<p>Reticulum uses a simple suite of efficient, strong and modern cryptographic primitives, with widely available implementations that can be used both on general-purpose CPUs and on microcontrollers. The necessary primitives are:</p>
<ul>
<li>Ed25519 for signatures</li>
<li>X22519 for ECDH key exchanges</li>
<li>HKDF for key derivation</li>
<li>AES-128 in CBC mode</li>
<li>HMAC-SHA256 for message authentication</li>
<li>SHA-256</li>
<li>SHA-512</li>
</ul>
<p>In the default installation configuration, the <code>X25519</code>, <code>Ed25519</code> and <code>AES-128-CBC</code> primitives are provided by <ahref="https://www.openssl.org/">OpenSSL</a> (via the <ahref="https://github.com/pyca/cryptography">PyCA/cryptography</a> package). The hashing functions <code>SHA-256</code> and <code>SHA-512</code> are provided by the standard Python <ahref="https://docs.python.org/3/library/hashlib.html">hashlib</a>. The <code>HKDF</code>, <code>HMAC</code>, <code>Fernet</code> primitives, and the <code>PKCS7</code> padding function are always provided by the following internal implementations:</p>
<p>Reticulum also includes a complete implementation of all necessary primitives in pure Python. If OpenSSL & PyCA are not available on the system when Reticulum is started, Reticulum will instead use the internal pure-python primitives. A trivial consequence of this is performance, with the OpenSSL backend being <em>much</em> faster. The most important consequence however, is the potential loss of security by using primitives that has not seen the same amount of scrutiny, testing and review as those from OpenSSL.</p>
<p>If you want to use the internal pure-python primitives, it is <strong>highly advisable</strong> that you have a good understanding of the risks that this pose, and make an informed decision on whether those risks are acceptable to you.</p>
<p>Reticulum is relatively young software, and should be considered as such. While it has been built with cryptography best-practices very foremost in mind, it <em>has not</em> been externally security audited, and there could very well be privacy or security breaking bugs. If you want to help out, or help sponsor an audit, please do get in touch.</p>