Cryptographic suites
Cryptographic suites provide a set of algorithms and protocols for secure communication and data protection. The Truvity platform supports multiple cryptographic suites and key types to ensure robust security for digital credentials and transactions.
Supported cryptographic suites
| CryptoSuite / Signature | Supported Keys | Issue - did:key | Issue - did:web | Verify |
|---|---|---|---|---|
ecdsa-rdfc-2019, ecdsa-sd-2023 | P256, P384 | ✔️ | ✔️ | ✔️ |
eddsa-rdfc-2022 | ED25519 | ✔️ | ✔️ | ✔️ |
Ed25519Signature2020 | ED25519 | ❌ (Not planned) | ❌ (Not planned) | ✔️ |
Ed25519Signature2018 | ED25519 | ❌ (Not planned) | ❌ (Not planned) | ✔️ |
EcdsaSecp256k1Signature2019 | SECP256K1 | ❌ (Impossible) | ❌ (By request) | ✔️ |
RsaSignature2018 | RSA-* | ❌ (By request) | ❌ (By request) | ❌ (By request) |
Key notes:
ecdsa-rdfc-2019andecdsa-sd-2023: Support for P256 and P384 curves, suitable for both issuing and verifying credentials.eddsa-rdfc-2022: Supports the ED25519 key, used for both issuing and verifying credentials.Ed25519Signature2020andEd25519Signature2018: Only supported for verification, with no plans to support issuance.EcdsaSecp256k1Signature2019: Supports the SECP256K1 curve for verification. Issuance support is available upon request.RsaSignature2018: Available by request for issuance and verification using RSA keys.
Supported cryptographic keys
| Truvity Key Type | JWX Type | JWX Curve | JWX KeySize | FIPS | SEC2 | OpenSSL | AWS KMS |
|---|---|---|---|---|---|---|---|
ED25519 | OKP | Ed25519 | ed25519 | ||||
P256 | EC | P-256 | P-256 | secp256r1 | prime256v1 | ECC_NIST_P256 | |
P384 | EC | P-384 | P-384 | secp384r1 | secp384r1 | ECC_NIST_P384 | |
RSA2048 | RSA | 2048 | RSA-2048? | RSA-2048? | rsa 2048 | RSA_2048 | |
RSA3072 | RSA | 3072 | RSA-3072? | RSA-3072? | rsa 3072 | RSA_3072 | |
RSA4096 | RSA | 4096 | rsa 4096 | RSA_4096 |
Further reading
- Learn how to issue a verifiable credential (VC) and sign it with a cryptographic key using Truvity SDK.