11da177e4SLinus Torvalds# 2685784aaSDan Williams# Generic algorithms support 3685784aaSDan Williams# 4685784aaSDan Williamsconfig XOR_BLOCKS 5685784aaSDan Williams tristate 6685784aaSDan Williams 7685784aaSDan Williams# 89bc89cd8SDan Williams# async_tx api: hardware offloaded memory transfer/transform support 99bc89cd8SDan Williams# 109bc89cd8SDan Williamssource "crypto/async_tx/Kconfig" 119bc89cd8SDan Williams 129bc89cd8SDan Williams# 131da177e4SLinus Torvalds# Cryptographic API Configuration 141da177e4SLinus Torvalds# 152e290f43SJan Engelhardtmenuconfig CRYPTO 16c3715cb9SSebastian Siewior tristate "Cryptographic API" 171da177e4SLinus Torvalds help 181da177e4SLinus Torvalds This option provides the core Cryptographic API. 191da177e4SLinus Torvalds 20cce9e06dSHerbert Xuif CRYPTO 21cce9e06dSHerbert Xu 22584fffc8SSebastian Siewiorcomment "Crypto core or helper" 23584fffc8SSebastian Siewior 24ccb778e1SNeil Hormanconfig CRYPTO_FIPS 25ccb778e1SNeil Horman bool "FIPS 200 compliance" 26e84c5480SChuck Ebbert depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS 27ccb778e1SNeil Horman help 28ccb778e1SNeil Horman This options enables the fips boot option which is 29ccb778e1SNeil Horman required if you want to system to operate in a FIPS 200 30ccb778e1SNeil Horman certification. You should say no unless you know what 31e84c5480SChuck Ebbert this is. 32ccb778e1SNeil Horman 33cce9e06dSHerbert Xuconfig CRYPTO_ALGAPI 34cce9e06dSHerbert Xu tristate 356a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 36cce9e06dSHerbert Xu help 37cce9e06dSHerbert Xu This option provides the API for cryptographic algorithms. 38cce9e06dSHerbert Xu 396a0fcbb4SHerbert Xuconfig CRYPTO_ALGAPI2 406a0fcbb4SHerbert Xu tristate 416a0fcbb4SHerbert Xu 421ae97820SHerbert Xuconfig CRYPTO_AEAD 431ae97820SHerbert Xu tristate 446a0fcbb4SHerbert Xu select CRYPTO_AEAD2 451ae97820SHerbert Xu select CRYPTO_ALGAPI 461ae97820SHerbert Xu 476a0fcbb4SHerbert Xuconfig CRYPTO_AEAD2 486a0fcbb4SHerbert Xu tristate 496a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 506a0fcbb4SHerbert Xu 515cde0af2SHerbert Xuconfig CRYPTO_BLKCIPHER 525cde0af2SHerbert Xu tristate 536a0fcbb4SHerbert Xu select CRYPTO_BLKCIPHER2 545cde0af2SHerbert Xu select CRYPTO_ALGAPI 556a0fcbb4SHerbert Xu 566a0fcbb4SHerbert Xuconfig CRYPTO_BLKCIPHER2 576a0fcbb4SHerbert Xu tristate 586a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 596a0fcbb4SHerbert Xu select CRYPTO_RNG2 600a2e821dSHuang Ying select CRYPTO_WORKQUEUE 615cde0af2SHerbert Xu 62055bcee3SHerbert Xuconfig CRYPTO_HASH 63055bcee3SHerbert Xu tristate 646a0fcbb4SHerbert Xu select CRYPTO_HASH2 65055bcee3SHerbert Xu select CRYPTO_ALGAPI 66055bcee3SHerbert Xu 676a0fcbb4SHerbert Xuconfig CRYPTO_HASH2 686a0fcbb4SHerbert Xu tristate 696a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 706a0fcbb4SHerbert Xu 7117f0f4a4SNeil Hormanconfig CRYPTO_RNG 7217f0f4a4SNeil Horman tristate 736a0fcbb4SHerbert Xu select CRYPTO_RNG2 7417f0f4a4SNeil Horman select CRYPTO_ALGAPI 7517f0f4a4SNeil Horman 766a0fcbb4SHerbert Xuconfig CRYPTO_RNG2 776a0fcbb4SHerbert Xu tristate 786a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 796a0fcbb4SHerbert Xu 80a1d2f095SGeert Uytterhoevenconfig CRYPTO_PCOMP 81a1d2f095SGeert Uytterhoeven tristate 82bc94e596SHerbert Xu select CRYPTO_PCOMP2 83bc94e596SHerbert Xu select CRYPTO_ALGAPI 84bc94e596SHerbert Xu 85bc94e596SHerbert Xuconfig CRYPTO_PCOMP2 86bc94e596SHerbert Xu tristate 87a1d2f095SGeert Uytterhoeven select CRYPTO_ALGAPI2 88a1d2f095SGeert Uytterhoeven 892b8c19dbSHerbert Xuconfig CRYPTO_MANAGER 902b8c19dbSHerbert Xu tristate "Cryptographic algorithm manager" 916a0fcbb4SHerbert Xu select CRYPTO_MANAGER2 922b8c19dbSHerbert Xu help 932b8c19dbSHerbert Xu Create default cryptographic template instantiations such as 942b8c19dbSHerbert Xu cbc(aes). 952b8c19dbSHerbert Xu 966a0fcbb4SHerbert Xuconfig CRYPTO_MANAGER2 976a0fcbb4SHerbert Xu def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 986a0fcbb4SHerbert Xu select CRYPTO_AEAD2 996a0fcbb4SHerbert Xu select CRYPTO_HASH2 1006a0fcbb4SHerbert Xu select CRYPTO_BLKCIPHER2 101bc94e596SHerbert Xu select CRYPTO_PCOMP2 1026a0fcbb4SHerbert Xu 103a38f7907SSteffen Klassertconfig CRYPTO_USER 104a38f7907SSteffen Klassert tristate "Userspace cryptographic algorithm configuration" 1055db017aaSHerbert Xu depends on NET 106a38f7907SSteffen Klassert select CRYPTO_MANAGER 107a38f7907SSteffen Klassert help 108d19978f5SValdis.Kletnieks@vt.edu Userspace configuration for cryptographic instantiations such as 109a38f7907SSteffen Klassert cbc(aes). 110a38f7907SSteffen Klassert 111326a6346SHerbert Xuconfig CRYPTO_MANAGER_DISABLE_TESTS 112326a6346SHerbert Xu bool "Disable run-time self tests" 11300ca28a5SHerbert Xu default y 11400ca28a5SHerbert Xu depends on CRYPTO_MANAGER2 1150b767f96SAlexander Shishkin help 116326a6346SHerbert Xu Disable run-time self tests that normally take place at 117326a6346SHerbert Xu algorithm registration. 1180b767f96SAlexander Shishkin 119584fffc8SSebastian Siewiorconfig CRYPTO_GF128MUL 120584fffc8SSebastian Siewior tristate "GF(2^128) multiplication functions (EXPERIMENTAL)" 121584fffc8SSebastian Siewior help 122584fffc8SSebastian Siewior Efficient table driven implementation of multiplications in the 123584fffc8SSebastian Siewior field GF(2^128). This is needed by some cypher modes. This 124584fffc8SSebastian Siewior option will be selected automatically if you select such a 125584fffc8SSebastian Siewior cipher mode. Only select this option by hand if you expect to load 126584fffc8SSebastian Siewior an external module that requires these functions. 127584fffc8SSebastian Siewior 128584fffc8SSebastian Siewiorconfig CRYPTO_NULL 129584fffc8SSebastian Siewior tristate "Null algorithms" 130584fffc8SSebastian Siewior select CRYPTO_ALGAPI 131584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 132d35d2454SHerbert Xu select CRYPTO_HASH 133584fffc8SSebastian Siewior help 134584fffc8SSebastian Siewior These are 'Null' algorithms, used by IPsec, which do nothing. 135584fffc8SSebastian Siewior 1365068c7a8SSteffen Klassertconfig CRYPTO_PCRYPT 1375068c7a8SSteffen Klassert tristate "Parallel crypto engine (EXPERIMENTAL)" 1385068c7a8SSteffen Klassert depends on SMP && EXPERIMENTAL 1395068c7a8SSteffen Klassert select PADATA 1405068c7a8SSteffen Klassert select CRYPTO_MANAGER 1415068c7a8SSteffen Klassert select CRYPTO_AEAD 1425068c7a8SSteffen Klassert help 1435068c7a8SSteffen Klassert This converts an arbitrary crypto algorithm into a parallel 1445068c7a8SSteffen Klassert algorithm that executes in kernel threads. 1455068c7a8SSteffen Klassert 14625c38d3fSHuang Yingconfig CRYPTO_WORKQUEUE 14725c38d3fSHuang Ying tristate 14825c38d3fSHuang Ying 149584fffc8SSebastian Siewiorconfig CRYPTO_CRYPTD 150584fffc8SSebastian Siewior tristate "Software async crypto daemon" 151584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 152b8a28251SLoc Ho select CRYPTO_HASH 153584fffc8SSebastian Siewior select CRYPTO_MANAGER 154254eff77SHuang Ying select CRYPTO_WORKQUEUE 155584fffc8SSebastian Siewior help 156584fffc8SSebastian Siewior This is a generic software asynchronous crypto daemon that 157584fffc8SSebastian Siewior converts an arbitrary synchronous software crypto algorithm 158584fffc8SSebastian Siewior into an asynchronous algorithm that executes in a kernel thread. 159584fffc8SSebastian Siewior 160584fffc8SSebastian Siewiorconfig CRYPTO_AUTHENC 161584fffc8SSebastian Siewior tristate "Authenc support" 162584fffc8SSebastian Siewior select CRYPTO_AEAD 163584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 164584fffc8SSebastian Siewior select CRYPTO_MANAGER 165584fffc8SSebastian Siewior select CRYPTO_HASH 166584fffc8SSebastian Siewior help 167584fffc8SSebastian Siewior Authenc: Combined mode wrapper for IPsec. 168584fffc8SSebastian Siewior This is required for IPSec. 169584fffc8SSebastian Siewior 170584fffc8SSebastian Siewiorconfig CRYPTO_TEST 171584fffc8SSebastian Siewior tristate "Testing module" 172584fffc8SSebastian Siewior depends on m 173da7f033dSHerbert Xu select CRYPTO_MANAGER 174584fffc8SSebastian Siewior help 175584fffc8SSebastian Siewior Quick & dirty crypto test module. 176584fffc8SSebastian Siewior 177584fffc8SSebastian Siewiorcomment "Authenticated Encryption with Associated Data" 178584fffc8SSebastian Siewior 179584fffc8SSebastian Siewiorconfig CRYPTO_CCM 180584fffc8SSebastian Siewior tristate "CCM support" 181584fffc8SSebastian Siewior select CRYPTO_CTR 182584fffc8SSebastian Siewior select CRYPTO_AEAD 183584fffc8SSebastian Siewior help 184584fffc8SSebastian Siewior Support for Counter with CBC MAC. Required for IPsec. 185584fffc8SSebastian Siewior 186584fffc8SSebastian Siewiorconfig CRYPTO_GCM 187584fffc8SSebastian Siewior tristate "GCM/GMAC support" 188584fffc8SSebastian Siewior select CRYPTO_CTR 189584fffc8SSebastian Siewior select CRYPTO_AEAD 1909382d97aSHuang Ying select CRYPTO_GHASH 191584fffc8SSebastian Siewior help 192584fffc8SSebastian Siewior Support for Galois/Counter Mode (GCM) and Galois Message 193584fffc8SSebastian Siewior Authentication Code (GMAC). Required for IPSec. 194584fffc8SSebastian Siewior 195584fffc8SSebastian Siewiorconfig CRYPTO_SEQIV 196584fffc8SSebastian Siewior tristate "Sequence Number IV Generator" 197584fffc8SSebastian Siewior select CRYPTO_AEAD 198584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 199a0f000ecSHerbert Xu select CRYPTO_RNG 200584fffc8SSebastian Siewior help 201584fffc8SSebastian Siewior This IV generator generates an IV based on a sequence number by 202584fffc8SSebastian Siewior xoring it with a salt. This algorithm is mainly useful for CTR 203584fffc8SSebastian Siewior 204584fffc8SSebastian Siewiorcomment "Block modes" 205584fffc8SSebastian Siewior 206584fffc8SSebastian Siewiorconfig CRYPTO_CBC 207584fffc8SSebastian Siewior tristate "CBC support" 208584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 209584fffc8SSebastian Siewior select CRYPTO_MANAGER 210584fffc8SSebastian Siewior help 211584fffc8SSebastian Siewior CBC: Cipher Block Chaining mode 212584fffc8SSebastian Siewior This block cipher algorithm is required for IPSec. 213584fffc8SSebastian Siewior 214584fffc8SSebastian Siewiorconfig CRYPTO_CTR 215584fffc8SSebastian Siewior tristate "CTR support" 216584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 217584fffc8SSebastian Siewior select CRYPTO_SEQIV 218584fffc8SSebastian Siewior select CRYPTO_MANAGER 219584fffc8SSebastian Siewior help 220584fffc8SSebastian Siewior CTR: Counter mode 221584fffc8SSebastian Siewior This block cipher algorithm is required for IPSec. 222584fffc8SSebastian Siewior 223584fffc8SSebastian Siewiorconfig CRYPTO_CTS 224584fffc8SSebastian Siewior tristate "CTS support" 225584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 226584fffc8SSebastian Siewior help 227584fffc8SSebastian Siewior CTS: Cipher Text Stealing 228584fffc8SSebastian Siewior This is the Cipher Text Stealing mode as described by 229584fffc8SSebastian Siewior Section 8 of rfc2040 and referenced by rfc3962. 230584fffc8SSebastian Siewior (rfc3962 includes errata information in its Appendix A) 231584fffc8SSebastian Siewior This mode is required for Kerberos gss mechanism support 232584fffc8SSebastian Siewior for AES encryption. 233584fffc8SSebastian Siewior 234584fffc8SSebastian Siewiorconfig CRYPTO_ECB 235584fffc8SSebastian Siewior tristate "ECB support" 236584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 237584fffc8SSebastian Siewior select CRYPTO_MANAGER 238584fffc8SSebastian Siewior help 239584fffc8SSebastian Siewior ECB: Electronic CodeBook mode 240584fffc8SSebastian Siewior This is the simplest block cipher algorithm. It simply encrypts 241584fffc8SSebastian Siewior the input block by block. 242584fffc8SSebastian Siewior 243584fffc8SSebastian Siewiorconfig CRYPTO_LRW 244584fffc8SSebastian Siewior tristate "LRW support (EXPERIMENTAL)" 245584fffc8SSebastian Siewior depends on EXPERIMENTAL 246584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 247584fffc8SSebastian Siewior select CRYPTO_MANAGER 248584fffc8SSebastian Siewior select CRYPTO_GF128MUL 249584fffc8SSebastian Siewior help 250584fffc8SSebastian Siewior LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 251584fffc8SSebastian Siewior narrow block cipher mode for dm-crypt. Use it with cipher 252584fffc8SSebastian Siewior specification string aes-lrw-benbi, the key must be 256, 320 or 384. 253584fffc8SSebastian Siewior The first 128, 192 or 256 bits in the key are used for AES and the 254584fffc8SSebastian Siewior rest is used to tie each cipher block to its logical position. 255584fffc8SSebastian Siewior 256584fffc8SSebastian Siewiorconfig CRYPTO_PCBC 257584fffc8SSebastian Siewior tristate "PCBC support" 258584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 259584fffc8SSebastian Siewior select CRYPTO_MANAGER 260584fffc8SSebastian Siewior help 261584fffc8SSebastian Siewior PCBC: Propagating Cipher Block Chaining mode 262584fffc8SSebastian Siewior This block cipher algorithm is required for RxRPC. 263584fffc8SSebastian Siewior 264584fffc8SSebastian Siewiorconfig CRYPTO_XTS 265584fffc8SSebastian Siewior tristate "XTS support (EXPERIMENTAL)" 266584fffc8SSebastian Siewior depends on EXPERIMENTAL 267584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 268584fffc8SSebastian Siewior select CRYPTO_MANAGER 269584fffc8SSebastian Siewior select CRYPTO_GF128MUL 270584fffc8SSebastian Siewior help 271584fffc8SSebastian Siewior XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 272584fffc8SSebastian Siewior key size 256, 384 or 512 bits. This implementation currently 273584fffc8SSebastian Siewior can't handle a sectorsize which is not a multiple of 16 bytes. 274584fffc8SSebastian Siewior 275584fffc8SSebastian Siewiorcomment "Hash modes" 276584fffc8SSebastian Siewior 2771da177e4SLinus Torvaldsconfig CRYPTO_HMAC 2788425165dSHerbert Xu tristate "HMAC support" 2790796ae06SHerbert Xu select CRYPTO_HASH 28043518407SHerbert Xu select CRYPTO_MANAGER 2811da177e4SLinus Torvalds help 2821da177e4SLinus Torvalds HMAC: Keyed-Hashing for Message Authentication (RFC2104). 2831da177e4SLinus Torvalds This is required for IPSec. 2841da177e4SLinus Torvalds 285333b0d7eSKazunori MIYAZAWAconfig CRYPTO_XCBC 286333b0d7eSKazunori MIYAZAWA tristate "XCBC support" 287333b0d7eSKazunori MIYAZAWA depends on EXPERIMENTAL 288333b0d7eSKazunori MIYAZAWA select CRYPTO_HASH 289333b0d7eSKazunori MIYAZAWA select CRYPTO_MANAGER 290333b0d7eSKazunori MIYAZAWA help 291333b0d7eSKazunori MIYAZAWA XCBC: Keyed-Hashing with encryption algorithm 292333b0d7eSKazunori MIYAZAWA http://www.ietf.org/rfc/rfc3566.txt 293333b0d7eSKazunori MIYAZAWA http://csrc.nist.gov/encryption/modes/proposedmodes/ 294333b0d7eSKazunori MIYAZAWA xcbc-mac/xcbc-mac-spec.pdf 295333b0d7eSKazunori MIYAZAWA 296f1939f7cSShane Wangconfig CRYPTO_VMAC 297f1939f7cSShane Wang tristate "VMAC support" 298f1939f7cSShane Wang depends on EXPERIMENTAL 299f1939f7cSShane Wang select CRYPTO_HASH 300f1939f7cSShane Wang select CRYPTO_MANAGER 301f1939f7cSShane Wang help 302f1939f7cSShane Wang VMAC is a message authentication algorithm designed for 303f1939f7cSShane Wang very high speed on 64-bit architectures. 304f1939f7cSShane Wang 305f1939f7cSShane Wang See also: 306f1939f7cSShane Wang <http://fastcrypto.org/vmac> 307f1939f7cSShane Wang 308584fffc8SSebastian Siewiorcomment "Digest" 309584fffc8SSebastian Siewior 310584fffc8SSebastian Siewiorconfig CRYPTO_CRC32C 311584fffc8SSebastian Siewior tristate "CRC32c CRC algorithm" 3125773a3e6SHerbert Xu select CRYPTO_HASH 3131da177e4SLinus Torvalds help 314584fffc8SSebastian Siewior Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 315584fffc8SSebastian Siewior by iSCSI for header and data digests and by others. 31669c35efcSHerbert Xu See Castagnoli93. Module will be crc32c. 3171da177e4SLinus Torvalds 3188cb51ba8SAustin Zhangconfig CRYPTO_CRC32C_INTEL 3198cb51ba8SAustin Zhang tristate "CRC32c INTEL hardware acceleration" 3208cb51ba8SAustin Zhang depends on X86 3218cb51ba8SAustin Zhang select CRYPTO_HASH 3228cb51ba8SAustin Zhang help 3238cb51ba8SAustin Zhang In Intel processor with SSE4.2 supported, the processor will 3248cb51ba8SAustin Zhang support CRC32C implementation using hardware accelerated CRC32 3258cb51ba8SAustin Zhang instruction. This option will create 'crc32c-intel' module, 3268cb51ba8SAustin Zhang which will enable any routine to use the CRC32 instruction to 3278cb51ba8SAustin Zhang gain performance compared with software implementation. 3288cb51ba8SAustin Zhang Module will be crc32c-intel. 3298cb51ba8SAustin Zhang 3302cdc6899SHuang Yingconfig CRYPTO_GHASH 3312cdc6899SHuang Ying tristate "GHASH digest algorithm" 3322cdc6899SHuang Ying select CRYPTO_SHASH 3332cdc6899SHuang Ying select CRYPTO_GF128MUL 3342cdc6899SHuang Ying help 3352cdc6899SHuang Ying GHASH is message digest algorithm for GCM (Galois/Counter Mode). 3362cdc6899SHuang Ying 3371da177e4SLinus Torvaldsconfig CRYPTO_MD4 3381da177e4SLinus Torvalds tristate "MD4 digest algorithm" 339808a1763SAdrian-Ken Rueegsegger select CRYPTO_HASH 3401da177e4SLinus Torvalds help 3411da177e4SLinus Torvalds MD4 message digest algorithm (RFC1320). 3421da177e4SLinus Torvalds 3431da177e4SLinus Torvaldsconfig CRYPTO_MD5 3441da177e4SLinus Torvalds tristate "MD5 digest algorithm" 34514b75ba7SAdrian-Ken Rueegsegger select CRYPTO_HASH 3461da177e4SLinus Torvalds help 3471da177e4SLinus Torvalds MD5 message digest algorithm (RFC1321). 3481da177e4SLinus Torvalds 349584fffc8SSebastian Siewiorconfig CRYPTO_MICHAEL_MIC 350584fffc8SSebastian Siewior tristate "Michael MIC keyed digest algorithm" 35119e2bf14SAdrian-Ken Rueegsegger select CRYPTO_HASH 352584fffc8SSebastian Siewior help 353584fffc8SSebastian Siewior Michael MIC is used for message integrity protection in TKIP 354584fffc8SSebastian Siewior (IEEE 802.11i). This algorithm is required for TKIP, but it 355584fffc8SSebastian Siewior should not be used for other purposes because of the weakness 356584fffc8SSebastian Siewior of the algorithm. 357584fffc8SSebastian Siewior 35882798f90SAdrian-Ken Rueegseggerconfig CRYPTO_RMD128 35982798f90SAdrian-Ken Rueegsegger tristate "RIPEMD-128 digest algorithm" 3607c4468bcSHerbert Xu select CRYPTO_HASH 36182798f90SAdrian-Ken Rueegsegger help 36282798f90SAdrian-Ken Rueegsegger RIPEMD-128 (ISO/IEC 10118-3:2004). 36382798f90SAdrian-Ken Rueegsegger 36482798f90SAdrian-Ken Rueegsegger RIPEMD-128 is a 128-bit cryptographic hash function. It should only 36535ed4b35SMichael Witten be used as a secure replacement for RIPEMD. For other use cases, 36682798f90SAdrian-Ken Rueegsegger RIPEMD-160 should be used. 36782798f90SAdrian-Ken Rueegsegger 36882798f90SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 3696d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 37082798f90SAdrian-Ken Rueegsegger 37182798f90SAdrian-Ken Rueegseggerconfig CRYPTO_RMD160 37282798f90SAdrian-Ken Rueegsegger tristate "RIPEMD-160 digest algorithm" 373e5835fbaSHerbert Xu select CRYPTO_HASH 37482798f90SAdrian-Ken Rueegsegger help 37582798f90SAdrian-Ken Rueegsegger RIPEMD-160 (ISO/IEC 10118-3:2004). 37682798f90SAdrian-Ken Rueegsegger 37782798f90SAdrian-Ken Rueegsegger RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 37882798f90SAdrian-Ken Rueegsegger to be used as a secure replacement for the 128-bit hash functions 379b6d44341SAdrian Bunk MD4, MD5 and it's predecessor RIPEMD 380b6d44341SAdrian Bunk (not to be confused with RIPEMD-128). 38182798f90SAdrian-Ken Rueegsegger 382b6d44341SAdrian Bunk It's speed is comparable to SHA1 and there are no known attacks 383b6d44341SAdrian Bunk against RIPEMD-160. 384534fe2c1SAdrian-Ken Rueegsegger 385534fe2c1SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 3866d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 387534fe2c1SAdrian-Ken Rueegsegger 388534fe2c1SAdrian-Ken Rueegseggerconfig CRYPTO_RMD256 389534fe2c1SAdrian-Ken Rueegsegger tristate "RIPEMD-256 digest algorithm" 390d8a5e2e9SHerbert Xu select CRYPTO_HASH 391534fe2c1SAdrian-Ken Rueegsegger help 392b6d44341SAdrian Bunk RIPEMD-256 is an optional extension of RIPEMD-128 with a 393b6d44341SAdrian Bunk 256 bit hash. It is intended for applications that require 394b6d44341SAdrian Bunk longer hash-results, without needing a larger security level 395b6d44341SAdrian Bunk (than RIPEMD-128). 396534fe2c1SAdrian-Ken Rueegsegger 397534fe2c1SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 3986d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 399534fe2c1SAdrian-Ken Rueegsegger 400534fe2c1SAdrian-Ken Rueegseggerconfig CRYPTO_RMD320 401534fe2c1SAdrian-Ken Rueegsegger tristate "RIPEMD-320 digest algorithm" 4023b8efb4cSHerbert Xu select CRYPTO_HASH 403534fe2c1SAdrian-Ken Rueegsegger help 404b6d44341SAdrian Bunk RIPEMD-320 is an optional extension of RIPEMD-160 with a 405b6d44341SAdrian Bunk 320 bit hash. It is intended for applications that require 406b6d44341SAdrian Bunk longer hash-results, without needing a larger security level 407b6d44341SAdrian Bunk (than RIPEMD-160). 408534fe2c1SAdrian-Ken Rueegsegger 40982798f90SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 4106d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 41182798f90SAdrian-Ken Rueegsegger 4121da177e4SLinus Torvaldsconfig CRYPTO_SHA1 4131da177e4SLinus Torvalds tristate "SHA1 digest algorithm" 41454ccb367SAdrian-Ken Rueegsegger select CRYPTO_HASH 4151da177e4SLinus Torvalds help 4161da177e4SLinus Torvalds SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 4171da177e4SLinus Torvalds 41866be8951SMathias Krauseconfig CRYPTO_SHA1_SSSE3 41966be8951SMathias Krause tristate "SHA1 digest algorithm (SSSE3/AVX)" 42066be8951SMathias Krause depends on X86 && 64BIT 42166be8951SMathias Krause select CRYPTO_SHA1 42266be8951SMathias Krause select CRYPTO_HASH 42366be8951SMathias Krause help 42466be8951SMathias Krause SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 42566be8951SMathias Krause using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 42666be8951SMathias Krause Extensions (AVX), when available. 42766be8951SMathias Krause 4281da177e4SLinus Torvaldsconfig CRYPTO_SHA256 429cd12fb90SJonathan Lynch tristate "SHA224 and SHA256 digest algorithm" 43050e109b5SAdrian-Ken Rueegsegger select CRYPTO_HASH 4311da177e4SLinus Torvalds help 4321da177e4SLinus Torvalds SHA256 secure hash standard (DFIPS 180-2). 4331da177e4SLinus Torvalds 4341da177e4SLinus Torvalds This version of SHA implements a 256 bit hash with 128 bits of 4351da177e4SLinus Torvalds security against collision attacks. 4361da177e4SLinus Torvalds 437cd12fb90SJonathan Lynch This code also includes SHA-224, a 224 bit hash with 112 bits 438cd12fb90SJonathan Lynch of security against collision attacks. 439cd12fb90SJonathan Lynch 4401da177e4SLinus Torvaldsconfig CRYPTO_SHA512 4411da177e4SLinus Torvalds tristate "SHA384 and SHA512 digest algorithms" 442bd9d20dbSAdrian-Ken Rueegsegger select CRYPTO_HASH 4431da177e4SLinus Torvalds help 4441da177e4SLinus Torvalds SHA512 secure hash standard (DFIPS 180-2). 4451da177e4SLinus Torvalds 4461da177e4SLinus Torvalds This version of SHA implements a 512 bit hash with 256 bits of 4471da177e4SLinus Torvalds security against collision attacks. 4481da177e4SLinus Torvalds 4491da177e4SLinus Torvalds This code also includes SHA-384, a 384 bit hash with 192 bits 4501da177e4SLinus Torvalds of security against collision attacks. 4511da177e4SLinus Torvalds 4521da177e4SLinus Torvaldsconfig CRYPTO_TGR192 4531da177e4SLinus Torvalds tristate "Tiger digest algorithms" 454f63fbd3dSAdrian-Ken Rueegsegger select CRYPTO_HASH 4551da177e4SLinus Torvalds help 4561da177e4SLinus Torvalds Tiger hash algorithm 192, 160 and 128-bit hashes 4571da177e4SLinus Torvalds 4581da177e4SLinus Torvalds Tiger is a hash function optimized for 64-bit processors while 4591da177e4SLinus Torvalds still having decent performance on 32-bit processors. 4601da177e4SLinus Torvalds Tiger was developed by Ross Anderson and Eli Biham. 4611da177e4SLinus Torvalds 4621da177e4SLinus Torvalds See also: 4631da177e4SLinus Torvalds <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 4641da177e4SLinus Torvalds 465584fffc8SSebastian Siewiorconfig CRYPTO_WP512 466584fffc8SSebastian Siewior tristate "Whirlpool digest algorithms" 4674946510bSAdrian-Ken Rueegsegger select CRYPTO_HASH 4681da177e4SLinus Torvalds help 469584fffc8SSebastian Siewior Whirlpool hash algorithm 512, 384 and 256-bit hashes 4701da177e4SLinus Torvalds 471584fffc8SSebastian Siewior Whirlpool-512 is part of the NESSIE cryptographic primitives. 472584fffc8SSebastian Siewior Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 4731da177e4SLinus Torvalds 4741da177e4SLinus Torvalds See also: 4756d8de74cSJustin P. Mattock <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 4761da177e4SLinus Torvalds 4770e1227d3SHuang Yingconfig CRYPTO_GHASH_CLMUL_NI_INTEL 4780e1227d3SHuang Ying tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 4798af00860SRichard Weinberger depends on X86 && 64BIT 4800e1227d3SHuang Ying select CRYPTO_SHASH 4810e1227d3SHuang Ying select CRYPTO_CRYPTD 4820e1227d3SHuang Ying help 4830e1227d3SHuang Ying GHASH is message digest algorithm for GCM (Galois/Counter Mode). 4840e1227d3SHuang Ying The implementation is accelerated by CLMUL-NI of Intel. 4850e1227d3SHuang Ying 486584fffc8SSebastian Siewiorcomment "Ciphers" 4871da177e4SLinus Torvalds 4881da177e4SLinus Torvaldsconfig CRYPTO_AES 4891da177e4SLinus Torvalds tristate "AES cipher algorithms" 490cce9e06dSHerbert Xu select CRYPTO_ALGAPI 4911da177e4SLinus Torvalds help 4921da177e4SLinus Torvalds AES cipher algorithms (FIPS-197). AES uses the Rijndael 4931da177e4SLinus Torvalds algorithm. 4941da177e4SLinus Torvalds 4951da177e4SLinus Torvalds Rijndael appears to be consistently a very good performer in 4961da177e4SLinus Torvalds both hardware and software across a wide range of computing 4971da177e4SLinus Torvalds environments regardless of its use in feedback or non-feedback 4981da177e4SLinus Torvalds modes. Its key setup time is excellent, and its key agility is 4991da177e4SLinus Torvalds good. Rijndael's very low memory requirements make it very well 5001da177e4SLinus Torvalds suited for restricted-space environments, in which it also 5011da177e4SLinus Torvalds demonstrates excellent performance. Rijndael's operations are 5021da177e4SLinus Torvalds among the easiest to defend against power and timing attacks. 5031da177e4SLinus Torvalds 5041da177e4SLinus Torvalds The AES specifies three key sizes: 128, 192 and 256 bits 5051da177e4SLinus Torvalds 5061da177e4SLinus Torvalds See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 5071da177e4SLinus Torvalds 5081da177e4SLinus Torvaldsconfig CRYPTO_AES_586 5091da177e4SLinus Torvalds tristate "AES cipher algorithms (i586)" 510cce9e06dSHerbert Xu depends on (X86 || UML_X86) && !64BIT 511cce9e06dSHerbert Xu select CRYPTO_ALGAPI 5125157dea8SSebastian Siewior select CRYPTO_AES 5131da177e4SLinus Torvalds help 5141da177e4SLinus Torvalds AES cipher algorithms (FIPS-197). AES uses the Rijndael 5151da177e4SLinus Torvalds algorithm. 5161da177e4SLinus Torvalds 5171da177e4SLinus Torvalds Rijndael appears to be consistently a very good performer in 5181da177e4SLinus Torvalds both hardware and software across a wide range of computing 5191da177e4SLinus Torvalds environments regardless of its use in feedback or non-feedback 5201da177e4SLinus Torvalds modes. Its key setup time is excellent, and its key agility is 5211da177e4SLinus Torvalds good. Rijndael's very low memory requirements make it very well 5221da177e4SLinus Torvalds suited for restricted-space environments, in which it also 5231da177e4SLinus Torvalds demonstrates excellent performance. Rijndael's operations are 5241da177e4SLinus Torvalds among the easiest to defend against power and timing attacks. 5251da177e4SLinus Torvalds 5261da177e4SLinus Torvalds The AES specifies three key sizes: 128, 192 and 256 bits 5271da177e4SLinus Torvalds 5281da177e4SLinus Torvalds See <http://csrc.nist.gov/encryption/aes/> for more information. 5291da177e4SLinus Torvalds 530a2a892a2SAndreas Steinmetzconfig CRYPTO_AES_X86_64 531a2a892a2SAndreas Steinmetz tristate "AES cipher algorithms (x86_64)" 532cce9e06dSHerbert Xu depends on (X86 || UML_X86) && 64BIT 533cce9e06dSHerbert Xu select CRYPTO_ALGAPI 53481190b32SSebastian Siewior select CRYPTO_AES 535a2a892a2SAndreas Steinmetz help 536a2a892a2SAndreas Steinmetz AES cipher algorithms (FIPS-197). AES uses the Rijndael 537a2a892a2SAndreas Steinmetz algorithm. 538a2a892a2SAndreas Steinmetz 539a2a892a2SAndreas Steinmetz Rijndael appears to be consistently a very good performer in 540a2a892a2SAndreas Steinmetz both hardware and software across a wide range of computing 541a2a892a2SAndreas Steinmetz environments regardless of its use in feedback or non-feedback 542a2a892a2SAndreas Steinmetz modes. Its key setup time is excellent, and its key agility is 543a2a892a2SAndreas Steinmetz good. Rijndael's very low memory requirements make it very well 544a2a892a2SAndreas Steinmetz suited for restricted-space environments, in which it also 545a2a892a2SAndreas Steinmetz demonstrates excellent performance. Rijndael's operations are 546a2a892a2SAndreas Steinmetz among the easiest to defend against power and timing attacks. 547a2a892a2SAndreas Steinmetz 548a2a892a2SAndreas Steinmetz The AES specifies three key sizes: 128, 192 and 256 bits 549a2a892a2SAndreas Steinmetz 550a2a892a2SAndreas Steinmetz See <http://csrc.nist.gov/encryption/aes/> for more information. 551a2a892a2SAndreas Steinmetz 55254b6a1bdSHuang Yingconfig CRYPTO_AES_NI_INTEL 55354b6a1bdSHuang Ying tristate "AES cipher algorithms (AES-NI)" 5548af00860SRichard Weinberger depends on X86 5550d258efbSMathias Krause select CRYPTO_AES_X86_64 if 64BIT 5560d258efbSMathias Krause select CRYPTO_AES_586 if !64BIT 55754b6a1bdSHuang Ying select CRYPTO_CRYPTD 55854b6a1bdSHuang Ying select CRYPTO_ALGAPI 55954b6a1bdSHuang Ying help 56054b6a1bdSHuang Ying Use Intel AES-NI instructions for AES algorithm. 56154b6a1bdSHuang Ying 56254b6a1bdSHuang Ying AES cipher algorithms (FIPS-197). AES uses the Rijndael 56354b6a1bdSHuang Ying algorithm. 56454b6a1bdSHuang Ying 56554b6a1bdSHuang Ying Rijndael appears to be consistently a very good performer in 56654b6a1bdSHuang Ying both hardware and software across a wide range of computing 56754b6a1bdSHuang Ying environments regardless of its use in feedback or non-feedback 56854b6a1bdSHuang Ying modes. Its key setup time is excellent, and its key agility is 56954b6a1bdSHuang Ying good. Rijndael's very low memory requirements make it very well 57054b6a1bdSHuang Ying suited for restricted-space environments, in which it also 57154b6a1bdSHuang Ying demonstrates excellent performance. Rijndael's operations are 57254b6a1bdSHuang Ying among the easiest to defend against power and timing attacks. 57354b6a1bdSHuang Ying 57454b6a1bdSHuang Ying The AES specifies three key sizes: 128, 192 and 256 bits 57554b6a1bdSHuang Ying 57654b6a1bdSHuang Ying See <http://csrc.nist.gov/encryption/aes/> for more information. 57754b6a1bdSHuang Ying 5780d258efbSMathias Krause In addition to AES cipher algorithm support, the acceleration 5790d258efbSMathias Krause for some popular block cipher mode is supported too, including 5800d258efbSMathias Krause ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 5810d258efbSMathias Krause acceleration for CTR. 5822cf4ac8bSHuang Ying 5831da177e4SLinus Torvaldsconfig CRYPTO_ANUBIS 5841da177e4SLinus Torvalds tristate "Anubis cipher algorithm" 585cce9e06dSHerbert Xu select CRYPTO_ALGAPI 5861da177e4SLinus Torvalds help 5871da177e4SLinus Torvalds Anubis cipher algorithm. 5881da177e4SLinus Torvalds 5891da177e4SLinus Torvalds Anubis is a variable key length cipher which can use keys from 5901da177e4SLinus Torvalds 128 bits to 320 bits in length. It was evaluated as a entrant 5911da177e4SLinus Torvalds in the NESSIE competition. 5921da177e4SLinus Torvalds 5931da177e4SLinus Torvalds See also: 5946d8de74cSJustin P. Mattock <https://www.cosic.esat.kuleuven.be/nessie/reports/> 5956d8de74cSJustin P. Mattock <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 5961da177e4SLinus Torvalds 597584fffc8SSebastian Siewiorconfig CRYPTO_ARC4 598584fffc8SSebastian Siewior tristate "ARC4 cipher algorithm" 599e2ee95b8SHye-Shik Chang select CRYPTO_ALGAPI 600e2ee95b8SHye-Shik Chang help 601584fffc8SSebastian Siewior ARC4 cipher algorithm. 602e2ee95b8SHye-Shik Chang 603584fffc8SSebastian Siewior ARC4 is a stream cipher using keys ranging from 8 bits to 2048 604584fffc8SSebastian Siewior bits in length. This algorithm is required for driver-based 605584fffc8SSebastian Siewior WEP, but it should not be for other purposes because of the 606584fffc8SSebastian Siewior weakness of the algorithm. 607584fffc8SSebastian Siewior 608584fffc8SSebastian Siewiorconfig CRYPTO_BLOWFISH 609584fffc8SSebastian Siewior tristate "Blowfish cipher algorithm" 610584fffc8SSebastian Siewior select CRYPTO_ALGAPI 61152ba867cSJussi Kivilinna select CRYPTO_BLOWFISH_COMMON 612584fffc8SSebastian Siewior help 613584fffc8SSebastian Siewior Blowfish cipher algorithm, by Bruce Schneier. 614584fffc8SSebastian Siewior 615584fffc8SSebastian Siewior This is a variable key length cipher which can use keys from 32 616584fffc8SSebastian Siewior bits to 448 bits in length. It's fast, simple and specifically 617584fffc8SSebastian Siewior designed for use on "large microprocessors". 618e2ee95b8SHye-Shik Chang 619e2ee95b8SHye-Shik Chang See also: 620584fffc8SSebastian Siewior <http://www.schneier.com/blowfish.html> 621584fffc8SSebastian Siewior 62252ba867cSJussi Kivilinnaconfig CRYPTO_BLOWFISH_COMMON 62352ba867cSJussi Kivilinna tristate 62452ba867cSJussi Kivilinna help 62552ba867cSJussi Kivilinna Common parts of the Blowfish cipher algorithm shared by the 62652ba867cSJussi Kivilinna generic c and the assembler implementations. 62752ba867cSJussi Kivilinna 62852ba867cSJussi Kivilinna See also: 62952ba867cSJussi Kivilinna <http://www.schneier.com/blowfish.html> 63052ba867cSJussi Kivilinna 63164b94ceaSJussi Kivilinnaconfig CRYPTO_BLOWFISH_X86_64 63264b94ceaSJussi Kivilinna tristate "Blowfish cipher algorithm (x86_64)" 63364b94ceaSJussi Kivilinna depends on (X86 || UML_X86) && 64BIT 63464b94ceaSJussi Kivilinna select CRYPTO_ALGAPI 63564b94ceaSJussi Kivilinna select CRYPTO_BLOWFISH_COMMON 63664b94ceaSJussi Kivilinna help 63764b94ceaSJussi Kivilinna Blowfish cipher algorithm (x86_64), by Bruce Schneier. 63864b94ceaSJussi Kivilinna 63964b94ceaSJussi Kivilinna This is a variable key length cipher which can use keys from 32 64064b94ceaSJussi Kivilinna bits to 448 bits in length. It's fast, simple and specifically 64164b94ceaSJussi Kivilinna designed for use on "large microprocessors". 64264b94ceaSJussi Kivilinna 64364b94ceaSJussi Kivilinna See also: 64464b94ceaSJussi Kivilinna <http://www.schneier.com/blowfish.html> 64564b94ceaSJussi Kivilinna 646584fffc8SSebastian Siewiorconfig CRYPTO_CAMELLIA 647584fffc8SSebastian Siewior tristate "Camellia cipher algorithms" 648584fffc8SSebastian Siewior depends on CRYPTO 649584fffc8SSebastian Siewior select CRYPTO_ALGAPI 650584fffc8SSebastian Siewior help 651584fffc8SSebastian Siewior Camellia cipher algorithms module. 652584fffc8SSebastian Siewior 653584fffc8SSebastian Siewior Camellia is a symmetric key block cipher developed jointly 654584fffc8SSebastian Siewior at NTT and Mitsubishi Electric Corporation. 655584fffc8SSebastian Siewior 656584fffc8SSebastian Siewior The Camellia specifies three key sizes: 128, 192 and 256 bits. 657584fffc8SSebastian Siewior 658584fffc8SSebastian Siewior See also: 659584fffc8SSebastian Siewior <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 660584fffc8SSebastian Siewior 661584fffc8SSebastian Siewiorconfig CRYPTO_CAST5 662584fffc8SSebastian Siewior tristate "CAST5 (CAST-128) cipher algorithm" 663584fffc8SSebastian Siewior select CRYPTO_ALGAPI 664584fffc8SSebastian Siewior help 665584fffc8SSebastian Siewior The CAST5 encryption algorithm (synonymous with CAST-128) is 666584fffc8SSebastian Siewior described in RFC2144. 667584fffc8SSebastian Siewior 668584fffc8SSebastian Siewiorconfig CRYPTO_CAST6 669584fffc8SSebastian Siewior tristate "CAST6 (CAST-256) cipher algorithm" 670584fffc8SSebastian Siewior select CRYPTO_ALGAPI 671584fffc8SSebastian Siewior help 672584fffc8SSebastian Siewior The CAST6 encryption algorithm (synonymous with CAST-256) is 673584fffc8SSebastian Siewior described in RFC2612. 674584fffc8SSebastian Siewior 675584fffc8SSebastian Siewiorconfig CRYPTO_DES 676584fffc8SSebastian Siewior tristate "DES and Triple DES EDE cipher algorithms" 677584fffc8SSebastian Siewior select CRYPTO_ALGAPI 678584fffc8SSebastian Siewior help 679584fffc8SSebastian Siewior DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 680584fffc8SSebastian Siewior 681584fffc8SSebastian Siewiorconfig CRYPTO_FCRYPT 682584fffc8SSebastian Siewior tristate "FCrypt cipher algorithm" 683584fffc8SSebastian Siewior select CRYPTO_ALGAPI 684584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 685584fffc8SSebastian Siewior help 686584fffc8SSebastian Siewior FCrypt algorithm used by RxRPC. 687584fffc8SSebastian Siewior 688584fffc8SSebastian Siewiorconfig CRYPTO_KHAZAD 689584fffc8SSebastian Siewior tristate "Khazad cipher algorithm" 690584fffc8SSebastian Siewior select CRYPTO_ALGAPI 691584fffc8SSebastian Siewior help 692584fffc8SSebastian Siewior Khazad cipher algorithm. 693584fffc8SSebastian Siewior 694584fffc8SSebastian Siewior Khazad was a finalist in the initial NESSIE competition. It is 695584fffc8SSebastian Siewior an algorithm optimized for 64-bit processors with good performance 696584fffc8SSebastian Siewior on 32-bit processors. Khazad uses an 128 bit key size. 697584fffc8SSebastian Siewior 698584fffc8SSebastian Siewior See also: 6996d8de74cSJustin P. Mattock <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 700e2ee95b8SHye-Shik Chang 7012407d608STan Swee Hengconfig CRYPTO_SALSA20 7022407d608STan Swee Heng tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)" 7032407d608STan Swee Heng depends on EXPERIMENTAL 7042407d608STan Swee Heng select CRYPTO_BLKCIPHER 7052407d608STan Swee Heng help 7062407d608STan Swee Heng Salsa20 stream cipher algorithm. 7072407d608STan Swee Heng 7082407d608STan Swee Heng Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 7092407d608STan Swee Heng Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 7102407d608STan Swee Heng 7112407d608STan Swee Heng The Salsa20 stream cipher algorithm is designed by Daniel J. 7122407d608STan Swee Heng Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 7131da177e4SLinus Torvalds 714974e4b75STan Swee Hengconfig CRYPTO_SALSA20_586 715974e4b75STan Swee Heng tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)" 716974e4b75STan Swee Heng depends on (X86 || UML_X86) && !64BIT 717974e4b75STan Swee Heng depends on EXPERIMENTAL 718974e4b75STan Swee Heng select CRYPTO_BLKCIPHER 719974e4b75STan Swee Heng help 720974e4b75STan Swee Heng Salsa20 stream cipher algorithm. 721974e4b75STan Swee Heng 722974e4b75STan Swee Heng Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 723974e4b75STan Swee Heng Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 724974e4b75STan Swee Heng 725974e4b75STan Swee Heng The Salsa20 stream cipher algorithm is designed by Daniel J. 726974e4b75STan Swee Heng Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 727974e4b75STan Swee Heng 7289a7dafbbSTan Swee Hengconfig CRYPTO_SALSA20_X86_64 7299a7dafbbSTan Swee Heng tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)" 7309a7dafbbSTan Swee Heng depends on (X86 || UML_X86) && 64BIT 7319a7dafbbSTan Swee Heng depends on EXPERIMENTAL 7329a7dafbbSTan Swee Heng select CRYPTO_BLKCIPHER 7339a7dafbbSTan Swee Heng help 7349a7dafbbSTan Swee Heng Salsa20 stream cipher algorithm. 7359a7dafbbSTan Swee Heng 7369a7dafbbSTan Swee Heng Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 7379a7dafbbSTan Swee Heng Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 7389a7dafbbSTan Swee Heng 7399a7dafbbSTan Swee Heng The Salsa20 stream cipher algorithm is designed by Daniel J. 7409a7dafbbSTan Swee Heng Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 7419a7dafbbSTan Swee Heng 742584fffc8SSebastian Siewiorconfig CRYPTO_SEED 743584fffc8SSebastian Siewior tristate "SEED cipher algorithm" 744584fffc8SSebastian Siewior select CRYPTO_ALGAPI 745584fffc8SSebastian Siewior help 746584fffc8SSebastian Siewior SEED cipher algorithm (RFC4269). 747584fffc8SSebastian Siewior 748584fffc8SSebastian Siewior SEED is a 128-bit symmetric key block cipher that has been 749584fffc8SSebastian Siewior developed by KISA (Korea Information Security Agency) as a 750584fffc8SSebastian Siewior national standard encryption algorithm of the Republic of Korea. 751584fffc8SSebastian Siewior It is a 16 round block cipher with the key size of 128 bit. 752584fffc8SSebastian Siewior 753584fffc8SSebastian Siewior See also: 754584fffc8SSebastian Siewior <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 755584fffc8SSebastian Siewior 756584fffc8SSebastian Siewiorconfig CRYPTO_SERPENT 757584fffc8SSebastian Siewior tristate "Serpent cipher algorithm" 758584fffc8SSebastian Siewior select CRYPTO_ALGAPI 759584fffc8SSebastian Siewior help 760584fffc8SSebastian Siewior Serpent cipher algorithm, by Anderson, Biham & Knudsen. 761584fffc8SSebastian Siewior 762584fffc8SSebastian Siewior Keys are allowed to be from 0 to 256 bits in length, in steps 763584fffc8SSebastian Siewior of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 764584fffc8SSebastian Siewior variant of Serpent for compatibility with old kerneli.org code. 765584fffc8SSebastian Siewior 766584fffc8SSebastian Siewior See also: 767584fffc8SSebastian Siewior <http://www.cl.cam.ac.uk/~rja14/serpent.html> 768584fffc8SSebastian Siewior 769*937c30d7SJussi Kivilinnaconfig CRYPTO_SERPENT_SSE2_X86_64 770*937c30d7SJussi Kivilinna tristate "Serpent cipher algorithm (x86_64/SSE2)" 771*937c30d7SJussi Kivilinna depends on X86 && 64BIT 772*937c30d7SJussi Kivilinna select CRYPTO_ALGAPI 773*937c30d7SJussi Kivilinna select CRYPTO_SERPENT 774*937c30d7SJussi Kivilinna help 775*937c30d7SJussi Kivilinna Serpent cipher algorithm, by Anderson, Biham & Knudsen. 776*937c30d7SJussi Kivilinna 777*937c30d7SJussi Kivilinna Keys are allowed to be from 0 to 256 bits in length, in steps 778*937c30d7SJussi Kivilinna of 8 bits. 779*937c30d7SJussi Kivilinna 780*937c30d7SJussi Kivilinna This module provides Serpent cipher algorithm that processes eigth 781*937c30d7SJussi Kivilinna blocks parallel using SSE2 instruction set. 782*937c30d7SJussi Kivilinna 783*937c30d7SJussi Kivilinna See also: 784*937c30d7SJussi Kivilinna <http://www.cl.cam.ac.uk/~rja14/serpent.html> 785*937c30d7SJussi Kivilinna 786584fffc8SSebastian Siewiorconfig CRYPTO_TEA 787584fffc8SSebastian Siewior tristate "TEA, XTEA and XETA cipher algorithms" 788584fffc8SSebastian Siewior select CRYPTO_ALGAPI 789584fffc8SSebastian Siewior help 790584fffc8SSebastian Siewior TEA cipher algorithm. 791584fffc8SSebastian Siewior 792584fffc8SSebastian Siewior Tiny Encryption Algorithm is a simple cipher that uses 793584fffc8SSebastian Siewior many rounds for security. It is very fast and uses 794584fffc8SSebastian Siewior little memory. 795584fffc8SSebastian Siewior 796584fffc8SSebastian Siewior Xtendend Tiny Encryption Algorithm is a modification to 797584fffc8SSebastian Siewior the TEA algorithm to address a potential key weakness 798584fffc8SSebastian Siewior in the TEA algorithm. 799584fffc8SSebastian Siewior 800584fffc8SSebastian Siewior Xtendend Encryption Tiny Algorithm is a mis-implementation 801584fffc8SSebastian Siewior of the XTEA algorithm for compatibility purposes. 802584fffc8SSebastian Siewior 803584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH 804584fffc8SSebastian Siewior tristate "Twofish cipher algorithm" 805584fffc8SSebastian Siewior select CRYPTO_ALGAPI 806584fffc8SSebastian Siewior select CRYPTO_TWOFISH_COMMON 807584fffc8SSebastian Siewior help 808584fffc8SSebastian Siewior Twofish cipher algorithm. 809584fffc8SSebastian Siewior 810584fffc8SSebastian Siewior Twofish was submitted as an AES (Advanced Encryption Standard) 811584fffc8SSebastian Siewior candidate cipher by researchers at CounterPane Systems. It is a 812584fffc8SSebastian Siewior 16 round block cipher supporting key sizes of 128, 192, and 256 813584fffc8SSebastian Siewior bits. 814584fffc8SSebastian Siewior 815584fffc8SSebastian Siewior See also: 816584fffc8SSebastian Siewior <http://www.schneier.com/twofish.html> 817584fffc8SSebastian Siewior 818584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH_COMMON 819584fffc8SSebastian Siewior tristate 820584fffc8SSebastian Siewior help 821584fffc8SSebastian Siewior Common parts of the Twofish cipher algorithm shared by the 822584fffc8SSebastian Siewior generic c and the assembler implementations. 823584fffc8SSebastian Siewior 824584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH_586 825584fffc8SSebastian Siewior tristate "Twofish cipher algorithms (i586)" 826584fffc8SSebastian Siewior depends on (X86 || UML_X86) && !64BIT 827584fffc8SSebastian Siewior select CRYPTO_ALGAPI 828584fffc8SSebastian Siewior select CRYPTO_TWOFISH_COMMON 829584fffc8SSebastian Siewior help 830584fffc8SSebastian Siewior Twofish cipher algorithm. 831584fffc8SSebastian Siewior 832584fffc8SSebastian Siewior Twofish was submitted as an AES (Advanced Encryption Standard) 833584fffc8SSebastian Siewior candidate cipher by researchers at CounterPane Systems. It is a 834584fffc8SSebastian Siewior 16 round block cipher supporting key sizes of 128, 192, and 256 835584fffc8SSebastian Siewior bits. 836584fffc8SSebastian Siewior 837584fffc8SSebastian Siewior See also: 838584fffc8SSebastian Siewior <http://www.schneier.com/twofish.html> 839584fffc8SSebastian Siewior 840584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH_X86_64 841584fffc8SSebastian Siewior tristate "Twofish cipher algorithm (x86_64)" 842584fffc8SSebastian Siewior depends on (X86 || UML_X86) && 64BIT 843584fffc8SSebastian Siewior select CRYPTO_ALGAPI 844584fffc8SSebastian Siewior select CRYPTO_TWOFISH_COMMON 845584fffc8SSebastian Siewior help 846584fffc8SSebastian Siewior Twofish cipher algorithm (x86_64). 847584fffc8SSebastian Siewior 848584fffc8SSebastian Siewior Twofish was submitted as an AES (Advanced Encryption Standard) 849584fffc8SSebastian Siewior candidate cipher by researchers at CounterPane Systems. It is a 850584fffc8SSebastian Siewior 16 round block cipher supporting key sizes of 128, 192, and 256 851584fffc8SSebastian Siewior bits. 852584fffc8SSebastian Siewior 853584fffc8SSebastian Siewior See also: 854584fffc8SSebastian Siewior <http://www.schneier.com/twofish.html> 855584fffc8SSebastian Siewior 8568280daadSJussi Kivilinnaconfig CRYPTO_TWOFISH_X86_64_3WAY 8578280daadSJussi Kivilinna tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 8588280daadSJussi Kivilinna depends on (X86 || UML_X86) && 64BIT 8598280daadSJussi Kivilinna select CRYPTO_ALGAPI 8608280daadSJussi Kivilinna select CRYPTO_TWOFISH_COMMON 8618280daadSJussi Kivilinna select CRYPTO_TWOFISH_X86_64 8628280daadSJussi Kivilinna help 8638280daadSJussi Kivilinna Twofish cipher algorithm (x86_64, 3-way parallel). 8648280daadSJussi Kivilinna 8658280daadSJussi Kivilinna Twofish was submitted as an AES (Advanced Encryption Standard) 8668280daadSJussi Kivilinna candidate cipher by researchers at CounterPane Systems. It is a 8678280daadSJussi Kivilinna 16 round block cipher supporting key sizes of 128, 192, and 256 8688280daadSJussi Kivilinna bits. 8698280daadSJussi Kivilinna 8708280daadSJussi Kivilinna This module provides Twofish cipher algorithm that processes three 8718280daadSJussi Kivilinna blocks parallel, utilizing resources of out-of-order CPUs better. 8728280daadSJussi Kivilinna 8738280daadSJussi Kivilinna See also: 8748280daadSJussi Kivilinna <http://www.schneier.com/twofish.html> 8758280daadSJussi Kivilinna 876584fffc8SSebastian Siewiorcomment "Compression" 877584fffc8SSebastian Siewior 8781da177e4SLinus Torvaldsconfig CRYPTO_DEFLATE 8791da177e4SLinus Torvalds tristate "Deflate compression algorithm" 880cce9e06dSHerbert Xu select CRYPTO_ALGAPI 8811da177e4SLinus Torvalds select ZLIB_INFLATE 8821da177e4SLinus Torvalds select ZLIB_DEFLATE 8831da177e4SLinus Torvalds help 8841da177e4SLinus Torvalds This is the Deflate algorithm (RFC1951), specified for use in 8851da177e4SLinus Torvalds IPSec with the IPCOMP protocol (RFC3173, RFC2394). 8861da177e4SLinus Torvalds 8871da177e4SLinus Torvalds You will most probably want this if using IPSec. 8881da177e4SLinus Torvalds 889bf68e65eSGeert Uytterhoevenconfig CRYPTO_ZLIB 890bf68e65eSGeert Uytterhoeven tristate "Zlib compression algorithm" 891bf68e65eSGeert Uytterhoeven select CRYPTO_PCOMP 892bf68e65eSGeert Uytterhoeven select ZLIB_INFLATE 893bf68e65eSGeert Uytterhoeven select ZLIB_DEFLATE 894bf68e65eSGeert Uytterhoeven select NLATTR 895bf68e65eSGeert Uytterhoeven help 896bf68e65eSGeert Uytterhoeven This is the zlib algorithm. 897bf68e65eSGeert Uytterhoeven 8980b77abb3SZoltan Sogorconfig CRYPTO_LZO 8990b77abb3SZoltan Sogor tristate "LZO compression algorithm" 9000b77abb3SZoltan Sogor select CRYPTO_ALGAPI 9010b77abb3SZoltan Sogor select LZO_COMPRESS 9020b77abb3SZoltan Sogor select LZO_DECOMPRESS 9030b77abb3SZoltan Sogor help 9040b77abb3SZoltan Sogor This is the LZO algorithm. 9050b77abb3SZoltan Sogor 90617f0f4a4SNeil Hormancomment "Random Number Generation" 90717f0f4a4SNeil Horman 90817f0f4a4SNeil Hormanconfig CRYPTO_ANSI_CPRNG 90917f0f4a4SNeil Horman tristate "Pseudo Random Number Generation for Cryptographic modules" 9104e4ed83bSNeil Horman default m 91117f0f4a4SNeil Horman select CRYPTO_AES 91217f0f4a4SNeil Horman select CRYPTO_RNG 91317f0f4a4SNeil Horman help 91417f0f4a4SNeil Horman This option enables the generic pseudo random number generator 91517f0f4a4SNeil Horman for cryptographic modules. Uses the Algorithm specified in 9167dd607e8SJiri Kosina ANSI X9.31 A.2.4. Note that this option must be enabled if 9177dd607e8SJiri Kosina CRYPTO_FIPS is selected 91817f0f4a4SNeil Horman 91903c8efc1SHerbert Xuconfig CRYPTO_USER_API 92003c8efc1SHerbert Xu tristate 92103c8efc1SHerbert Xu 922fe869cdbSHerbert Xuconfig CRYPTO_USER_API_HASH 923fe869cdbSHerbert Xu tristate "User-space interface for hash algorithms" 9247451708fSHerbert Xu depends on NET 925fe869cdbSHerbert Xu select CRYPTO_HASH 926fe869cdbSHerbert Xu select CRYPTO_USER_API 927fe869cdbSHerbert Xu help 928fe869cdbSHerbert Xu This option enables the user-spaces interface for hash 929fe869cdbSHerbert Xu algorithms. 930fe869cdbSHerbert Xu 9318ff59090SHerbert Xuconfig CRYPTO_USER_API_SKCIPHER 9328ff59090SHerbert Xu tristate "User-space interface for symmetric key cipher algorithms" 9337451708fSHerbert Xu depends on NET 9348ff59090SHerbert Xu select CRYPTO_BLKCIPHER 9358ff59090SHerbert Xu select CRYPTO_USER_API 9368ff59090SHerbert Xu help 9378ff59090SHerbert Xu This option enables the user-spaces interface for symmetric 9388ff59090SHerbert Xu key cipher algorithms. 9398ff59090SHerbert Xu 9401da177e4SLinus Torvaldssource "drivers/crypto/Kconfig" 9411da177e4SLinus Torvalds 942cce9e06dSHerbert Xuendif # if CRYPTO 943