Facilitating Adoption Through Cryptographic Standards

One of the most valuable ways in which people use Hedera is by building business or application networks. For example, the Coupon Bureau will be using Hedera to connect retailers, manufacturers, and consumers so that coupons can transact more easily, a process fraught by fraud today. AdsDax relies on Hedera to combat fraud and increase fairness in their advertising marketplace, for all parties involved. Connecting entities will continue to be an important way for applications to unlock value with Hedera, as they can take advantage of network effects.

Standards are integral to building business networks as they help ensure quality and adopting widely used standards reduces friction for others to join, further accelerating network effects. When it comes to security, which includes using digital signatures and other cryptography to protect communication among network participants, the US National Institute of Standards and Technology (NIST) sets the standards for all who wish to work with the US federal government. As a result, any DLT project that wants to be used by the US federal government — say, a central bank digital currency (CBDC) — or by a company that works with the federal government, will have to abide by the NIST security standards. In fact, adopting NIST standards is common industry practice worldwide.

At Hedera, we take care to ensure our cryptography complies with standards wherever possible. To that end, all cryptography we use complies with NIST standards; see the table below for a summary. Furthermore, our core network uses only algorithms from the stricter CNSA suite, which are those NIST standards and parameters deemed suitable by the National Security Agency to protect Top Secret information. In doing so, we maintain high security standards, while enabling future applications to adopt Hedera.

*Used as part of the TLS1.2 cipher suite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384.