Updated readme
This commit is contained in:
parent
1ec83b535f
commit
4c3a82cf20
|
@ -197,9 +197,9 @@ Reticulum has been designed to use a simple suite of efficient, strong and moder
|
|||
- SHA-256
|
||||
- SHA-512
|
||||
|
||||
In the default installation configuration, Reticulum primarily uses cryptograhic primitives from [OpenSSL](https://www.openssl.org/) (via the [PyCA/cryptography](https://github.com/pyca/cryptography) package). The hashing functions `SHA-256` and `SHA-512` are provided by the standard Python `hashlib`, and `Fernet` is provided by [an internal implementation](RNS/Cryptography/Fernet.py). All other primitives are provided by [OpenSSL](https://www.openssl.org/) & [PyCA](https://github.com/pyca/cryptography).
|
||||
In the default installation configuration, Reticulum primarily uses cryptograhic primitives from [OpenSSL](https://www.openssl.org/) (via the [PyCA/cryptography](https://github.com/pyca/cryptography) package). The hashing functions `SHA-256` and `SHA-512` are provided by the standard Python `hashlib`, and `Fernet` is provided by [an internal implementation](RNS/Cryptography/Fernet.py). All other primitives are provided by OpenSSL & PyCA.
|
||||
|
||||
Reticulum also includes a *complete implementation* of all necessary primitives *written in pure Python*. If [OpenSSL](https://www.openssl.org/) & [PyCA](https://github.com/pyca/cryptography) are *not* available on the system when Reticulum is started, Reticulum will instead use the internal pure-python primitives. A trivial consequence of this is performance, with the OpenSSL backend being *much* faster. The most important consequence however, is the potential loss of security by using primitives that has not seen the same amount of scrutiny, testing and review as those from OpenSSL.
|
||||
Reticulum also includes a *complete implementation* of all necessary primitives *written in pure Python*. If OpenSSL & PyCA are *not* available on the system when Reticulum is started, Reticulum will instead use the internal pure-python primitives. A trivial consequence of this is performance, with the OpenSSL backend being *much* faster. The most important consequence however, is the potential loss of security by using primitives that has not seen the same amount of scrutiny, testing and review as those from OpenSSL.
|
||||
|
||||
If you want to use the internal pure-python primitives, it is **highly advisable** that you have a good understanding of the risks that this pose, and make an informed decision on whether those risks are acceptable for your.
|
||||
|
||||
|
|
Loading…
Reference in New Issue