CTR_DRBG is limited to AES

Mbed-TLS / mbedtls

An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.

https://www.trustedfirmware.org/projects/mbed-tls/

Other

5.26k stars 2.57k forks source link

CTR_DRBG is limited to AES #63

Closed Thuffir closed 1 year ago

Thuffir commented 10 years ago

The module CTR_DRBG could be reworked to be able to use other block cyptos than only AES (like the HASH_DRBG module). This would make the module more future proof.

pjbakker commented 10 years ago

This is something we might do in the future.

tom-daubney-arm commented 1 year ago

Since CTR_DRBG is defined by NIST then the ciphers should be NIST approved. At present the only NIST approved block cipher is AES.

gilles-peskine-arm commented 1 year ago

Actually, this is probably going to happen soon-ish, as part of the move to more PSA support.

Since CTR_DRBG is defined by NIST then the ciphers should be NIST approved

No, there's no particular reason for that. Camellia and ARIA are designed to be drop-in replacements for AES.