3 Keyed hashing

This chapter covers

Generating a secure key
Verifying data authentication with keyed hashing
Using the hmac module for cryptographic hashing
Preventing timing attacks

In the previous chapter, you learned how to ensure data integrity with hash functions. In this chapter, you’ll learn how to ensure data authentication with keyed hash functions. I’ll show you how to safely generate random numbers and passphrases. Along the way, you’ll learn about the os, secrets, random, and hmac modules. Finally, you learn how to resist timing attacks by comparing hash values in length-constant time.

3.1 Data authentication

Let’s revisit Alice’s document management system from the previous chapter. The system hashes each new document before ...

Get Full Stack Python Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Full Stack Python Security by Dennis Byrne

3 Keyed hashing

3.1 Data authentication

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly