Python PKCS#5 v2.0 PBKDF2 Module

Fork me on GitHub

This module implements the password-based key derivation function, PBKDF2, specified in RSA PKCS#5 v2.0.

Quick start

Install from PyPI:

pip install pbkdf2

Example PBKDF2 usage

from PBKDF2 import PBKDF2
  from Crypto.Cipher import AES
  import os

  salt = os.urandom(8)    # 64-bit salt
  key = PBKDF2("This passphrase is a secret.", salt).read(32) # 256-bit key
  iv = os.urandom(16)     # 128-bit IV
  cipher = AES.new(key, AES.MODE_CBC, iv)
    ...

Example crypt() usage

from pbkdf2 import crypt
  pwhash = crypt("secret")
  alleged_pw = raw_input("Enter password: ")
  if pwhash == crypt(alleged_pw, pwhash):
      print "Password good"
  else:
      print "Invalid password"

Example crypt() output

>>> from pbkdf2 import crypt
  >>> crypt("secret")
  '$p5k2$$hi46RA73$aGBpfPOgOrgZLaHGweSQzJ5FLz4BsQVs'
  >>> crypt("secret", "XXXXXXXX")
  '$p5k2$$XXXXXXXX$L9mVVdq7upotdvtGvXTDTez3FIu3z0uG'
  >>> crypt("secret", "XXXXXXXX", 400)  # 400 iterations (the default for crypt)
  '$p5k2$$XXXXXXXX$L9mVVdq7upotdvtGvXTDTez3FIu3z0uG'
  >>> crypt("spam", iterations=400)
  '$p5k2$$FRsH3HJB$SgRWDNmB2LukCy0OTal6LYLHZVgtOi7s'
  >>> crypt("spam", iterations=1000)    # 1000 iterations
  '$p5k2$3e8$H0NX9mT/$wk/sE8vv6OMKuMaqazCJYDSUhWY9YB2J'