Lines Matching +full:standard +full:- +full:mode
1 # SPDX-License-Identifier: GPL-2.0
140 bool "Disable run-time self tests"
143 Disable run-time self tests that normally take place at
147 bool "Enable extra run-time crypto self tests"
150 Enable extra run-time self tests of registered crypto algorithms,
199 Authenc: Combined mode wrapper for IPsec.
216 comment "Public-key cryptography"
228 tristate "Diffie-Hellman algorithm"
232 Generic implementation of the Diffie-Hellman algorithm.
252 is A NIST cryptographic standard algorithm. Only signature verification
256 tristate "EC-RDSA (GOST 34.10) algorithm"
263 Elliptic Curve Russian Digital Signature Algorithm (GOST R 34.10-2012,
264 RFC 7091, ISO/IEC 14888-3:2018) is one of the Russian cryptographic
265 standard algorithms (called GOST algorithms). Only signature verification
278 as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012.
281 https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
282 http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml
315 Support for Galois/Counter Mode (GCM) and Galois Message
319 tristate "ChaCha20-Poly1305 AEAD support"
325 ChaCha20-Poly1305 AEAD support, RFC7539.
332 tristate "AEGIS-128 AEAD algorithm"
334 select CRYPTO_AES # for AES S-box tables
336 Support for the AEGIS-128 dedicated AEAD algorithm.
339 bool "Support SIMD acceleration for AEGIS-128"
344 tristate "AEGIS-128 AEAD algorithm (x86_64 AESNI+SSE2 implementation)"
349 AESNI+SSE2 implementation of the AEGIS-128 dedicated AEAD algorithm.
380 CBC: Cipher Block Chaining mode
388 CFB: Cipher FeedBack mode
396 CTR: Counter mode
405 This is the Cipher Text Stealing mode as described by
408 CBC-CS3 as defined by NIST in Sp800-38A addendum from Oct 2010.
409 This mode is required for Kerberos gss mechanism support
412 See: https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final
419 ECB: Electronic CodeBook mode
430 narrow block cipher mode for dm-crypt. Use it with cipher
431 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
440 OFB: the Output Feedback mode makes a block cipher into a synchronous
452 PCBC: Propagating Cipher Block Chaining mode
461 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
470 Support for key wrapping (NIST SP800-38F / RFC3394) without
484 Adiantum encryption mode.
492 Adiantum encryption mode.
501 Adiantum is a tweakable, length-preserving encryption mode
505 an ε-almost-∆-universal hash function, and an invocation of
506 the AES-256 block cipher on a single 16-byte block. On CPUs
508 AES-XTS.
512 bound. Unlike XTS, Adiantum is a true wide-block encryption
513 mode, so it actually provides an even stronger notion of
522 Encrypted salt-sector initialization vector (ESSIV) is an IV
524 dm-crypt. It uses the hash of the block encryption key as the
536 associated data (AAD) region (which is how dm-crypt uses it.)
543 combined with ESSIV the only feasible mode for h/w accelerated
553 Cipher-based Message Authentication Code (CMAC) specified by
557 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
564 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
572 XCBC: Keyed-Hashing with encryption algorithm
575 xcbc-mac/xcbc-mac-spec.pdf
583 very high speed on 64-bit architectures.
595 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
606 instruction. This option will create 'crc32c-intel' module,
609 Module will be crc32c-intel.
617 CRC32c algorithm implemented using vector polynomial multiply-sum
636 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
648 instruction. This option will create 'crc32-pclmul' module,
649 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
666 xxHash non-cryptographic hash algorithm. Extremely fast, working at
679 - blake2b-160
680 - blake2b-256
681 - blake2b-384
682 - blake2b-512
692 optimized for 8-32bit platforms and can produce digests of any size
697 - blake2s-128
698 - blake2s-160
699 - blake2s-224
700 - blake2s-256
726 'crct10dif-pclmul' module, which is faster when computing the
735 multiply-sum (vpmsum) instructions, introduced in POWER8. Enable on
742 Stress test for CRC32c and CRC-T10DIF algorithms implemented with
751 GHASH is the hash function used in GCM (Galois/Counter Mode).
752 It is not a general-purpose cryptographic hash function.
762 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
774 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
831 tristate "RIPEMD-160 digest algorithm"
834 RIPEMD-160 (ISO/IEC 10118-3:2004).
836 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
837 to be used as a secure replacement for the 128-bit hash functions
839 (not to be confused with RIPEMD-128).
842 against RIPEMD-160.
851 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
854 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
859 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
861 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
865 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
870 SHA-256 secure hash standard (DFIPS 180-2) implemented
873 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
882 SHA-512 secure hash standard (DFIPS 180-2) implemented
893 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
902 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
910 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
916 SHA-1 secure hash standard (DFIPS 180-4) implemented
924 SHA256 secure hash standard (DFIPS 180-2).
929 This code also includes SHA-224, a 224 bit hash with 112 bits
938 SHA224 and SHA256 secure hash standard (DFIPS 180-2)
947 SHA-256 secure hash standard (DFIPS 180-2) implemented
956 SHA-256 secure hash standard (DFIPS 180-2) implemented
963 SHA512 secure hash standard (DFIPS 180-2).
968 This code also includes SHA-384, a 384 bit hash with 192 bits
977 SHA-512 secure hash standard (DFIPS 180-2) implemented
986 SHA-512 secure hash standard (DFIPS 180-2) implemented
993 SHA-3 secure hash standard (DFIPS 202). It's based on
1003 SM3 secure hash function as defined by OSCCA GM/T 0004-2012 SM3).
1008 https://datatracker.ietf.org/doc/html/draft-shen-sm3-hash
1014 Streebog Hash Function (GOST R 34.11-2012, RFC 6986) is one of the Russian
1015 cryptographic standard algorithms (called GOST algorithms).
1026 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1028 Whirlpool-512 is part of the NESSIE cryptographic primitives.
1029 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1035 tristate "GHASH hash function (CLMUL-NI accelerated)"
1039 This is the x86_64 CLMUL-NI accelerated implementation of
1040 GHASH, the hash function used in GCM (Galois/Counter mode).
1049 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1054 environments regardless of its use in feedback or non-feedback
1057 suited for restricted-space environments, in which it also
1078 8 for decryption), this implementation only uses just two S-boxes of
1085 tristate "AES cipher algorithms (AES-NI)"
1093 Use Intel AES-NI instructions for AES algorithm.
1095 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1100 environments regardless of its use in feedback or non-feedback
1103 suited for restricted-space environments, in which it also
1112 for some popular block cipher mode is supported too, including
1123 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1128 environments regardless of its use in feedback or non-feedback
1131 suited for restricted-space environments, in which it also
1140 for some popular block cipher mode is supported too, including
1148 AES cipher algorithms (FIPS-197). Additionally the acceleration
1155 tables or 256 bytes S-boxes.
1181 bits in length. This algorithm is required for driver-based
1255 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1262 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1273 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1277 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1310 tristate "CAST5 (CAST-128) cipher algorithm"
1314 The CAST5 encryption algorithm (synonymous with CAST-128) is
1318 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1326 The CAST5 encryption algorithm (synonymous with CAST-128) is
1333 tristate "CAST6 (CAST-256) cipher algorithm"
1337 The CAST6 encryption algorithm (synonymous with CAST-256) is
1341 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1350 The CAST6 encryption algorithm (synonymous with CAST-256) is
1361 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
1370 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1374 tristate "Triple DES EDE cipher algorithm (x86-64)"
1380 Triple DES EDE (FIPS 46-3) algorithm.
1383 algorithm that is optimized for x86-64 processors. Two versions of
1402 an algorithm optimized for 64-bit processors with good performance
1403 on 32-bit processors. Khazad uses an 128 bit key size.
1415 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1418 <https://cr.yp.to/chacha/chacha-20080128.pdf>
1424 <https://cr.yp.to/snuffle/xsalsa-20081128.pdf>
1428 in some performance-sensitive scenarios.
1431 tristate "ChaCha stream cipher algorithms (x86_64/SSSE3/AVX2/AVX-512VL)"
1437 SSSE3, AVX2, and AVX-512VL optimized implementations of the ChaCha20,
1453 SEED is a 128-bit symmetric key block cipher that has been
1455 national standard encryption algorithm of the Republic of Korea.
1552 SM4 cipher algorithms (OSCCA GB/T 32907-2016).
1554 SM4 (GBT.32907-2016) is a cryptographic standard issued by the
1559 networks, and is mandated in the Chinese National Standard for
1561 (GB.15629.11-2003).
1563 The latest SM4 standard (GBT.32907-2016) was proposed by OSCCA and
1574 tristate "SM4 cipher algorithm (x86_64/AES-NI/AVX)"
1581 SM4 cipher algorithms (OSCCA GB/T 32907-2016) (x86_64/AES-NI/AVX).
1583 SM4 (GBT.32907-2016) is a cryptographic standard issued by the
1587 This is SM4 optimized implementation using AES-NI/AVX/x86_64
1589 we can use the AES S-Box to simulate the SM4 S-Box to achieve the
1595 tristate "SM4 cipher algorithm (x86_64/AES-NI/AVX2)"
1603 SM4 cipher algorithms (OSCCA GB/T 32907-2016) (x86_64/AES-NI/AVX2).
1605 SM4 (GBT.32907-2016) is a cryptographic standard issued by the
1609 This is SM4 optimized implementation using AES-NI/AVX2/x86_64
1611 we can use the AES S-Box to simulate the SM4 S-Box to achieve the
1631 Xtendend Encryption Tiny Algorithm is a mis-implementation
1641 Twofish was submitted as an AES (Advanced Encryption Standard)
1664 Twofish was submitted as an AES (Advanced Encryption Standard)
1681 Twofish was submitted as an AES (Advanced Encryption Standard)
1690 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
1696 Twofish cipher algorithm (x86_64, 3-way parallel).
1698 Twofish was submitted as an AES (Advanced Encryption Standard)
1704 blocks parallel, utilizing resources of out-of-order CPUs better.
1721 Twofish was submitted as an AES (Advanced Encryption Standard)
1780 This is the LZ4 high compression mode algorithm.
1804 tristate "NIST SP800-90A DRBG"
1806 NIST SP800-90A compliant DRBG. In the following submenu, one or
1821 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1828 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1839 tristate "Jitterentropy Non-Deterministic Random Number Generator"
1852 tristate "User-space interface for hash algorithms"
1857 This option enables the user-spaces interface for hash
1861 tristate "User-space interface for symmetric key cipher algorithms"
1866 This option enables the user-spaces interface for symmetric
1870 tristate "User-space interface for random number generator algorithms"
1875 This option enables the user-spaces interface for random
1882 This option enables extra API for CAVP testing via the user-space
1888 tristate "User-space interface for AEAD cipher algorithms"
1895 This option enables the user-spaces interface for AEAD
1908 bool "Crypto usage statistics for User-space"
1913 - encrypt/decrypt size and numbers of symmeric operations
1914 - compress/decompress size and numbers of compress operations
1915 - size and numbers of hash operations
1916 - encrypt/decrypt/sign/verify numbers for asymmetric operations
1917 - generate/seed numbers for rng operations