Closed Thuffir closed 1 year ago
This is something we might do in the future.
Since CTR_DRBG is defined by NIST then the ciphers should be NIST approved. At present the only NIST approved block cipher is AES.
Actually, this is probably going to happen soon-ish, as part of the move to more PSA support.
Since CTR_DRBG is defined by NIST then the ciphers should be NIST approved
No, there's no particular reason for that. Camellia and ARIA are designed to be drop-in replacements for AES.
The module CTR_DRBG could be reworked to be able to use other block cyptos than only AES (like the HASH_DRBG module). This would make the module more future proof.