Lines Matching +full:stream +full:- +full:mode +full:- +full:support
1 # SPDX-License-Identifier: GPL-2.0
3 # Generic algorithms support
9 # async_tx api: hardware offloaded memory transfer/transform support
141 bool "Disable run-time self tests"
144 Disable run-time self tests that normally take place at
148 bool "Enable extra run-time crypto self tests"
151 Enable extra run-time self tests of registered crypto algorithms,
193 tristate "Authenc support"
200 Authenc: Combined mode wrapper for IPsec.
222 comment "Public-key cryptography"
234 tristate "Diffie-Hellman algorithm"
238 Generic implementation of the Diffie-Hellman algorithm.
262 tristate "EC-RDSA (GOST 34.10) algorithm"
269 Elliptic Curve Russian Digital Signature Algorithm (GOST R 34.10-2012,
270 RFC 7091, ISO/IEC 14888-3:2018) is one of the Russian cryptographic
284 as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012.
287 https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
288 http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml
305 tristate "CCM support"
311 Support for Counter with CBC MAC. Required for IPsec.
314 tristate "GCM/GMAC support"
321 Support for Galois/Counter Mode (GCM) and Galois Message
325 tristate "ChaCha20-Poly1305 AEAD support"
331 ChaCha20-Poly1305 AEAD support, RFC7539.
333 Support for the AEAD wrapper using the ChaCha20 stream cipher combined
338 tristate "AEGIS-128 AEAD algorithm"
340 select CRYPTO_AES # for AES S-box tables
342 Support for the AEGIS-128 dedicated AEAD algorithm.
345 bool "Support SIMD acceleration for AEGIS-128"
350 tristate "AEGIS-128 AEAD algorithm (x86_64 AESNI+SSE2 implementation)"
355 AESNI+SSE2 implementation of the AEGIS-128 dedicated AEAD algorithm.
382 tristate "CBC support"
386 CBC: Cipher Block Chaining mode
390 tristate "CFB support"
394 CFB: Cipher FeedBack mode
398 tristate "CTR support"
402 CTR: Counter mode
406 tristate "CTS support"
411 This is the Cipher Text Stealing mode as described by
414 CBC-CS3 as defined by NIST in Sp800-38A addendum from Oct 2010.
415 This mode is required for Kerberos gss mechanism support
418 See: https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final
421 tristate "ECB support"
425 ECB: Electronic CodeBook mode
430 tristate "LRW support"
436 narrow block cipher mode for dm-crypt. Use it with cipher
437 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
442 tristate "OFB support"
446 OFB: the Output Feedback mode makes a block cipher into a synchronous
447 stream cipher. It generates keystream blocks, which are then XORed
454 tristate "PCBC support"
458 PCBC: Propagating Cipher Block Chaining mode
462 tristate "XTS support"
467 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
472 tristate "Key wrapping support"
476 Support for key wrapping (NIST SP800-38F / RFC3394) without
490 Adiantum encryption mode.
498 Adiantum encryption mode.
501 tristate "Adiantum support"
507 Adiantum is a tweakable, length-preserving encryption mode
510 each sector using the XChaCha12 stream cipher, two passes of
511 an ε-almost-∆-universal hash function, and an invocation of
512 the AES-256 block cipher on a single 16-byte block. On CPUs
514 AES-XTS.
517 underlying stream and block ciphers, subject to a security
518 bound. Unlike XTS, Adiantum is a true wide-block encryption
519 mode, so it actually provides an even stronger notion of
525 tristate "ESSIV support for block encryption"
528 Encrypted salt-sector initialization vector (ESSIV) is an IV
530 dm-crypt. It uses the hash of the block encryption key as the
542 associated data (AAD) region (which is how dm-crypt uses it.)
549 combined with ESSIV the only feasible mode for h/w accelerated
555 tristate "CMAC support"
559 Cipher-based Message Authentication Code (CMAC) specified by
563 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
566 tristate "HMAC support"
570 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
574 tristate "XCBC support"
578 XCBC: Keyed-Hashing with encryption algorithm
581 xcbc-mac/xcbc-mac-spec.pdf
584 tristate "VMAC support"
589 very high speed on 64-bit architectures.
601 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
611 support CRC32C implementation using hardware accelerated CRC32
612 instruction. This option will create 'crc32c-intel' module,
615 Module will be crc32c-intel.
623 CRC32c algorithm implemented using vector polynomial multiply-sum
642 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
652 and PCLMULQDQ supported, the processor will support
654 instruction. This option will create 'crc32-pclmul' module,
655 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
672 xxHash non-cryptographic hash algorithm. Extremely fast, working at
685 - blake2b-160
686 - blake2b-256
687 - blake2b-384
688 - blake2b-512
698 optimized for 8-32bit platforms and can produce digests of any size
703 - blake2s-128
704 - blake2s-160
705 - blake2s-224
706 - blake2s-256
732 'crct10dif-pclmul' module, which is faster when computing the
741 multiply-sum (vpmsum) instructions, introduced in POWER8. Enable on
748 Stress test for CRC32c and CRC-T10DIF algorithms implemented with
757 GHASH is the hash function used in GCM (Galois/Counter Mode).
758 It is not a general-purpose cryptographic hash function.
768 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
780 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
837 tristate "RIPEMD-128 digest algorithm"
840 RIPEMD-128 (ISO/IEC 10118-3:2004).
842 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
844 RIPEMD-160 should be used.
850 tristate "RIPEMD-160 digest algorithm"
853 RIPEMD-160 (ISO/IEC 10118-3:2004).
855 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
856 to be used as a secure replacement for the 128-bit hash functions
858 (not to be confused with RIPEMD-128).
861 against RIPEMD-160.
867 tristate "RIPEMD-256 digest algorithm"
870 RIPEMD-256 is an optional extension of RIPEMD-128 with a
872 longer hash-results, without needing a larger security level
873 (than RIPEMD-128).
879 tristate "RIPEMD-320 digest algorithm"
882 RIPEMD-320 is an optional extension of RIPEMD-160 with a
884 longer hash-results, without needing a larger security level
885 (than RIPEMD-160).
894 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
897 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
902 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
904 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
908 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
913 SHA-256 secure hash standard (DFIPS 180-2) implemented
916 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
925 SHA-512 secure hash standard (DFIPS 180-2) implemented
936 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
945 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
953 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
959 SHA-1 secure hash standard (DFIPS 180-4) implemented
967 SHA256 secure hash standard (DFIPS 180-2).
972 This code also includes SHA-224, a 224 bit hash with 112 bits
981 SHA224 and SHA256 secure hash standard (DFIPS 180-2)
990 SHA-256 secure hash standard (DFIPS 180-2) implemented
999 SHA-256 secure hash standard (DFIPS 180-2) implemented
1006 SHA512 secure hash standard (DFIPS 180-2).
1011 This code also includes SHA-384, a 384 bit hash with 192 bits
1020 SHA-512 secure hash standard (DFIPS 180-2) implemented
1029 SHA-512 secure hash standard (DFIPS 180-2) implemented
1036 SHA-3 secure hash standard (DFIPS 202). It's based on
1046 SM3 secure hash function as defined by OSCCA GM/T 0004-2012 SM3).
1051 https://datatracker.ietf.org/doc/html/draft-shen-sm3-hash
1057 Streebog Hash Function (GOST R 34.11-2012, RFC 6986) is one of the Russian
1069 Tiger hash algorithm 192, 160 and 128-bit hashes
1071 Tiger is a hash function optimized for 64-bit processors while
1072 still having decent performance on 32-bit processors.
1082 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1084 Whirlpool-512 is part of the NESSIE cryptographic primitives.
1085 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1091 tristate "GHASH hash function (CLMUL-NI accelerated)"
1095 This is the x86_64 CLMUL-NI accelerated implementation of
1096 GHASH, the hash function used in GCM (Galois/Counter mode).
1105 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1110 environments regardless of its use in feedback or non-feedback
1113 suited for restricted-space environments, in which it also
1134 8 for decryption), this implementation only uses just two S-boxes of
1141 tristate "AES cipher algorithms (AES-NI)"
1150 Use Intel AES-NI instructions for AES algorithm.
1152 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1157 environments regardless of its use in feedback or non-feedback
1160 suited for restricted-space environments, in which it also
1168 In addition to AES cipher algorithm support, the acceleration
1169 for some popular block cipher mode is supported too, including
1180 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1185 environments regardless of its use in feedback or non-feedback
1188 suited for restricted-space environments, in which it also
1196 In addition to AES cipher algorithm support, the acceleration
1197 for some popular block cipher mode is supported too, including
1205 AES cipher algorithms (FIPS-197). Additionally the acceleration
1212 tables or 256 bytes S-boxes.
1237 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
1238 bits in length. This algorithm is required for driver-based
1313 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1322 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1333 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1338 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1372 tristate "CAST5 (CAST-128) cipher algorithm"
1376 The CAST5 encryption algorithm (synonymous with CAST-128) is
1380 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1387 The CAST5 encryption algorithm (synonymous with CAST-128) is
1394 tristate "CAST6 (CAST-256) cipher algorithm"
1398 The CAST6 encryption algorithm (synonymous with CAST-256) is
1402 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1411 The CAST6 encryption algorithm (synonymous with CAST-256) is
1422 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
1431 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1435 tristate "Triple DES EDE cipher algorithm (x86-64)"
1440 Triple DES EDE (FIPS 46-3) algorithm.
1443 algorithm that is optimized for x86-64 processors. Two versions of
1462 an algorithm optimized for 64-bit processors with good performance
1463 on 32-bit processors. Khazad uses an 128 bit key size.
1469 tristate "Salsa20 stream cipher algorithm"
1472 Salsa20 stream cipher algorithm.
1474 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
1475 Stream Cipher Project. See <https://www.ecrypt.eu.org/stream/>
1477 The Salsa20 stream cipher algorithm is designed by Daniel J.
1481 tristate "ChaCha stream cipher algorithms"
1485 The ChaCha20, XChaCha20, and XChaCha12 stream cipher algorithms.
1487 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1490 <https://cr.yp.to/chacha/chacha-20080128.pdf>
1496 <https://cr.yp.to/snuffle/xsalsa-20081128.pdf>
1500 in some performance-sensitive scenarios.
1503 tristate "ChaCha stream cipher algorithms (x86_64/SSSE3/AVX2/AVX-512VL)"
1509 SSSE3, AVX2, and AVX-512VL optimized implementations of the ChaCha20,
1510 XChaCha20, and XChaCha12 stream ciphers.
1513 tristate "ChaCha stream cipher algorithms (MIPS 32r2 optimized)"
1525 SEED is a 128-bit symmetric key block cipher that has been
1624 SM4 cipher algorithms (OSCCA GB/T 32907-2016).
1626 SM4 (GBT.32907-2016) is a cryptographic standard issued by the
1633 (GB.15629.11-2003).
1635 The latest SM4 standard (GBT.32907-2016) was proposed by OSCCA and
1660 Xtendend Encryption Tiny Algorithm is a mis-implementation
1717 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
1724 Twofish cipher algorithm (x86_64, 3-way parallel).
1732 blocks parallel, utilizing resources of out-of-order CPUs better.
1808 This is the LZ4 high compression mode algorithm.
1832 tristate "NIST SP800-90A DRBG"
1834 NIST SP800-90A compliant DRBG. In the following submenu, one or
1849 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1856 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1867 tristate "Jitterentropy Non-Deterministic Random Number Generator"
1880 tristate "User-space interface for hash algorithms"
1885 This option enables the user-spaces interface for hash
1889 tristate "User-space interface for symmetric key cipher algorithms"
1894 This option enables the user-spaces interface for symmetric
1898 tristate "User-space interface for random number generator algorithms"
1903 This option enables the user-spaces interface for random
1910 This option enables extra API for CAVP testing via the user-space
1916 tristate "User-space interface for AEAD cipher algorithms"
1923 This option enables the user-spaces interface for AEAD
1936 bool "Crypto usage statistics for User-space"
1941 - encrypt/decrypt size and numbers of symmeric operations
1942 - compress/decompress size and numbers of compress operations
1943 - size and numbers of hash operations
1944 - encrypt/decrypt/sign/verify numbers for asymmetric operations
1945 - generate/seed numbers for rng operations