Python PKCS#5 v2.0 PBKDF2 Module

This module implements the password-based key derivation function, PBKDF2, specified in RSA PKCS#5 v2.0.

Example PBKDF2 usage

from PBKDF2 import PBKDF2
  from Crypto.Cipher import AES
  import os

  salt = os.urandom(8)    # 64-bit salt
  key = PBKDF2("This passphrase is a secret.", salt).read(32) # 256-bit key
  iv = os.urandom(16)     # 128-bit IV
  cipher = AES.new(key, AES.MODE_CBC, iv)
    ...

Example crypt() usage

from PBKDF2 import crypt
  pwhash = crypt("secret")
  alleged_pw = raw_input("Enter password: ")
  if pwhash == crypt(alleged_pw, pwhash):
      print "Password good"
  else:
      print "Invalid password"

Example crypt() output

>>> from PBKDF2 import crypt
  >>> crypt("secret")
  '$p5k2$$hi46RA73$aGBpfPOgOrgZLaHGweSQzJ5FLz4BsQVs'
  >>> crypt("secret", "XXXXXXXX")
  '$p5k2$$XXXXXXXX$L9mVVdq7upotdvtGvXTDTez3FIu3z0uG'
  >>> crypt("secret", "XXXXXXXX", 400)  # 400 iterations (the default for crypt)
  '$p5k2$$XXXXXXXX$L9mVVdq7upotdvtGvXTDTez3FIu3z0uG'
  >>> crypt("spam", iterations=400)
  '$p5k2$$FRsH3HJB$SgRWDNmB2LukCy0OTal6LYLHZVgtOi7s'
  >>> crypt("spam", iterations=1000)    # 1000 iterations
  '$p5k2$3e8$H0NX9mT/$wk/sE8vv6OMKuMaqazCJYDSUhWY9YB2J'
  

Download

Latest Version

1.2

• Compatibility release (v1.2)
• Add support for older versions of Python (2.2 and 2.3).

Archived Versions

1.1

• Bugfix release (v1.1)
• SECURITY: The PyCrypto XOR cipher (used, if available, in the _strxor function in the previous release) silently truncates all keys to 64 bytes. The way it was used in the previous release, this would only be problem if the pseudorandom function that returned values larger than 64 bytes (so SHA1, SHA256 and SHA512 are fine), but I don't like anything that silently reduces the security margin from what is expected.

1.0

Initial release.

Dwayne C. Litzenberger
 Key-signing key   - 19E1 1FE8 B3CF F273 ED17  4A24 928C EC13 39C2 5CF7
 Annual key (2008) - 4B2A FD82 FC7D 9E38 38D9  179F 1C11 B877 E780 4B45