Docs: Fixing error in key length.

Bug: 18234248
Change-Id: I2e9824dd5371b81c434327434a5216f76b444524

1 files changed, 2 insertions, 2 deletions

diff --git a/src/devices/tech/encryption/index.jd b/src/devices/tech/encryption/index.jd
index 9d633542..d7e93281 100644
--- a/src/devices/tech/encryption/index.jd
+++ b/src/devices/tech/encryption/index.jd
@@ -358,13 +358,13 @@ against off-box attacks, we extend this algorithm by signing the resultant key w
 
 <ol>
   <li>Generate random 16-byte disk encryption key (DEK) and 16-byte salt.
-  <li>Apply scrypt to the user password and the salt to produce 16-byte intermediate
+  <li>Apply scrypt to the user password and the salt to produce 32-byte intermediate
 key 1 (IK1).
   <li>Pad IK1 with zero bytes to the size of the hardware-bound private key (HBK).
 Specifically, we pad as: 00 || IK1 || 00..00; one zero byte, 32 IK1 bytes, 223
 zero bytes.
   <li>Sign padded IK1 with HBK to produce 256-byte IK2.
-  <li>Apply scrypt to IK2 and salt (same salt as step 2) to produce 16-byte IK3.
+  <li>Apply scrypt to IK2 and salt (same salt as step 2) to produce 32-byte IK3.
   <li>Use the first 16 bytes of IK3 as KEK and the last 16 bytes as IV.
   <li>Encrypt DEK with AES_CBC, with key KEK, and initialization vector IV.
 </ol>