11da177e4SLinus Torvalds# 2685784aaSDan Williams# Generic algorithms support 3685784aaSDan Williams# 4685784aaSDan Williamsconfig XOR_BLOCKS 5685784aaSDan Williams tristate 6685784aaSDan Williams 7685784aaSDan Williams# 89bc89cd8SDan Williams# async_tx api: hardware offloaded memory transfer/transform support 99bc89cd8SDan Williams# 109bc89cd8SDan Williamssource "crypto/async_tx/Kconfig" 119bc89cd8SDan Williams 129bc89cd8SDan Williams# 131da177e4SLinus Torvalds# Cryptographic API Configuration 141da177e4SLinus Torvalds# 152e290f43SJan Engelhardtmenuconfig CRYPTO 16c3715cb9SSebastian Siewior tristate "Cryptographic API" 171da177e4SLinus Torvalds help 181da177e4SLinus Torvalds This option provides the core Cryptographic API. 191da177e4SLinus Torvalds 20cce9e06dSHerbert Xuif CRYPTO 21cce9e06dSHerbert Xu 22584fffc8SSebastian Siewiorcomment "Crypto core or helper" 23584fffc8SSebastian Siewior 24ccb778e1SNeil Hormanconfig CRYPTO_FIPS 25ccb778e1SNeil Horman bool "FIPS 200 compliance" 26e84c5480SChuck Ebbert depends on CRYPTO_ANSI_CPRNG && !CRYPTO_MANAGER_DISABLE_TESTS 27ccb778e1SNeil Horman help 28ccb778e1SNeil Horman This options enables the fips boot option which is 29ccb778e1SNeil Horman required if you want to system to operate in a FIPS 200 30ccb778e1SNeil Horman certification. You should say no unless you know what 31e84c5480SChuck Ebbert this is. 32ccb778e1SNeil Horman 33cce9e06dSHerbert Xuconfig CRYPTO_ALGAPI 34cce9e06dSHerbert Xu tristate 356a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 36cce9e06dSHerbert Xu help 37cce9e06dSHerbert Xu This option provides the API for cryptographic algorithms. 38cce9e06dSHerbert Xu 396a0fcbb4SHerbert Xuconfig CRYPTO_ALGAPI2 406a0fcbb4SHerbert Xu tristate 416a0fcbb4SHerbert Xu 421ae97820SHerbert Xuconfig CRYPTO_AEAD 431ae97820SHerbert Xu tristate 446a0fcbb4SHerbert Xu select CRYPTO_AEAD2 451ae97820SHerbert Xu select CRYPTO_ALGAPI 461ae97820SHerbert Xu 476a0fcbb4SHerbert Xuconfig CRYPTO_AEAD2 486a0fcbb4SHerbert Xu tristate 496a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 506a0fcbb4SHerbert Xu 515cde0af2SHerbert Xuconfig CRYPTO_BLKCIPHER 525cde0af2SHerbert Xu tristate 536a0fcbb4SHerbert Xu select CRYPTO_BLKCIPHER2 545cde0af2SHerbert Xu select CRYPTO_ALGAPI 556a0fcbb4SHerbert Xu 566a0fcbb4SHerbert Xuconfig CRYPTO_BLKCIPHER2 576a0fcbb4SHerbert Xu tristate 586a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 596a0fcbb4SHerbert Xu select CRYPTO_RNG2 600a2e821dSHuang Ying select CRYPTO_WORKQUEUE 615cde0af2SHerbert Xu 62055bcee3SHerbert Xuconfig CRYPTO_HASH 63055bcee3SHerbert Xu tristate 646a0fcbb4SHerbert Xu select CRYPTO_HASH2 65055bcee3SHerbert Xu select CRYPTO_ALGAPI 66055bcee3SHerbert Xu 676a0fcbb4SHerbert Xuconfig CRYPTO_HASH2 686a0fcbb4SHerbert Xu tristate 696a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 706a0fcbb4SHerbert Xu 7117f0f4a4SNeil Hormanconfig CRYPTO_RNG 7217f0f4a4SNeil Horman tristate 736a0fcbb4SHerbert Xu select CRYPTO_RNG2 7417f0f4a4SNeil Horman select CRYPTO_ALGAPI 7517f0f4a4SNeil Horman 766a0fcbb4SHerbert Xuconfig CRYPTO_RNG2 776a0fcbb4SHerbert Xu tristate 786a0fcbb4SHerbert Xu select CRYPTO_ALGAPI2 796a0fcbb4SHerbert Xu 80a1d2f095SGeert Uytterhoevenconfig CRYPTO_PCOMP 81a1d2f095SGeert Uytterhoeven tristate 82bc94e596SHerbert Xu select CRYPTO_PCOMP2 83bc94e596SHerbert Xu select CRYPTO_ALGAPI 84bc94e596SHerbert Xu 85bc94e596SHerbert Xuconfig CRYPTO_PCOMP2 86bc94e596SHerbert Xu tristate 87a1d2f095SGeert Uytterhoeven select CRYPTO_ALGAPI2 88a1d2f095SGeert Uytterhoeven 892b8c19dbSHerbert Xuconfig CRYPTO_MANAGER 902b8c19dbSHerbert Xu tristate "Cryptographic algorithm manager" 916a0fcbb4SHerbert Xu select CRYPTO_MANAGER2 922b8c19dbSHerbert Xu help 932b8c19dbSHerbert Xu Create default cryptographic template instantiations such as 942b8c19dbSHerbert Xu cbc(aes). 952b8c19dbSHerbert Xu 966a0fcbb4SHerbert Xuconfig CRYPTO_MANAGER2 976a0fcbb4SHerbert Xu def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) 986a0fcbb4SHerbert Xu select CRYPTO_AEAD2 996a0fcbb4SHerbert Xu select CRYPTO_HASH2 1006a0fcbb4SHerbert Xu select CRYPTO_BLKCIPHER2 101bc94e596SHerbert Xu select CRYPTO_PCOMP2 1026a0fcbb4SHerbert Xu 103a38f7907SSteffen Klassertconfig CRYPTO_USER 104a38f7907SSteffen Klassert tristate "Userspace cryptographic algorithm configuration" 1055db017aaSHerbert Xu depends on NET 106a38f7907SSteffen Klassert select CRYPTO_MANAGER 107a38f7907SSteffen Klassert help 108d19978f5SValdis.Kletnieks@vt.edu Userspace configuration for cryptographic instantiations such as 109a38f7907SSteffen Klassert cbc(aes). 110a38f7907SSteffen Klassert 111326a6346SHerbert Xuconfig CRYPTO_MANAGER_DISABLE_TESTS 112326a6346SHerbert Xu bool "Disable run-time self tests" 11300ca28a5SHerbert Xu default y 11400ca28a5SHerbert Xu depends on CRYPTO_MANAGER2 1150b767f96SAlexander Shishkin help 116326a6346SHerbert Xu Disable run-time self tests that normally take place at 117326a6346SHerbert Xu algorithm registration. 1180b767f96SAlexander Shishkin 119584fffc8SSebastian Siewiorconfig CRYPTO_GF128MUL 120584fffc8SSebastian Siewior tristate "GF(2^128) multiplication functions (EXPERIMENTAL)" 121584fffc8SSebastian Siewior help 122584fffc8SSebastian Siewior Efficient table driven implementation of multiplications in the 123584fffc8SSebastian Siewior field GF(2^128). This is needed by some cypher modes. This 124584fffc8SSebastian Siewior option will be selected automatically if you select such a 125584fffc8SSebastian Siewior cipher mode. Only select this option by hand if you expect to load 126584fffc8SSebastian Siewior an external module that requires these functions. 127584fffc8SSebastian Siewior 128584fffc8SSebastian Siewiorconfig CRYPTO_NULL 129584fffc8SSebastian Siewior tristate "Null algorithms" 130584fffc8SSebastian Siewior select CRYPTO_ALGAPI 131584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 132d35d2454SHerbert Xu select CRYPTO_HASH 133584fffc8SSebastian Siewior help 134584fffc8SSebastian Siewior These are 'Null' algorithms, used by IPsec, which do nothing. 135584fffc8SSebastian Siewior 1365068c7a8SSteffen Klassertconfig CRYPTO_PCRYPT 1375068c7a8SSteffen Klassert tristate "Parallel crypto engine (EXPERIMENTAL)" 1385068c7a8SSteffen Klassert depends on SMP && EXPERIMENTAL 1395068c7a8SSteffen Klassert select PADATA 1405068c7a8SSteffen Klassert select CRYPTO_MANAGER 1415068c7a8SSteffen Klassert select CRYPTO_AEAD 1425068c7a8SSteffen Klassert help 1435068c7a8SSteffen Klassert This converts an arbitrary crypto algorithm into a parallel 1445068c7a8SSteffen Klassert algorithm that executes in kernel threads. 1455068c7a8SSteffen Klassert 14625c38d3fSHuang Yingconfig CRYPTO_WORKQUEUE 14725c38d3fSHuang Ying tristate 14825c38d3fSHuang Ying 149584fffc8SSebastian Siewiorconfig CRYPTO_CRYPTD 150584fffc8SSebastian Siewior tristate "Software async crypto daemon" 151584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 152b8a28251SLoc Ho select CRYPTO_HASH 153584fffc8SSebastian Siewior select CRYPTO_MANAGER 154254eff77SHuang Ying select CRYPTO_WORKQUEUE 155584fffc8SSebastian Siewior help 156584fffc8SSebastian Siewior This is a generic software asynchronous crypto daemon that 157584fffc8SSebastian Siewior converts an arbitrary synchronous software crypto algorithm 158584fffc8SSebastian Siewior into an asynchronous algorithm that executes in a kernel thread. 159584fffc8SSebastian Siewior 160584fffc8SSebastian Siewiorconfig CRYPTO_AUTHENC 161584fffc8SSebastian Siewior tristate "Authenc support" 162584fffc8SSebastian Siewior select CRYPTO_AEAD 163584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 164584fffc8SSebastian Siewior select CRYPTO_MANAGER 165584fffc8SSebastian Siewior select CRYPTO_HASH 166584fffc8SSebastian Siewior help 167584fffc8SSebastian Siewior Authenc: Combined mode wrapper for IPsec. 168584fffc8SSebastian Siewior This is required for IPSec. 169584fffc8SSebastian Siewior 170584fffc8SSebastian Siewiorconfig CRYPTO_TEST 171584fffc8SSebastian Siewior tristate "Testing module" 172584fffc8SSebastian Siewior depends on m 173da7f033dSHerbert Xu select CRYPTO_MANAGER 174584fffc8SSebastian Siewior help 175584fffc8SSebastian Siewior Quick & dirty crypto test module. 176584fffc8SSebastian Siewior 177584fffc8SSebastian Siewiorcomment "Authenticated Encryption with Associated Data" 178584fffc8SSebastian Siewior 179584fffc8SSebastian Siewiorconfig CRYPTO_CCM 180584fffc8SSebastian Siewior tristate "CCM support" 181584fffc8SSebastian Siewior select CRYPTO_CTR 182584fffc8SSebastian Siewior select CRYPTO_AEAD 183584fffc8SSebastian Siewior help 184584fffc8SSebastian Siewior Support for Counter with CBC MAC. Required for IPsec. 185584fffc8SSebastian Siewior 186584fffc8SSebastian Siewiorconfig CRYPTO_GCM 187584fffc8SSebastian Siewior tristate "GCM/GMAC support" 188584fffc8SSebastian Siewior select CRYPTO_CTR 189584fffc8SSebastian Siewior select CRYPTO_AEAD 1909382d97aSHuang Ying select CRYPTO_GHASH 191584fffc8SSebastian Siewior help 192584fffc8SSebastian Siewior Support for Galois/Counter Mode (GCM) and Galois Message 193584fffc8SSebastian Siewior Authentication Code (GMAC). Required for IPSec. 194584fffc8SSebastian Siewior 195584fffc8SSebastian Siewiorconfig CRYPTO_SEQIV 196584fffc8SSebastian Siewior tristate "Sequence Number IV Generator" 197584fffc8SSebastian Siewior select CRYPTO_AEAD 198584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 199a0f000ecSHerbert Xu select CRYPTO_RNG 200584fffc8SSebastian Siewior help 201584fffc8SSebastian Siewior This IV generator generates an IV based on a sequence number by 202584fffc8SSebastian Siewior xoring it with a salt. This algorithm is mainly useful for CTR 203584fffc8SSebastian Siewior 204584fffc8SSebastian Siewiorcomment "Block modes" 205584fffc8SSebastian Siewior 206584fffc8SSebastian Siewiorconfig CRYPTO_CBC 207584fffc8SSebastian Siewior tristate "CBC support" 208584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 209584fffc8SSebastian Siewior select CRYPTO_MANAGER 210584fffc8SSebastian Siewior help 211584fffc8SSebastian Siewior CBC: Cipher Block Chaining mode 212584fffc8SSebastian Siewior This block cipher algorithm is required for IPSec. 213584fffc8SSebastian Siewior 214584fffc8SSebastian Siewiorconfig CRYPTO_CTR 215584fffc8SSebastian Siewior tristate "CTR support" 216584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 217584fffc8SSebastian Siewior select CRYPTO_SEQIV 218584fffc8SSebastian Siewior select CRYPTO_MANAGER 219584fffc8SSebastian Siewior help 220584fffc8SSebastian Siewior CTR: Counter mode 221584fffc8SSebastian Siewior This block cipher algorithm is required for IPSec. 222584fffc8SSebastian Siewior 223584fffc8SSebastian Siewiorconfig CRYPTO_CTS 224584fffc8SSebastian Siewior tristate "CTS support" 225584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 226584fffc8SSebastian Siewior help 227584fffc8SSebastian Siewior CTS: Cipher Text Stealing 228584fffc8SSebastian Siewior This is the Cipher Text Stealing mode as described by 229584fffc8SSebastian Siewior Section 8 of rfc2040 and referenced by rfc3962. 230584fffc8SSebastian Siewior (rfc3962 includes errata information in its Appendix A) 231584fffc8SSebastian Siewior This mode is required for Kerberos gss mechanism support 232584fffc8SSebastian Siewior for AES encryption. 233584fffc8SSebastian Siewior 234584fffc8SSebastian Siewiorconfig CRYPTO_ECB 235584fffc8SSebastian Siewior tristate "ECB support" 236584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 237584fffc8SSebastian Siewior select CRYPTO_MANAGER 238584fffc8SSebastian Siewior help 239584fffc8SSebastian Siewior ECB: Electronic CodeBook mode 240584fffc8SSebastian Siewior This is the simplest block cipher algorithm. It simply encrypts 241584fffc8SSebastian Siewior the input block by block. 242584fffc8SSebastian Siewior 243584fffc8SSebastian Siewiorconfig CRYPTO_LRW 2442470a2b2SJussi Kivilinna tristate "LRW support" 245584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 246584fffc8SSebastian Siewior select CRYPTO_MANAGER 247584fffc8SSebastian Siewior select CRYPTO_GF128MUL 248584fffc8SSebastian Siewior help 249584fffc8SSebastian Siewior LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable 250584fffc8SSebastian Siewior narrow block cipher mode for dm-crypt. Use it with cipher 251584fffc8SSebastian Siewior specification string aes-lrw-benbi, the key must be 256, 320 or 384. 252584fffc8SSebastian Siewior The first 128, 192 or 256 bits in the key are used for AES and the 253584fffc8SSebastian Siewior rest is used to tie each cipher block to its logical position. 254584fffc8SSebastian Siewior 255584fffc8SSebastian Siewiorconfig CRYPTO_PCBC 256584fffc8SSebastian Siewior tristate "PCBC support" 257584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 258584fffc8SSebastian Siewior select CRYPTO_MANAGER 259584fffc8SSebastian Siewior help 260584fffc8SSebastian Siewior PCBC: Propagating Cipher Block Chaining mode 261584fffc8SSebastian Siewior This block cipher algorithm is required for RxRPC. 262584fffc8SSebastian Siewior 263584fffc8SSebastian Siewiorconfig CRYPTO_XTS 2645bcf8e6dSJussi Kivilinna tristate "XTS support" 265584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 266584fffc8SSebastian Siewior select CRYPTO_MANAGER 267584fffc8SSebastian Siewior select CRYPTO_GF128MUL 268584fffc8SSebastian Siewior help 269584fffc8SSebastian Siewior XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, 270584fffc8SSebastian Siewior key size 256, 384 or 512 bits. This implementation currently 271584fffc8SSebastian Siewior can't handle a sectorsize which is not a multiple of 16 bytes. 272584fffc8SSebastian Siewior 273584fffc8SSebastian Siewiorcomment "Hash modes" 274584fffc8SSebastian Siewior 2751da177e4SLinus Torvaldsconfig CRYPTO_HMAC 2768425165dSHerbert Xu tristate "HMAC support" 2770796ae06SHerbert Xu select CRYPTO_HASH 27843518407SHerbert Xu select CRYPTO_MANAGER 2791da177e4SLinus Torvalds help 2801da177e4SLinus Torvalds HMAC: Keyed-Hashing for Message Authentication (RFC2104). 2811da177e4SLinus Torvalds This is required for IPSec. 2821da177e4SLinus Torvalds 283333b0d7eSKazunori MIYAZAWAconfig CRYPTO_XCBC 284333b0d7eSKazunori MIYAZAWA tristate "XCBC support" 285333b0d7eSKazunori MIYAZAWA depends on EXPERIMENTAL 286333b0d7eSKazunori MIYAZAWA select CRYPTO_HASH 287333b0d7eSKazunori MIYAZAWA select CRYPTO_MANAGER 288333b0d7eSKazunori MIYAZAWA help 289333b0d7eSKazunori MIYAZAWA XCBC: Keyed-Hashing with encryption algorithm 290333b0d7eSKazunori MIYAZAWA http://www.ietf.org/rfc/rfc3566.txt 291333b0d7eSKazunori MIYAZAWA http://csrc.nist.gov/encryption/modes/proposedmodes/ 292333b0d7eSKazunori MIYAZAWA xcbc-mac/xcbc-mac-spec.pdf 293333b0d7eSKazunori MIYAZAWA 294f1939f7cSShane Wangconfig CRYPTO_VMAC 295f1939f7cSShane Wang tristate "VMAC support" 296f1939f7cSShane Wang depends on EXPERIMENTAL 297f1939f7cSShane Wang select CRYPTO_HASH 298f1939f7cSShane Wang select CRYPTO_MANAGER 299f1939f7cSShane Wang help 300f1939f7cSShane Wang VMAC is a message authentication algorithm designed for 301f1939f7cSShane Wang very high speed on 64-bit architectures. 302f1939f7cSShane Wang 303f1939f7cSShane Wang See also: 304f1939f7cSShane Wang <http://fastcrypto.org/vmac> 305f1939f7cSShane Wang 306584fffc8SSebastian Siewiorcomment "Digest" 307584fffc8SSebastian Siewior 308584fffc8SSebastian Siewiorconfig CRYPTO_CRC32C 309584fffc8SSebastian Siewior tristate "CRC32c CRC algorithm" 3105773a3e6SHerbert Xu select CRYPTO_HASH 3111da177e4SLinus Torvalds help 312584fffc8SSebastian Siewior Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used 313584fffc8SSebastian Siewior by iSCSI for header and data digests and by others. 31469c35efcSHerbert Xu See Castagnoli93. Module will be crc32c. 3151da177e4SLinus Torvalds 3168cb51ba8SAustin Zhangconfig CRYPTO_CRC32C_INTEL 3178cb51ba8SAustin Zhang tristate "CRC32c INTEL hardware acceleration" 3188cb51ba8SAustin Zhang depends on X86 3198cb51ba8SAustin Zhang select CRYPTO_HASH 3208cb51ba8SAustin Zhang help 3218cb51ba8SAustin Zhang In Intel processor with SSE4.2 supported, the processor will 3228cb51ba8SAustin Zhang support CRC32C implementation using hardware accelerated CRC32 3238cb51ba8SAustin Zhang instruction. This option will create 'crc32c-intel' module, 3248cb51ba8SAustin Zhang which will enable any routine to use the CRC32 instruction to 3258cb51ba8SAustin Zhang gain performance compared with software implementation. 3268cb51ba8SAustin Zhang Module will be crc32c-intel. 3278cb51ba8SAustin Zhang 3282cdc6899SHuang Yingconfig CRYPTO_GHASH 3292cdc6899SHuang Ying tristate "GHASH digest algorithm" 3302cdc6899SHuang Ying select CRYPTO_SHASH 3312cdc6899SHuang Ying select CRYPTO_GF128MUL 3322cdc6899SHuang Ying help 3332cdc6899SHuang Ying GHASH is message digest algorithm for GCM (Galois/Counter Mode). 3342cdc6899SHuang Ying 3351da177e4SLinus Torvaldsconfig CRYPTO_MD4 3361da177e4SLinus Torvalds tristate "MD4 digest algorithm" 337808a1763SAdrian-Ken Rueegsegger select CRYPTO_HASH 3381da177e4SLinus Torvalds help 3391da177e4SLinus Torvalds MD4 message digest algorithm (RFC1320). 3401da177e4SLinus Torvalds 3411da177e4SLinus Torvaldsconfig CRYPTO_MD5 3421da177e4SLinus Torvalds tristate "MD5 digest algorithm" 34314b75ba7SAdrian-Ken Rueegsegger select CRYPTO_HASH 3441da177e4SLinus Torvalds help 3451da177e4SLinus Torvalds MD5 message digest algorithm (RFC1321). 3461da177e4SLinus Torvalds 347584fffc8SSebastian Siewiorconfig CRYPTO_MICHAEL_MIC 348584fffc8SSebastian Siewior tristate "Michael MIC keyed digest algorithm" 34919e2bf14SAdrian-Ken Rueegsegger select CRYPTO_HASH 350584fffc8SSebastian Siewior help 351584fffc8SSebastian Siewior Michael MIC is used for message integrity protection in TKIP 352584fffc8SSebastian Siewior (IEEE 802.11i). This algorithm is required for TKIP, but it 353584fffc8SSebastian Siewior should not be used for other purposes because of the weakness 354584fffc8SSebastian Siewior of the algorithm. 355584fffc8SSebastian Siewior 35682798f90SAdrian-Ken Rueegseggerconfig CRYPTO_RMD128 35782798f90SAdrian-Ken Rueegsegger tristate "RIPEMD-128 digest algorithm" 3587c4468bcSHerbert Xu select CRYPTO_HASH 35982798f90SAdrian-Ken Rueegsegger help 36082798f90SAdrian-Ken Rueegsegger RIPEMD-128 (ISO/IEC 10118-3:2004). 36182798f90SAdrian-Ken Rueegsegger 36282798f90SAdrian-Ken Rueegsegger RIPEMD-128 is a 128-bit cryptographic hash function. It should only 36335ed4b35SMichael Witten be used as a secure replacement for RIPEMD. For other use cases, 36482798f90SAdrian-Ken Rueegsegger RIPEMD-160 should be used. 36582798f90SAdrian-Ken Rueegsegger 36682798f90SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 3676d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 36882798f90SAdrian-Ken Rueegsegger 36982798f90SAdrian-Ken Rueegseggerconfig CRYPTO_RMD160 37082798f90SAdrian-Ken Rueegsegger tristate "RIPEMD-160 digest algorithm" 371e5835fbaSHerbert Xu select CRYPTO_HASH 37282798f90SAdrian-Ken Rueegsegger help 37382798f90SAdrian-Ken Rueegsegger RIPEMD-160 (ISO/IEC 10118-3:2004). 37482798f90SAdrian-Ken Rueegsegger 37582798f90SAdrian-Ken Rueegsegger RIPEMD-160 is a 160-bit cryptographic hash function. It is intended 37682798f90SAdrian-Ken Rueegsegger to be used as a secure replacement for the 128-bit hash functions 377b6d44341SAdrian Bunk MD4, MD5 and it's predecessor RIPEMD 378b6d44341SAdrian Bunk (not to be confused with RIPEMD-128). 37982798f90SAdrian-Ken Rueegsegger 380b6d44341SAdrian Bunk It's speed is comparable to SHA1 and there are no known attacks 381b6d44341SAdrian Bunk against RIPEMD-160. 382534fe2c1SAdrian-Ken Rueegsegger 383534fe2c1SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 3846d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 385534fe2c1SAdrian-Ken Rueegsegger 386534fe2c1SAdrian-Ken Rueegseggerconfig CRYPTO_RMD256 387534fe2c1SAdrian-Ken Rueegsegger tristate "RIPEMD-256 digest algorithm" 388d8a5e2e9SHerbert Xu select CRYPTO_HASH 389534fe2c1SAdrian-Ken Rueegsegger help 390b6d44341SAdrian Bunk RIPEMD-256 is an optional extension of RIPEMD-128 with a 391b6d44341SAdrian Bunk 256 bit hash. It is intended for applications that require 392b6d44341SAdrian Bunk longer hash-results, without needing a larger security level 393b6d44341SAdrian Bunk (than RIPEMD-128). 394534fe2c1SAdrian-Ken Rueegsegger 395534fe2c1SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 3966d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 397534fe2c1SAdrian-Ken Rueegsegger 398534fe2c1SAdrian-Ken Rueegseggerconfig CRYPTO_RMD320 399534fe2c1SAdrian-Ken Rueegsegger tristate "RIPEMD-320 digest algorithm" 4003b8efb4cSHerbert Xu select CRYPTO_HASH 401534fe2c1SAdrian-Ken Rueegsegger help 402b6d44341SAdrian Bunk RIPEMD-320 is an optional extension of RIPEMD-160 with a 403b6d44341SAdrian Bunk 320 bit hash. It is intended for applications that require 404b6d44341SAdrian Bunk longer hash-results, without needing a larger security level 405b6d44341SAdrian Bunk (than RIPEMD-160). 406534fe2c1SAdrian-Ken Rueegsegger 40782798f90SAdrian-Ken Rueegsegger Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 4086d8de74cSJustin P. Mattock See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> 40982798f90SAdrian-Ken Rueegsegger 4101da177e4SLinus Torvaldsconfig CRYPTO_SHA1 4111da177e4SLinus Torvalds tristate "SHA1 digest algorithm" 41254ccb367SAdrian-Ken Rueegsegger select CRYPTO_HASH 4131da177e4SLinus Torvalds help 4141da177e4SLinus Torvalds SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 4151da177e4SLinus Torvalds 41666be8951SMathias Krauseconfig CRYPTO_SHA1_SSSE3 41766be8951SMathias Krause tristate "SHA1 digest algorithm (SSSE3/AVX)" 41866be8951SMathias Krause depends on X86 && 64BIT 41966be8951SMathias Krause select CRYPTO_SHA1 42066be8951SMathias Krause select CRYPTO_HASH 42166be8951SMathias Krause help 42266be8951SMathias Krause SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented 42366be8951SMathias Krause using Supplemental SSE3 (SSSE3) instructions or Advanced Vector 42466be8951SMathias Krause Extensions (AVX), when available. 42566be8951SMathias Krause 4261da177e4SLinus Torvaldsconfig CRYPTO_SHA256 427cd12fb90SJonathan Lynch tristate "SHA224 and SHA256 digest algorithm" 42850e109b5SAdrian-Ken Rueegsegger select CRYPTO_HASH 4291da177e4SLinus Torvalds help 4301da177e4SLinus Torvalds SHA256 secure hash standard (DFIPS 180-2). 4311da177e4SLinus Torvalds 4321da177e4SLinus Torvalds This version of SHA implements a 256 bit hash with 128 bits of 4331da177e4SLinus Torvalds security against collision attacks. 4341da177e4SLinus Torvalds 435cd12fb90SJonathan Lynch This code also includes SHA-224, a 224 bit hash with 112 bits 436cd12fb90SJonathan Lynch of security against collision attacks. 437cd12fb90SJonathan Lynch 4381da177e4SLinus Torvaldsconfig CRYPTO_SHA512 4391da177e4SLinus Torvalds tristate "SHA384 and SHA512 digest algorithms" 440bd9d20dbSAdrian-Ken Rueegsegger select CRYPTO_HASH 4411da177e4SLinus Torvalds help 4421da177e4SLinus Torvalds SHA512 secure hash standard (DFIPS 180-2). 4431da177e4SLinus Torvalds 4441da177e4SLinus Torvalds This version of SHA implements a 512 bit hash with 256 bits of 4451da177e4SLinus Torvalds security against collision attacks. 4461da177e4SLinus Torvalds 4471da177e4SLinus Torvalds This code also includes SHA-384, a 384 bit hash with 192 bits 4481da177e4SLinus Torvalds of security against collision attacks. 4491da177e4SLinus Torvalds 4501da177e4SLinus Torvaldsconfig CRYPTO_TGR192 4511da177e4SLinus Torvalds tristate "Tiger digest algorithms" 452f63fbd3dSAdrian-Ken Rueegsegger select CRYPTO_HASH 4531da177e4SLinus Torvalds help 4541da177e4SLinus Torvalds Tiger hash algorithm 192, 160 and 128-bit hashes 4551da177e4SLinus Torvalds 4561da177e4SLinus Torvalds Tiger is a hash function optimized for 64-bit processors while 4571da177e4SLinus Torvalds still having decent performance on 32-bit processors. 4581da177e4SLinus Torvalds Tiger was developed by Ross Anderson and Eli Biham. 4591da177e4SLinus Torvalds 4601da177e4SLinus Torvalds See also: 4611da177e4SLinus Torvalds <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. 4621da177e4SLinus Torvalds 463584fffc8SSebastian Siewiorconfig CRYPTO_WP512 464584fffc8SSebastian Siewior tristate "Whirlpool digest algorithms" 4654946510bSAdrian-Ken Rueegsegger select CRYPTO_HASH 4661da177e4SLinus Torvalds help 467584fffc8SSebastian Siewior Whirlpool hash algorithm 512, 384 and 256-bit hashes 4681da177e4SLinus Torvalds 469584fffc8SSebastian Siewior Whirlpool-512 is part of the NESSIE cryptographic primitives. 470584fffc8SSebastian Siewior Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard 4711da177e4SLinus Torvalds 4721da177e4SLinus Torvalds See also: 4736d8de74cSJustin P. Mattock <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html> 4741da177e4SLinus Torvalds 4750e1227d3SHuang Yingconfig CRYPTO_GHASH_CLMUL_NI_INTEL 4760e1227d3SHuang Ying tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 4778af00860SRichard Weinberger depends on X86 && 64BIT 4780e1227d3SHuang Ying select CRYPTO_SHASH 4790e1227d3SHuang Ying select CRYPTO_CRYPTD 4800e1227d3SHuang Ying help 4810e1227d3SHuang Ying GHASH is message digest algorithm for GCM (Galois/Counter Mode). 4820e1227d3SHuang Ying The implementation is accelerated by CLMUL-NI of Intel. 4830e1227d3SHuang Ying 484584fffc8SSebastian Siewiorcomment "Ciphers" 4851da177e4SLinus Torvalds 4861da177e4SLinus Torvaldsconfig CRYPTO_AES 4871da177e4SLinus Torvalds tristate "AES cipher algorithms" 488cce9e06dSHerbert Xu select CRYPTO_ALGAPI 4891da177e4SLinus Torvalds help 4901da177e4SLinus Torvalds AES cipher algorithms (FIPS-197). AES uses the Rijndael 4911da177e4SLinus Torvalds algorithm. 4921da177e4SLinus Torvalds 4931da177e4SLinus Torvalds Rijndael appears to be consistently a very good performer in 4941da177e4SLinus Torvalds both hardware and software across a wide range of computing 4951da177e4SLinus Torvalds environments regardless of its use in feedback or non-feedback 4961da177e4SLinus Torvalds modes. Its key setup time is excellent, and its key agility is 4971da177e4SLinus Torvalds good. Rijndael's very low memory requirements make it very well 4981da177e4SLinus Torvalds suited for restricted-space environments, in which it also 4991da177e4SLinus Torvalds demonstrates excellent performance. Rijndael's operations are 5001da177e4SLinus Torvalds among the easiest to defend against power and timing attacks. 5011da177e4SLinus Torvalds 5021da177e4SLinus Torvalds The AES specifies three key sizes: 128, 192 and 256 bits 5031da177e4SLinus Torvalds 5041da177e4SLinus Torvalds See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information. 5051da177e4SLinus Torvalds 5061da177e4SLinus Torvaldsconfig CRYPTO_AES_586 5071da177e4SLinus Torvalds tristate "AES cipher algorithms (i586)" 508cce9e06dSHerbert Xu depends on (X86 || UML_X86) && !64BIT 509cce9e06dSHerbert Xu select CRYPTO_ALGAPI 5105157dea8SSebastian Siewior select CRYPTO_AES 5111da177e4SLinus Torvalds help 5121da177e4SLinus Torvalds AES cipher algorithms (FIPS-197). AES uses the Rijndael 5131da177e4SLinus Torvalds algorithm. 5141da177e4SLinus Torvalds 5151da177e4SLinus Torvalds Rijndael appears to be consistently a very good performer in 5161da177e4SLinus Torvalds both hardware and software across a wide range of computing 5171da177e4SLinus Torvalds environments regardless of its use in feedback or non-feedback 5181da177e4SLinus Torvalds modes. Its key setup time is excellent, and its key agility is 5191da177e4SLinus Torvalds good. Rijndael's very low memory requirements make it very well 5201da177e4SLinus Torvalds suited for restricted-space environments, in which it also 5211da177e4SLinus Torvalds demonstrates excellent performance. Rijndael's operations are 5221da177e4SLinus Torvalds among the easiest to defend against power and timing attacks. 5231da177e4SLinus Torvalds 5241da177e4SLinus Torvalds The AES specifies three key sizes: 128, 192 and 256 bits 5251da177e4SLinus Torvalds 5261da177e4SLinus Torvalds See <http://csrc.nist.gov/encryption/aes/> for more information. 5271da177e4SLinus Torvalds 528a2a892a2SAndreas Steinmetzconfig CRYPTO_AES_X86_64 529a2a892a2SAndreas Steinmetz tristate "AES cipher algorithms (x86_64)" 530cce9e06dSHerbert Xu depends on (X86 || UML_X86) && 64BIT 531cce9e06dSHerbert Xu select CRYPTO_ALGAPI 53281190b32SSebastian Siewior select CRYPTO_AES 533a2a892a2SAndreas Steinmetz help 534a2a892a2SAndreas Steinmetz AES cipher algorithms (FIPS-197). AES uses the Rijndael 535a2a892a2SAndreas Steinmetz algorithm. 536a2a892a2SAndreas Steinmetz 537a2a892a2SAndreas Steinmetz Rijndael appears to be consistently a very good performer in 538a2a892a2SAndreas Steinmetz both hardware and software across a wide range of computing 539a2a892a2SAndreas Steinmetz environments regardless of its use in feedback or non-feedback 540a2a892a2SAndreas Steinmetz modes. Its key setup time is excellent, and its key agility is 541a2a892a2SAndreas Steinmetz good. Rijndael's very low memory requirements make it very well 542a2a892a2SAndreas Steinmetz suited for restricted-space environments, in which it also 543a2a892a2SAndreas Steinmetz demonstrates excellent performance. Rijndael's operations are 544a2a892a2SAndreas Steinmetz among the easiest to defend against power and timing attacks. 545a2a892a2SAndreas Steinmetz 546a2a892a2SAndreas Steinmetz The AES specifies three key sizes: 128, 192 and 256 bits 547a2a892a2SAndreas Steinmetz 548a2a892a2SAndreas Steinmetz See <http://csrc.nist.gov/encryption/aes/> for more information. 549a2a892a2SAndreas Steinmetz 55054b6a1bdSHuang Yingconfig CRYPTO_AES_NI_INTEL 55154b6a1bdSHuang Ying tristate "AES cipher algorithms (AES-NI)" 5528af00860SRichard Weinberger depends on X86 5530d258efbSMathias Krause select CRYPTO_AES_X86_64 if 64BIT 5540d258efbSMathias Krause select CRYPTO_AES_586 if !64BIT 55554b6a1bdSHuang Ying select CRYPTO_CRYPTD 55654b6a1bdSHuang Ying select CRYPTO_ALGAPI 55754b6a1bdSHuang Ying help 55854b6a1bdSHuang Ying Use Intel AES-NI instructions for AES algorithm. 55954b6a1bdSHuang Ying 56054b6a1bdSHuang Ying AES cipher algorithms (FIPS-197). AES uses the Rijndael 56154b6a1bdSHuang Ying algorithm. 56254b6a1bdSHuang Ying 56354b6a1bdSHuang Ying Rijndael appears to be consistently a very good performer in 56454b6a1bdSHuang Ying both hardware and software across a wide range of computing 56554b6a1bdSHuang Ying environments regardless of its use in feedback or non-feedback 56654b6a1bdSHuang Ying modes. Its key setup time is excellent, and its key agility is 56754b6a1bdSHuang Ying good. Rijndael's very low memory requirements make it very well 56854b6a1bdSHuang Ying suited for restricted-space environments, in which it also 56954b6a1bdSHuang Ying demonstrates excellent performance. Rijndael's operations are 57054b6a1bdSHuang Ying among the easiest to defend against power and timing attacks. 57154b6a1bdSHuang Ying 57254b6a1bdSHuang Ying The AES specifies three key sizes: 128, 192 and 256 bits 57354b6a1bdSHuang Ying 57454b6a1bdSHuang Ying See <http://csrc.nist.gov/encryption/aes/> for more information. 57554b6a1bdSHuang Ying 5760d258efbSMathias Krause In addition to AES cipher algorithm support, the acceleration 5770d258efbSMathias Krause for some popular block cipher mode is supported too, including 5780d258efbSMathias Krause ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional 5790d258efbSMathias Krause acceleration for CTR. 5802cf4ac8bSHuang Ying 5811da177e4SLinus Torvaldsconfig CRYPTO_ANUBIS 5821da177e4SLinus Torvalds tristate "Anubis cipher algorithm" 583cce9e06dSHerbert Xu select CRYPTO_ALGAPI 5841da177e4SLinus Torvalds help 5851da177e4SLinus Torvalds Anubis cipher algorithm. 5861da177e4SLinus Torvalds 5871da177e4SLinus Torvalds Anubis is a variable key length cipher which can use keys from 5881da177e4SLinus Torvalds 128 bits to 320 bits in length. It was evaluated as a entrant 5891da177e4SLinus Torvalds in the NESSIE competition. 5901da177e4SLinus Torvalds 5911da177e4SLinus Torvalds See also: 5926d8de74cSJustin P. Mattock <https://www.cosic.esat.kuleuven.be/nessie/reports/> 5936d8de74cSJustin P. Mattock <http://www.larc.usp.br/~pbarreto/AnubisPage.html> 5941da177e4SLinus Torvalds 595584fffc8SSebastian Siewiorconfig CRYPTO_ARC4 596584fffc8SSebastian Siewior tristate "ARC4 cipher algorithm" 597e2ee95b8SHye-Shik Chang select CRYPTO_ALGAPI 598e2ee95b8SHye-Shik Chang help 599584fffc8SSebastian Siewior ARC4 cipher algorithm. 600e2ee95b8SHye-Shik Chang 601584fffc8SSebastian Siewior ARC4 is a stream cipher using keys ranging from 8 bits to 2048 602584fffc8SSebastian Siewior bits in length. This algorithm is required for driver-based 603584fffc8SSebastian Siewior WEP, but it should not be for other purposes because of the 604584fffc8SSebastian Siewior weakness of the algorithm. 605584fffc8SSebastian Siewior 606584fffc8SSebastian Siewiorconfig CRYPTO_BLOWFISH 607584fffc8SSebastian Siewior tristate "Blowfish cipher algorithm" 608584fffc8SSebastian Siewior select CRYPTO_ALGAPI 60952ba867cSJussi Kivilinna select CRYPTO_BLOWFISH_COMMON 610584fffc8SSebastian Siewior help 611584fffc8SSebastian Siewior Blowfish cipher algorithm, by Bruce Schneier. 612584fffc8SSebastian Siewior 613584fffc8SSebastian Siewior This is a variable key length cipher which can use keys from 32 614584fffc8SSebastian Siewior bits to 448 bits in length. It's fast, simple and specifically 615584fffc8SSebastian Siewior designed for use on "large microprocessors". 616e2ee95b8SHye-Shik Chang 617e2ee95b8SHye-Shik Chang See also: 618584fffc8SSebastian Siewior <http://www.schneier.com/blowfish.html> 619584fffc8SSebastian Siewior 62052ba867cSJussi Kivilinnaconfig CRYPTO_BLOWFISH_COMMON 62152ba867cSJussi Kivilinna tristate 62252ba867cSJussi Kivilinna help 62352ba867cSJussi Kivilinna Common parts of the Blowfish cipher algorithm shared by the 62452ba867cSJussi Kivilinna generic c and the assembler implementations. 62552ba867cSJussi Kivilinna 62652ba867cSJussi Kivilinna See also: 62752ba867cSJussi Kivilinna <http://www.schneier.com/blowfish.html> 62852ba867cSJussi Kivilinna 62964b94ceaSJussi Kivilinnaconfig CRYPTO_BLOWFISH_X86_64 63064b94ceaSJussi Kivilinna tristate "Blowfish cipher algorithm (x86_64)" 63164b94ceaSJussi Kivilinna depends on (X86 || UML_X86) && 64BIT 63264b94ceaSJussi Kivilinna select CRYPTO_ALGAPI 63364b94ceaSJussi Kivilinna select CRYPTO_BLOWFISH_COMMON 63464b94ceaSJussi Kivilinna help 63564b94ceaSJussi Kivilinna Blowfish cipher algorithm (x86_64), by Bruce Schneier. 63664b94ceaSJussi Kivilinna 63764b94ceaSJussi Kivilinna This is a variable key length cipher which can use keys from 32 63864b94ceaSJussi Kivilinna bits to 448 bits in length. It's fast, simple and specifically 63964b94ceaSJussi Kivilinna designed for use on "large microprocessors". 64064b94ceaSJussi Kivilinna 64164b94ceaSJussi Kivilinna See also: 64264b94ceaSJussi Kivilinna <http://www.schneier.com/blowfish.html> 64364b94ceaSJussi Kivilinna 644584fffc8SSebastian Siewiorconfig CRYPTO_CAMELLIA 645584fffc8SSebastian Siewior tristate "Camellia cipher algorithms" 646584fffc8SSebastian Siewior depends on CRYPTO 647584fffc8SSebastian Siewior select CRYPTO_ALGAPI 648584fffc8SSebastian Siewior help 649584fffc8SSebastian Siewior Camellia cipher algorithms module. 650584fffc8SSebastian Siewior 651584fffc8SSebastian Siewior Camellia is a symmetric key block cipher developed jointly 652584fffc8SSebastian Siewior at NTT and Mitsubishi Electric Corporation. 653584fffc8SSebastian Siewior 654584fffc8SSebastian Siewior The Camellia specifies three key sizes: 128, 192 and 256 bits. 655584fffc8SSebastian Siewior 656584fffc8SSebastian Siewior See also: 657584fffc8SSebastian Siewior <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html> 658584fffc8SSebastian Siewior 659584fffc8SSebastian Siewiorconfig CRYPTO_CAST5 660584fffc8SSebastian Siewior tristate "CAST5 (CAST-128) cipher algorithm" 661584fffc8SSebastian Siewior select CRYPTO_ALGAPI 662584fffc8SSebastian Siewior help 663584fffc8SSebastian Siewior The CAST5 encryption algorithm (synonymous with CAST-128) is 664584fffc8SSebastian Siewior described in RFC2144. 665584fffc8SSebastian Siewior 666584fffc8SSebastian Siewiorconfig CRYPTO_CAST6 667584fffc8SSebastian Siewior tristate "CAST6 (CAST-256) cipher algorithm" 668584fffc8SSebastian Siewior select CRYPTO_ALGAPI 669584fffc8SSebastian Siewior help 670584fffc8SSebastian Siewior The CAST6 encryption algorithm (synonymous with CAST-256) is 671584fffc8SSebastian Siewior described in RFC2612. 672584fffc8SSebastian Siewior 673584fffc8SSebastian Siewiorconfig CRYPTO_DES 674584fffc8SSebastian Siewior tristate "DES and Triple DES EDE cipher algorithms" 675584fffc8SSebastian Siewior select CRYPTO_ALGAPI 676584fffc8SSebastian Siewior help 677584fffc8SSebastian Siewior DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 678584fffc8SSebastian Siewior 679584fffc8SSebastian Siewiorconfig CRYPTO_FCRYPT 680584fffc8SSebastian Siewior tristate "FCrypt cipher algorithm" 681584fffc8SSebastian Siewior select CRYPTO_ALGAPI 682584fffc8SSebastian Siewior select CRYPTO_BLKCIPHER 683584fffc8SSebastian Siewior help 684584fffc8SSebastian Siewior FCrypt algorithm used by RxRPC. 685584fffc8SSebastian Siewior 686584fffc8SSebastian Siewiorconfig CRYPTO_KHAZAD 687584fffc8SSebastian Siewior tristate "Khazad cipher algorithm" 688584fffc8SSebastian Siewior select CRYPTO_ALGAPI 689584fffc8SSebastian Siewior help 690584fffc8SSebastian Siewior Khazad cipher algorithm. 691584fffc8SSebastian Siewior 692584fffc8SSebastian Siewior Khazad was a finalist in the initial NESSIE competition. It is 693584fffc8SSebastian Siewior an algorithm optimized for 64-bit processors with good performance 694584fffc8SSebastian Siewior on 32-bit processors. Khazad uses an 128 bit key size. 695584fffc8SSebastian Siewior 696584fffc8SSebastian Siewior See also: 6976d8de74cSJustin P. Mattock <http://www.larc.usp.br/~pbarreto/KhazadPage.html> 698e2ee95b8SHye-Shik Chang 6992407d608STan Swee Hengconfig CRYPTO_SALSA20 7002407d608STan Swee Heng tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)" 7012407d608STan Swee Heng depends on EXPERIMENTAL 7022407d608STan Swee Heng select CRYPTO_BLKCIPHER 7032407d608STan Swee Heng help 7042407d608STan Swee Heng Salsa20 stream cipher algorithm. 7052407d608STan Swee Heng 7062407d608STan Swee Heng Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 7072407d608STan Swee Heng Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 7082407d608STan Swee Heng 7092407d608STan Swee Heng The Salsa20 stream cipher algorithm is designed by Daniel J. 7102407d608STan Swee Heng Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 7111da177e4SLinus Torvalds 712974e4b75STan Swee Hengconfig CRYPTO_SALSA20_586 713974e4b75STan Swee Heng tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)" 714974e4b75STan Swee Heng depends on (X86 || UML_X86) && !64BIT 715974e4b75STan Swee Heng depends on EXPERIMENTAL 716974e4b75STan Swee Heng select CRYPTO_BLKCIPHER 717974e4b75STan Swee Heng help 718974e4b75STan Swee Heng Salsa20 stream cipher algorithm. 719974e4b75STan Swee Heng 720974e4b75STan Swee Heng Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 721974e4b75STan Swee Heng Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 722974e4b75STan Swee Heng 723974e4b75STan Swee Heng The Salsa20 stream cipher algorithm is designed by Daniel J. 724974e4b75STan Swee Heng Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 725974e4b75STan Swee Heng 7269a7dafbbSTan Swee Hengconfig CRYPTO_SALSA20_X86_64 7279a7dafbbSTan Swee Heng tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)" 7289a7dafbbSTan Swee Heng depends on (X86 || UML_X86) && 64BIT 7299a7dafbbSTan Swee Heng depends on EXPERIMENTAL 7309a7dafbbSTan Swee Heng select CRYPTO_BLKCIPHER 7319a7dafbbSTan Swee Heng help 7329a7dafbbSTan Swee Heng Salsa20 stream cipher algorithm. 7339a7dafbbSTan Swee Heng 7349a7dafbbSTan Swee Heng Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT 7359a7dafbbSTan Swee Heng Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> 7369a7dafbbSTan Swee Heng 7379a7dafbbSTan Swee Heng The Salsa20 stream cipher algorithm is designed by Daniel J. 7389a7dafbbSTan Swee Heng Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> 7399a7dafbbSTan Swee Heng 740584fffc8SSebastian Siewiorconfig CRYPTO_SEED 741584fffc8SSebastian Siewior tristate "SEED cipher algorithm" 742584fffc8SSebastian Siewior select CRYPTO_ALGAPI 743584fffc8SSebastian Siewior help 744584fffc8SSebastian Siewior SEED cipher algorithm (RFC4269). 745584fffc8SSebastian Siewior 746584fffc8SSebastian Siewior SEED is a 128-bit symmetric key block cipher that has been 747584fffc8SSebastian Siewior developed by KISA (Korea Information Security Agency) as a 748584fffc8SSebastian Siewior national standard encryption algorithm of the Republic of Korea. 749584fffc8SSebastian Siewior It is a 16 round block cipher with the key size of 128 bit. 750584fffc8SSebastian Siewior 751584fffc8SSebastian Siewior See also: 752584fffc8SSebastian Siewior <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> 753584fffc8SSebastian Siewior 754584fffc8SSebastian Siewiorconfig CRYPTO_SERPENT 755584fffc8SSebastian Siewior tristate "Serpent cipher algorithm" 756584fffc8SSebastian Siewior select CRYPTO_ALGAPI 757584fffc8SSebastian Siewior help 758584fffc8SSebastian Siewior Serpent cipher algorithm, by Anderson, Biham & Knudsen. 759584fffc8SSebastian Siewior 760584fffc8SSebastian Siewior Keys are allowed to be from 0 to 256 bits in length, in steps 761584fffc8SSebastian Siewior of 8 bits. Also includes the 'Tnepres' algorithm, a reversed 762584fffc8SSebastian Siewior variant of Serpent for compatibility with old kerneli.org code. 763584fffc8SSebastian Siewior 764584fffc8SSebastian Siewior See also: 765584fffc8SSebastian Siewior <http://www.cl.cam.ac.uk/~rja14/serpent.html> 766584fffc8SSebastian Siewior 767937c30d7SJussi Kivilinnaconfig CRYPTO_SERPENT_SSE2_X86_64 768937c30d7SJussi Kivilinna tristate "Serpent cipher algorithm (x86_64/SSE2)" 769937c30d7SJussi Kivilinna depends on X86 && 64BIT 770937c30d7SJussi Kivilinna select CRYPTO_ALGAPI 771341975bfSJussi Kivilinna select CRYPTO_CRYPTD 772937c30d7SJussi Kivilinna select CRYPTO_SERPENT 773*feaf0cfcSJussi Kivilinna select CRYPTO_LRW 774*feaf0cfcSJussi Kivilinna select CRYPTO_XTS 775937c30d7SJussi Kivilinna help 776937c30d7SJussi Kivilinna Serpent cipher algorithm, by Anderson, Biham & Knudsen. 777937c30d7SJussi Kivilinna 778937c30d7SJussi Kivilinna Keys are allowed to be from 0 to 256 bits in length, in steps 779937c30d7SJussi Kivilinna of 8 bits. 780937c30d7SJussi Kivilinna 781937c30d7SJussi Kivilinna This module provides Serpent cipher algorithm that processes eigth 782937c30d7SJussi Kivilinna blocks parallel using SSE2 instruction set. 783937c30d7SJussi Kivilinna 784937c30d7SJussi Kivilinna See also: 785937c30d7SJussi Kivilinna <http://www.cl.cam.ac.uk/~rja14/serpent.html> 786937c30d7SJussi Kivilinna 787251496dbSJussi Kivilinnaconfig CRYPTO_SERPENT_SSE2_586 788251496dbSJussi Kivilinna tristate "Serpent cipher algorithm (i586/SSE2)" 789251496dbSJussi Kivilinna depends on X86 && !64BIT 790251496dbSJussi Kivilinna select CRYPTO_ALGAPI 791341975bfSJussi Kivilinna select CRYPTO_CRYPTD 792251496dbSJussi Kivilinna select CRYPTO_SERPENT 793*feaf0cfcSJussi Kivilinna select CRYPTO_LRW 794*feaf0cfcSJussi Kivilinna select CRYPTO_XTS 795251496dbSJussi Kivilinna help 796251496dbSJussi Kivilinna Serpent cipher algorithm, by Anderson, Biham & Knudsen. 797251496dbSJussi Kivilinna 798251496dbSJussi Kivilinna Keys are allowed to be from 0 to 256 bits in length, in steps 799251496dbSJussi Kivilinna of 8 bits. 800251496dbSJussi Kivilinna 801251496dbSJussi Kivilinna This module provides Serpent cipher algorithm that processes four 802251496dbSJussi Kivilinna blocks parallel using SSE2 instruction set. 803251496dbSJussi Kivilinna 804251496dbSJussi Kivilinna See also: 805251496dbSJussi Kivilinna <http://www.cl.cam.ac.uk/~rja14/serpent.html> 806251496dbSJussi Kivilinna 807584fffc8SSebastian Siewiorconfig CRYPTO_TEA 808584fffc8SSebastian Siewior tristate "TEA, XTEA and XETA cipher algorithms" 809584fffc8SSebastian Siewior select CRYPTO_ALGAPI 810584fffc8SSebastian Siewior help 811584fffc8SSebastian Siewior TEA cipher algorithm. 812584fffc8SSebastian Siewior 813584fffc8SSebastian Siewior Tiny Encryption Algorithm is a simple cipher that uses 814584fffc8SSebastian Siewior many rounds for security. It is very fast and uses 815584fffc8SSebastian Siewior little memory. 816584fffc8SSebastian Siewior 817584fffc8SSebastian Siewior Xtendend Tiny Encryption Algorithm is a modification to 818584fffc8SSebastian Siewior the TEA algorithm to address a potential key weakness 819584fffc8SSebastian Siewior in the TEA algorithm. 820584fffc8SSebastian Siewior 821584fffc8SSebastian Siewior Xtendend Encryption Tiny Algorithm is a mis-implementation 822584fffc8SSebastian Siewior of the XTEA algorithm for compatibility purposes. 823584fffc8SSebastian Siewior 824584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH 825584fffc8SSebastian Siewior tristate "Twofish cipher algorithm" 826584fffc8SSebastian Siewior select CRYPTO_ALGAPI 827584fffc8SSebastian Siewior select CRYPTO_TWOFISH_COMMON 828584fffc8SSebastian Siewior help 829584fffc8SSebastian Siewior Twofish cipher algorithm. 830584fffc8SSebastian Siewior 831584fffc8SSebastian Siewior Twofish was submitted as an AES (Advanced Encryption Standard) 832584fffc8SSebastian Siewior candidate cipher by researchers at CounterPane Systems. It is a 833584fffc8SSebastian Siewior 16 round block cipher supporting key sizes of 128, 192, and 256 834584fffc8SSebastian Siewior bits. 835584fffc8SSebastian Siewior 836584fffc8SSebastian Siewior See also: 837584fffc8SSebastian Siewior <http://www.schneier.com/twofish.html> 838584fffc8SSebastian Siewior 839584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH_COMMON 840584fffc8SSebastian Siewior tristate 841584fffc8SSebastian Siewior help 842584fffc8SSebastian Siewior Common parts of the Twofish cipher algorithm shared by the 843584fffc8SSebastian Siewior generic c and the assembler implementations. 844584fffc8SSebastian Siewior 845584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH_586 846584fffc8SSebastian Siewior tristate "Twofish cipher algorithms (i586)" 847584fffc8SSebastian Siewior depends on (X86 || UML_X86) && !64BIT 848584fffc8SSebastian Siewior select CRYPTO_ALGAPI 849584fffc8SSebastian Siewior select CRYPTO_TWOFISH_COMMON 850584fffc8SSebastian Siewior help 851584fffc8SSebastian Siewior Twofish cipher algorithm. 852584fffc8SSebastian Siewior 853584fffc8SSebastian Siewior Twofish was submitted as an AES (Advanced Encryption Standard) 854584fffc8SSebastian Siewior candidate cipher by researchers at CounterPane Systems. It is a 855584fffc8SSebastian Siewior 16 round block cipher supporting key sizes of 128, 192, and 256 856584fffc8SSebastian Siewior bits. 857584fffc8SSebastian Siewior 858584fffc8SSebastian Siewior See also: 859584fffc8SSebastian Siewior <http://www.schneier.com/twofish.html> 860584fffc8SSebastian Siewior 861584fffc8SSebastian Siewiorconfig CRYPTO_TWOFISH_X86_64 862584fffc8SSebastian Siewior tristate "Twofish cipher algorithm (x86_64)" 863584fffc8SSebastian Siewior depends on (X86 || UML_X86) && 64BIT 864584fffc8SSebastian Siewior select CRYPTO_ALGAPI 865584fffc8SSebastian Siewior select CRYPTO_TWOFISH_COMMON 866584fffc8SSebastian Siewior help 867584fffc8SSebastian Siewior Twofish cipher algorithm (x86_64). 868584fffc8SSebastian Siewior 869584fffc8SSebastian Siewior Twofish was submitted as an AES (Advanced Encryption Standard) 870584fffc8SSebastian Siewior candidate cipher by researchers at CounterPane Systems. It is a 871584fffc8SSebastian Siewior 16 round block cipher supporting key sizes of 128, 192, and 256 872584fffc8SSebastian Siewior bits. 873584fffc8SSebastian Siewior 874584fffc8SSebastian Siewior See also: 875584fffc8SSebastian Siewior <http://www.schneier.com/twofish.html> 876584fffc8SSebastian Siewior 8778280daadSJussi Kivilinnaconfig CRYPTO_TWOFISH_X86_64_3WAY 8788280daadSJussi Kivilinna tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" 8798280daadSJussi Kivilinna depends on (X86 || UML_X86) && 64BIT 8808280daadSJussi Kivilinna select CRYPTO_ALGAPI 8818280daadSJussi Kivilinna select CRYPTO_TWOFISH_COMMON 8828280daadSJussi Kivilinna select CRYPTO_TWOFISH_X86_64 883e7cda5d2SJussi Kivilinna select CRYPTO_LRW 884e7cda5d2SJussi Kivilinna select CRYPTO_XTS 8858280daadSJussi Kivilinna help 8868280daadSJussi Kivilinna Twofish cipher algorithm (x86_64, 3-way parallel). 8878280daadSJussi Kivilinna 8888280daadSJussi Kivilinna Twofish was submitted as an AES (Advanced Encryption Standard) 8898280daadSJussi Kivilinna candidate cipher by researchers at CounterPane Systems. It is a 8908280daadSJussi Kivilinna 16 round block cipher supporting key sizes of 128, 192, and 256 8918280daadSJussi Kivilinna bits. 8928280daadSJussi Kivilinna 8938280daadSJussi Kivilinna This module provides Twofish cipher algorithm that processes three 8948280daadSJussi Kivilinna blocks parallel, utilizing resources of out-of-order CPUs better. 8958280daadSJussi Kivilinna 8968280daadSJussi Kivilinna See also: 8978280daadSJussi Kivilinna <http://www.schneier.com/twofish.html> 8988280daadSJussi Kivilinna 899584fffc8SSebastian Siewiorcomment "Compression" 900584fffc8SSebastian Siewior 9011da177e4SLinus Torvaldsconfig CRYPTO_DEFLATE 9021da177e4SLinus Torvalds tristate "Deflate compression algorithm" 903cce9e06dSHerbert Xu select CRYPTO_ALGAPI 9041da177e4SLinus Torvalds select ZLIB_INFLATE 9051da177e4SLinus Torvalds select ZLIB_DEFLATE 9061da177e4SLinus Torvalds help 9071da177e4SLinus Torvalds This is the Deflate algorithm (RFC1951), specified for use in 9081da177e4SLinus Torvalds IPSec with the IPCOMP protocol (RFC3173, RFC2394). 9091da177e4SLinus Torvalds 9101da177e4SLinus Torvalds You will most probably want this if using IPSec. 9111da177e4SLinus Torvalds 912bf68e65eSGeert Uytterhoevenconfig CRYPTO_ZLIB 913bf68e65eSGeert Uytterhoeven tristate "Zlib compression algorithm" 914bf68e65eSGeert Uytterhoeven select CRYPTO_PCOMP 915bf68e65eSGeert Uytterhoeven select ZLIB_INFLATE 916bf68e65eSGeert Uytterhoeven select ZLIB_DEFLATE 917bf68e65eSGeert Uytterhoeven select NLATTR 918bf68e65eSGeert Uytterhoeven help 919bf68e65eSGeert Uytterhoeven This is the zlib algorithm. 920bf68e65eSGeert Uytterhoeven 9210b77abb3SZoltan Sogorconfig CRYPTO_LZO 9220b77abb3SZoltan Sogor tristate "LZO compression algorithm" 9230b77abb3SZoltan Sogor select CRYPTO_ALGAPI 9240b77abb3SZoltan Sogor select LZO_COMPRESS 9250b77abb3SZoltan Sogor select LZO_DECOMPRESS 9260b77abb3SZoltan Sogor help 9270b77abb3SZoltan Sogor This is the LZO algorithm. 9280b77abb3SZoltan Sogor 92917f0f4a4SNeil Hormancomment "Random Number Generation" 93017f0f4a4SNeil Horman 93117f0f4a4SNeil Hormanconfig CRYPTO_ANSI_CPRNG 93217f0f4a4SNeil Horman tristate "Pseudo Random Number Generation for Cryptographic modules" 9334e4ed83bSNeil Horman default m 93417f0f4a4SNeil Horman select CRYPTO_AES 93517f0f4a4SNeil Horman select CRYPTO_RNG 93617f0f4a4SNeil Horman help 93717f0f4a4SNeil Horman This option enables the generic pseudo random number generator 93817f0f4a4SNeil Horman for cryptographic modules. Uses the Algorithm specified in 9397dd607e8SJiri Kosina ANSI X9.31 A.2.4. Note that this option must be enabled if 9407dd607e8SJiri Kosina CRYPTO_FIPS is selected 94117f0f4a4SNeil Horman 94203c8efc1SHerbert Xuconfig CRYPTO_USER_API 94303c8efc1SHerbert Xu tristate 94403c8efc1SHerbert Xu 945fe869cdbSHerbert Xuconfig CRYPTO_USER_API_HASH 946fe869cdbSHerbert Xu tristate "User-space interface for hash algorithms" 9477451708fSHerbert Xu depends on NET 948fe869cdbSHerbert Xu select CRYPTO_HASH 949fe869cdbSHerbert Xu select CRYPTO_USER_API 950fe869cdbSHerbert Xu help 951fe869cdbSHerbert Xu This option enables the user-spaces interface for hash 952fe869cdbSHerbert Xu algorithms. 953fe869cdbSHerbert Xu 9548ff59090SHerbert Xuconfig CRYPTO_USER_API_SKCIPHER 9558ff59090SHerbert Xu tristate "User-space interface for symmetric key cipher algorithms" 9567451708fSHerbert Xu depends on NET 9578ff59090SHerbert Xu select CRYPTO_BLKCIPHER 9588ff59090SHerbert Xu select CRYPTO_USER_API 9598ff59090SHerbert Xu help 9608ff59090SHerbert Xu This option enables the user-spaces interface for symmetric 9618ff59090SHerbert Xu key cipher algorithms. 9628ff59090SHerbert Xu 9631da177e4SLinus Torvaldssource "drivers/crypto/Kconfig" 9641da177e4SLinus Torvalds 965cce9e06dSHerbert Xuendif # if CRYPTO 966