[openssl-project] Entropy seeding the DRBG

Kurt Roeckx kurt at roeckx.be
Tue Apr 3 16:54:09 UTC 2018

On Tue, Apr 03, 2018 at 12:52:50PM +0000, Salz, Rich wrote:
> I had not realized that we just increased the “entropy” requirements by 50%, from 256 to 384. The original DRBG submission that I did only required 128 bits.  I think that is wrong, and I think the PR that did it (#5503) should be reverted.
> I am concerned that we are trying to meet requirements that we really don’t have.  The original code was a huge improvement.
> Requiring 384 bits of random seed is silly.  I think it is ridiculous.  One way or another we HAVE to fix that before the release.

Please note that that 50% extra is only used for instantiating the
DRBG. On reseed we it only uses 256 bits.

There is an alternative to that 50% extra, but it's not making
sense to me.

The 1.1.0 version also used 256 bit.


More information about the openssl-project mailing list