[openssl-users] OpenSSL DRBG in FIPS mode confusion.

Jayalakshmi bhat bhat.jayalakshmi at gmail.com
Wed Mar 15 09:50:15 UTC 2017 

Hi All,

OpenSSL uses 256 bit AES-CTR DRBG as default DRBG in FIPS mode. I have
question associated with this.

1. OpenSSL wiki says  : Default DRBG is 256-bit CTR AES *using a derivation
function*
2. Where as the document
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf
 mentions "no derivation function" in one place and in another sections
mentions both
*Section 4 Modes of Operation and Cryptographic Functionality*
Random Number  Generation;    [SP 800­90] DRBG5
Hash DRBG
Symmetric key  generation        Prediction resistance
  HMAC DRBG, no reseed
                                               supported for all variations
              CTR DRBG (AES), no derivation function
*Section 6 Self­test *
DRBG  KAT  CTR_DRBG: AES, 256 bit with and without derivation function

Please can any one let me know what is the default behavior? Is there any
way to toggle between using and not using derivation function.

Regards
Jayalakshmi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170315/a0484068/attachment.html>

More information about the openssl-users mailing list