Currently we use SHA512 which is excellent but a user noted that bcrypt might be even better (see http://stackoverflow.com/questions/11458969/google-app-engine-choosing-the-right-direction/11496978#11496978). @coto have you looked at bcrypt? I've seen that it is much stronger but also much slower (see http://stackoverflow.com/questions/11393564/bcrypt-in-python).
Note rather than replacing SHA512 we could add it as an option to the encrypt utility function if its an easy option.
haha funny, we want the same in this project.... yes, strongly agree.
bcrypt IMO is the best one (used by the most secure OS - openBSD)
Interesting reading http://throwingfire.com/storing-passwords-securely/
The only problem is that bcrypt has to be implemented in python which results in a security loss. (still better than sha512)
Also the whole salting+secret is wrong. I will fix this next week.
HI @kantaki you mean fix this issue with bcrypt, but you think is not the best option?
It's still better than Sha512. The problem is that (correct me if I am wrong) you can only use pure python on GAE. Probably the biggest issue atm.
You also used the salt as a secret. But salt should be generated randomly every time with the same size of the hashing algorithm, to prevent rainbow tables for example.
salt = os.random(128).encode("base64")
don't use os.random. Bcrypt has it's own random function, where you can define the 'log' value
You should also store the salt in a separate database.
Don't trust me blindly, I am still learning by myself.
I know that you can do this :).
The problem with python bcrypt is that python is around 10 times slower than c. That makes the python version less secure.
bcrypt has a time limited that you can add for example "take atleast 1 second". this makes it more secure to bruteforce attacks.
The problem is now if the c version takes 1 second, the python version would take 10 sec. This would be way too much.
So the python version does less computation.
Don't worry I integrate it for you, next week. -> bcrypt, salting, secret.
If you use a static salt you can be exploited though "rainbow tables" also called dictionary attacks.
PyCrypto is now supported offcially with App Engine 1.7.1 https://developers.google.com/appengine/docs/python/tools/libraries27?hl=en