beaker.crypto.pbkdf2 – PKCS#5 v2.0 Password-Based Key Derivation classes

PBKDF2 Implementation adapted from django.utils.crypto.

This is used to generate the encryption key for enciphered sessions.

Module Contents

beaker.crypto.pbkdf2.pbkdf2(password, salt, iterations, dklen=0, digest=None)

Implements PBKDF2 using the stdlib. This is used in Python 2.7.8+ and 3.4+.

HMAC+SHA256 is used as the default pseudo random function.

As of 2014, 100,000 iterations was the recommended default which took 100ms on a 2.7Ghz Intel i7 with an optimized implementation. This is probably the bare minimum for security given 1000 iterations was recommended in 2001.