ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-06-13 20:58:19 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

K1 is supported by TLS (permissioning.rst) and identify Sphincs as experimental due to a BC 1.58 issue which needs investigation. (#3269)

Browse Source
This commit is contained in:
Konstantinos Chalkias
2018-05-30 17:38:33 +01:00
committed by GitHub
parent e44b6c6f4a
commit 5d1cc0bd54
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/source/cipher-suites.rst
View File

@ -54,7 +54,7 @@ For instance, **network map** is ECDSA NIST P-256 (secp256r1) in the Corda Netwo
underlying HSM device, but the default for dev-mode is Pure EdDSA (ed25519). underlying HSM device, but the default for dev-mode is Pure EdDSA (ed25519).
The following table presents the 5 signature schemes currently supported by Corda. The TLS column shows which of them The following table presents the 5 signature schemes currently supported by Corda. The TLS column shows which of them
are compatible with TLS 1.2, while the default scheme per key type is also shown. are compatible with TLS 1.2, while the default scheme per key type is also shown in the last column.
+-------------------------+---------------------------------------------------------------+-----+-------------------------+ +-------------------------+---------------------------------------------------------------+-----+-------------------------+
| Cipher suite | Description | TLS | Default for | | Cipher suite | Description | TLS | Default for |
@ -93,7 +93,7 @@ are compatible with TLS 1.2, while the default scheme per key type is also shown
+-------------------------+---------------------------------------------------------------+-----+-------------------------+ +-------------------------+---------------------------------------------------------------+-----+-------------------------+
| | SPHINCS-256 | | SPHINCS-256 is a post-quantum secure algorithm that relies | NO | | | | SPHINCS-256 | | SPHINCS-256 is a post-quantum secure algorithm that relies | NO | |
| | and SHA-512 | | only on hash functions. It is included as a hedge against | | | | | and SHA-512 | | only on hash functions. It is included as a hedge against | | |
| | | the possibility of a malicious adversary obtaining a | | | | | (experimental) | | the possibility of a malicious adversary obtaining a | | |
| | | quantum computer capable of running Shor's algorithm in | | | | | | quantum computer capable of running Shor's algorithm in | | |
| | | future. SPHINCS is based ultimately on a clever usage of | | | | | | future. SPHINCS is based ultimately on a clever usage of | | |
| | | Merkle hash trees. Hash functions are a very heavily | | | | | | Merkle hash trees. Hash functions are a very heavily | | |

2
docs/source/permissioning.rst
View File

@ -75,6 +75,8 @@ certificates must obey the following restrictions:
* ECDSA using the NIST P-256 curve (secp256r1) * ECDSA using the NIST P-256 curve (secp256r1)
* ECDSA using the Koblitz k1 curve (secp256k1)
* RSA with 3072-bit key size * RSA with 3072-bit key size
.. note:: Corda's ``X509Utilities`` show how to generate the required public/private keypairs and certificates using .. note:: Corda's ``X509Utilities`` show how to generate the required public/private keypairs and certificates using