2 # Cryptographic API Configuration
5 menu "Cryptographic options"
8 bool "Cryptographic API"
10 This option provides the core Cryptographic API.
17 This option provides the API for cryptographic algorithms.
19 config CRYPTO_BLKCIPHER
28 tristate "Cryptographic algorithm manager"
31 Create default cryptographic template instantiations such as
35 tristate "HMAC support"
39 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
40 This is required for IPSec.
43 tristate "XCBC support"
44 depends on EXPERIMENTAL
48 XCBC: Keyed-Hashing with encryption algorithm
49 http://www.ietf.org/rfc/rfc3566.txt
50 http://csrc.nist.gov/encryption/modes/proposedmodes/
51 xcbc-mac/xcbc-mac-spec.pdf
54 tristate "Null algorithms"
57 These are 'Null' algorithms, used by IPsec, which do nothing.
60 tristate "MD4 digest algorithm"
63 MD4 message digest algorithm (RFC1320).
66 tristate "MD5 digest algorithm"
69 MD5 message digest algorithm (RFC1321).
72 tristate "SHA1 digest algorithm"
75 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
77 config CRYPTO_SHA1_S390
78 tristate "SHA1 digest algorithm (s390)"
82 This is the s390 hardware accelerated implementation of the
83 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
86 tristate "SHA256 digest algorithm"
89 SHA256 secure hash standard (DFIPS 180-2).
91 This version of SHA implements a 256 bit hash with 128 bits of
92 security against collision attacks.
94 config CRYPTO_SHA256_S390
95 tristate "SHA256 digest algorithm (s390)"
99 This is the s390 hardware accelerated implementation of the
100 SHA256 secure hash standard (DFIPS 180-2).
102 This version of SHA implements a 256 bit hash with 128 bits of
103 security against collision attacks.
106 tristate "SHA384 and SHA512 digest algorithms"
109 SHA512 secure hash standard (DFIPS 180-2).
111 This version of SHA implements a 512 bit hash with 256 bits of
112 security against collision attacks.
114 This code also includes SHA-384, a 384 bit hash with 192 bits
115 of security against collision attacks.
118 tristate "Whirlpool digest algorithms"
121 Whirlpool hash algorithm 512, 384 and 256-bit hashes
123 Whirlpool-512 is part of the NESSIE cryptographic primitives.
124 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
127 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
130 tristate "Tiger digest algorithms"
133 Tiger hash algorithm 192, 160 and 128-bit hashes
135 Tiger is a hash function optimized for 64-bit processors while
136 still having decent performance on 32-bit processors.
137 Tiger was developed by Ross Anderson and Eli Biham.
140 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
143 tristate "ECB support"
144 select CRYPTO_BLKCIPHER
145 select CRYPTO_MANAGER
148 ECB: Electronic CodeBook mode
149 This is the simplest block cipher algorithm. It simply encrypts
150 the input block by block.
153 tristate "CBC support"
154 select CRYPTO_BLKCIPHER
155 select CRYPTO_MANAGER
158 CBC: Cipher Block Chaining mode
159 This block cipher algorithm is required for IPSec.
162 tristate "DES and Triple DES EDE cipher algorithms"
165 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
167 config CRYPTO_DES_S390
168 tristate "DES and Triple DES cipher algorithms (s390)"
171 select CRYPTO_BLKCIPHER
173 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
175 config CRYPTO_BLOWFISH
176 tristate "Blowfish cipher algorithm"
179 Blowfish cipher algorithm, by Bruce Schneier.
181 This is a variable key length cipher which can use keys from 32
182 bits to 448 bits in length. It's fast, simple and specifically
183 designed for use on "large microprocessors".
186 <http://www.schneier.com/blowfish.html>
188 config CRYPTO_TWOFISH
189 tristate "Twofish cipher algorithm"
191 select CRYPTO_TWOFISH_COMMON
193 Twofish cipher algorithm.
195 Twofish was submitted as an AES (Advanced Encryption Standard)
196 candidate cipher by researchers at CounterPane Systems. It is a
197 16 round block cipher supporting key sizes of 128, 192, and 256
201 <http://www.schneier.com/twofish.html>
203 config CRYPTO_TWOFISH_COMMON
206 Common parts of the Twofish cipher algorithm shared by the
207 generic c and the assembler implementations.
209 config CRYPTO_TWOFISH_586
210 tristate "Twofish cipher algorithms (i586)"
211 depends on (X86 || UML_X86) && !64BIT
213 select CRYPTO_TWOFISH_COMMON
215 Twofish cipher algorithm.
217 Twofish was submitted as an AES (Advanced Encryption Standard)
218 candidate cipher by researchers at CounterPane Systems. It is a
219 16 round block cipher supporting key sizes of 128, 192, and 256
223 <http://www.schneier.com/twofish.html>
225 config CRYPTO_TWOFISH_X86_64
226 tristate "Twofish cipher algorithm (x86_64)"
227 depends on (X86 || UML_X86) && 64BIT
229 select CRYPTO_TWOFISH_COMMON
231 Twofish cipher algorithm (x86_64).
233 Twofish was submitted as an AES (Advanced Encryption Standard)
234 candidate cipher by researchers at CounterPane Systems. It is a
235 16 round block cipher supporting key sizes of 128, 192, and 256
239 <http://www.schneier.com/twofish.html>
241 config CRYPTO_SERPENT
242 tristate "Serpent cipher algorithm"
245 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
247 Keys are allowed to be from 0 to 256 bits in length, in steps
248 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
249 variant of Serpent for compatibility with old kerneli code.
252 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
255 tristate "AES cipher algorithms"
258 AES cipher algorithms (FIPS-197). AES uses the Rijndael
261 Rijndael appears to be consistently a very good performer in
262 both hardware and software across a wide range of computing
263 environments regardless of its use in feedback or non-feedback
264 modes. Its key setup time is excellent, and its key agility is
265 good. Rijndael's very low memory requirements make it very well
266 suited for restricted-space environments, in which it also
267 demonstrates excellent performance. Rijndael's operations are
268 among the easiest to defend against power and timing attacks.
270 The AES specifies three key sizes: 128, 192 and 256 bits
272 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
274 config CRYPTO_AES_586
275 tristate "AES cipher algorithms (i586)"
276 depends on (X86 || UML_X86) && !64BIT
279 AES cipher algorithms (FIPS-197). AES uses the Rijndael
282 Rijndael appears to be consistently a very good performer in
283 both hardware and software across a wide range of computing
284 environments regardless of its use in feedback or non-feedback
285 modes. Its key setup time is excellent, and its key agility is
286 good. Rijndael's very low memory requirements make it very well
287 suited for restricted-space environments, in which it also
288 demonstrates excellent performance. Rijndael's operations are
289 among the easiest to defend against power and timing attacks.
291 The AES specifies three key sizes: 128, 192 and 256 bits
293 See <http://csrc.nist.gov/encryption/aes/> for more information.
295 config CRYPTO_AES_X86_64
296 tristate "AES cipher algorithms (x86_64)"
297 depends on (X86 || UML_X86) && 64BIT
300 AES cipher algorithms (FIPS-197). AES uses the Rijndael
303 Rijndael appears to be consistently a very good performer in
304 both hardware and software across a wide range of computing
305 environments regardless of its use in feedback or non-feedback
306 modes. Its key setup time is excellent, and its key agility is
307 good. Rijndael's very low memory requirements make it very well
308 suited for restricted-space environments, in which it also
309 demonstrates excellent performance. Rijndael's operations are
310 among the easiest to defend against power and timing attacks.
312 The AES specifies three key sizes: 128, 192 and 256 bits
314 See <http://csrc.nist.gov/encryption/aes/> for more information.
316 config CRYPTO_AES_S390
317 tristate "AES cipher algorithms (s390)"
320 select CRYPTO_BLKCIPHER
322 This is the s390 hardware accelerated implementation of the
323 AES cipher algorithms (FIPS-197). AES uses the Rijndael
326 Rijndael appears to be consistently a very good performer in
327 both hardware and software across a wide range of computing
328 environments regardless of its use in feedback or non-feedback
329 modes. Its key setup time is excellent, and its key agility is
330 good. Rijndael's very low memory requirements make it very well
331 suited for restricted-space environments, in which it also
332 demonstrates excellent performance. Rijndael's operations are
333 among the easiest to defend against power and timing attacks.
335 On s390 the System z9-109 currently only supports the key size
339 tristate "CAST5 (CAST-128) cipher algorithm"
342 The CAST5 encryption algorithm (synonymous with CAST-128) is
343 described in RFC2144.
346 tristate "CAST6 (CAST-256) cipher algorithm"
349 The CAST6 encryption algorithm (synonymous with CAST-256) is
350 described in RFC2612.
353 tristate "TEA, XTEA and XETA cipher algorithms"
356 TEA cipher algorithm.
358 Tiny Encryption Algorithm is a simple cipher that uses
359 many rounds for security. It is very fast and uses
362 Xtendend Tiny Encryption Algorithm is a modification to
363 the TEA algorithm to address a potential key weakness
364 in the TEA algorithm.
366 Xtendend Encryption Tiny Algorithm is a mis-implementation
367 of the XTEA algorithm for compatibility purposes.
370 tristate "ARC4 cipher algorithm"
373 ARC4 cipher algorithm.
375 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
376 bits in length. This algorithm is required for driver-based
377 WEP, but it should not be for other purposes because of the
378 weakness of the algorithm.
381 tristate "Khazad cipher algorithm"
384 Khazad cipher algorithm.
386 Khazad was a finalist in the initial NESSIE competition. It is
387 an algorithm optimized for 64-bit processors with good performance
388 on 32-bit processors. Khazad uses an 128 bit key size.
391 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
394 tristate "Anubis cipher algorithm"
397 Anubis cipher algorithm.
399 Anubis is a variable key length cipher which can use keys from
400 128 bits to 320 bits in length. It was evaluated as a entrant
401 in the NESSIE competition.
404 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
405 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
408 config CRYPTO_DEFLATE
409 tristate "Deflate compression algorithm"
414 This is the Deflate algorithm (RFC1951), specified for use in
415 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
417 You will most probably want this if using IPSec.
419 config CRYPTO_MICHAEL_MIC
420 tristate "Michael MIC keyed digest algorithm"
423 Michael MIC is used for message integrity protection in TKIP
424 (IEEE 802.11i). This algorithm is required for TKIP, but it
425 should not be used for other purposes because of the weakness
429 tristate "CRC32c CRC algorithm"
433 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
434 by iSCSI for header and data digests and by others.
435 See Castagnoli93. This implementation uses lib/libcrc32c.
436 Module will be crc32c.
439 tristate "Testing module"
443 Quick & dirty crypto test module.
445 source "drivers/crypto/Kconfig"