Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#16336 closed Uncategorized (duplicate)

Weak salts for auth backend

Reported by: ninjaneo Owned by: nobody
Component: contrib.auth Version: 1.3
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

salt = get_hexdigest(algo, str(random.random()), str(random.random()))[:5]

Does not provide enough entropy, as its solely numeric, and always begins with: '0.'
That means it only increases complexity by 3 numbers. 10*10*10 = 1000 possibilities.
Noticed there is also no iterative hashing performed (rounds), which is crucial part of salting.

Perhaps use os.urandom?

Change History (3)

comment:1 Changed 4 years ago by PaulM

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to duplicate
  • Status changed from new to closed

This has been discussed before. I'm not sure where you're getting "solely numeric" and "always starts with 0", but you might look at #15367, #5600, and #13969 for discussions of the length.

Closing as a dupe, most particularly of #13969.

Last edited 4 years ago by PaulM (previous) (diff)

comment:2 Changed 4 years ago by anonymous

Was refering to the use of str(random.random())[:5] sample output:

str(random.random())[:5]

'0.545'
'0.895'
etc.

comment:3 Changed 4 years ago by PaulM

Read the code again. Maybe try it in a Python interpreter. The function takes two long random inputs, hashes them, and only then truncates the resulting hash. The hash is truncated, not the random number. So you're really looking at 165 = 1048576 possibilities. I agree that it's still too short, but it's not at all as bad as you make it out to be.

When you report issues like this, please take the time to verify that the code actually works the way you think it does. It makes it a lot easier for everyone if the bug report doesn't contain misleading information.

Also, for the record, iterative hashing is an issue which is completely orthogonal to salting. They both contribute to security, but in different ways. Iterative hashing is related to algorithm choice. Salting is designed to prevent pre-computed dictionary attacks.

Note: See TracTickets for help on using tickets.
Back to Top