beaker.crypto.pbkdf2
– PKCS#5 v2.0 Password-Based Key Derivation classes¶
PBKDF2 Implementation adapted from django.utils.crypto.
This is used to generate the encryption key for enciphered sessions.
Module Contents¶
-
beaker.crypto.pbkdf2.
pbkdf2
(password, salt, iterations, dklen=0, digest=None)¶ Implements PBKDF2 using the stdlib. This is used in Python 2.7.8+ and 3.4+.
HMAC+SHA256 is used as the default pseudo random function.
As of 2014, 100,000 iterations was the recommended default which took 100ms on a 2.7Ghz Intel i7 with an optimized implementation. This is probably the bare minimum for security given 1000 iterations was recommended in 2001.