Updated readme

This commit is contained in:
Mark Qvist 2025-05-10 15:39:51 +02:00
parent 840966f3e6
commit cc1faa55be

View file

@ -52,7 +52,7 @@ For more info, see [reticulum.network](https://reticulum.network/) and [the FAQ
- Forward Secrecy is available for all communication types, both for single packets and over links
- Reticulum uses the following format for encrypted tokens:
- Ephemeral per-packet and link keys and derived from an ECDH key exchange on Curve25519
- AES-128 or AES-256 in CBC mode with PKCS7 padding
- AES-256 in CBC mode with PKCS7 padding
- HMAC using SHA256 for authentication
- IVs are generated through os.urandom()
- Unforgeable packet delivery confirmations
@ -328,12 +328,12 @@ intentionally compromised or weakened clone. The utilised primitives are:
- Ephemeral keys derived from an ECDH key exchange on Curve25519
- HMAC using SHA256 for message authentication
- IVs must be generated through `os.urandom()` or better
- AES-128 or AES-256 in CBC mode with PKCS7 padding
- AES-256 in CBC mode with PKCS7 padding
- No Fernet version and timestamp metadata fields
- SHA-256
- SHA-512
In the default installation configuration, the `X25519`, `Ed25519`, `AES-128-CBC`
In the default installation configuration, the `X25519`, `Ed25519`,
and `AES-256-CBC` primitives are provided by [OpenSSL](https://www.openssl.org/)
(via the [PyCA/cryptography](https://github.com/pyca/cryptography) package).
The hashing functions `SHA-256` and `SHA-512` are provided by the standard