[openssl-project] Monthly Status Report (March)

As well as normal reviews, responding to user queries, wiki user requests, OMC business, handling security reports, etc., key activities this month: - Performed the 1.1.1 beta 1 (pre-3) release - Performed a security release for 1.1.0 and 1.0.2 - Carried out a number of different tasks around the

Re: [openssl-project] Entropy seeding the DRBG

The internal state of the CTR-DRBG consists of a key K and a counter V (see figure 11 on page 48, which is the page before table 3). This is the reason why it requires bits_of(K) + bits_of(V) = keysize + blocksize = 256 + 128 = 384 bits to initialize the internal state of the DRBG. But the

Re: [openssl-project] Entropy seeding the DRBG

>Note that with a nonce, that'll be 192 bits, unless I'm thinking wrong... But I agree with you, at least from a very practical point of view. I think using a nonce is needless. Use a personalization string (I used the address of the new DRBG).

Re: [openssl-project] Entropy seeding the DRBG

In message <122b3c36-21ad-4904-a692-351ade567...@akamai.com> on Wed, 4 Apr 2018 11:58:54 +, "Salz, Rich" said: rsalz> Is it expected that the number of bits of seed must equal the rsalz> number of bits in the key strength? It is expected that the number of bits of entropy

Re: [openssl-project] Entropy seeding the DRBG

Is it expected that the number of bits of seed must equal the number of bits in the key strength? But at any rate, raising the seed size to 256 seems mildly tolerable, although I would prefer to keep it at 128. Raising it to 384 is wrong. ___