2 # Cryptographic API Configuration
5 menu "Cryptographic options"
8 bool "Cryptographic API"
10 This option provides the core Cryptographic API.
17 This option provides the API for cryptographic algorithms.
19 config CRYPTO_BLKCIPHER
24 tristate "Cryptographic algorithm manager"
28 Create default cryptographic template instantiations such as
34 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
35 This is required for IPSec.
38 tristate "Null algorithms"
41 These are 'Null' algorithms, used by IPsec, which do nothing.
44 tristate "MD4 digest algorithm"
47 MD4 message digest algorithm (RFC1320).
50 tristate "MD5 digest algorithm"
53 MD5 message digest algorithm (RFC1321).
56 tristate "SHA1 digest algorithm"
59 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
61 config CRYPTO_SHA1_S390
62 tristate "SHA1 digest algorithm (s390)"
66 This is the s390 hardware accelerated implementation of the
67 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
70 tristate "SHA256 digest algorithm"
73 SHA256 secure hash standard (DFIPS 180-2).
75 This version of SHA implements a 256 bit hash with 128 bits of
76 security against collision attacks.
78 config CRYPTO_SHA256_S390
79 tristate "SHA256 digest algorithm (s390)"
83 This is the s390 hardware accelerated implementation of the
84 SHA256 secure hash standard (DFIPS 180-2).
86 This version of SHA implements a 256 bit hash with 128 bits of
87 security against collision attacks.
90 tristate "SHA384 and SHA512 digest algorithms"
93 SHA512 secure hash standard (DFIPS 180-2).
95 This version of SHA implements a 512 bit hash with 256 bits of
96 security against collision attacks.
98 This code also includes SHA-384, a 384 bit hash with 192 bits
99 of security against collision attacks.
102 tristate "Whirlpool digest algorithms"
105 Whirlpool hash algorithm 512, 384 and 256-bit hashes
107 Whirlpool-512 is part of the NESSIE cryptographic primitives.
108 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
111 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
114 tristate "Tiger digest algorithms"
117 Tiger hash algorithm 192, 160 and 128-bit hashes
119 Tiger is a hash function optimized for 64-bit processors while
120 still having decent performance on 32-bit processors.
121 Tiger was developed by Ross Anderson and Eli Biham.
124 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
127 tristate "DES and Triple DES EDE cipher algorithms"
130 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
132 config CRYPTO_DES_S390
133 tristate "DES and Triple DES cipher algorithms (s390)"
137 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
139 config CRYPTO_BLOWFISH
140 tristate "Blowfish cipher algorithm"
143 Blowfish cipher algorithm, by Bruce Schneier.
145 This is a variable key length cipher which can use keys from 32
146 bits to 448 bits in length. It's fast, simple and specifically
147 designed for use on "large microprocessors".
150 <http://www.schneier.com/blowfish.html>
152 config CRYPTO_TWOFISH
153 tristate "Twofish cipher algorithm"
155 select CRYPTO_TWOFISH_COMMON
157 Twofish cipher algorithm.
159 Twofish was submitted as an AES (Advanced Encryption Standard)
160 candidate cipher by researchers at CounterPane Systems. It is a
161 16 round block cipher supporting key sizes of 128, 192, and 256
165 <http://www.schneier.com/twofish.html>
167 config CRYPTO_TWOFISH_COMMON
170 Common parts of the Twofish cipher algorithm shared by the
171 generic c and the assembler implementations.
173 config CRYPTO_TWOFISH_586
174 tristate "Twofish cipher algorithms (i586)"
175 depends on (X86 || UML_X86) && !64BIT
177 select CRYPTO_TWOFISH_COMMON
179 Twofish cipher algorithm.
181 Twofish was submitted as an AES (Advanced Encryption Standard)
182 candidate cipher by researchers at CounterPane Systems. It is a
183 16 round block cipher supporting key sizes of 128, 192, and 256
187 <http://www.schneier.com/twofish.html>
189 config CRYPTO_TWOFISH_X86_64
190 tristate "Twofish cipher algorithm (x86_64)"
191 depends on (X86 || UML_X86) && 64BIT
193 select CRYPTO_TWOFISH_COMMON
195 Twofish cipher algorithm (x86_64).
197 Twofish was submitted as an AES (Advanced Encryption Standard)
198 candidate cipher by researchers at CounterPane Systems. It is a
199 16 round block cipher supporting key sizes of 128, 192, and 256
203 <http://www.schneier.com/twofish.html>
205 config CRYPTO_SERPENT
206 tristate "Serpent cipher algorithm"
209 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
211 Keys are allowed to be from 0 to 256 bits in length, in steps
212 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
213 variant of Serpent for compatibility with old kerneli code.
216 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
219 tristate "AES cipher algorithms"
222 AES cipher algorithms (FIPS-197). AES uses the Rijndael
225 Rijndael appears to be consistently a very good performer in
226 both hardware and software across a wide range of computing
227 environments regardless of its use in feedback or non-feedback
228 modes. Its key setup time is excellent, and its key agility is
229 good. Rijndael's very low memory requirements make it very well
230 suited for restricted-space environments, in which it also
231 demonstrates excellent performance. Rijndael's operations are
232 among the easiest to defend against power and timing attacks.
234 The AES specifies three key sizes: 128, 192 and 256 bits
236 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
238 config CRYPTO_AES_586
239 tristate "AES cipher algorithms (i586)"
240 depends on (X86 || UML_X86) && !64BIT
243 AES cipher algorithms (FIPS-197). AES uses the Rijndael
246 Rijndael appears to be consistently a very good performer in
247 both hardware and software across a wide range of computing
248 environments regardless of its use in feedback or non-feedback
249 modes. Its key setup time is excellent, and its key agility is
250 good. Rijndael's very low memory requirements make it very well
251 suited for restricted-space environments, in which it also
252 demonstrates excellent performance. Rijndael's operations are
253 among the easiest to defend against power and timing attacks.
255 The AES specifies three key sizes: 128, 192 and 256 bits
257 See <http://csrc.nist.gov/encryption/aes/> for more information.
259 config CRYPTO_AES_X86_64
260 tristate "AES cipher algorithms (x86_64)"
261 depends on (X86 || UML_X86) && 64BIT
264 AES cipher algorithms (FIPS-197). AES uses the Rijndael
267 Rijndael appears to be consistently a very good performer in
268 both hardware and software across a wide range of computing
269 environments regardless of its use in feedback or non-feedback
270 modes. Its key setup time is excellent, and its key agility is
271 good. Rijndael's very low memory requirements make it very well
272 suited for restricted-space environments, in which it also
273 demonstrates excellent performance. Rijndael's operations are
274 among the easiest to defend against power and timing attacks.
276 The AES specifies three key sizes: 128, 192 and 256 bits
278 See <http://csrc.nist.gov/encryption/aes/> for more information.
280 config CRYPTO_AES_S390
281 tristate "AES cipher algorithms (s390)"
285 This is the s390 hardware accelerated implementation of the
286 AES cipher algorithms (FIPS-197). AES uses the Rijndael
289 Rijndael appears to be consistently a very good performer in
290 both hardware and software across a wide range of computing
291 environments regardless of its use in feedback or non-feedback
292 modes. Its key setup time is excellent, and its key agility is
293 good. Rijndael's very low memory requirements make it very well
294 suited for restricted-space environments, in which it also
295 demonstrates excellent performance. Rijndael's operations are
296 among the easiest to defend against power and timing attacks.
298 On s390 the System z9-109 currently only supports the key size
302 tristate "CAST5 (CAST-128) cipher algorithm"
305 The CAST5 encryption algorithm (synonymous with CAST-128) is
306 described in RFC2144.
309 tristate "CAST6 (CAST-256) cipher algorithm"
312 The CAST6 encryption algorithm (synonymous with CAST-256) is
313 described in RFC2612.
316 tristate "TEA, XTEA and XETA cipher algorithms"
319 TEA cipher algorithm.
321 Tiny Encryption Algorithm is a simple cipher that uses
322 many rounds for security. It is very fast and uses
325 Xtendend Tiny Encryption Algorithm is a modification to
326 the TEA algorithm to address a potential key weakness
327 in the TEA algorithm.
329 Xtendend Encryption Tiny Algorithm is a mis-implementation
330 of the XTEA algorithm for compatibility purposes.
333 tristate "ARC4 cipher algorithm"
336 ARC4 cipher algorithm.
338 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
339 bits in length. This algorithm is required for driver-based
340 WEP, but it should not be for other purposes because of the
341 weakness of the algorithm.
344 tristate "Khazad cipher algorithm"
347 Khazad cipher algorithm.
349 Khazad was a finalist in the initial NESSIE competition. It is
350 an algorithm optimized for 64-bit processors with good performance
351 on 32-bit processors. Khazad uses an 128 bit key size.
354 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
357 tristate "Anubis cipher algorithm"
360 Anubis cipher algorithm.
362 Anubis is a variable key length cipher which can use keys from
363 128 bits to 320 bits in length. It was evaluated as a entrant
364 in the NESSIE competition.
367 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
368 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
371 config CRYPTO_DEFLATE
372 tristate "Deflate compression algorithm"
377 This is the Deflate algorithm (RFC1951), specified for use in
378 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
380 You will most probably want this if using IPSec.
382 config CRYPTO_MICHAEL_MIC
383 tristate "Michael MIC keyed digest algorithm"
386 Michael MIC is used for message integrity protection in TKIP
387 (IEEE 802.11i). This algorithm is required for TKIP, but it
388 should not be used for other purposes because of the weakness
392 tristate "CRC32c CRC algorithm"
396 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
397 by iSCSI for header and data digests and by others.
398 See Castagnoli93. This implementation uses lib/libcrc32c.
399 Module will be crc32c.
402 tristate "Testing module"
406 Quick & dirty crypto test module.
408 source "drivers/crypto/Kconfig"