From 6a392fdb0ffb6f75bc1cd6df1d7656ccc114a0cd Mon Sep 17 00:00:00 2001
From: Mark Qvist <mark@unsigned.io>
Date: Thu, 5 Sep 2024 15:21:45 +0200
Subject: [PATCH] Updated readme

---
 README.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index a0329b2..9aa58cf 100755
--- a/README.md
+++ b/README.md
@@ -306,9 +306,11 @@ general-purpose CPUs and on microcontrollers. The necessary primitives are:
 - X22519 for ECDH key exchanges
 - HKDF for key derivation
 - Modified Fernet for encrypted tokens
-  - AES-128 in CBC mode
-  - HMAC for message authentication
-  - No Fernet version and timestamp fields
+  - Ephemeral keys derived from an ECDH key exchange on Curve25519
+  - AES-128 in CBC mode with PKCS7 padding
+  - HMAC using SHA256 for message authentication
+  - IVs are generated through os.urandom()
+  - No Fernet version and timestamp metadata fields
 - SHA-256
 - SHA-512