py2.patch messages: + msg199859
2013-10-13 21:31:20	christian.heimes	create