On Sun, Apr 08, 2018 at 08:29:18PM +0000, Dr. Matthias St. Pierre wrote:
> Just for completeness sake: The entropy requirement is 256 and *not* 384 if a 
> derivation function is used.

But one way of implementing the nonce when a DF is not used, is to
also have 384 bit in that case, which is our current
implementation. If someone writes a default get_nonce function it
can be reduced to 256.


openssl-project mailing list

Reply via email to