diff --git a/include/internal/rand.h b/include/internal/rand.h
index 471b6b5..d56742e 100644
--- a/include/internal/rand.h
+++ b/include/internal/rand.h
@@ -15,22 +15,14 @@
 
 /*
  * Default security strength (in the sense of [NIST SP 800-90Ar1])
+ * of the default OpenSSL DRBG, and the corresponding NID.
  *
- * NIST SP 800-90Ar1 supports the strength of the DRBG being smaller than that
- * of the cipher by collecting less entropy. The current DRBG implemantion does
- * not take RAND_DRBG_STRENGTH into account and sets the strength of the DRBG
- * to that of the cipher.
+ * Currently supported values: 128, 192, 256
  *
- * RAND_DRBG_STRENGTH is currently only used for the legacy RAND
- * implementation.
- *
- * Currently supported ciphers are: NID_aes_128_ctr, NID_aes_192_ctr and
- * NID_aes_256_ctr
- *
- * TODO(DRBG): would be nice to have the NID and strength configurable
+ * TODO(DRBG): would be nice to have the strength configurable
  */
-# define RAND_DRBG_STRENGTH             256
-# define RAND_DRBG_NID                  NID_aes_256_ctr
+# define RAND_DRBG_STRENGTH             128
+# define RAND_DRBG_NID                  NID_aes_128_ctr
 
 /*
  * Object lifetime functions.