bcrypt in python [closed]

Question

At the moment I'm trying to build a log in system with a very high security.

So I want to use bcrypt and I've also found a 3rd party library, py-bcrypt.

But the author said it is a pure python implementation.

Now I read somewhere that it is not recommended to use bcrypt in python only because it is too slow and this results in a security leak. bcrypt should be implemented in C.

Can anyone confirm this? Now what should I do?

Should I use:

• bcrypt (python)
• SHA512 (from hashlib)
• something different

I'm using Google App Engine

EDIT: http://packages.python.org/passlib/lib/passlib.hash.bcrypt.html#bcrypt-backends

It should be noted that the pure-python implementation (#4) is too slow to be useable, given the number of rounds currently required for security. Because of this, it is disabled by default, unless the environment variable PASSLIB_BUILTIN_BCRYPT="enabled" is set.

Answer 1

How about comparing the two? Here is code to hash a password of 8000 random bits and corresponding times:

Hashlib:

#!/usr/bin/env python
import hashlib
import random

password = str(random.getrandbits(8000))
print hashlib.sha512(password).hexdigest()

Hashlib including salt:

#!/usr/bin/env python
import hashlib
import random

password = str(random.getrandbits(8000))
salt = str(random.getrandbits(256))
print hashlib.sha512(password + salt).hexdigest()

bcrypt:

#!/usr/bin/env python
import bcrypt
import random

password = str(random.getrandbits(8000))
print bcrypt.hashpw(password,bcrypt.gensalt())

Timing bcrypt:

$ time ./bcrypt_test.py 
$2a$12$Om3a3zKsCNAM/SLB3hq5w.HYukFwn4CJ73rjXYNUPgqckUx2uLEmG

real    0m0.401s
user    0m0.313s
sys 0m0.013s

Timing hashlib:

$ time ./hashlib_test.py 
9e37eb4f164bbb1808833297d0244327e4faac109cd92729228f6e36d75d23044ac13a7a1907515cd6db44474b244678779e3ae4e97d8355c2069332aae52d61

real    0m0.032s
user    0m0.021s
sys 0m0.010s
$ 

Answer 2

Try passlib. It has a C implementation of bcrypt.