Switch the DRBGs from AES-128-CTR to AES-256-CTR

author Kurt Roeckx <kurt@roeckx.be>

Sun, 18 Feb 2018 18:16:13 +0000 (19:16 +0100)

committer Kurt Roeckx <kurt@roeckx.be>

Wed, 21 Feb 2018 19:40:34 +0000 (20:40 +0100)
author Kurt Roeckx <kurt@roeckx.be>
Sun, 18 Feb 2018 18:16:13 +0000 (19:16 +0100)
committer Kurt Roeckx <kurt@roeckx.be>
Wed, 21 Feb 2018 19:40:34 +0000 (20:40 +0100)
diff --git a/include/internal/rand.h b/include/internal/rand.h

index d56742e5330132264c33c906c1e74f9a99c4a39f..471b6b55d24ba12e668f1c3ea0d94a077054eaa8 100644 (file)
--- a/include/internal/rand.h
+++ b/include/internal/rand.h
@@ -15,14 +15,22 @@
  
  /*
   * Default security strength (in the sense of [NIST SP 800-90Ar1])
- * of the default OpenSSL DRBG, and the corresponding NID.
   *
- * Currently supported values: 128, 192, 256
+ * NIST SP 800-90Ar1 supports the strength of the DRBG being smaller than that
+ * of the cipher by collecting less entropy. The current DRBG implemantion does
+ * not take RAND_DRBG_STRENGTH into account and sets the strength of the DRBG
+ * to that of the cipher.
   *
- * TODO(DRBG): would be nice to have the strength configurable
+ * RAND_DRBG_STRENGTH is currently only used for the legacy RAND
+ * implementation.
+ *
+ * Currently supported ciphers are: NID_aes_128_ctr, NID_aes_192_ctr and
+ * NID_aes_256_ctr
+ *
+ * TODO(DRBG): would be nice to have the NID and strength configurable
   */
-# define RAND_DRBG_STRENGTH             128
-# define RAND_DRBG_NID                  NID_aes_128_ctr
+# define RAND_DRBG_STRENGTH             256
+# define RAND_DRBG_NID                  NID_aes_256_ctr
  
  /*
   * Object lifetime functions.
author	Kurt Roeckx <kurt@roeckx.be>
	Sun, 18 Feb 2018 18:16:13 +0000 (19:16 +0100)
committer	Kurt Roeckx <kurt@roeckx.be>
	Wed, 21 Feb 2018 19:40:34 +0000 (20:40 +0100)