1*1da177e4SLinus Torvalds# 2*1da177e4SLinus Torvalds# Cryptographic API Configuration 3*1da177e4SLinus Torvalds# 4*1da177e4SLinus Torvalds 5*1da177e4SLinus Torvaldsmenu "Cryptographic options" 6*1da177e4SLinus Torvalds 7*1da177e4SLinus Torvaldsconfig CRYPTO 8*1da177e4SLinus Torvalds bool "Cryptographic API" 9*1da177e4SLinus Torvalds help 10*1da177e4SLinus Torvalds This option provides the core Cryptographic API. 11*1da177e4SLinus Torvalds 12*1da177e4SLinus Torvaldsconfig CRYPTO_HMAC 13*1da177e4SLinus Torvalds bool "HMAC support" 14*1da177e4SLinus Torvalds depends on CRYPTO 15*1da177e4SLinus Torvalds help 16*1da177e4SLinus Torvalds HMAC: Keyed-Hashing for Message Authentication (RFC2104). 17*1da177e4SLinus Torvalds This is required for IPSec. 18*1da177e4SLinus Torvalds 19*1da177e4SLinus Torvaldsconfig CRYPTO_NULL 20*1da177e4SLinus Torvalds tristate "Null algorithms" 21*1da177e4SLinus Torvalds depends on CRYPTO 22*1da177e4SLinus Torvalds help 23*1da177e4SLinus Torvalds These are 'Null' algorithms, used by IPsec, which do nothing. 24*1da177e4SLinus Torvalds 25*1da177e4SLinus Torvaldsconfig CRYPTO_MD4 26*1da177e4SLinus Torvalds tristate "MD4 digest algorithm" 27*1da177e4SLinus Torvalds depends on CRYPTO 28*1da177e4SLinus Torvalds help 29*1da177e4SLinus Torvalds MD4 message digest algorithm (RFC1320). 30*1da177e4SLinus Torvalds 31*1da177e4SLinus Torvaldsconfig CRYPTO_MD5 32*1da177e4SLinus Torvalds tristate "MD5 digest algorithm" 33*1da177e4SLinus Torvalds depends on CRYPTO 34*1da177e4SLinus Torvalds help 35*1da177e4SLinus Torvalds MD5 message digest algorithm (RFC1321). 36*1da177e4SLinus Torvalds 37*1da177e4SLinus Torvaldsconfig CRYPTO_SHA1 38*1da177e4SLinus Torvalds tristate "SHA1 digest algorithm" 39*1da177e4SLinus Torvalds depends on CRYPTO 40*1da177e4SLinus Torvalds help 41*1da177e4SLinus Torvalds SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 42*1da177e4SLinus Torvalds 43*1da177e4SLinus Torvaldsconfig CRYPTO_SHA1_Z990 44*1da177e4SLinus Torvalds tristate "SHA1 digest algorithm for IBM zSeries z990" 45*1da177e4SLinus Torvalds depends on CRYPTO && ARCH_S390 46*1da177e4SLinus Torvalds help 47*1da177e4SLinus Torvalds SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 48*1da177e4SLinus Torvalds 49*1da177e4SLinus Torvaldsconfig CRYPTO_SHA256 50*1da177e4SLinus Torvalds tristate "SHA256 digest algorithm" 51*1da177e4SLinus Torvalds depends on CRYPTO 52*1da177e4SLinus Torvalds help 53*1da177e4SLinus Torvalds SHA256 secure hash standard (DFIPS 180-2). 54*1da177e4SLinus Torvalds 55*1da177e4SLinus Torvalds This version of SHA implements a 256 bit hash with 128 bits of 56*1da177e4SLinus Torvalds security against collision attacks. 57*1da177e4SLinus Torvalds 58*1da177e4SLinus Torvaldsconfig CRYPTO_SHA512 59*1da177e4SLinus Torvalds tristate "SHA384 and SHA512 digest algorithms" 60*1da177e4SLinus Torvalds depends on CRYPTO 61*1da177e4SLinus Torvalds help 62*1da177e4SLinus Torvalds SHA512 secure hash standard (DFIPS 180-2). 63*1da177e4SLinus Torvalds 64*1da177e4SLinus Torvalds This version of SHA implements a 512 bit hash with 256 bits of 65*1da177e4SLinus Torvalds security against collision attacks. 66*1da177e4SLinus Torvalds 67*1da177e4SLinus Torvalds This code also includes SHA-384, a 384 bit hash with 192 bits 68*1da177e4SLinus Torvalds of security against collision attacks. 69*1da177e4SLinus Torvalds 70*1da177e4SLinus Torvaldsconfig CRYPTO_WP512 71*1da177e4SLinus Torvalds tristate "Whirlpool digest algorithms" 72*1da177e4SLinus Torvalds depends on CRYPTO 73*1da177e4SLinus Torvalds help 74*1da177e4SLinus Torvalds Whirlpool hash algorithm 512, 384 and 256-bit hashes 75*1da177e4SLinus Torvalds 76*1da177e4SLinus Torvalds Whirlpool-512 is part of the NESSIE cryptographic primitives. 77*1da177e4SLinus Torvalds Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 78*1da177e4SLinus Torvalds 79*1da177e4SLinus Torvalds See also: 80*1da177e4SLinus Torvalds <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html> 81*1da177e4SLinus Torvalds 82*1da177e4SLinus Torvaldsconfig CRYPTO_TGR192 83*1da177e4SLinus Torvalds tristate "Tiger digest algorithms" 84*1da177e4SLinus Torvalds depends on CRYPTO 85*1da177e4SLinus Torvalds help 86*1da177e4SLinus Torvalds Tiger hash algorithm 192, 160 and 128-bit hashes 87*1da177e4SLinus Torvalds 88*1da177e4SLinus Torvalds Tiger is a hash function optimized for 64-bit processors while 89*1da177e4SLinus Torvalds still having decent performance on 32-bit processors. 90*1da177e4SLinus Torvalds Tiger was developed by Ross Anderson and Eli Biham. 91*1da177e4SLinus Torvalds 92*1da177e4SLinus Torvalds See also: 93*1da177e4SLinus Torvalds <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 94*1da177e4SLinus Torvalds 95*1da177e4SLinus Torvaldsconfig CRYPTO_DES 96*1da177e4SLinus Torvalds tristate "DES and Triple DES EDE cipher algorithms" 97*1da177e4SLinus Torvalds depends on CRYPTO 98*1da177e4SLinus Torvalds help 99*1da177e4SLinus Torvalds DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 100*1da177e4SLinus Torvalds 101*1da177e4SLinus Torvaldsconfig CRYPTO_DES_Z990 102*1da177e4SLinus Torvalds tristate "DES and Triple DES cipher algorithms for IBM zSeries z990" 103*1da177e4SLinus Torvalds depends on CRYPTO && ARCH_S390 104*1da177e4SLinus Torvalds help 105*1da177e4SLinus Torvalds DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 106*1da177e4SLinus Torvalds 107*1da177e4SLinus Torvaldsconfig CRYPTO_BLOWFISH 108*1da177e4SLinus Torvalds tristate "Blowfish cipher algorithm" 109*1da177e4SLinus Torvalds depends on CRYPTO 110*1da177e4SLinus Torvalds help 111*1da177e4SLinus Torvalds Blowfish cipher algorithm, by Bruce Schneier. 112*1da177e4SLinus Torvalds 113*1da177e4SLinus Torvalds This is a variable key length cipher which can use keys from 32 114*1da177e4SLinus Torvalds bits to 448 bits in length. It's fast, simple and specifically 115*1da177e4SLinus Torvalds designed for use on "large microprocessors". 116*1da177e4SLinus Torvalds 117*1da177e4SLinus Torvalds See also: 118*1da177e4SLinus Torvalds <http://www.schneier.com/blowfish.html> 119*1da177e4SLinus Torvalds 120*1da177e4SLinus Torvaldsconfig CRYPTO_TWOFISH 121*1da177e4SLinus Torvalds tristate "Twofish cipher algorithm" 122*1da177e4SLinus Torvalds depends on CRYPTO 123*1da177e4SLinus Torvalds help 124*1da177e4SLinus Torvalds Twofish cipher algorithm. 125*1da177e4SLinus Torvalds 126*1da177e4SLinus Torvalds Twofish was submitted as an AES (Advanced Encryption Standard) 127*1da177e4SLinus Torvalds candidate cipher by researchers at CounterPane Systems. It is a 128*1da177e4SLinus Torvalds 16 round block cipher supporting key sizes of 128, 192, and 256 129*1da177e4SLinus Torvalds bits. 130*1da177e4SLinus Torvalds 131*1da177e4SLinus Torvalds See also: 132*1da177e4SLinus Torvalds <http://www.schneier.com/twofish.html> 133*1da177e4SLinus Torvalds 134*1da177e4SLinus Torvaldsconfig CRYPTO_SERPENT 135*1da177e4SLinus Torvalds tristate "Serpent cipher algorithm" 136*1da177e4SLinus Torvalds depends on CRYPTO 137*1da177e4SLinus Torvalds help 138*1da177e4SLinus Torvalds Serpent cipher algorithm, by Anderson, Biham & Knudsen. 139*1da177e4SLinus Torvalds 140*1da177e4SLinus Torvalds Keys are allowed to be from 0 to 256 bits in length, in steps 141*1da177e4SLinus Torvalds of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 142*1da177e4SLinus Torvalds variant of Serpent for compatibility with old kerneli code. 143*1da177e4SLinus Torvalds 144*1da177e4SLinus Torvalds See also: 145*1da177e4SLinus Torvalds <http://www.cl.cam.ac.uk/~rja14/serpent.html> 146*1da177e4SLinus Torvalds 147*1da177e4SLinus Torvaldsconfig CRYPTO_AES 148*1da177e4SLinus Torvalds tristate "AES cipher algorithms" 149*1da177e4SLinus Torvalds depends on CRYPTO && !(X86 && !X86_64) 150*1da177e4SLinus Torvalds help 151*1da177e4SLinus Torvalds AES cipher algorithms (FIPS-197). AES uses the Rijndael 152*1da177e4SLinus Torvalds algorithm. 153*1da177e4SLinus Torvalds 154*1da177e4SLinus Torvalds Rijndael appears to be consistently a very good performer in 155*1da177e4SLinus Torvalds both hardware and software across a wide range of computing 156*1da177e4SLinus Torvalds environments regardless of its use in feedback or non-feedback 157*1da177e4SLinus Torvalds modes. Its key setup time is excellent, and its key agility is 158*1da177e4SLinus Torvalds good. Rijndael's very low memory requirements make it very well 159*1da177e4SLinus Torvalds suited for restricted-space environments, in which it also 160*1da177e4SLinus Torvalds demonstrates excellent performance. Rijndael's operations are 161*1da177e4SLinus Torvalds among the easiest to defend against power and timing attacks. 162*1da177e4SLinus Torvalds 163*1da177e4SLinus Torvalds The AES specifies three key sizes: 128, 192 and 256 bits 164*1da177e4SLinus Torvalds 165*1da177e4SLinus Torvalds See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 166*1da177e4SLinus Torvalds 167*1da177e4SLinus Torvaldsconfig CRYPTO_AES_586 168*1da177e4SLinus Torvalds tristate "AES cipher algorithms (i586)" 169*1da177e4SLinus Torvalds depends on CRYPTO && (X86 && !X86_64) 170*1da177e4SLinus Torvalds help 171*1da177e4SLinus Torvalds AES cipher algorithms (FIPS-197). AES uses the Rijndael 172*1da177e4SLinus Torvalds algorithm. 173*1da177e4SLinus Torvalds 174*1da177e4SLinus Torvalds Rijndael appears to be consistently a very good performer in 175*1da177e4SLinus Torvalds both hardware and software across a wide range of computing 176*1da177e4SLinus Torvalds environments regardless of its use in feedback or non-feedback 177*1da177e4SLinus Torvalds modes. Its key setup time is excellent, and its key agility is 178*1da177e4SLinus Torvalds good. Rijndael's very low memory requirements make it very well 179*1da177e4SLinus Torvalds suited for restricted-space environments, in which it also 180*1da177e4SLinus Torvalds demonstrates excellent performance. Rijndael's operations are 181*1da177e4SLinus Torvalds among the easiest to defend against power and timing attacks. 182*1da177e4SLinus Torvalds 183*1da177e4SLinus Torvalds The AES specifies three key sizes: 128, 192 and 256 bits 184*1da177e4SLinus Torvalds 185*1da177e4SLinus Torvalds See <http://csrc.nist.gov/encryption/aes/> for more information. 186*1da177e4SLinus Torvalds 187*1da177e4SLinus Torvaldsconfig CRYPTO_CAST5 188*1da177e4SLinus Torvalds tristate "CAST5 (CAST-128) cipher algorithm" 189*1da177e4SLinus Torvalds depends on CRYPTO 190*1da177e4SLinus Torvalds help 191*1da177e4SLinus Torvalds The CAST5 encryption algorithm (synonymous with CAST-128) is 192*1da177e4SLinus Torvalds described in RFC2144. 193*1da177e4SLinus Torvalds 194*1da177e4SLinus Torvaldsconfig CRYPTO_CAST6 195*1da177e4SLinus Torvalds tristate "CAST6 (CAST-256) cipher algorithm" 196*1da177e4SLinus Torvalds depends on CRYPTO 197*1da177e4SLinus Torvalds help 198*1da177e4SLinus Torvalds The CAST6 encryption algorithm (synonymous with CAST-256) is 199*1da177e4SLinus Torvalds described in RFC2612. 200*1da177e4SLinus Torvalds 201*1da177e4SLinus Torvaldsconfig CRYPTO_TEA 202*1da177e4SLinus Torvalds tristate "TEA and XTEA cipher algorithms" 203*1da177e4SLinus Torvalds depends on CRYPTO 204*1da177e4SLinus Torvalds help 205*1da177e4SLinus Torvalds TEA cipher algorithm. 206*1da177e4SLinus Torvalds 207*1da177e4SLinus Torvalds Tiny Encryption Algorithm is a simple cipher that uses 208*1da177e4SLinus Torvalds many rounds for security. It is very fast and uses 209*1da177e4SLinus Torvalds little memory. 210*1da177e4SLinus Torvalds 211*1da177e4SLinus Torvalds Xtendend Tiny Encryption Algorithm is a modification to 212*1da177e4SLinus Torvalds the TEA algorithm to address a potential key weakness 213*1da177e4SLinus Torvalds in the TEA algorithm. 214*1da177e4SLinus Torvalds 215*1da177e4SLinus Torvaldsconfig CRYPTO_ARC4 216*1da177e4SLinus Torvalds tristate "ARC4 cipher algorithm" 217*1da177e4SLinus Torvalds depends on CRYPTO 218*1da177e4SLinus Torvalds help 219*1da177e4SLinus Torvalds ARC4 cipher algorithm. 220*1da177e4SLinus Torvalds 221*1da177e4SLinus Torvalds ARC4 is a stream cipher using keys ranging from 8 bits to 2048 222*1da177e4SLinus Torvalds bits in length. This algorithm is required for driver-based 223*1da177e4SLinus Torvalds WEP, but it should not be for other purposes because of the 224*1da177e4SLinus Torvalds weakness of the algorithm. 225*1da177e4SLinus Torvalds 226*1da177e4SLinus Torvaldsconfig CRYPTO_KHAZAD 227*1da177e4SLinus Torvalds tristate "Khazad cipher algorithm" 228*1da177e4SLinus Torvalds depends on CRYPTO 229*1da177e4SLinus Torvalds help 230*1da177e4SLinus Torvalds Khazad cipher algorithm. 231*1da177e4SLinus Torvalds 232*1da177e4SLinus Torvalds Khazad was a finalist in the initial NESSIE competition. It is 233*1da177e4SLinus Torvalds an algorithm optimized for 64-bit processors with good performance 234*1da177e4SLinus Torvalds on 32-bit processors. Khazad uses an 128 bit key size. 235*1da177e4SLinus Torvalds 236*1da177e4SLinus Torvalds See also: 237*1da177e4SLinus Torvalds <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html> 238*1da177e4SLinus Torvalds 239*1da177e4SLinus Torvaldsconfig CRYPTO_ANUBIS 240*1da177e4SLinus Torvalds tristate "Anubis cipher algorithm" 241*1da177e4SLinus Torvalds depends on CRYPTO 242*1da177e4SLinus Torvalds help 243*1da177e4SLinus Torvalds Anubis cipher algorithm. 244*1da177e4SLinus Torvalds 245*1da177e4SLinus Torvalds Anubis is a variable key length cipher which can use keys from 246*1da177e4SLinus Torvalds 128 bits to 320 bits in length. It was evaluated as a entrant 247*1da177e4SLinus Torvalds in the NESSIE competition. 248*1da177e4SLinus Torvalds 249*1da177e4SLinus Torvalds See also: 250*1da177e4SLinus Torvalds <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/> 251*1da177e4SLinus Torvalds <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html> 252*1da177e4SLinus Torvalds 253*1da177e4SLinus Torvalds 254*1da177e4SLinus Torvaldsconfig CRYPTO_DEFLATE 255*1da177e4SLinus Torvalds tristate "Deflate compression algorithm" 256*1da177e4SLinus Torvalds depends on CRYPTO 257*1da177e4SLinus Torvalds select ZLIB_INFLATE 258*1da177e4SLinus Torvalds select ZLIB_DEFLATE 259*1da177e4SLinus Torvalds help 260*1da177e4SLinus Torvalds This is the Deflate algorithm (RFC1951), specified for use in 261*1da177e4SLinus Torvalds IPSec with the IPCOMP protocol (RFC3173, RFC2394). 262*1da177e4SLinus Torvalds 263*1da177e4SLinus Torvalds You will most probably want this if using IPSec. 264*1da177e4SLinus Torvalds 265*1da177e4SLinus Torvaldsconfig CRYPTO_MICHAEL_MIC 266*1da177e4SLinus Torvalds tristate "Michael MIC keyed digest algorithm" 267*1da177e4SLinus Torvalds depends on CRYPTO 268*1da177e4SLinus Torvalds help 269*1da177e4SLinus Torvalds Michael MIC is used for message integrity protection in TKIP 270*1da177e4SLinus Torvalds (IEEE 802.11i). This algorithm is required for TKIP, but it 271*1da177e4SLinus Torvalds should not be used for other purposes because of the weakness 272*1da177e4SLinus Torvalds of the algorithm. 273*1da177e4SLinus Torvalds 274*1da177e4SLinus Torvaldsconfig CRYPTO_CRC32C 275*1da177e4SLinus Torvalds tristate "CRC32c CRC algorithm" 276*1da177e4SLinus Torvalds depends on CRYPTO 277*1da177e4SLinus Torvalds select LIBCRC32C 278*1da177e4SLinus Torvalds help 279*1da177e4SLinus Torvalds Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 280*1da177e4SLinus Torvalds by iSCSI for header and data digests and by others. 281*1da177e4SLinus Torvalds See Castagnoli93. This implementation uses lib/libcrc32c. 282*1da177e4SLinus Torvalds Module will be crc32c. 283*1da177e4SLinus Torvalds 284*1da177e4SLinus Torvaldsconfig CRYPTO_TEST 285*1da177e4SLinus Torvalds tristate "Testing module" 286*1da177e4SLinus Torvalds depends on CRYPTO 287*1da177e4SLinus Torvalds help 288*1da177e4SLinus Torvalds Quick & dirty crypto test module. 289*1da177e4SLinus Torvalds 290*1da177e4SLinus Torvaldssource "drivers/crypto/Kconfig" 291*1da177e4SLinus Torvaldsendmenu 292*1da177e4SLinus Torvalds 293