11da177e4SLinus Torvalds# 2685784aaSDan Williams# Generic algorithms support 3685784aaSDan Williams# 4685784aaSDan Williamsconfig XOR_BLOCKS 5685784aaSDan Williams tristate 6685784aaSDan Williams 7685784aaSDan Williams# 89bc89cd8SDan Williams# async_tx api: hardware offloaded memory transfer/transform support 99bc89cd8SDan Williams# 109bc89cd8SDan Williamssource "crypto/async_tx/Kconfig" 119bc89cd8SDan Williams 129bc89cd8SDan Williams# 131da177e4SLinus Torvalds# Cryptographic API Configuration 141da177e4SLinus Torvalds# 152e290f43SJan Engelhardtmenuconfig CRYPTO 16c3715cb9SSebastian Siewior tristate "Cryptographic API" 171da177e4SLinus Torvalds help 181da177e4SLinus Torvalds This option provides the core Cryptographic API. 191da177e4SLinus Torvalds 20cce9e06dSHerbert Xuif CRYPTO 21cce9e06dSHerbert Xu 22584fffc8SSebastian Siewiorcomment "Crypto core or helper" 23584fffc8SSebastian Siewior 24ccb778e1SNeil Hormanconfig CRYPTO_FIPS 25ccb778e1SNeil Horman bool "FIPS 200 compliance" 26e84c5480SChuck Ebbert depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS 27ccb778e1SNeil Horman help 28ccb778e1SNeil Horman This options enables the fips boot option which is 29ccb778e1SNeil Horman required if you want to system to operate in a FIPS 200 30ccb778e1SNeil Horman certification. You should say no unless you know what 31e84c5480SChuck Ebbert this is. 32ccb778e1SNeil Horman 33cce9e06dSHerbert Xuconfig CRYPTO_ALGAPI 34cce9e06dSHerbert Xu tristate 356a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 36cce9e06dSHerbert Xu help 37cce9e06dSHerbert Xu This option provides the API for cryptographic algorithms. 38cce9e06dSHerbert Xu 396a0fcbb4SHerbert Xuconfig CRYPTO_ALGAPI2 406a0fcbb4SHerbert Xu tristate 416a0fcbb4SHerbert Xu 421ae97820SHerbert Xuconfig CRYPTO_AEAD 431ae97820SHerbert Xu tristate 446a0fcbb4SHerbert Xu select CRYPTO_AEAD2 451ae97820SHerbert Xu select CRYPTO_ALGAPI 461ae97820SHerbert Xu 476a0fcbb4SHerbert Xuconfig CRYPTO_AEAD2 486a0fcbb4SHerbert Xu tristate 496a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 506a0fcbb4SHerbert Xu 515cde0af2SHerbert Xuconfig CRYPTO_BLKCIPHER 525cde0af2SHerbert Xu tristate 536a0fcbb4SHerbert Xu select CRYPTO_BLKCIPHER2 545cde0af2SHerbert Xu select CRYPTO_ALGAPI 556a0fcbb4SHerbert Xu 566a0fcbb4SHerbert Xuconfig CRYPTO_BLKCIPHER2 576a0fcbb4SHerbert Xu tristate 586a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 596a0fcbb4SHerbert Xu select CRYPTO_RNG2 600a2e821dSHuang Ying select CRYPTO_WORKQUEUE 615cde0af2SHerbert Xu 62055bcee3SHerbert Xuconfig CRYPTO_HASH 63055bcee3SHerbert Xu tristate 646a0fcbb4SHerbert Xu select CRYPTO_HASH2 65055bcee3SHerbert Xu select CRYPTO_ALGAPI 66055bcee3SHerbert Xu 676a0fcbb4SHerbert Xuconfig CRYPTO_HASH2 686a0fcbb4SHerbert Xu tristate 696a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 706a0fcbb4SHerbert Xu 7117f0f4a4SNeil Hormanconfig CRYPTO_RNG 7217f0f4a4SNeil Horman tristate 736a0fcbb4SHerbert Xu select CRYPTO_RNG2 7417f0f4a4SNeil Horman select CRYPTO_ALGAPI 7517f0f4a4SNeil Horman 766a0fcbb4SHerbert Xuconfig CRYPTO_RNG2 776a0fcbb4SHerbert Xu tristate 786a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 796a0fcbb4SHerbert Xu 80a1d2f095SGeert Uytterhoevenconfig CRYPTO_PCOMP 81a1d2f095SGeert Uytterhoeven tristate 82bc94e596SHerbert Xu select CRYPTO_PCOMP2 83bc94e596SHerbert Xu select CRYPTO_ALGAPI 84bc94e596SHerbert Xu 85bc94e596SHerbert Xuconfig CRYPTO_PCOMP2 86bc94e596SHerbert Xu tristate 87a1d2f095SGeert Uytterhoeven select CRYPTO_ALGAPI2 88a1d2f095SGeert Uytterhoeven 892b8c19dbSHerbert Xuconfig CRYPTO_MANAGER 902b8c19dbSHerbert Xu tristate "Cryptographic algorithm manager" 916a0fcbb4SHerbert Xu select CRYPTO_MANAGER2 922b8c19dbSHerbert Xu help 932b8c19dbSHerbert Xu Create default cryptographic template instantiations such as 942b8c19dbSHerbert Xu cbc(aes). 952b8c19dbSHerbert Xu 966a0fcbb4SHerbert Xuconfig CRYPTO_MANAGER2 976a0fcbb4SHerbert Xu def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 986a0fcbb4SHerbert Xu select CRYPTO_AEAD2 996a0fcbb4SHerbert Xu select CRYPTO_HASH2 1006a0fcbb4SHerbert Xu select CRYPTO_BLKCIPHER2 101bc94e596SHerbert Xu select CRYPTO_PCOMP2 1026a0fcbb4SHerbert Xu 103a38f7907SSteffen Klassertconfig CRYPTO_USER 104a38f7907SSteffen Klassert tristate "Userspace cryptographic algorithm configuration" 1055db017aaSHerbert Xu depends on NET 106a38f7907SSteffen Klassert select CRYPTO_MANAGER 107a38f7907SSteffen Klassert help 108d19978f5SValdis.Kletnieks@vt.edu Userspace configuration for cryptographic instantiations such as 109a38f7907SSteffen Klassert cbc(aes). 110a38f7907SSteffen Klassert 111326a6346SHerbert Xuconfig CRYPTO_MANAGER_DISABLE_TESTS 112326a6346SHerbert Xu bool "Disable run-time self tests" 11300ca28a5SHerbert Xu default y 11400ca28a5SHerbert Xu depends on CRYPTO_MANAGER2 1150b767f96SAlexander Shishkin help 116326a6346SHerbert Xu Disable run-time self tests that normally take place at 117326a6346SHerbert Xu algorithm registration. 1180b767f96SAlexander Shishkin 119584fffc8SSebastian Siewiorconfig CRYPTO_GF128MUL 12008c70fc3SJussi Kivilinna tristate "GF(2^128) multiplication functions" 121584fffc8SSebastian Siewior help 122584fffc8SSebastian Siewior Efficient table driven implementation of multiplications in the 123584fffc8SSebastian Siewior field GF(2^128). This is needed by some cypher modes. This 124584fffc8SSebastian Siewior option will be selected automatically if you select such a 125584fffc8SSebastian Siewior cipher mode. Only select this option by hand if you expect to load 126584fffc8SSebastian Siewior an external module that requires these functions. 127584fffc8SSebastian Siewior 128584fffc8SSebastian Siewiorconfig CRYPTO_NULL 129584fffc8SSebastian Siewior tristate "Null algorithms" 130584fffc8SSebastian Siewior select CRYPTO_ALGAPI 131584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 132d35d2454SHerbert Xu select CRYPTO_HASH 133584fffc8SSebastian Siewior help 134584fffc8SSebastian Siewior These are 'Null' algorithms, used by IPsec, which do nothing. 135584fffc8SSebastian Siewior 1365068c7a8SSteffen Klassertconfig CRYPTO_PCRYPT 1375068c7a8SSteffen Klassert tristate "Parallel crypto engine (EXPERIMENTAL)" 1385068c7a8SSteffen Klassert depends on SMP && EXPERIMENTAL 1395068c7a8SSteffen Klassert select PADATA 1405068c7a8SSteffen Klassert select CRYPTO_MANAGER 1415068c7a8SSteffen Klassert select CRYPTO_AEAD 1425068c7a8SSteffen Klassert help 1435068c7a8SSteffen Klassert This converts an arbitrary crypto algorithm into a parallel 1445068c7a8SSteffen Klassert algorithm that executes in kernel threads. 1455068c7a8SSteffen Klassert 14625c38d3fSHuang Yingconfig CRYPTO_WORKQUEUE 14725c38d3fSHuang Ying tristate 14825c38d3fSHuang Ying 149584fffc8SSebastian Siewiorconfig CRYPTO_CRYPTD 150584fffc8SSebastian Siewior tristate "Software async crypto daemon" 151584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 152b8a28251SLoc Ho select CRYPTO_HASH 153584fffc8SSebastian Siewior select CRYPTO_MANAGER 154254eff77SHuang Ying select CRYPTO_WORKQUEUE 155584fffc8SSebastian Siewior help 156584fffc8SSebastian Siewior This is a generic software asynchronous crypto daemon that 157584fffc8SSebastian Siewior converts an arbitrary synchronous software crypto algorithm 158584fffc8SSebastian Siewior into an asynchronous algorithm that executes in a kernel thread. 159584fffc8SSebastian Siewior 160584fffc8SSebastian Siewiorconfig CRYPTO_AUTHENC 161584fffc8SSebastian Siewior tristate "Authenc support" 162584fffc8SSebastian Siewior select CRYPTO_AEAD 163584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 164584fffc8SSebastian Siewior select CRYPTO_MANAGER 165584fffc8SSebastian Siewior select CRYPTO_HASH 166584fffc8SSebastian Siewior help 167584fffc8SSebastian Siewior Authenc: Combined mode wrapper for IPsec. 168584fffc8SSebastian Siewior This is required for IPSec. 169584fffc8SSebastian Siewior 170584fffc8SSebastian Siewiorconfig CRYPTO_TEST 171584fffc8SSebastian Siewior tristate "Testing module" 172584fffc8SSebastian Siewior depends on m 173da7f033dSHerbert Xu select CRYPTO_MANAGER 174584fffc8SSebastian Siewior help 175584fffc8SSebastian Siewior Quick & dirty crypto test module. 176584fffc8SSebastian Siewior 177584fffc8SSebastian Siewiorcomment "Authenticated Encryption with Associated Data" 178584fffc8SSebastian Siewior 179584fffc8SSebastian Siewiorconfig CRYPTO_CCM 180584fffc8SSebastian Siewior tristate "CCM support" 181584fffc8SSebastian Siewior select CRYPTO_CTR 182584fffc8SSebastian Siewior select CRYPTO_AEAD 183584fffc8SSebastian Siewior help 184584fffc8SSebastian Siewior Support for Counter with CBC MAC. Required for IPsec. 185584fffc8SSebastian Siewior 186584fffc8SSebastian Siewiorconfig CRYPTO_GCM 187584fffc8SSebastian Siewior tristate "GCM/GMAC support" 188584fffc8SSebastian Siewior select CRYPTO_CTR 189584fffc8SSebastian Siewior select CRYPTO_AEAD 1909382d97aSHuang Ying select CRYPTO_GHASH 191584fffc8SSebastian Siewior help 192584fffc8SSebastian Siewior Support for Galois/Counter Mode (GCM) and Galois Message 193584fffc8SSebastian Siewior Authentication Code (GMAC). Required for IPSec. 194584fffc8SSebastian Siewior 195584fffc8SSebastian Siewiorconfig CRYPTO_SEQIV 196584fffc8SSebastian Siewior tristate "Sequence Number IV Generator" 197584fffc8SSebastian Siewior select CRYPTO_AEAD 198584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 199a0f000ecSHerbert Xu select CRYPTO_RNG 200584fffc8SSebastian Siewior help 201584fffc8SSebastian Siewior This IV generator generates an IV based on a sequence number by 202584fffc8SSebastian Siewior xoring it with a salt. This algorithm is mainly useful for CTR 203584fffc8SSebastian Siewior 204584fffc8SSebastian Siewiorcomment "Block modes" 205584fffc8SSebastian Siewior 206584fffc8SSebastian Siewiorconfig CRYPTO_CBC 207584fffc8SSebastian Siewior tristate "CBC support" 208584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 209584fffc8SSebastian Siewior select CRYPTO_MANAGER 210584fffc8SSebastian Siewior help 211584fffc8SSebastian Siewior CBC: Cipher Block Chaining mode 212584fffc8SSebastian Siewior This block cipher algorithm is required for IPSec. 213584fffc8SSebastian Siewior 214584fffc8SSebastian Siewiorconfig CRYPTO_CTR 215584fffc8SSebastian Siewior tristate "CTR support" 216584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 217584fffc8SSebastian Siewior select CRYPTO_SEQIV 218584fffc8SSebastian Siewior select CRYPTO_MANAGER 219584fffc8SSebastian Siewior help 220584fffc8SSebastian Siewior CTR: Counter mode 221584fffc8SSebastian Siewior This block cipher algorithm is required for IPSec. 222584fffc8SSebastian Siewior 223584fffc8SSebastian Siewiorconfig CRYPTO_CTS 224584fffc8SSebastian Siewior tristate "CTS support" 225584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 226584fffc8SSebastian Siewior help 227584fffc8SSebastian Siewior CTS: Cipher Text Stealing 228584fffc8SSebastian Siewior This is the Cipher Text Stealing mode as described by 229584fffc8SSebastian Siewior Section 8 of rfc2040 and referenced by rfc3962. 230584fffc8SSebastian Siewior (rfc3962 includes errata information in its Appendix A) 231584fffc8SSebastian Siewior This mode is required for Kerberos gss mechanism support 232584fffc8SSebastian Siewior for AES encryption. 233584fffc8SSebastian Siewior 234584fffc8SSebastian Siewiorconfig CRYPTO_ECB 235584fffc8SSebastian Siewior tristate "ECB support" 236584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 237584fffc8SSebastian Siewior select CRYPTO_MANAGER 238584fffc8SSebastian Siewior help 239584fffc8SSebastian Siewior ECB: Electronic CodeBook mode 240584fffc8SSebastian Siewior This is the simplest block cipher algorithm. It simply encrypts 241584fffc8SSebastian Siewior the input block by block. 242584fffc8SSebastian Siewior 243584fffc8SSebastian Siewiorconfig CRYPTO_LRW 2442470a2b2SJussi Kivilinna tristate "LRW support" 245584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 246584fffc8SSebastian Siewior select CRYPTO_MANAGER 247584fffc8SSebastian Siewior select CRYPTO_GF128MUL 248584fffc8SSebastian Siewior help 249584fffc8SSebastian Siewior LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 250584fffc8SSebastian Siewior narrow block cipher mode for dm-crypt. Use it with cipher 251584fffc8SSebastian Siewior specification string aes-lrw-benbi, the key must be 256, 320 or 384. 252584fffc8SSebastian Siewior The first 128, 192 or 256 bits in the key are used for AES and the 253584fffc8SSebastian Siewior rest is used to tie each cipher block to its logical position. 254584fffc8SSebastian Siewior 255584fffc8SSebastian Siewiorconfig CRYPTO_PCBC 256584fffc8SSebastian Siewior tristate "PCBC support" 257584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 258584fffc8SSebastian Siewior select CRYPTO_MANAGER 259584fffc8SSebastian Siewior help 260584fffc8SSebastian Siewior PCBC: Propagating Cipher Block Chaining mode 261584fffc8SSebastian Siewior This block cipher algorithm is required for RxRPC. 262584fffc8SSebastian Siewior 263584fffc8SSebastian Siewiorconfig CRYPTO_XTS 2645bcf8e6dSJussi Kivilinna tristate "XTS support" 265584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 266584fffc8SSebastian Siewior select CRYPTO_MANAGER 267584fffc8SSebastian Siewior select CRYPTO_GF128MUL 268584fffc8SSebastian Siewior help 269584fffc8SSebastian Siewior XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 270584fffc8SSebastian Siewior key size 256, 384 or 512 bits. This implementation currently 271584fffc8SSebastian Siewior can't handle a sectorsize which is not a multiple of 16 bytes. 272584fffc8SSebastian Siewior 273584fffc8SSebastian Siewiorcomment "Hash modes" 274584fffc8SSebastian Siewior 2751da177e4SLinus Torvaldsconfig CRYPTO_HMAC 2768425165dSHerbert Xu tristate "HMAC support" 2770796ae06SHerbert Xu select CRYPTO_HASH 27843518407SHerbert Xu select CRYPTO_MANAGER 2791da177e4SLinus Torvalds help 2801da177e4SLinus Torvalds HMAC: Keyed-Hashing for Message Authentication (RFC2104). 2811da177e4SLinus Torvalds This is required for IPSec. 2821da177e4SLinus Torvalds 283333b0d7eSKazunori MIYAZAWAconfig CRYPTO_XCBC 284333b0d7eSKazunori MIYAZAWA tristate "XCBC support" 285333b0d7eSKazunori MIYAZAWA depends on EXPERIMENTAL 286333b0d7eSKazunori MIYAZAWA select CRYPTO_HASH 287333b0d7eSKazunori MIYAZAWA select CRYPTO_MANAGER 288333b0d7eSKazunori MIYAZAWA help 289333b0d7eSKazunori MIYAZAWA XCBC: Keyed-Hashing with encryption algorithm 290333b0d7eSKazunori MIYAZAWA http://www.ietf.org/rfc/rfc3566.txt 291333b0d7eSKazunori MIYAZAWA http://csrc.nist.gov/encryption/modes/proposedmodes/ 292333b0d7eSKazunori MIYAZAWA xcbc-mac/xcbc-mac-spec.pdf 293333b0d7eSKazunori MIYAZAWA 294f1939f7cSShane Wangconfig CRYPTO_VMAC 295f1939f7cSShane Wang tristate "VMAC support" 296f1939f7cSShane Wang depends on EXPERIMENTAL 297f1939f7cSShane Wang select CRYPTO_HASH 298f1939f7cSShane Wang select CRYPTO_MANAGER 299f1939f7cSShane Wang help 300f1939f7cSShane Wang VMAC is a message authentication algorithm designed for 301f1939f7cSShane Wang very high speed on 64-bit architectures. 302f1939f7cSShane Wang 303f1939f7cSShane Wang See also: 304f1939f7cSShane Wang <http://fastcrypto.org/vmac> 305f1939f7cSShane Wang 306584fffc8SSebastian Siewiorcomment "Digest" 307584fffc8SSebastian Siewior 308584fffc8SSebastian Siewiorconfig CRYPTO_CRC32C 309584fffc8SSebastian Siewior tristate "CRC32c CRC algorithm" 3105773a3e6SHerbert Xu select CRYPTO_HASH 3116a0962b2SDarrick J. Wong select CRC32 3121da177e4SLinus Torvalds help 313584fffc8SSebastian Siewior Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 314584fffc8SSebastian Siewior by iSCSI for header and data digests and by others. 31569c35efcSHerbert Xu See Castagnoli93. Module will be crc32c. 3161da177e4SLinus Torvalds 3178cb51ba8SAustin Zhangconfig CRYPTO_CRC32C_INTEL 3188cb51ba8SAustin Zhang tristate "CRC32c INTEL hardware acceleration" 3198cb51ba8SAustin Zhang depends on X86 3208cb51ba8SAustin Zhang select CRYPTO_HASH 3218cb51ba8SAustin Zhang help 3228cb51ba8SAustin Zhang In Intel processor with SSE4.2 supported, the processor will 3238cb51ba8SAustin Zhang support CRC32C implementation using hardware accelerated CRC32 3248cb51ba8SAustin Zhang instruction. This option will create 'crc32c-intel' module, 3258cb51ba8SAustin Zhang which will enable any routine to use the CRC32 instruction to 3268cb51ba8SAustin Zhang gain performance compared with software implementation. 3278cb51ba8SAustin Zhang Module will be crc32c-intel. 3288cb51ba8SAustin Zhang 3292cdc6899SHuang Yingconfig CRYPTO_GHASH 3302cdc6899SHuang Ying tristate "GHASH digest algorithm" 3312cdc6899SHuang Ying select CRYPTO_GF128MUL 3322cdc6899SHuang Ying help 3332cdc6899SHuang Ying GHASH is message digest algorithm for GCM (Galois/Counter Mode). 3342cdc6899SHuang Ying 3351da177e4SLinus Torvaldsconfig CRYPTO_MD4 3361da177e4SLinus Torvalds tristate "MD4 digest algorithm" 337808a1763SAdrian-Ken Rueegsegger select CRYPTO_HASH 3381da177e4SLinus Torvalds help 3391da177e4SLinus Torvalds MD4 message digest algorithm (RFC1320). 3401da177e4SLinus Torvalds 3411da177e4SLinus Torvaldsconfig CRYPTO_MD5 3421da177e4SLinus Torvalds tristate "MD5 digest algorithm" 34314b75ba7SAdrian-Ken Rueegsegger select CRYPTO_HASH 3441da177e4SLinus Torvalds help 3451da177e4SLinus Torvalds MD5 message digest algorithm (RFC1321). 3461da177e4SLinus Torvalds 347584fffc8SSebastian Siewiorconfig CRYPTO_MICHAEL_MIC 348584fffc8SSebastian Siewior tristate "Michael MIC keyed digest algorithm" 34919e2bf14SAdrian-Ken Rueegsegger select CRYPTO_HASH 350584fffc8SSebastian Siewior help 351584fffc8SSebastian Siewior Michael MIC is used for message integrity protection in TKIP 352584fffc8SSebastian Siewior (IEEE 802.11i). This algorithm is required for TKIP, but it 353584fffc8SSebastian Siewior should not be used for other purposes because of the weakness 354584fffc8SSebastian Siewior of the algorithm. 355584fffc8SSebastian Siewior 35682798f90SAdrian-Ken Rueegseggerconfig CRYPTO_RMD128 35782798f90SAdrian-Ken Rueegsegger tristate "RIPEMD-128 digest algorithm" 3587c4468bcSHerbert Xu select CRYPTO_HASH 35982798f90SAdrian-Ken Rueegsegger help 36082798f90SAdrian-Ken Rueegsegger RIPEMD-128 (ISO/IEC 10118-3:2004). 36182798f90SAdrian-Ken Rueegsegger 36282798f90SAdrian-Ken Rueegsegger RIPEMD-128 is a 128-bit cryptographic hash function. It should only 36335ed4b35SMichael Witten be used as a secure replacement for RIPEMD. For other use cases, 36482798f90SAdrian-Ken Rueegsegger RIPEMD-160 should be used. 36582798f90SAdrian-Ken Rueegsegger 36682798f90SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 3676d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 36882798f90SAdrian-Ken Rueegsegger 36982798f90SAdrian-Ken Rueegseggerconfig CRYPTO_RMD160 37082798f90SAdrian-Ken Rueegsegger tristate "RIPEMD-160 digest algorithm" 371e5835fbaSHerbert Xu select CRYPTO_HASH 37282798f90SAdrian-Ken Rueegsegger help 37382798f90SAdrian-Ken Rueegsegger RIPEMD-160 (ISO/IEC 10118-3:2004). 37482798f90SAdrian-Ken Rueegsegger 37582798f90SAdrian-Ken Rueegsegger RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 37682798f90SAdrian-Ken Rueegsegger to be used as a secure replacement for the 128-bit hash functions 377b6d44341SAdrian Bunk MD4, MD5 and it's predecessor RIPEMD 378b6d44341SAdrian Bunk (not to be confused with RIPEMD-128). 37982798f90SAdrian-Ken Rueegsegger 380b6d44341SAdrian Bunk It's speed is comparable to SHA1 and there are no known attacks 381b6d44341SAdrian Bunk against RIPEMD-160. 382534fe2c1SAdrian-Ken Rueegsegger 383534fe2c1SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 3846d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 385534fe2c1SAdrian-Ken Rueegsegger 386534fe2c1SAdrian-Ken Rueegseggerconfig CRYPTO_RMD256 387534fe2c1SAdrian-Ken Rueegsegger tristate "RIPEMD-256 digest algorithm" 388d8a5e2e9SHerbert Xu select CRYPTO_HASH 389534fe2c1SAdrian-Ken Rueegsegger help 390b6d44341SAdrian Bunk RIPEMD-256 is an optional extension of RIPEMD-128 with a 391b6d44341SAdrian Bunk 256 bit hash. It is intended for applications that require 392b6d44341SAdrian Bunk longer hash-results, without needing a larger security level 393b6d44341SAdrian Bunk (than RIPEMD-128). 394534fe2c1SAdrian-Ken Rueegsegger 395534fe2c1SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 3966d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 397534fe2c1SAdrian-Ken Rueegsegger 398534fe2c1SAdrian-Ken Rueegseggerconfig CRYPTO_RMD320 399534fe2c1SAdrian-Ken Rueegsegger tristate "RIPEMD-320 digest algorithm" 4003b8efb4cSHerbert Xu select CRYPTO_HASH 401534fe2c1SAdrian-Ken Rueegsegger help 402b6d44341SAdrian Bunk RIPEMD-320 is an optional extension of RIPEMD-160 with a 403b6d44341SAdrian Bunk 320 bit hash. It is intended for applications that require 404b6d44341SAdrian Bunk longer hash-results, without needing a larger security level 405b6d44341SAdrian Bunk (than RIPEMD-160). 406534fe2c1SAdrian-Ken Rueegsegger 40782798f90SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 4086d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 40982798f90SAdrian-Ken Rueegsegger 4101da177e4SLinus Torvaldsconfig CRYPTO_SHA1 4111da177e4SLinus Torvalds tristate "SHA1 digest algorithm" 41254ccb367SAdrian-Ken Rueegsegger select CRYPTO_HASH 4131da177e4SLinus Torvalds help 4141da177e4SLinus Torvalds SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 4151da177e4SLinus Torvalds 41666be8951SMathias Krauseconfig CRYPTO_SHA1_SSSE3 41766be8951SMathias Krause tristate "SHA1 digest algorithm (SSSE3/AVX)" 41866be8951SMathias Krause depends on X86 && 64BIT 41966be8951SMathias Krause select CRYPTO_SHA1 42066be8951SMathias Krause select CRYPTO_HASH 42166be8951SMathias Krause help 42266be8951SMathias Krause SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 42366be8951SMathias Krause using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 42466be8951SMathias Krause Extensions (AVX), when available. 42566be8951SMathias Krause 4261da177e4SLinus Torvaldsconfig CRYPTO_SHA256 427cd12fb90SJonathan Lynch tristate "SHA224 and SHA256 digest algorithm" 42850e109b5SAdrian-Ken Rueegsegger select CRYPTO_HASH 4291da177e4SLinus Torvalds help 4301da177e4SLinus Torvalds SHA256 secure hash standard (DFIPS 180-2). 4311da177e4SLinus Torvalds 4321da177e4SLinus Torvalds This version of SHA implements a 256 bit hash with 128 bits of 4331da177e4SLinus Torvalds security against collision attacks. 4341da177e4SLinus Torvalds 435cd12fb90SJonathan Lynch This code also includes SHA-224, a 224 bit hash with 112 bits 436cd12fb90SJonathan Lynch of security against collision attacks. 437cd12fb90SJonathan Lynch 4381da177e4SLinus Torvaldsconfig CRYPTO_SHA512 4391da177e4SLinus Torvalds tristate "SHA384 and SHA512 digest algorithms" 440bd9d20dbSAdrian-Ken Rueegsegger select CRYPTO_HASH 4411da177e4SLinus Torvalds help 4421da177e4SLinus Torvalds SHA512 secure hash standard (DFIPS 180-2). 4431da177e4SLinus Torvalds 4441da177e4SLinus Torvalds This version of SHA implements a 512 bit hash with 256 bits of 4451da177e4SLinus Torvalds security against collision attacks. 4461da177e4SLinus Torvalds 4471da177e4SLinus Torvalds This code also includes SHA-384, a 384 bit hash with 192 bits 4481da177e4SLinus Torvalds of security against collision attacks. 4491da177e4SLinus Torvalds 4501da177e4SLinus Torvaldsconfig CRYPTO_TGR192 4511da177e4SLinus Torvalds tristate "Tiger digest algorithms" 452f63fbd3dSAdrian-Ken Rueegsegger select CRYPTO_HASH 4531da177e4SLinus Torvalds help 4541da177e4SLinus Torvalds Tiger hash algorithm 192, 160 and 128-bit hashes 4551da177e4SLinus Torvalds 4561da177e4SLinus Torvalds Tiger is a hash function optimized for 64-bit processors while 4571da177e4SLinus Torvalds still having decent performance on 32-bit processors. 4581da177e4SLinus Torvalds Tiger was developed by Ross Anderson and Eli Biham. 4591da177e4SLinus Torvalds 4601da177e4SLinus Torvalds See also: 4611da177e4SLinus Torvalds <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 4621da177e4SLinus Torvalds 463584fffc8SSebastian Siewiorconfig CRYPTO_WP512 464584fffc8SSebastian Siewior tristate "Whirlpool digest algorithms" 4654946510bSAdrian-Ken Rueegsegger select CRYPTO_HASH 4661da177e4SLinus Torvalds help 467584fffc8SSebastian Siewior Whirlpool hash algorithm 512, 384 and 256-bit hashes 4681da177e4SLinus Torvalds 469584fffc8SSebastian Siewior Whirlpool-512 is part of the NESSIE cryptographic primitives. 470584fffc8SSebastian Siewior Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 4711da177e4SLinus Torvalds 4721da177e4SLinus Torvalds See also: 4736d8de74cSJustin P. Mattock <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 4741da177e4SLinus Torvalds 4750e1227d3SHuang Yingconfig CRYPTO_GHASH_CLMUL_NI_INTEL 4760e1227d3SHuang Ying tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 4778af00860SRichard Weinberger depends on X86 && 64BIT 4780e1227d3SHuang Ying select CRYPTO_CRYPTD 4790e1227d3SHuang Ying help 4800e1227d3SHuang Ying GHASH is message digest algorithm for GCM (Galois/Counter Mode). 4810e1227d3SHuang Ying The implementation is accelerated by CLMUL-NI of Intel. 4820e1227d3SHuang Ying 483584fffc8SSebastian Siewiorcomment "Ciphers" 4841da177e4SLinus Torvalds 4851da177e4SLinus Torvaldsconfig CRYPTO_AES 4861da177e4SLinus Torvalds tristate "AES cipher algorithms" 487cce9e06dSHerbert Xu select CRYPTO_ALGAPI 4881da177e4SLinus Torvalds help 4891da177e4SLinus Torvalds AES cipher algorithms (FIPS-197). AES uses the Rijndael 4901da177e4SLinus Torvalds algorithm. 4911da177e4SLinus Torvalds 4921da177e4SLinus Torvalds Rijndael appears to be consistently a very good performer in 4931da177e4SLinus Torvalds both hardware and software across a wide range of computing 4941da177e4SLinus Torvalds environments regardless of its use in feedback or non-feedback 4951da177e4SLinus Torvalds modes. Its key setup time is excellent, and its key agility is 4961da177e4SLinus Torvalds good. Rijndael's very low memory requirements make it very well 4971da177e4SLinus Torvalds suited for restricted-space environments, in which it also 4981da177e4SLinus Torvalds demonstrates excellent performance. Rijndael's operations are 4991da177e4SLinus Torvalds among the easiest to defend against power and timing attacks. 5001da177e4SLinus Torvalds 5011da177e4SLinus Torvalds The AES specifies three key sizes: 128, 192 and 256 bits 5021da177e4SLinus Torvalds 5031da177e4SLinus Torvalds See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 5041da177e4SLinus Torvalds 5051da177e4SLinus Torvaldsconfig CRYPTO_AES_586 5061da177e4SLinus Torvalds tristate "AES cipher algorithms (i586)" 507cce9e06dSHerbert Xu depends on (X86 || UML_X86) && !64BIT 508cce9e06dSHerbert Xu select CRYPTO_ALGAPI 5095157dea8SSebastian Siewior select CRYPTO_AES 5101da177e4SLinus Torvalds help 5111da177e4SLinus Torvalds AES cipher algorithms (FIPS-197). AES uses the Rijndael 5121da177e4SLinus Torvalds algorithm. 5131da177e4SLinus Torvalds 5141da177e4SLinus Torvalds Rijndael appears to be consistently a very good performer in 5151da177e4SLinus Torvalds both hardware and software across a wide range of computing 5161da177e4SLinus Torvalds environments regardless of its use in feedback or non-feedback 5171da177e4SLinus Torvalds modes. Its key setup time is excellent, and its key agility is 5181da177e4SLinus Torvalds good. Rijndael's very low memory requirements make it very well 5191da177e4SLinus Torvalds suited for restricted-space environments, in which it also 5201da177e4SLinus Torvalds demonstrates excellent performance. Rijndael's operations are 5211da177e4SLinus Torvalds among the easiest to defend against power and timing attacks. 5221da177e4SLinus Torvalds 5231da177e4SLinus Torvalds The AES specifies three key sizes: 128, 192 and 256 bits 5241da177e4SLinus Torvalds 5251da177e4SLinus Torvalds See <http://csrc.nist.gov/encryption/aes/> for more information. 5261da177e4SLinus Torvalds 527a2a892a2SAndreas Steinmetzconfig CRYPTO_AES_X86_64 528a2a892a2SAndreas Steinmetz tristate "AES cipher algorithms (x86_64)" 529cce9e06dSHerbert Xu depends on (X86 || UML_X86) && 64BIT 530cce9e06dSHerbert Xu select CRYPTO_ALGAPI 53181190b32SSebastian Siewior select CRYPTO_AES 532a2a892a2SAndreas Steinmetz help 533a2a892a2SAndreas Steinmetz AES cipher algorithms (FIPS-197). AES uses the Rijndael 534a2a892a2SAndreas Steinmetz algorithm. 535a2a892a2SAndreas Steinmetz 536a2a892a2SAndreas Steinmetz Rijndael appears to be consistently a very good performer in 537a2a892a2SAndreas Steinmetz both hardware and software across a wide range of computing 538a2a892a2SAndreas Steinmetz environments regardless of its use in feedback or non-feedback 539a2a892a2SAndreas Steinmetz modes. Its key setup time is excellent, and its key agility is 540a2a892a2SAndreas Steinmetz good. Rijndael's very low memory requirements make it very well 541a2a892a2SAndreas Steinmetz suited for restricted-space environments, in which it also 542a2a892a2SAndreas Steinmetz demonstrates excellent performance. Rijndael's operations are 543a2a892a2SAndreas Steinmetz among the easiest to defend against power and timing attacks. 544a2a892a2SAndreas Steinmetz 545a2a892a2SAndreas Steinmetz The AES specifies three key sizes: 128, 192 and 256 bits 546a2a892a2SAndreas Steinmetz 547a2a892a2SAndreas Steinmetz See <http://csrc.nist.gov/encryption/aes/> for more information. 548a2a892a2SAndreas Steinmetz 54954b6a1bdSHuang Yingconfig CRYPTO_AES_NI_INTEL 55054b6a1bdSHuang Ying tristate "AES cipher algorithms (AES-NI)" 5518af00860SRichard Weinberger depends on X86 5520d258efbSMathias Krause select CRYPTO_AES_X86_64 if 64BIT 5530d258efbSMathias Krause select CRYPTO_AES_586 if !64BIT 55454b6a1bdSHuang Ying select CRYPTO_CRYPTD 55554b6a1bdSHuang Ying select CRYPTO_ALGAPI 55654b6a1bdSHuang Ying help 55754b6a1bdSHuang Ying Use Intel AES-NI instructions for AES algorithm. 55854b6a1bdSHuang Ying 55954b6a1bdSHuang Ying AES cipher algorithms (FIPS-197). AES uses the Rijndael 56054b6a1bdSHuang Ying algorithm. 56154b6a1bdSHuang Ying 56254b6a1bdSHuang Ying Rijndael appears to be consistently a very good performer in 56354b6a1bdSHuang Ying both hardware and software across a wide range of computing 56454b6a1bdSHuang Ying environments regardless of its use in feedback or non-feedback 56554b6a1bdSHuang Ying modes. Its key setup time is excellent, and its key agility is 56654b6a1bdSHuang Ying good. Rijndael's very low memory requirements make it very well 56754b6a1bdSHuang Ying suited for restricted-space environments, in which it also 56854b6a1bdSHuang Ying demonstrates excellent performance. Rijndael's operations are 56954b6a1bdSHuang Ying among the easiest to defend against power and timing attacks. 57054b6a1bdSHuang Ying 57154b6a1bdSHuang Ying The AES specifies three key sizes: 128, 192 and 256 bits 57254b6a1bdSHuang Ying 57354b6a1bdSHuang Ying See <http://csrc.nist.gov/encryption/aes/> for more information. 57454b6a1bdSHuang Ying 5750d258efbSMathias Krause In addition to AES cipher algorithm support, the acceleration 5760d258efbSMathias Krause for some popular block cipher mode is supported too, including 5770d258efbSMathias Krause ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 5780d258efbSMathias Krause acceleration for CTR. 5792cf4ac8bSHuang Ying 5801da177e4SLinus Torvaldsconfig CRYPTO_ANUBIS 5811da177e4SLinus Torvalds tristate "Anubis cipher algorithm" 582cce9e06dSHerbert Xu select CRYPTO_ALGAPI 5831da177e4SLinus Torvalds help 5841da177e4SLinus Torvalds Anubis cipher algorithm. 5851da177e4SLinus Torvalds 5861da177e4SLinus Torvalds Anubis is a variable key length cipher which can use keys from 5871da177e4SLinus Torvalds 128 bits to 320 bits in length. It was evaluated as a entrant 5881da177e4SLinus Torvalds in the NESSIE competition. 5891da177e4SLinus Torvalds 5901da177e4SLinus Torvalds See also: 5916d8de74cSJustin P. Mattock <https://www.cosic.esat.kuleuven.be/nessie/reports/> 5926d8de74cSJustin P. Mattock <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 5931da177e4SLinus Torvalds 594584fffc8SSebastian Siewiorconfig CRYPTO_ARC4 595584fffc8SSebastian Siewior tristate "ARC4 cipher algorithm" 596e2ee95b8SHye-Shik Chang select CRYPTO_ALGAPI 597e2ee95b8SHye-Shik Chang help 598584fffc8SSebastian Siewior ARC4 cipher algorithm. 599e2ee95b8SHye-Shik Chang 600584fffc8SSebastian Siewior ARC4 is a stream cipher using keys ranging from 8 bits to 2048 601584fffc8SSebastian Siewior bits in length. This algorithm is required for driver-based 602584fffc8SSebastian Siewior WEP, but it should not be for other purposes because of the 603584fffc8SSebastian Siewior weakness of the algorithm. 604584fffc8SSebastian Siewior 605584fffc8SSebastian Siewiorconfig CRYPTO_BLOWFISH 606584fffc8SSebastian Siewior tristate "Blowfish cipher algorithm" 607584fffc8SSebastian Siewior select CRYPTO_ALGAPI 60852ba867cSJussi Kivilinna select CRYPTO_BLOWFISH_COMMON 609584fffc8SSebastian Siewior help 610584fffc8SSebastian Siewior Blowfish cipher algorithm, by Bruce Schneier. 611584fffc8SSebastian Siewior 612584fffc8SSebastian Siewior This is a variable key length cipher which can use keys from 32 613584fffc8SSebastian Siewior bits to 448 bits in length. It's fast, simple and specifically 614584fffc8SSebastian Siewior designed for use on "large microprocessors". 615e2ee95b8SHye-Shik Chang 616e2ee95b8SHye-Shik Chang See also: 617584fffc8SSebastian Siewior <http://www.schneier.com/blowfish.html> 618584fffc8SSebastian Siewior 61952ba867cSJussi Kivilinnaconfig CRYPTO_BLOWFISH_COMMON 62052ba867cSJussi Kivilinna tristate 62152ba867cSJussi Kivilinna help 62252ba867cSJussi Kivilinna Common parts of the Blowfish cipher algorithm shared by the 62352ba867cSJussi Kivilinna generic c and the assembler implementations. 62452ba867cSJussi Kivilinna 62552ba867cSJussi Kivilinna See also: 62652ba867cSJussi Kivilinna <http://www.schneier.com/blowfish.html> 62752ba867cSJussi Kivilinna 62864b94ceaSJussi Kivilinnaconfig CRYPTO_BLOWFISH_X86_64 62964b94ceaSJussi Kivilinna tristate "Blowfish cipher algorithm (x86_64)" 630f21a7c19SAl Viro depends on X86 && 64BIT 63164b94ceaSJussi Kivilinna select CRYPTO_ALGAPI 63264b94ceaSJussi Kivilinna select CRYPTO_BLOWFISH_COMMON 63364b94ceaSJussi Kivilinna help 63464b94ceaSJussi Kivilinna Blowfish cipher algorithm (x86_64), by Bruce Schneier. 63564b94ceaSJussi Kivilinna 63664b94ceaSJussi Kivilinna This is a variable key length cipher which can use keys from 32 63764b94ceaSJussi Kivilinna bits to 448 bits in length. It's fast, simple and specifically 63864b94ceaSJussi Kivilinna designed for use on "large microprocessors". 63964b94ceaSJussi Kivilinna 64064b94ceaSJussi Kivilinna See also: 64164b94ceaSJussi Kivilinna <http://www.schneier.com/blowfish.html> 64264b94ceaSJussi Kivilinna 643584fffc8SSebastian Siewiorconfig CRYPTO_CAMELLIA 644584fffc8SSebastian Siewior tristate "Camellia cipher algorithms" 645584fffc8SSebastian Siewior depends on CRYPTO 646584fffc8SSebastian Siewior select CRYPTO_ALGAPI 647584fffc8SSebastian Siewior help 648584fffc8SSebastian Siewior Camellia cipher algorithms module. 649584fffc8SSebastian Siewior 650584fffc8SSebastian Siewior Camellia is a symmetric key block cipher developed jointly 651584fffc8SSebastian Siewior at NTT and Mitsubishi Electric Corporation. 652584fffc8SSebastian Siewior 653584fffc8SSebastian Siewior The Camellia specifies three key sizes: 128, 192 and 256 bits. 654584fffc8SSebastian Siewior 655584fffc8SSebastian Siewior See also: 656584fffc8SSebastian Siewior <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 657584fffc8SSebastian Siewior 6580b95ec56SJussi Kivilinnaconfig CRYPTO_CAMELLIA_X86_64 6590b95ec56SJussi Kivilinna tristate "Camellia cipher algorithm (x86_64)" 660f21a7c19SAl Viro depends on X86 && 64BIT 6610b95ec56SJussi Kivilinna depends on CRYPTO 6620b95ec56SJussi Kivilinna select CRYPTO_ALGAPI 6630b95ec56SJussi Kivilinna select CRYPTO_LRW 6640b95ec56SJussi Kivilinna select CRYPTO_XTS 6650b95ec56SJussi Kivilinna help 6660b95ec56SJussi Kivilinna Camellia cipher algorithm module (x86_64). 6670b95ec56SJussi Kivilinna 6680b95ec56SJussi Kivilinna Camellia is a symmetric key block cipher developed jointly 6690b95ec56SJussi Kivilinna at NTT and Mitsubishi Electric Corporation. 6700b95ec56SJussi Kivilinna 6710b95ec56SJussi Kivilinna The Camellia specifies three key sizes: 128, 192 and 256 bits. 6720b95ec56SJussi Kivilinna 6730b95ec56SJussi Kivilinna See also: 6740b95ec56SJussi Kivilinna <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 6750b95ec56SJussi Kivilinna 676584fffc8SSebastian Siewiorconfig CRYPTO_CAST5 677584fffc8SSebastian Siewior tristate "CAST5 (CAST-128) cipher algorithm" 678584fffc8SSebastian Siewior select CRYPTO_ALGAPI 679584fffc8SSebastian Siewior help 680584fffc8SSebastian Siewior The CAST5 encryption algorithm (synonymous with CAST-128) is 681584fffc8SSebastian Siewior described in RFC2144. 682584fffc8SSebastian Siewior 683584fffc8SSebastian Siewiorconfig CRYPTO_CAST6 684584fffc8SSebastian Siewior tristate "CAST6 (CAST-256) cipher algorithm" 685584fffc8SSebastian Siewior select CRYPTO_ALGAPI 686584fffc8SSebastian Siewior help 687584fffc8SSebastian Siewior The CAST6 encryption algorithm (synonymous with CAST-256) is 688584fffc8SSebastian Siewior described in RFC2612. 689584fffc8SSebastian Siewior 690584fffc8SSebastian Siewiorconfig CRYPTO_DES 691584fffc8SSebastian Siewior tristate "DES and Triple DES EDE cipher algorithms" 692584fffc8SSebastian Siewior select CRYPTO_ALGAPI 693584fffc8SSebastian Siewior help 694584fffc8SSebastian Siewior DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 695584fffc8SSebastian Siewior 696584fffc8SSebastian Siewiorconfig CRYPTO_FCRYPT 697584fffc8SSebastian Siewior tristate "FCrypt cipher algorithm" 698584fffc8SSebastian Siewior select CRYPTO_ALGAPI 699584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 700584fffc8SSebastian Siewior help 701584fffc8SSebastian Siewior FCrypt algorithm used by RxRPC. 702584fffc8SSebastian Siewior 703584fffc8SSebastian Siewiorconfig CRYPTO_KHAZAD 704584fffc8SSebastian Siewior tristate "Khazad cipher algorithm" 705584fffc8SSebastian Siewior select CRYPTO_ALGAPI 706584fffc8SSebastian Siewior help 707584fffc8SSebastian Siewior Khazad cipher algorithm. 708584fffc8SSebastian Siewior 709584fffc8SSebastian Siewior Khazad was a finalist in the initial NESSIE competition. It is 710584fffc8SSebastian Siewior an algorithm optimized for 64-bit processors with good performance 711584fffc8SSebastian Siewior on 32-bit processors. Khazad uses an 128 bit key size. 712584fffc8SSebastian Siewior 713584fffc8SSebastian Siewior See also: 7146d8de74cSJustin P. Mattock <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 715e2ee95b8SHye-Shik Chang 7162407d608STan Swee Hengconfig CRYPTO_SALSA20 7172407d608STan Swee Heng tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)" 7182407d608STan Swee Heng depends on EXPERIMENTAL 7192407d608STan Swee Heng select CRYPTO_BLKCIPHER 7202407d608STan Swee Heng help 7212407d608STan Swee Heng Salsa20 stream cipher algorithm. 7222407d608STan Swee Heng 7232407d608STan Swee Heng Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 7242407d608STan Swee Heng Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 7252407d608STan Swee Heng 7262407d608STan Swee Heng The Salsa20 stream cipher algorithm is designed by Daniel J. 7272407d608STan Swee Heng Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 7281da177e4SLinus Torvalds 729974e4b75STan Swee Hengconfig CRYPTO_SALSA20_586 730974e4b75STan Swee Heng tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)" 731974e4b75STan Swee Heng depends on (X86 || UML_X86) && !64BIT 732974e4b75STan Swee Heng depends on EXPERIMENTAL 733974e4b75STan Swee Heng select CRYPTO_BLKCIPHER 734974e4b75STan Swee Heng help 735974e4b75STan Swee Heng Salsa20 stream cipher algorithm. 736974e4b75STan Swee Heng 737974e4b75STan Swee Heng Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 738974e4b75STan Swee Heng Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 739974e4b75STan Swee Heng 740974e4b75STan Swee Heng The Salsa20 stream cipher algorithm is designed by Daniel J. 741974e4b75STan Swee Heng Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 742974e4b75STan Swee Heng 7439a7dafbbSTan Swee Hengconfig CRYPTO_SALSA20_X86_64 7449a7dafbbSTan Swee Heng tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)" 7459a7dafbbSTan Swee Heng depends on (X86 || UML_X86) && 64BIT 7469a7dafbbSTan Swee Heng depends on EXPERIMENTAL 7479a7dafbbSTan Swee Heng select CRYPTO_BLKCIPHER 7489a7dafbbSTan Swee Heng help 7499a7dafbbSTan Swee Heng Salsa20 stream cipher algorithm. 7509a7dafbbSTan Swee Heng 7519a7dafbbSTan Swee Heng Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 7529a7dafbbSTan Swee Heng Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 7539a7dafbbSTan Swee Heng 7549a7dafbbSTan Swee Heng The Salsa20 stream cipher algorithm is designed by Daniel J. 7559a7dafbbSTan Swee Heng Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 7569a7dafbbSTan Swee Heng 757584fffc8SSebastian Siewiorconfig CRYPTO_SEED 758584fffc8SSebastian Siewior tristate "SEED cipher algorithm" 759584fffc8SSebastian Siewior select CRYPTO_ALGAPI 760584fffc8SSebastian Siewior help 761584fffc8SSebastian Siewior SEED cipher algorithm (RFC4269). 762584fffc8SSebastian Siewior 763584fffc8SSebastian Siewior SEED is a 128-bit symmetric key block cipher that has been 764584fffc8SSebastian Siewior developed by KISA (Korea Information Security Agency) as a 765584fffc8SSebastian Siewior national standard encryption algorithm of the Republic of Korea. 766584fffc8SSebastian Siewior It is a 16 round block cipher with the key size of 128 bit. 767584fffc8SSebastian Siewior 768584fffc8SSebastian Siewior See also: 769584fffc8SSebastian Siewior <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 770584fffc8SSebastian Siewior 771584fffc8SSebastian Siewiorconfig CRYPTO_SERPENT 772584fffc8SSebastian Siewior tristate "Serpent cipher algorithm" 773584fffc8SSebastian Siewior select CRYPTO_ALGAPI 774584fffc8SSebastian Siewior help 775584fffc8SSebastian Siewior Serpent cipher algorithm, by Anderson, Biham & Knudsen. 776584fffc8SSebastian Siewior 777584fffc8SSebastian Siewior Keys are allowed to be from 0 to 256 bits in length, in steps 778584fffc8SSebastian Siewior of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 779584fffc8SSebastian Siewior variant of Serpent for compatibility with old kerneli.org code. 780584fffc8SSebastian Siewior 781584fffc8SSebastian Siewior See also: 782584fffc8SSebastian Siewior <http://www.cl.cam.ac.uk/~rja14/serpent.html> 783584fffc8SSebastian Siewior 784937c30d7SJussi Kivilinnaconfig CRYPTO_SERPENT_SSE2_X86_64 785937c30d7SJussi Kivilinna tristate "Serpent cipher algorithm (x86_64/SSE2)" 786937c30d7SJussi Kivilinna depends on X86 && 64BIT 787937c30d7SJussi Kivilinna select CRYPTO_ALGAPI 788341975bfSJussi Kivilinna select CRYPTO_CRYPTD 789937c30d7SJussi Kivilinna select CRYPTO_SERPENT 790feaf0cfcSJussi Kivilinna select CRYPTO_LRW 791feaf0cfcSJussi Kivilinna select CRYPTO_XTS 792937c30d7SJussi Kivilinna help 793937c30d7SJussi Kivilinna Serpent cipher algorithm, by Anderson, Biham & Knudsen. 794937c30d7SJussi Kivilinna 795937c30d7SJussi Kivilinna Keys are allowed to be from 0 to 256 bits in length, in steps 796937c30d7SJussi Kivilinna of 8 bits. 797937c30d7SJussi Kivilinna 798937c30d7SJussi Kivilinna This module provides Serpent cipher algorithm that processes eigth 799937c30d7SJussi Kivilinna blocks parallel using SSE2 instruction set. 800937c30d7SJussi Kivilinna 801937c30d7SJussi Kivilinna See also: 802937c30d7SJussi Kivilinna <http://www.cl.cam.ac.uk/~rja14/serpent.html> 803937c30d7SJussi Kivilinna 804251496dbSJussi Kivilinnaconfig CRYPTO_SERPENT_SSE2_586 805251496dbSJussi Kivilinna tristate "Serpent cipher algorithm (i586/SSE2)" 806251496dbSJussi Kivilinna depends on X86 && !64BIT 807251496dbSJussi Kivilinna select CRYPTO_ALGAPI 808341975bfSJussi Kivilinna select CRYPTO_CRYPTD 809251496dbSJussi Kivilinna select CRYPTO_SERPENT 810feaf0cfcSJussi Kivilinna select CRYPTO_LRW 811feaf0cfcSJussi Kivilinna select CRYPTO_XTS 812251496dbSJussi Kivilinna help 813251496dbSJussi Kivilinna Serpent cipher algorithm, by Anderson, Biham & Knudsen. 814251496dbSJussi Kivilinna 815251496dbSJussi Kivilinna Keys are allowed to be from 0 to 256 bits in length, in steps 816251496dbSJussi Kivilinna of 8 bits. 817251496dbSJussi Kivilinna 818251496dbSJussi Kivilinna This module provides Serpent cipher algorithm that processes four 819251496dbSJussi Kivilinna blocks parallel using SSE2 instruction set. 820251496dbSJussi Kivilinna 821251496dbSJussi Kivilinna See also: 822251496dbSJussi Kivilinna <http://www.cl.cam.ac.uk/~rja14/serpent.html> 823251496dbSJussi Kivilinna 824584fffc8SSebastian Siewiorconfig CRYPTO_TEA 825584fffc8SSebastian Siewior tristate "TEA, XTEA and XETA cipher algorithms" 826584fffc8SSebastian Siewior select CRYPTO_ALGAPI 827584fffc8SSebastian Siewior help 828584fffc8SSebastian Siewior TEA cipher algorithm. 829584fffc8SSebastian Siewior 830584fffc8SSebastian Siewior Tiny Encryption Algorithm is a simple cipher that uses 831584fffc8SSebastian Siewior many rounds for security. It is very fast and uses 832584fffc8SSebastian Siewior little memory. 833584fffc8SSebastian Siewior 834584fffc8SSebastian Siewior Xtendend Tiny Encryption Algorithm is a modification to 835584fffc8SSebastian Siewior the TEA algorithm to address a potential key weakness 836584fffc8SSebastian Siewior in the TEA algorithm. 837584fffc8SSebastian Siewior 838584fffc8SSebastian Siewior Xtendend Encryption Tiny Algorithm is a mis-implementation 839584fffc8SSebastian Siewior of the XTEA algorithm for compatibility purposes. 840584fffc8SSebastian Siewior 841584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH 842584fffc8SSebastian Siewior tristate "Twofish cipher algorithm" 843584fffc8SSebastian Siewior select CRYPTO_ALGAPI 844584fffc8SSebastian Siewior select CRYPTO_TWOFISH_COMMON 845584fffc8SSebastian Siewior help 846584fffc8SSebastian Siewior Twofish cipher algorithm. 847584fffc8SSebastian Siewior 848584fffc8SSebastian Siewior Twofish was submitted as an AES (Advanced Encryption Standard) 849584fffc8SSebastian Siewior candidate cipher by researchers at CounterPane Systems. It is a 850584fffc8SSebastian Siewior 16 round block cipher supporting key sizes of 128, 192, and 256 851584fffc8SSebastian Siewior bits. 852584fffc8SSebastian Siewior 853584fffc8SSebastian Siewior See also: 854584fffc8SSebastian Siewior <http://www.schneier.com/twofish.html> 855584fffc8SSebastian Siewior 856584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH_COMMON 857584fffc8SSebastian Siewior tristate 858584fffc8SSebastian Siewior help 859584fffc8SSebastian Siewior Common parts of the Twofish cipher algorithm shared by the 860584fffc8SSebastian Siewior generic c and the assembler implementations. 861584fffc8SSebastian Siewior 862584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH_586 863584fffc8SSebastian Siewior tristate "Twofish cipher algorithms (i586)" 864584fffc8SSebastian Siewior depends on (X86 || UML_X86) && !64BIT 865584fffc8SSebastian Siewior select CRYPTO_ALGAPI 866584fffc8SSebastian Siewior select CRYPTO_TWOFISH_COMMON 867584fffc8SSebastian Siewior help 868584fffc8SSebastian Siewior Twofish cipher algorithm. 869584fffc8SSebastian Siewior 870584fffc8SSebastian Siewior Twofish was submitted as an AES (Advanced Encryption Standard) 871584fffc8SSebastian Siewior candidate cipher by researchers at CounterPane Systems. It is a 872584fffc8SSebastian Siewior 16 round block cipher supporting key sizes of 128, 192, and 256 873584fffc8SSebastian Siewior bits. 874584fffc8SSebastian Siewior 875584fffc8SSebastian Siewior See also: 876584fffc8SSebastian Siewior <http://www.schneier.com/twofish.html> 877584fffc8SSebastian Siewior 878584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH_X86_64 879584fffc8SSebastian Siewior tristate "Twofish cipher algorithm (x86_64)" 880584fffc8SSebastian Siewior depends on (X86 || UML_X86) && 64BIT 881584fffc8SSebastian Siewior select CRYPTO_ALGAPI 882584fffc8SSebastian Siewior select CRYPTO_TWOFISH_COMMON 883584fffc8SSebastian Siewior help 884584fffc8SSebastian Siewior Twofish cipher algorithm (x86_64). 885584fffc8SSebastian Siewior 886584fffc8SSebastian Siewior Twofish was submitted as an AES (Advanced Encryption Standard) 887584fffc8SSebastian Siewior candidate cipher by researchers at CounterPane Systems. It is a 888584fffc8SSebastian Siewior 16 round block cipher supporting key sizes of 128, 192, and 256 889584fffc8SSebastian Siewior bits. 890584fffc8SSebastian Siewior 891584fffc8SSebastian Siewior See also: 892584fffc8SSebastian Siewior <http://www.schneier.com/twofish.html> 893584fffc8SSebastian Siewior 8948280daadSJussi Kivilinnaconfig CRYPTO_TWOFISH_X86_64_3WAY 8958280daadSJussi Kivilinna tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 896f21a7c19SAl Viro depends on X86 && 64BIT 8978280daadSJussi Kivilinna select CRYPTO_ALGAPI 8988280daadSJussi Kivilinna select CRYPTO_TWOFISH_COMMON 8998280daadSJussi Kivilinna select CRYPTO_TWOFISH_X86_64 900e7cda5d2SJussi Kivilinna select CRYPTO_LRW 901e7cda5d2SJussi Kivilinna select CRYPTO_XTS 9028280daadSJussi Kivilinna help 9038280daadSJussi Kivilinna Twofish cipher algorithm (x86_64, 3-way parallel). 9048280daadSJussi Kivilinna 9058280daadSJussi Kivilinna Twofish was submitted as an AES (Advanced Encryption Standard) 9068280daadSJussi Kivilinna candidate cipher by researchers at CounterPane Systems. It is a 9078280daadSJussi Kivilinna 16 round block cipher supporting key sizes of 128, 192, and 256 9088280daadSJussi Kivilinna bits. 9098280daadSJussi Kivilinna 9108280daadSJussi Kivilinna This module provides Twofish cipher algorithm that processes three 9118280daadSJussi Kivilinna blocks parallel, utilizing resources of out-of-order CPUs better. 9128280daadSJussi Kivilinna 9138280daadSJussi Kivilinna See also: 9148280daadSJussi Kivilinna <http://www.schneier.com/twofish.html> 9158280daadSJussi Kivilinna 916*107778b5SJohannes Goetzfriedconfig CRYPTO_TWOFISH_AVX_X86_64 917*107778b5SJohannes Goetzfried tristate "Twofish cipher algorithm (x86_64/AVX)" 918*107778b5SJohannes Goetzfried depends on X86 && 64BIT 919*107778b5SJohannes Goetzfried select CRYPTO_ALGAPI 920*107778b5SJohannes Goetzfried select CRYPTO_CRYPTD 921*107778b5SJohannes Goetzfried select CRYPTO_TWOFISH_COMMON 922*107778b5SJohannes Goetzfried select CRYPTO_TWOFISH_X86_64 923*107778b5SJohannes Goetzfried select CRYPTO_TWOFISH_X86_64_3WAY 924*107778b5SJohannes Goetzfried select CRYPTO_LRW 925*107778b5SJohannes Goetzfried select CRYPTO_XTS 926*107778b5SJohannes Goetzfried help 927*107778b5SJohannes Goetzfried Twofish cipher algorithm (x86_64/AVX). 928*107778b5SJohannes Goetzfried 929*107778b5SJohannes Goetzfried Twofish was submitted as an AES (Advanced Encryption Standard) 930*107778b5SJohannes Goetzfried candidate cipher by researchers at CounterPane Systems. It is a 931*107778b5SJohannes Goetzfried 16 round block cipher supporting key sizes of 128, 192, and 256 932*107778b5SJohannes Goetzfried bits. 933*107778b5SJohannes Goetzfried 934*107778b5SJohannes Goetzfried This module provides the Twofish cipher algorithm that processes 935*107778b5SJohannes Goetzfried eight blocks parallel using the AVX Instruction Set. 936*107778b5SJohannes Goetzfried 937*107778b5SJohannes Goetzfried See also: 938*107778b5SJohannes Goetzfried <http://www.schneier.com/twofish.html> 939*107778b5SJohannes Goetzfried 940584fffc8SSebastian Siewiorcomment "Compression" 941584fffc8SSebastian Siewior 9421da177e4SLinus Torvaldsconfig CRYPTO_DEFLATE 9431da177e4SLinus Torvalds tristate "Deflate compression algorithm" 944cce9e06dSHerbert Xu select CRYPTO_ALGAPI 9451da177e4SLinus Torvalds select ZLIB_INFLATE 9461da177e4SLinus Torvalds select ZLIB_DEFLATE 9471da177e4SLinus Torvalds help 9481da177e4SLinus Torvalds This is the Deflate algorithm (RFC1951), specified for use in 9491da177e4SLinus Torvalds IPSec with the IPCOMP protocol (RFC3173, RFC2394). 9501da177e4SLinus Torvalds 9511da177e4SLinus Torvalds You will most probably want this if using IPSec. 9521da177e4SLinus Torvalds 953bf68e65eSGeert Uytterhoevenconfig CRYPTO_ZLIB 954bf68e65eSGeert Uytterhoeven tristate "Zlib compression algorithm" 955bf68e65eSGeert Uytterhoeven select CRYPTO_PCOMP 956bf68e65eSGeert Uytterhoeven select ZLIB_INFLATE 957bf68e65eSGeert Uytterhoeven select ZLIB_DEFLATE 958bf68e65eSGeert Uytterhoeven select NLATTR 959bf68e65eSGeert Uytterhoeven help 960bf68e65eSGeert Uytterhoeven This is the zlib algorithm. 961bf68e65eSGeert Uytterhoeven 9620b77abb3SZoltan Sogorconfig CRYPTO_LZO 9630b77abb3SZoltan Sogor tristate "LZO compression algorithm" 9640b77abb3SZoltan Sogor select CRYPTO_ALGAPI 9650b77abb3SZoltan Sogor select LZO_COMPRESS 9660b77abb3SZoltan Sogor select LZO_DECOMPRESS 9670b77abb3SZoltan Sogor help 9680b77abb3SZoltan Sogor This is the LZO algorithm. 9690b77abb3SZoltan Sogor 97017f0f4a4SNeil Hormancomment "Random Number Generation" 97117f0f4a4SNeil Horman 97217f0f4a4SNeil Hormanconfig CRYPTO_ANSI_CPRNG 97317f0f4a4SNeil Horman tristate "Pseudo Random Number Generation for Cryptographic modules" 9744e4ed83bSNeil Horman default m 97517f0f4a4SNeil Horman select CRYPTO_AES 97617f0f4a4SNeil Horman select CRYPTO_RNG 97717f0f4a4SNeil Horman help 97817f0f4a4SNeil Horman This option enables the generic pseudo random number generator 97917f0f4a4SNeil Horman for cryptographic modules. Uses the Algorithm specified in 9807dd607e8SJiri Kosina ANSI X9.31 A.2.4. Note that this option must be enabled if 9817dd607e8SJiri Kosina CRYPTO_FIPS is selected 98217f0f4a4SNeil Horman 98303c8efc1SHerbert Xuconfig CRYPTO_USER_API 98403c8efc1SHerbert Xu tristate 98503c8efc1SHerbert Xu 986fe869cdbSHerbert Xuconfig CRYPTO_USER_API_HASH 987fe869cdbSHerbert Xu tristate "User-space interface for hash algorithms" 9887451708fSHerbert Xu depends on NET 989fe869cdbSHerbert Xu select CRYPTO_HASH 990fe869cdbSHerbert Xu select CRYPTO_USER_API 991fe869cdbSHerbert Xu help 992fe869cdbSHerbert Xu This option enables the user-spaces interface for hash 993fe869cdbSHerbert Xu algorithms. 994fe869cdbSHerbert Xu 9958ff59090SHerbert Xuconfig CRYPTO_USER_API_SKCIPHER 9968ff59090SHerbert Xu tristate "User-space interface for symmetric key cipher algorithms" 9977451708fSHerbert Xu depends on NET 9988ff59090SHerbert Xu select CRYPTO_BLKCIPHER 9998ff59090SHerbert Xu select CRYPTO_USER_API 10008ff59090SHerbert Xu help 10018ff59090SHerbert Xu This option enables the user-spaces interface for symmetric 10028ff59090SHerbert Xu key cipher algorithms. 10038ff59090SHerbert Xu 10041da177e4SLinus Torvaldssource "drivers/crypto/Kconfig" 10051da177e4SLinus Torvalds 1006cce9e06dSHerbert Xuendif # if CRYPTO 1007