id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
27468	Move utils.crypto.salted_hmac() from SHA1 toward SHA256	Tim Graham	Claude Paroz	"The `salted_hmac()` function uses SHA-1 in two places, for key derivation and as the hash function of the HMAC algorithm. HMAC-SHA1 is [http://crypto.stackexchange.com/questions/26510/why-is-hmac-sha1-still-considered-secure/26518#26518 still considered secure], but it would be nice to move toward SHA256. Some work is needed to ensure backward compatibility (like we've done with password storage).

Ramifications:
- Changing the algorithm will make all the old HMACs invalid. This means that when users upgrade, old sessions, signed cookies, and session authentication hashes will be rejected as invalid and replaced (hence the need for a backwards-compatibility layer of some sort).
- SHA-256 is slower than SHA-1, though hopefully no Django servers are bottlenecked on hashing speed.

Thanks Predrag Gruevski (obi1kenobi on Github) for the report."	Cleanup/optimization	closed	Utilities	dev	Normal	fixed		Simon Charette	Accepted	1	0	0	0	0	0