CTR_DRBG is limited to AES #63
Labels
component-crypto
Crypto primitives and low-level interfaces
enhancement
historical-reviewed
Reviewed & agreed to keep legacy PR/issue
Comments
|
This is something we might do in the future. |
hanno-becker
pushed a commit
to hanno-becker/mbedtls
that referenced
this issue
Nov 17, 2020
Ensure correct server-only build
tom-daubney-arm
added
the
historical-reviewing
|
Since CTR_DRBG is defined by NIST then the ciphers should be NIST approved. At present the only NIST approved block cipher is AES. |
tom-daubney-arm
added
historical-reviewed
|
Actually, this is probably going to happen soon-ish, as part of the move to more PSA support.
No, there's no particular reason for that. Camellia and ARIA are designed to be drop-in replacements for AES. |
5 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The module CTR_DRBG could be reworked to be able to use other block cyptos than only AES (like the HASH_DRBG module). This would make the module more future proof.
The text was updated successfully, but these errors were encountered: