Opened 13 months ago

Last modified 4 months ago

#27468 assigned Cleanup/optimization

Move utils.crypto.salted_hmac() from SHA1 toward SHA256

Reported by: Tim Graham Owned by: Srinivas Reddy Thatiparthy
Component: Utilities Version: master
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

The salted_hmac() function uses SHA-1 in two places, for key derivation and as the hash function of the HMAC algorithm. HMAC-SHA1 is still considered secure, but it would be nice to move toward SHA256. Some work is needed to ensure backward compatibility (like we've done with password storage).

Ramifications:

  • Changing the algorithm will make all the old HMACs invalid. This means that when users upgrade, old sessions, signed cookies, and session authentication hashes will be rejected as invalid and replaced (hence the need for a backwards-compatibility layer of some sort).
  • SHA-256 is slower than SHA-1, though hopefully no Django servers are bottlenecked on hashing speed.

Thanks Predrag Gruevski (obi1kenobi on Github) for the report.

Change History (3)

comment:1 Changed 12 months ago by R Sriranganathan

Owner: changed from nobody to R Sriranganathan
Status: newassigned

comment:2 Changed 4 months ago by Srinivas Reddy Thatiparthy

Owner: changed from R Sriranganathan to Srinivas Reddy Thatiparthy

comment:3 Changed 4 months ago by Srinivas Reddy Thatiparthy

A WIP PR has been raised here - https://github.com/django/django/pull/8773

Note: See TracTickets for help on using tickets.
Back to Top