-
-
Save zhuzhuor/6148984 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| This is an EXPERIMENTAL password hash with time and memory parameters, | |
| such that the time parameter does not affect the memory required (but | |
| does affect the number of memory accesses). | |
| This was quickly designed, with no real test, so it's probably a silly | |
| design and the code may be broken. Therefore, please: | |
| - Do not use it to hash real passwords! | |
| - Attack it! (circumvent the time/memory requirements, find biases...) | |
| Parameters: | |
| h Hash function with the hashlib common interface | |
| (at least digest() and hexdigest() should be implemented) | |
| pwd Password, a string | |
| salt Salt, a string | |
| ptime Time parameter, an integer > 0 | |
| pmem Memory parameter, an integer > 0 | |
| Back-of-the-enveloppe time and space requirements: | |
| Time: ~ ptime compression evaluations, for any of the functions | |
| in hashlib; for other functions, it depends on the hash and block | |
| lengths and on the padding rule | |
| Memory: ~ hlen*pmem bytes, where hlen is the byte length of a digest | |
| JP Aumasson / @veorq / jeanphilippe.aumasson@gmail.com | |
| 2013 | |
| """ | |
| def phs( h, pwd, salt, ptime, pmem ): | |
| s = h( h( pwd + salt ).digest() + salt ).digest() | |
| hlen = len(s) | |
| for t in xrange(ptime // pmem + 1): | |
| for m in xrange(pmem): | |
| s += h( s[-hlen:] ).digest() | |
| s = h(s).digest() | |
| return s | |
| if __name__ == '__main__': | |
| import hashlib | |
| phs( hashlib.sha256, 'password', 'salt', 2, 2**16 ) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment