aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--doc/manual/cipher_modes.rst2
-rw-r--r--doc/manual/hash.rst3
-rw-r--r--readme.rst22
3 files changed, 6 insertions, 21 deletions
diff --git a/doc/manual/cipher_modes.rst b/doc/manual/cipher_modes.rst
index ca53a6ab5..e7a147d25 100644
--- a/doc/manual/cipher_modes.rst
+++ b/doc/manual/cipher_modes.rst
@@ -250,6 +250,8 @@ will be returned by :cpp:func:`get_cipher` if the named cipher is an AEAD mode).
Available AEAD Modes
-------------------------
+If in doubt about what to use, pick ChaCha20Poly1305, AES-256/GCM, or AES-256/SIV.
+
ChaCha20Poly1305
~~~~~~~~~~~~~~~~~~
diff --git a/doc/manual/hash.rst b/doc/manual/hash.rst
index 7b317f498..d8463cc2e 100644
--- a/doc/manual/hash.rst
+++ b/doc/manual/hash.rst
@@ -98,7 +98,8 @@ Assume we want to calculate the SHA-1, Whirlpool and SHA-3 hash digests of the S
Available Hash Functions
------------------------------
-The following cryptographic hash functions are implemented.
+The following cryptographic hash functions are implemented. If in doubt,
+any of Blake2b, SHA-384, or SHA-3 are good choices.
BLAKE2b
^^^^^^^^^
diff --git a/readme.rst b/readme.rst
index 394f06c52..084da5cd3 100644
--- a/readme.rst
+++ b/readme.rst
@@ -37,14 +37,10 @@ https://keybase.io/jacklloyd, and some public PGP key servers.
For all the details on building the library, read the
`users manual <https://botan.randombit.net/manual>`_, but basically::
- $ ./configure.py --help
- $ ./configure.py [probably some options]
+ $ ./configure.py
$ make
$ ./botan-test
- # lots of output...
- Tests all ok
- $ ./botan
- # shows available commands
+ ...
$ make install
Botan can also be built into a single-file amalgamation for easy inclusion into
@@ -185,17 +181,3 @@ Other Useful Things
* Format preserving encryption scheme FE1
* Threshold secret sharing
* NIST key wrapping
-
-Recommended Algorithms
-----------------------------------------
-
-* For encryption of network traffic use TLS v1.2
-* Packet encryption: AES-256/GCM, AES-256/OCB, Serpent/OCB, or ChaCha20Poly1305
-* General hash function: BLAKE2b, SHA-2, SHA-3, or Skein-512
-* Message authentication or PRF: HMAC with SHA-256
-* Key derivation function: KDF2 or HKDF
-* Public Key Encryption: RSA, 2048+ bit keys, with OAEP/SHA-256
-* Public Key Signatures: RSA, 2048+ bit keys with PSS/SHA-512,
- or ECDSA using P-256/SHA-256 or P-521/SHA-512
-* Key Agreement: ECDH using P-256 or X25519. If you are concerned
- about quantum computers, combine ECC with NewHope.