[openssl-project] Entropy seeding the DRBG

Salz, Rich rsalz at akamai.com
Tue Apr 3 12:52:50 UTC 2018

I had not realized that we just increased the “entropy” requirements by 50%, from 256 to 384. The original DRBG submission that I did only required 128 bits.  I think that is wrong, and I think the PR that did it (#5503) should be reverted.

I am concerned that we are trying to meet requirements that we really don’t have.  The original code was a huge improvement.

Requiring 384 bits of random seed is silly.  I think it is ridiculous.  One way or another we HAVE to fix that before the release.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-project/attachments/20180403/dcc11c5f/attachment.html>

More information about the openssl-project mailing list