This option provides the core Cryptographic API.
This options enables the fips boot option which is required if you want to system to operate in a FIPS 200 certification. You should say no unless you know what this is.
This option provides the API for cryptographic algorithms.
Create default cryptographic template instantiations such as cbc(aes).
Disable run-time self tests that normally take place at algorithm registration.
Efficient table driven implementation of multiplications in the field GF(2^128). This is needed by some cypher modes. This option will be selected automatically if you select such a cipher mode. Only select this option by hand if you expect to load an external module that requires these functions.
These are 'Null' algorithms, used by IPsec, which do nothing.
This converts an arbitrary crypto algorithm into a parallel algorithm that executes in kernel threads.
This is a generic software asynchronous crypto daemon that converts an arbitrary synchronous software crypto algorithm into an asynchronous algorithm that executes in a kernel thread.
Authenc: Combined mode wrapper for IPsec. This is required for IPSec.
Quick & dirty crypto test module.
Support for Counter with CBC MAC. Required for IPsec.
Support for Galois/Counter Mode (GCM) and Galois Message Authentication Code (GMAC). Required for IPSec.
This IV generator generates an IV based on a sequence number by xoring it with a salt. This algorithm is mainly useful for CTR
CBC: Cipher Block Chaining mode This block cipher algorithm is required for IPSec.
CTR: Counter mode This block cipher algorithm is required for IPSec.
CTS: Cipher Text Stealing This is the Cipher Text Stealing mode as described by Section 8 of rfc2040 and referenced by rfc3962. (rfc3962 includes errata information in its Appendix A) This mode is required for Kerberos gss mechanism support for AES encryption.
ECB: Electronic CodeBook mode This is the simplest block cipher algorithm. It simply encrypts the input block by block.
LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable narrow block cipher mode for dm-crypt. Use it with cipher specification string aes-lrw-benbi, the key must be 256, 320 or 384. The first 128, 192 or 256 bits in the key are used for AES and the rest is used to tie each cipher block to its logical position.
PCBC: Propagating Cipher Block Chaining mode This block cipher algorithm is required for RxRPC.
XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, key size 256, 384 or 512 bits. This implementation currently can't handle a sectorsize which is not a multiple of 16 bytes.
HMAC: Keyed-Hashing for Message Authentication (RFC2104). This is required for IPSec.
XCBC: Keyed-Hashing with encryption algorithm http://www.ietf.org/rfc/rfc3566.txt http://csrc.nist.gov/encryption/modes/proposedmodes/ xcbc-mac/xcbc-mac-spec.pdf
VMAC is a message authentication algorithm designed for very high speed on 64-bit architectures. See also: <http://fastcrypto.org/vmac>
Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used by iSCSI for header and data digests and by others. See Castagnoli93. Module will be crc32c.
In Intel processor with SSE4.2 supported, the processor will support CRC32C implementation using hardware accelerated CRC32 instruction. This option will create 'crc32c-intel' module, which will enable any routine to use the CRC32 instruction to gain performance compared with software implementation. Module will be crc32c-intel.
GHASH is message digest algorithm for GCM (Galois/Counter Mode).
MD4 message digest algorithm (RFC1320).
MD5 message digest algorithm (RFC1321).
Michael MIC is used for message integrity protection in TKIP (IEEE 802.11i). This algorithm is required for TKIP, but it should not be used for other purposes because of the weakness of the algorithm.
RIPEMD-128 (ISO/IEC 10118-3:2004). RIPEMD-128 is a 128-bit cryptographic hash function. It should only to be used as a secure replacement for RIPEMD. For other use cases RIPEMD-160 should be used. Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
RIPEMD-160 (ISO/IEC 10118-3:2004). RIPEMD-160 is a 160-bit cryptographic hash function. It is intended to be used as a secure replacement for the 128-bit hash functions MD4, MD5 and it's predecessor RIPEMD (not to be confused with RIPEMD-128). It's speed is comparable to SHA1 and there are no known attacks against RIPEMD-160. Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
RIPEMD-256 is an optional extension of RIPEMD-128 with a 256 bit hash. It is intended for applications that require longer hash-results, without needing a larger security level (than RIPEMD-128). Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
RIPEMD-320 is an optional extension of RIPEMD-160 with a 320 bit hash. It is intended for applications that require longer hash-results, without needing a larger security level (than RIPEMD-160). Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
SHA256 secure hash standard (DFIPS 180-2). This version of SHA implements a 256 bit hash with 128 bits of security against collision attacks. This code also includes SHA-224, a 224 bit hash with 112 bits of security against collision attacks.
SHA512 secure hash standard (DFIPS 180-2). This version of SHA implements a 512 bit hash with 256 bits of security against collision attacks. This code also includes SHA-384, a 384 bit hash with 192 bits of security against collision attacks.
Tiger hash algorithm 192, 160 and 128-bit hashes Tiger is a hash function optimized for 64-bit processors while still having decent performance on 32-bit processors. Tiger was developed by Ross Anderson and Eli Biham. See also: <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
Whirlpool hash algorithm 512, 384 and 256-bit hashes Whirlpool-512 is part of the NESSIE cryptographic primitives. Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard See also: <http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html>
GHASH is message digest algorithm for GCM (Galois/Counter Mode). The implementation is accelerated by CLMUL-NI of Intel.
AES cipher algorithms (FIPS-197). AES uses the Rijndael algorithm. Rijndael appears to be consistently a very good performer in both hardware and software across a wide range of computing environments regardless of its use in feedback or non-feedback modes. Its key setup time is excellent, and its key agility is good. Rijndael's very low memory requirements make it very well suited for restricted-space environments, in which it also demonstrates excellent performance. Rijndael's operations are among the easiest to defend against power and timing attacks. The AES specifies three key sizes: 128, 192 and 256 bits See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
AES cipher algorithms (FIPS-197). AES uses the Rijndael algorithm. Rijndael appears to be consistently a very good performer in both hardware and software across a wide range of computing environments regardless of its use in feedback or non-feedback modes. Its key setup time is excellent, and its key agility is good. Rijndael's very low memory requirements make it very well suited for restricted-space environments, in which it also demonstrates excellent performance. Rijndael's operations are among the easiest to defend against power and timing attacks. The AES specifies three key sizes: 128, 192 and 256 bits See <http://csrc.nist.gov/encryption/aes/> for more information.
AES cipher algorithms (FIPS-197). AES uses the Rijndael algorithm. Rijndael appears to be consistently a very good performer in both hardware and software across a wide range of computing environments regardless of its use in feedback or non-feedback modes. Its key setup time is excellent, and its key agility is good. Rijndael's very low memory requirements make it very well suited for restricted-space environments, in which it also demonstrates excellent performance. Rijndael's operations are among the easiest to defend against power and timing attacks. The AES specifies three key sizes: 128, 192 and 256 bits See <http://csrc.nist.gov/encryption/aes/> for more information.
Use Intel AES-NI instructions for AES algorithm. AES cipher algorithms (FIPS-197). AES uses the Rijndael algorithm. Rijndael appears to be consistently a very good performer in both hardware and software across a wide range of computing environments regardless of its use in feedback or non-feedback modes. Its key setup time is excellent, and its key agility is good. Rijndael's very low memory requirements make it very well suited for restricted-space environments, in which it also demonstrates excellent performance. Rijndael's operations are among the easiest to defend against power and timing attacks. The AES specifies three key sizes: 128, 192 and 256 bits See <http://csrc.nist.gov/encryption/aes/> for more information. In addition to AES cipher algorithm support, the acceleration for some popular block cipher mode is supported too, including ECB, CBC, LRW, PCBC, XTS. The 64 bit version has additional acceleration for CTR.
Anubis cipher algorithm. Anubis is a variable key length cipher which can use keys from 128 bits to 320 bits in length. It was evaluated as a entrant in the NESSIE competition. See also: <https://www.cosic.esat.kuleuven.be/nessie/reports/> <http://www.larc.usp.br/~pbarreto/AnubisPage.html>
ARC4 cipher algorithm. ARC4 is a stream cipher using keys ranging from 8 bits to 2048 bits in length. This algorithm is required for driver-based WEP, but it should not be for other purposes because of the weakness of the algorithm.
Blowfish cipher algorithm, by Bruce Schneier. This is a variable key length cipher which can use keys from 32 bits to 448 bits in length. It's fast, simple and specifically designed for use on "large microprocessors". See also: <http://www.schneier.com/blowfish.html>
Camellia cipher algorithms module. Camellia is a symmetric key block cipher developed jointly at NTT and Mitsubishi Electric Corporation. The Camellia specifies three key sizes: 128, 192 and 256 bits. See also: <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
The CAST5 encryption algorithm (synonymous with CAST-128) is described in RFC2144.
The CAST6 encryption algorithm (synonymous with CAST-256) is described in RFC2612.
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
FCrypt algorithm used by RxRPC.
Khazad cipher algorithm. Khazad was a finalist in the initial NESSIE competition. It is an algorithm optimized for 64-bit processors with good performance on 32-bit processors. Khazad uses an 128 bit key size. See also: <http://www.larc.usp.br/~pbarreto/KhazadPage.html>
Salsa20 stream cipher algorithm. Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> The Salsa20 stream cipher algorithm is designed by Daniel J. Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
Salsa20 stream cipher algorithm. Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> The Salsa20 stream cipher algorithm is designed by Daniel J. Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
Salsa20 stream cipher algorithm. Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> The Salsa20 stream cipher algorithm is designed by Daniel J. Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
SEED cipher algorithm (RFC4269). SEED is a 128-bit symmetric key block cipher that has been developed by KISA (Korea Information Security Agency) as a national standard encryption algorithm of the Republic of Korea. It is a 16 round block cipher with the key size of 128 bit. See also: <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
Serpent cipher algorithm, by Anderson, Biham & Knudsen. Keys are allowed to be from 0 to 256 bits in length, in steps of 8 bits. Also includes the 'Tnepres' algorithm, a reversed variant of Serpent for compatibility with old kerneli.org code. See also: <http://www.cl.cam.ac.uk/~rja14/serpent.html>
TEA cipher algorithm. Tiny Encryption Algorithm is a simple cipher that uses many rounds for security. It is very fast and uses little memory. Xtendend Tiny Encryption Algorithm is a modification to the TEA algorithm to address a potential key weakness in the TEA algorithm. Xtendend Encryption Tiny Algorithm is a mis-implementation of the XTEA algorithm for compatibility purposes.
Twofish cipher algorithm. Twofish was submitted as an AES (Advanced Encryption Standard) candidate cipher by researchers at CounterPane Systems. It is a 16 round block cipher supporting key sizes of 128, 192, and 256 bits. See also: <http://www.schneier.com/twofish.html>
Common parts of the Twofish cipher algorithm shared by the generic c and the assembler implementations.
Twofish cipher algorithm. Twofish was submitted as an AES (Advanced Encryption Standard) candidate cipher by researchers at CounterPane Systems. It is a 16 round block cipher supporting key sizes of 128, 192, and 256 bits. See also: <http://www.schneier.com/twofish.html>
Twofish cipher algorithm (x86_64). Twofish was submitted as an AES (Advanced Encryption Standard) candidate cipher by researchers at CounterPane Systems. It is a 16 round block cipher supporting key sizes of 128, 192, and 256 bits. See also: <http://www.schneier.com/twofish.html>
This is the Deflate algorithm (RFC1951), specified for use in IPSec with the IPCOMP protocol (RFC3173, RFC2394). You will most probably want this if using IPSec.
This is the zlib algorithm.
This is the LZO algorithm.
This option enables the generic pseudo random number generator for cryptographic modules. Uses the Algorithm specified in ANSI X9.31 A.2.4. Note that this option must be enabled if CRYPTO_FIPS is selected
This option enables the user-spaces interface for hash algorithms.
This option enables the user-spaces interface for symmetric key cipher algorithms.