[openssl-users] CTR_DRBG with or without a derivation function (re: FIPS 140-2)

Steve Pate spate at hytrust.com
Fri Aug 21 22:40:18 UTC 2015


To quote from several places:

Once you call FIPS_mode_set (and assuming it returns non-zero), you are using the NIST approved DRBGs.
>From OpenSSL's Random Numbers wiki page:

The default DRBG is 256-bit CTR AES using a derivation function ... To use the FIPS random number generator, simply use
RAND_bytes as described earlier. Note that the call to FIPS_mode_set must succeed in order to operate in FIPS 140 mode.

But if I look at the OpenSSL/FIPS security policy it lists:

CTR DRBG (AES), no derivation function

as being approved but there is no mention of whether CTR DRBG (AES) with a derivation function is approved or not.

Thoughts?

Thanks in advance,
Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150821/a3b7c404/attachment-0001.html>


More information about the openssl-users mailing list