<div dir="ltr">Hi All,<div><br></div><div>OpenSSL uses 256 bit AES-CTR DRBG as default DRBG in FIPS mode. I have question associated with this. </div><div><br></div><div>1. OpenSSL wiki says : D<span style="color:rgb(0,0,0);font-family:sans-serif;font-size:12.7px">efault DRBG is 256-bit CTR AES <b>using a derivation function</b></span></div><div><span style="font-size:12.7px;color:rgb(0,0,0);font-family:sans-serif">2. Where as the document <a href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf">http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf</a> mentions "no derivation function" in one place and in another sections mentions both</span><br></div><div><b>Section 4 Modes of Operation and Cryptographic Functionality</b><br></div><div>Random Number
Generation; [SP 80090] DRBG5 Hash DRBG <br></div><div>Symmetric key
generation Prediction resistance HMAC DRBG, no reseed </div><div> supported for all variations CTR DRBG (AES), no derivation function <font color="#000000" face="sans-serif"><span style="font-size:12.7px"><br></span></font></div><div><b>Section 6 Selftest </b><br></div><div>DRBG KAT CTR_DRBG: AES, 256 bit with and without derivation function <b><br></b></div><div><br></div><div>Please can any one let me know what is the default behavior? Is there any way to toggle between using and not using derivation function.</div><div><br></div><div>Regards</div><div>Jayalakshmi</div></div>