yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 23:55:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

CTR_DRBG: Improve the explanation of security strength

Browse Source 
Separate the cases that achieve a 128-bit strength and the cases that
achieve a 256-bit strength.
This commit is contained in:
Gilles Peskine 2019-10-02 19:01:31 +02:00
parent 8cec70a8c4
commit 596fdfd6cf
1 changed files with 17 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
include/mbedtls/ctr_drbg.h
View File

@ -292,22 +292,24 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
* Per NIST SP 800-57A table 2, the achievable security * Per NIST SP 800-57A table 2, the achievable security
* strength is 128 bits if using AES-128 and * strength is 128 bits if using AES-128 and
* 256 bits if using AES-256. * 256 bits if using AES-256.
* Therefore, to provide full security, *
* To achieve 256-bit security,
* you must use AES-256 and
* the entropy input must be at least: * the entropy input must be at least:
* - 24 bytes if using AES-128 and the \p custom * - 48 bytes if the \p custom argument to
* argument to mbedtls_ctr_drbg_seed() may repeat * mbedtls_ctr_drbg_seed() may repeat (for example
* (for example because it is empty, or more generally * because it is empty, or more generally constant);
* constant); * - 32 bytes if the \p custom argument to
* - 48 bytes if using AES-256 and the \p custom * mbedtls_ctr_drbg_seed() includes a nonce.
* argument to mbedtls_ctr_drbg_seed() may repeat *
* (for example because it is empty, or more generally * To achieve 128-bit security,
* constant); * whether AES-128 or AES-256 is used,
* - 16 bytes if using AES-128 and the \p custom * the entropy input must be at least:
* argument to mbedtls_ctr_drbg_seed() includes * - 24 bytes if the \p custom argument to
* a nonce; * mbedtls_ctr_drbg_seed() may repeat (for example
* - 32 bytes if using AES-256 and the \p custom * because it is empty, or more generally constant);
* argument to mbedtls_ctr_drbg_seed() includes * - 16 bytes if the \p custom argument to
* a nonce. * mbedtls_ctr_drbg_seed() includes a nonce.
* *
* \param ctx The CTR_DRBG context. * \param ctx The CTR_DRBG context.
* \param len The amount of entropy to grab, in bytes. * \param len The amount of entropy to grab, in bytes.