I know this project is not being actively updated currently, but someday when it is active again, I hope the following will be kept in mind.
In release 1.9.1, the code in gmvault_utils.py makes a random password like this:
def make_password(minlength=8, maxlength=16):
...
return ''.join([random.choice(letters) for _ in range(length)])
The python documentation found at https://docs.python.org/2/library/random.html says that the functions in the random module generate completely deterministic random numbers and are “completely unsuitable for cryptographic purposes.” (Emphasis added.)
The documentation recommends using os.urandom() or SystemRandom if you require a cryptographically secure pseudo-random number generator.
Also the length of the random number is currently forced into the range 8..16 characters, which is only 48..95 bits (based on 5.95 bits per alphanumeric character). Better would be 256 bits (to make it quantum-computing-proof) or 43 characters. Since the user is not entering the key manually, it can be made long.
Also, AES is in much more common use, so its code is probably much better debugged, and almost all newer CPUs include AES in hardware. So for better security and performance, in the long run AES should replace Blowfish.
aztazt
commented
5 years ago
I know this project is not being actively updated currently, but someday when it is active again, I hope the following will be kept in mind.
In release 1.9.1, the code in
gmvault_utils.pymakes a random password like this:The python documentation found at https://docs.python.org/2/library/random.html says that the functions in the
randommodule generate completely deterministic random numbers and are “completely unsuitable for cryptographic purposes.” (Emphasis added.)The documentation recommends using
os.urandom()orSystemRandomif you require a cryptographically secure pseudo-random number generator.Also the length of the random number is currently forced into the range 8..16 characters, which is only 48..95 bits (based on 5.95 bits per alphanumeric character). Better would be 256 bits (to make it quantum-computing-proof) or 43 characters. Since the user is not entering the key manually, it can be made long.
Also, AES is in much more common use, so its code is probably much better debugged, and almost all newer CPUs include AES in hardware. So for better security and performance, in the long run AES should replace Blowfish.