2 # Cryptographic API Configuration
6 bool "Cryptographic API"
8 This option provides the core Cryptographic API.
15 This option provides the API for cryptographic algorithms.
17 config CRYPTO_ABLKCIPHER
19 select CRYPTO_BLKCIPHER
21 config CRYPTO_BLKCIPHER
30 tristate "Cryptographic algorithm manager"
33 Create default cryptographic template instantiations such as
37 tristate "HMAC support"
41 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
42 This is required for IPSec.
45 tristate "XCBC support"
46 depends on EXPERIMENTAL
50 XCBC: Keyed-Hashing with encryption algorithm
51 http://www.ietf.org/rfc/rfc3566.txt
52 http://csrc.nist.gov/encryption/modes/proposedmodes/
53 xcbc-mac/xcbc-mac-spec.pdf
56 tristate "Null algorithms"
59 These are 'Null' algorithms, used by IPsec, which do nothing.
62 tristate "MD4 digest algorithm"
65 MD4 message digest algorithm (RFC1320).
68 tristate "MD5 digest algorithm"
71 MD5 message digest algorithm (RFC1321).
74 tristate "SHA1 digest algorithm"
77 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
80 tristate "SHA256 digest algorithm"
83 SHA256 secure hash standard (DFIPS 180-2).
85 This version of SHA implements a 256 bit hash with 128 bits of
86 security against collision attacks.
89 tristate "SHA384 and SHA512 digest algorithms"
92 SHA512 secure hash standard (DFIPS 180-2).
94 This version of SHA implements a 512 bit hash with 256 bits of
95 security against collision attacks.
97 This code also includes SHA-384, a 384 bit hash with 192 bits
98 of security against collision attacks.
101 tristate "Whirlpool digest algorithms"
104 Whirlpool hash algorithm 512, 384 and 256-bit hashes
106 Whirlpool-512 is part of the NESSIE cryptographic primitives.
107 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
110 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
113 tristate "Tiger digest algorithms"
116 Tiger hash algorithm 192, 160 and 128-bit hashes
118 Tiger is a hash function optimized for 64-bit processors while
119 still having decent performance on 32-bit processors.
120 Tiger was developed by Ross Anderson and Eli Biham.
123 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
125 config CRYPTO_GF128MUL
126 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
127 depends on EXPERIMENTAL
129 Efficient table driven implementation of multiplications in the
130 field GF(2^128). This is needed by some cypher modes. This
131 option will be selected automatically if you select such a
132 cipher mode. Only select this option by hand if you expect to load
133 an external module that requires these functions.
136 tristate "ECB support"
137 select CRYPTO_BLKCIPHER
138 select CRYPTO_MANAGER
141 ECB: Electronic CodeBook mode
142 This is the simplest block cipher algorithm. It simply encrypts
143 the input block by block.
146 tristate "CBC support"
147 select CRYPTO_BLKCIPHER
148 select CRYPTO_MANAGER
151 CBC: Cipher Block Chaining mode
152 This block cipher algorithm is required for IPSec.
155 tristate "PCBC support"
156 select CRYPTO_BLKCIPHER
157 select CRYPTO_MANAGER
160 PCBC: Propagating Cipher Block Chaining mode
161 This block cipher algorithm is required for RxRPC.
164 tristate "LRW support (EXPERIMENTAL)"
165 depends on EXPERIMENTAL
166 select CRYPTO_BLKCIPHER
167 select CRYPTO_MANAGER
168 select CRYPTO_GF128MUL
170 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
171 narrow block cipher mode for dm-crypt. Use it with cipher
172 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
173 The first 128, 192 or 256 bits in the key are used for AES and the
174 rest is used to tie each cipher block to its logical position.
177 tristate "Software async crypto daemon"
178 select CRYPTO_ABLKCIPHER
179 select CRYPTO_MANAGER
181 This is a generic software asynchronous crypto daemon that
182 converts an arbitrary synchronous software crypto algorithm
183 into an asynchronous algorithm that executes in a kernel thread.
186 tristate "DES and Triple DES EDE cipher algorithms"
189 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
192 tristate "FCrypt cipher algorithm"
194 select CRYPTO_BLKCIPHER
196 FCrypt algorithm used by RxRPC.
198 config CRYPTO_BLOWFISH
199 tristate "Blowfish cipher algorithm"
202 Blowfish cipher algorithm, by Bruce Schneier.
204 This is a variable key length cipher which can use keys from 32
205 bits to 448 bits in length. It's fast, simple and specifically
206 designed for use on "large microprocessors".
209 <http://www.schneier.com/blowfish.html>
211 config CRYPTO_TWOFISH
212 tristate "Twofish cipher algorithm"
214 select CRYPTO_TWOFISH_COMMON
216 Twofish cipher algorithm.
218 Twofish was submitted as an AES (Advanced Encryption Standard)
219 candidate cipher by researchers at CounterPane Systems. It is a
220 16 round block cipher supporting key sizes of 128, 192, and 256
224 <http://www.schneier.com/twofish.html>
226 config CRYPTO_TWOFISH_COMMON
229 Common parts of the Twofish cipher algorithm shared by the
230 generic c and the assembler implementations.
232 config CRYPTO_TWOFISH_586
233 tristate "Twofish cipher algorithms (i586)"
234 depends on (X86 || UML_X86) && !64BIT
236 select CRYPTO_TWOFISH_COMMON
238 Twofish cipher algorithm.
240 Twofish was submitted as an AES (Advanced Encryption Standard)
241 candidate cipher by researchers at CounterPane Systems. It is a
242 16 round block cipher supporting key sizes of 128, 192, and 256
246 <http://www.schneier.com/twofish.html>
248 config CRYPTO_TWOFISH_X86_64
249 tristate "Twofish cipher algorithm (x86_64)"
250 depends on (X86 || UML_X86) && 64BIT
252 select CRYPTO_TWOFISH_COMMON
254 Twofish cipher algorithm (x86_64).
256 Twofish was submitted as an AES (Advanced Encryption Standard)
257 candidate cipher by researchers at CounterPane Systems. It is a
258 16 round block cipher supporting key sizes of 128, 192, and 256
262 <http://www.schneier.com/twofish.html>
264 config CRYPTO_SERPENT
265 tristate "Serpent cipher algorithm"
268 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
270 Keys are allowed to be from 0 to 256 bits in length, in steps
271 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
272 variant of Serpent for compatibility with old kerneli.org code.
275 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
278 tristate "AES cipher algorithms"
281 AES cipher algorithms (FIPS-197). AES uses the Rijndael
284 Rijndael appears to be consistently a very good performer in
285 both hardware and software across a wide range of computing
286 environments regardless of its use in feedback or non-feedback
287 modes. Its key setup time is excellent, and its key agility is
288 good. Rijndael's very low memory requirements make it very well
289 suited for restricted-space environments, in which it also
290 demonstrates excellent performance. Rijndael's operations are
291 among the easiest to defend against power and timing attacks.
293 The AES specifies three key sizes: 128, 192 and 256 bits
295 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
297 config CRYPTO_AES_586
298 tristate "AES cipher algorithms (i586)"
299 depends on (X86 || UML_X86) && !64BIT
302 AES cipher algorithms (FIPS-197). AES uses the Rijndael
305 Rijndael appears to be consistently a very good performer in
306 both hardware and software across a wide range of computing
307 environments regardless of its use in feedback or non-feedback
308 modes. Its key setup time is excellent, and its key agility is
309 good. Rijndael's very low memory requirements make it very well
310 suited for restricted-space environments, in which it also
311 demonstrates excellent performance. Rijndael's operations are
312 among the easiest to defend against power and timing attacks.
314 The AES specifies three key sizes: 128, 192 and 256 bits
316 See <http://csrc.nist.gov/encryption/aes/> for more information.
318 config CRYPTO_AES_X86_64
319 tristate "AES cipher algorithms (x86_64)"
320 depends on (X86 || UML_X86) && 64BIT
323 AES cipher algorithms (FIPS-197). AES uses the Rijndael
326 Rijndael appears to be consistently a very good performer in
327 both hardware and software across a wide range of computing
328 environments regardless of its use in feedback or non-feedback
329 modes. Its key setup time is excellent, and its key agility is
330 good. Rijndael's very low memory requirements make it very well
331 suited for restricted-space environments, in which it also
332 demonstrates excellent performance. Rijndael's operations are
333 among the easiest to defend against power and timing attacks.
335 The AES specifies three key sizes: 128, 192 and 256 bits
337 See <http://csrc.nist.gov/encryption/aes/> for more information.
340 tristate "CAST5 (CAST-128) cipher algorithm"
343 The CAST5 encryption algorithm (synonymous with CAST-128) is
344 described in RFC2144.
347 tristate "CAST6 (CAST-256) cipher algorithm"
350 The CAST6 encryption algorithm (synonymous with CAST-256) is
351 described in RFC2612.
354 tristate "TEA, XTEA and XETA cipher algorithms"
357 TEA cipher algorithm.
359 Tiny Encryption Algorithm is a simple cipher that uses
360 many rounds for security. It is very fast and uses
363 Xtendend Tiny Encryption Algorithm is a modification to
364 the TEA algorithm to address a potential key weakness
365 in the TEA algorithm.
367 Xtendend Encryption Tiny Algorithm is a mis-implementation
368 of the XTEA algorithm for compatibility purposes.
371 tristate "ARC4 cipher algorithm"
374 ARC4 cipher algorithm.
376 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
377 bits in length. This algorithm is required for driver-based
378 WEP, but it should not be for other purposes because of the
379 weakness of the algorithm.
382 tristate "Khazad cipher algorithm"
385 Khazad cipher algorithm.
387 Khazad was a finalist in the initial NESSIE competition. It is
388 an algorithm optimized for 64-bit processors with good performance
389 on 32-bit processors. Khazad uses an 128 bit key size.
392 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
395 tristate "Anubis cipher algorithm"
398 Anubis cipher algorithm.
400 Anubis is a variable key length cipher which can use keys from
401 128 bits to 320 bits in length. It was evaluated as a entrant
402 in the NESSIE competition.
405 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
406 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
409 config CRYPTO_DEFLATE
410 tristate "Deflate compression algorithm"
415 This is the Deflate algorithm (RFC1951), specified for use in
416 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
418 You will most probably want this if using IPSec.
420 config CRYPTO_MICHAEL_MIC
421 tristate "Michael MIC keyed digest algorithm"
424 Michael MIC is used for message integrity protection in TKIP
425 (IEEE 802.11i). This algorithm is required for TKIP, but it
426 should not be used for other purposes because of the weakness
430 tristate "CRC32c CRC algorithm"
434 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
435 by iSCSI for header and data digests and by others.
436 See Castagnoli93. This implementation uses lib/libcrc32c.
437 Module will be crc32c.
439 config CRYPTO_CAMELLIA
440 tristate "Camellia cipher algorithms"
444 Camellia cipher algorithms module.
446 Camellia is a symmetric key block cipher developed jointly
447 at NTT and Mitsubishi Electric Corporation.
449 The Camellia specifies three key sizes: 128, 192 and 256 bits.
452 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
455 tristate "Testing module"
459 Quick & dirty crypto test module.
461 source "drivers/crypto/Kconfig"