Author alex
Recipients alex, benjamin.peterson, christian.heimes, gregory.p.smith, python-dev, xiang.zhang
Date 2016-09-07.16:44:08
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <CAFRnB2UoFybALX=M47NeA_-sPsH0iCZQadYasvYo_UZ+p2xzqQ@mail.gmail.com>
In-reply-to <1473265733.840753.718597761.0A18DEE0@webmail.messagingengine.com>
Content
OpenSSL supports scrypt

On Sep 7, 2016 12:28 PM, "Benjamin Peterson" <report@bugs.python.org> wrote:

>
> Benjamin Peterson added the comment:
>
> Why are we adding scrypt and not argon2 anyway?
>
> On Wed, Sep 7, 2016, at 03:25, Christian Heimes wrote:
> >
> > Christian Heimes added the comment:
> >
> > Benjamin, what's your take on Alex's suggestion?
> >
> > <Crys> gutworth: Alex_Gaynor has asked me if hashlib.scrypt() can go into
> > 2.7, too. It's a password-based KDF like hashlib.pbkdf2() but more secure
> > than PBKDF2. It requires OpenSSL 1.1.0.
> > <Alex_Gaynor> gutworth: I think it'd be good if this were approved, for
> > the same reasons as PEP466
> > <Crys> contrary to PKBDF2 it doesn't make sense to have a pure-Python
> > implementation. scrypt uses ChaCha20 cipher. I don't want to add a cipher
> > to CPython core (possible legal issue) and it's not available in OpenSSL
> > < 1.1.0.
> >
> > ----------
> > nosy: +benjamin.peterson
> > versions: +Python 2.7
> >
> > _______________________________________
> > Python tracker <report@bugs.python.org>
> > <http://bugs.python.org/issue27928>
> > _______________________________________
>
> ----------
>
> _______________________________________
> Python tracker <report@bugs.python.org>
> <http://bugs.python.org/issue27928>
> _______________________________________
>
History
Date User Action Args
2016-09-07 16:44:08alexsetrecipients: + alex, gregory.p.smith, christian.heimes, benjamin.peterson, python-dev, xiang.zhang
2016-09-07 16:44:08alexlinkissue27928 messages
2016-09-07 16:44:08alexcreate