#25 Discard 3072 bytes instead of 256 bytes

[Paupiah Yashvi]

As per the recommendations outlined in Network Operations Division
Cryptographic Requirements published on Wikileaks on March 2017.
We discard more bytes of the first keysteam
to reduce the possibility of non-random bytes.
Similar to a change in FreeBSD:
https://svnweb.freebsd.org/base?view=revision&revision=315225