xref: /linux/arch/arm/crypto/Kconfig (revision 71e59795c9f65a30416ed719b4b4da585df3903a) 
1# SPDX-License-Identifier: GPL-2.0
2
3menu "Accelerated Cryptographic Algorithms for CPU (arm)"
4
5config CRYPTO_GHASH_ARM_CE
6	tristate "AEAD cipher: AES in GCM mode (ARMv8 Crypto Extensions)"
7	depends on KERNEL_MODE_NEON
8	select CRYPTO_AEAD
9	select CRYPTO_LIB_AES
10	select CRYPTO_LIB_GF128MUL
11	help
12	  AEAD cipher: AES-GCM
13
14	  Architecture: arm using
15	  - ARMv8 Crypto Extensions
16
17config CRYPTO_AES_ARM_BS
18	tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (bit-sliced NEON)"
19	depends on KERNEL_MODE_NEON
20	select CRYPTO_SKCIPHER
21	select CRYPTO_LIB_AES
22	help
23	  Length-preserving ciphers: AES cipher algorithms (FIPS-197)
24	  with block cipher modes:
25	   - ECB (Electronic Codebook) mode (NIST SP800-38A)
26	   - CBC (Cipher Block Chaining) mode (NIST SP800-38A)
27	   - CTR (Counter) mode (NIST SP800-38A)
28	   - XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
29	     and IEEE 1619)
30
31	  Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode
32	  and for XTS mode encryption, CBC and XTS mode decryption speedup is
33	  around 25%. (CBC encryption speed is not affected by this driver.)
34
35	  The bit sliced AES code does not use lookup tables, so it is believed
36	  to be invulnerable to cache timing attacks. However, since the bit
37	  sliced AES code cannot process single blocks efficiently, in certain
38	  cases table-based code with some countermeasures against cache timing
39	  attacks will still be used as a fallback method; specifically CBC
40	  encryption (not CBC decryption), the encryption of XTS tweaks, XTS
41	  ciphertext stealing when the message isn't a multiple of 16 bytes, and
42	  CTR when invoked in a context in which NEON instructions are unusable.
43
44config CRYPTO_AES_ARM_CE
45	tristate "Ciphers: AES, modes: ECB/CBC/CTS/CTR/XTS (ARMv8 Crypto Extensions)"
46	depends on KERNEL_MODE_NEON
47	select CRYPTO_SKCIPHER
48	select CRYPTO_LIB_AES
49	help
50	  Length-preserving ciphers: AES cipher algorithms (FIPS-197)
51	   with block cipher modes:
52	   - ECB (Electronic Codebook) mode (NIST SP800-38A)
53	   - CBC (Cipher Block Chaining) mode (NIST SP800-38A)
54	   - CTR (Counter) mode (NIST SP800-38A)
55	   - CTS (Cipher Text Stealing) mode (NIST SP800-38A)
56	   - XTS (XOR Encrypt XOR with ciphertext stealing) mode (NIST SP800-38E
57	     and IEEE 1619)
58
59	  Architecture: arm using:
60	  - ARMv8 Crypto Extensions
61
62endmenu
63
64