Lines Matching +full:non +full:- +full:secure
1 # SPDX-License-Identifier: GPL-2.0
142 bool "Disable run-time self tests"
145 Disable run-time self tests that normally take place at
149 bool "Enable extra run-time crypto self tests"
152 Enable extra run-time self tests of registered crypto algorithms,
225 comment "Public-key cryptography"
237 tristate "Diffie-Hellman algorithm"
241 Generic implementation of the Diffie-Hellman algorithm.
255 tristate "EC-RDSA (GOST 34.10) algorithm"
262 Elliptic Curve Russian Digital Signature Algorithm (GOST R 34.10-2012,
263 RFC 7091, ISO/IEC 14888-3:2018) is one of the Russian cryptographic
290 tristate "ChaCha20-Poly1305 AEAD support"
296 ChaCha20-Poly1305 AEAD support, RFC7539.
303 tristate "AEGIS-128 AEAD algorithm"
305 select CRYPTO_AES # for AES S-box tables
307 Support for the AEGIS-128 dedicated AEAD algorithm.
310 bool "Support SIMD acceleration for AEGIS-128"
315 tristate "AEGIS-128 AEAD algorithm (x86_64 AESNI+SSE2 implementation)"
320 AESNI+SSE2 implementation of the AEGIS-128 dedicated AEAD algorithm.
380 CBC-CS3 as defined by NIST in Sp800-38A addendum from Oct 2010.
384 See: https://csrc.nist.gov/publications/detail/sp/800-38a/addendum/final
401 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
402 narrow block cipher mode for dm-crypt. Use it with cipher
403 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
433 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
442 Support for key wrapping (NIST SP800-38F / RFC3394) without
473 Adiantum is a tweakable, length-preserving encryption mode
474 designed for fast and secure disk encryption, especially on
477 an ε-almost-∆-universal hash function, and an invocation of
478 the AES-256 block cipher on a single 16-byte block. On CPUs
480 AES-XTS.
484 bound. Unlike XTS, Adiantum is a true wide-block encryption
494 Encrypted salt-sector initialization vector (ESSIV) is an IV
496 dm-crypt. It uses the hash of the block encryption key as the
508 associated data (AAD) region (which is how dm-crypt uses it.)
525 Cipher-based Message Authentication Code (CMAC) specified by
529 http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
536 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
544 XCBC: Keyed-Hashing with encryption algorithm
547 xcbc-mac/xcbc-mac-spec.pdf
555 very high speed on 64-bit architectures.
567 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
578 instruction. This option will create 'crc32c-intel' module,
581 Module will be crc32c-intel.
589 CRC32c algorithm implemented using vector polynomial multiply-sum
608 CRC-32-IEEE 802.3 cyclic redundancy-check algorithm.
620 instruction. This option will create 'crc32-pclmul' module,
621 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
638 xxHash non-cryptographic hash algorithm. Extremely fast, working at
657 'crct10dif-pclmul' module, which is faster when computing the
666 multiply-sum (vpmsum) instructions, introduced in POWER8. Enable on
673 Stress test for CRC32c and CRC-T10DIF algorithms implemented with
683 It is not a general-purpose cryptographic hash function.
692 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
703 It is used for the ChaCha20-Poly1305 AEAD, specified in RFC7539 for use
755 tristate "RIPEMD-128 digest algorithm"
758 RIPEMD-128 (ISO/IEC 10118-3:2004).
760 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
761 be used as a secure replacement for RIPEMD. For other use cases,
762 RIPEMD-160 should be used.
768 tristate "RIPEMD-160 digest algorithm"
771 RIPEMD-160 (ISO/IEC 10118-3:2004).
773 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
774 to be used as a secure replacement for the 128-bit hash functions
776 (not to be confused with RIPEMD-128).
779 against RIPEMD-160.
785 tristate "RIPEMD-256 digest algorithm"
788 RIPEMD-256 is an optional extension of RIPEMD-128 with a
790 longer hash-results, without needing a larger security level
791 (than RIPEMD-128).
797 tristate "RIPEMD-320 digest algorithm"
800 RIPEMD-320 is an optional extension of RIPEMD-160 with a
802 longer hash-results, without needing a larger security level
803 (than RIPEMD-160).
812 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
815 tristate "SHA1 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
820 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
822 Extensions (AVX/AVX2) or SHA-NI(SHA Extensions New Instructions),
826 tristate "SHA256 digest algorithm (SSSE3/AVX/AVX2/SHA-NI)"
831 SHA-256 secure hash standard (DFIPS 180-2) implemented
834 version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
843 SHA-512 secure hash standard (DFIPS 180-2) implemented
854 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
863 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
871 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
877 SHA-1 secure hash standard (DFIPS 180-4) implemented
888 SHA256 secure hash standard (DFIPS 180-2).
893 This code also includes SHA-224, a 224 bit hash with 112 bits
902 SHA224 and SHA256 secure hash standard (DFIPS 180-2)
911 SHA-256 secure hash standard (DFIPS 180-2) implemented
920 SHA-256 secure hash standard (DFIPS 180-2) implemented
927 SHA512 secure hash standard (DFIPS 180-2).
932 This code also includes SHA-384, a 384 bit hash with 192 bits
941 SHA-512 secure hash standard (DFIPS 180-2) implemented
950 SHA-512 secure hash standard (DFIPS 180-2) implemented
957 SHA-3 secure hash standard (DFIPS 202). It's based on
967 SM3 secure hash function as defined by OSCCA GM/T 0004-2012 SM3).
972 https://datatracker.ietf.org/doc/html/draft-shen-sm3-hash
978 Streebog Hash Function (GOST R 34.11-2012, RFC 6986) is one of the Russian
990 Tiger hash algorithm 192, 160 and 128-bit hashes
992 Tiger is a hash function optimized for 64-bit processors while
993 still having decent performance on 32-bit processors.
1003 Whirlpool hash algorithm 512, 384 and 256-bit hashes
1005 Whirlpool-512 is part of the NESSIE cryptographic primitives.
1006 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
1012 tristate "GHASH hash function (CLMUL-NI accelerated)"
1016 This is the x86_64 CLMUL-NI accelerated implementation of
1029 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1034 environments regardless of its use in feedback or non-feedback
1037 suited for restricted-space environments, in which it also
1058 8 for decryption), this implementation only uses just two S-boxes of
1065 tristate "AES cipher algorithms (AES-NI)"
1074 Use Intel AES-NI instructions for AES algorithm.
1076 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1081 environments regardless of its use in feedback or non-feedback
1084 suited for restricted-space environments, in which it also
1105 AES cipher algorithms (FIPS-197). AES uses the Rijndael
1110 environments regardless of its use in feedback or non-feedback
1113 suited for restricted-space environments, in which it also
1129 AES cipher algorithms (FIPS-197). Additionally the acceleration
1134 timining attacks. Nevertheless it might be not as secure as other
1136 tables or 256 bytes S-boxes.
1163 bits in length. This algorithm is required for driver-based
1238 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX)"
1247 Camellia cipher algorithm module (x86_64/AES-NI/AVX).
1258 tristate "Camellia cipher algorithm (x86_64/AES-NI/AVX2)"
1263 Camellia cipher algorithm module (x86_64/AES-NI/AVX2).
1296 tristate "CAST5 (CAST-128) cipher algorithm"
1300 The CAST5 encryption algorithm (synonymous with CAST-128) is
1304 tristate "CAST5 (CAST-128) cipher algorithm (x86_64/AVX)"
1311 The CAST5 encryption algorithm (synonymous with CAST-128) is
1318 tristate "CAST6 (CAST-256) cipher algorithm"
1322 The CAST6 encryption algorithm (synonymous with CAST-256) is
1326 tristate "CAST6 (CAST-256) cipher algorithm (x86_64/AVX)"
1335 The CAST6 encryption algorithm (synonymous with CAST-256) is
1349 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
1357 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1361 tristate "Triple DES EDE cipher algorithm (x86-64)"
1366 Triple DES EDE (FIPS 46-3) algorithm.
1369 algorithm that is optimized for x86-64 processors. Two versions of
1387 an algorithm optimized for 64-bit processors with good performance
1388 on 32-bit processors. Khazad uses an 128 bit key size.
1411 ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
1414 <http://cr.yp.to/chacha/chacha-20080128.pdf>
1420 <https://cr.yp.to/snuffle/xsalsa-20081128.pdf>
1424 in some performance-sensitive scenarios.
1427 tristate "ChaCha stream cipher algorithms (x86_64/SSSE3/AVX2/AVX-512VL)"
1432 SSSE3, AVX2, and AVX-512VL optimized implementations of the ChaCha20,
1441 SEED is a 128-bit symmetric key block cipher that has been
1540 SM4 cipher algorithms (OSCCA GB/T 32907-2016).
1542 SM4 (GBT.32907-2016) is a cryptographic standard issued by the
1549 (GB.15629.11-2003).
1551 The latest SM4 standard (GBT.32907-2016) was proposed by OSCCA and
1575 Xtendend Encryption Tiny Algorithm is a mis-implementation
1632 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
1639 Twofish cipher algorithm (x86_64, 3-way parallel).
1647 blocks parallel, utilizing resources of out-of-order CPUs better.
1747 tristate "NIST SP800-90A DRBG"
1749 NIST SP800-90A compliant DRBG. In the following submenu, one or
1764 Enable the Hash DRBG variant as defined in NIST SP800-90A.
1771 Enable the CTR DRBG variant as defined in NIST SP800-90A.
1782 tristate "Jitterentropy Non-Deterministic Random Number Generator"
1795 tristate "User-space interface for hash algorithms"
1800 This option enables the user-spaces interface for hash
1804 tristate "User-space interface for symmetric key cipher algorithms"
1809 This option enables the user-spaces interface for symmetric
1813 tristate "User-space interface for random number generator algorithms"
1818 This option enables the user-spaces interface for random
1822 tristate "User-space interface for AEAD cipher algorithms"
1829 This option enables the user-spaces interface for AEAD
1833 bool "Crypto usage statistics for User-space"
1838 - encrypt/decrypt size and numbers of symmeric operations
1839 - compress/decompress size and numbers of compress operations
1840 - size and numbers of hash operations
1841 - encrypt/decrypt/sign/verify numbers for asymmetric operations
1842 - generate/seed numbers for rng operations