| blob | 8dde4fcf99c947b7c292be0a775b102e43260879 |
1 #
2 # Generic algorithms support
3 #
4 config XOR_BLOCKS
5 tristate
7 #
8 # async_tx api: hardware offloaded memory transfer/transform support
9 #
10 source "crypto/async_tx/Kconfig"
12 #
13 # Cryptographic API Configuration
14 #
15 menuconfig CRYPTO
16 tristate "Cryptographic API"
17 help
18 This option provides the core Cryptographic API.
20 if CRYPTO
22 comment "Crypto core or helper"
24 config CRYPTO_FIPS
25 bool "FIPS 200 compliance"
26 help
27 This options enables the fips boot option which is
28 required if you want to system to operate in a FIPS 200
29 certification. You should say no unless you know what
30 this is.
32 config CRYPTO_ALGAPI
33 tristate
34 select CRYPTO_ALGAPI2
35 help
36 This option provides the API for cryptographic algorithms.
38 config CRYPTO_ALGAPI2
39 tristate
41 config CRYPTO_AEAD
42 tristate
43 select CRYPTO_AEAD2
44 select CRYPTO_ALGAPI
46 config CRYPTO_AEAD2
47 tristate
48 select CRYPTO_ALGAPI2
50 config CRYPTO_BLKCIPHER
51 tristate
52 select CRYPTO_BLKCIPHER2
53 select CRYPTO_ALGAPI
55 config CRYPTO_BLKCIPHER2
56 tristate
57 select CRYPTO_ALGAPI2
58 select CRYPTO_RNG2
60 config CRYPTO_HASH
61 tristate
62 select CRYPTO_HASH2
63 select CRYPTO_ALGAPI
65 config CRYPTO_HASH2
66 tristate
67 select CRYPTO_ALGAPI2
69 config CRYPTO_RNG
70 tristate
71 select CRYPTO_RNG2
72 select CRYPTO_ALGAPI
74 config CRYPTO_RNG2
75 tristate
76 select CRYPTO_ALGAPI2
78 config CRYPTO_MANAGER
79 tristate "Cryptographic algorithm manager"
80 select CRYPTO_MANAGER2
81 help
82 Create default cryptographic template instantiations such as
83 cbc(aes).
85 config CRYPTO_MANAGER2
86 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
87 select CRYPTO_AEAD2
88 select CRYPTO_HASH2
89 select CRYPTO_BLKCIPHER2
91 config CRYPTO_GF128MUL
92 tristate "GF(2^128) multiplication functions (EXPERIMENTAL)"
93 depends on EXPERIMENTAL
94 help
95 Efficient table driven implementation of multiplications in the
96 field GF(2^128). This is needed by some cypher modes. This
97 option will be selected automatically if you select such a
98 cipher mode. Only select this option by hand if you expect to load
99 an external module that requires these functions.
101 config CRYPTO_NULL
102 tristate "Null algorithms"
103 select CRYPTO_ALGAPI
104 select CRYPTO_BLKCIPHER
105 select CRYPTO_HASH
106 help
107 These are 'Null' algorithms, used by IPsec, which do nothing.
109 config CRYPTO_CRYPTD
110 tristate "Software async crypto daemon"
111 select CRYPTO_BLKCIPHER
112 select CRYPTO_HASH
113 select CRYPTO_MANAGER
114 help
115 This is a generic software asynchronous crypto daemon that
116 converts an arbitrary synchronous software crypto algorithm
117 into an asynchronous algorithm that executes in a kernel thread.
119 config CRYPTO_AUTHENC
120 tristate "Authenc support"
121 select CRYPTO_AEAD
122 select CRYPTO_BLKCIPHER
123 select CRYPTO_MANAGER
124 select CRYPTO_HASH
125 help
126 Authenc: Combined mode wrapper for IPsec.
127 This is required for IPSec.
129 config CRYPTO_TEST
130 tristate "Testing module"
131 depends on m
132 select CRYPTO_MANAGER
133 help
134 Quick & dirty crypto test module.
136 comment "Authenticated Encryption with Associated Data"
138 config CRYPTO_CCM
139 tristate "CCM support"
140 select CRYPTO_CTR
141 select CRYPTO_AEAD
142 help
143 Support for Counter with CBC MAC. Required for IPsec.
145 config CRYPTO_GCM
146 tristate "GCM/GMAC support"
147 select CRYPTO_CTR
148 select CRYPTO_AEAD
149 select CRYPTO_GF128MUL
150 help
151 Support for Galois/Counter Mode (GCM) and Galois Message
152 Authentication Code (GMAC). Required for IPSec.
154 config CRYPTO_SEQIV
155 tristate "Sequence Number IV Generator"
156 select CRYPTO_AEAD
157 select CRYPTO_BLKCIPHER
158 select CRYPTO_RNG
159 help
160 This IV generator generates an IV based on a sequence number by
161 xoring it with a salt. This algorithm is mainly useful for CTR
163 comment "Block modes"
165 config CRYPTO_CBC
166 tristate "CBC support"
167 select CRYPTO_BLKCIPHER
168 select CRYPTO_MANAGER
169 help
170 CBC: Cipher Block Chaining mode
171 This block cipher algorithm is required for IPSec.
173 config CRYPTO_CTR
174 tristate "CTR support"
175 select CRYPTO_BLKCIPHER
176 select CRYPTO_SEQIV
177 select CRYPTO_MANAGER
178 help
179 CTR: Counter mode
180 This block cipher algorithm is required for IPSec.
182 config CRYPTO_CTS
183 tristate "CTS support"
184 select CRYPTO_BLKCIPHER
185 help
186 CTS: Cipher Text Stealing
187 This is the Cipher Text Stealing mode as described by
188 Section 8 of rfc2040 and referenced by rfc3962.
189 (rfc3962 includes errata information in its Appendix A)
190 This mode is required for Kerberos gss mechanism support
191 for AES encryption.
193 config CRYPTO_ECB
194 tristate "ECB support"
195 select CRYPTO_BLKCIPHER
196 select CRYPTO_MANAGER
197 help
198 ECB: Electronic CodeBook mode
199 This is the simplest block cipher algorithm. It simply encrypts
200 the input block by block.
202 config CRYPTO_LRW
203 tristate "LRW support (EXPERIMENTAL)"
204 depends on EXPERIMENTAL
205 select CRYPTO_BLKCIPHER
206 select CRYPTO_MANAGER
207 select CRYPTO_GF128MUL
208 help
209 LRW: Liskov Rivest Wagner, a tweakable, non malleable, non movable
210 narrow block cipher mode for dm-crypt. Use it with cipher
211 specification string aes-lrw-benbi, the key must be 256, 320 or 384.
212 The first 128, 192 or 256 bits in the key are used for AES and the
213 rest is used to tie each cipher block to its logical position.
215 config CRYPTO_PCBC
216 tristate "PCBC support"
217 select CRYPTO_BLKCIPHER
218 select CRYPTO_MANAGER
219 help
220 PCBC: Propagating Cipher Block Chaining mode
221 This block cipher algorithm is required for RxRPC.
223 config CRYPTO_XTS
224 tristate "XTS support (EXPERIMENTAL)"
225 depends on EXPERIMENTAL
226 select CRYPTO_BLKCIPHER
227 select CRYPTO_MANAGER
228 select CRYPTO_GF128MUL
229 help
230 XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
231 key size 256, 384 or 512 bits. This implementation currently
232 can't handle a sectorsize which is not a multiple of 16 bytes.
234 comment "Hash modes"
236 config CRYPTO_HMAC
237 tristate "HMAC support"
238 select CRYPTO_HASH
239 select CRYPTO_MANAGER
240 help
241 HMAC: Keyed-Hashing for Message Authentication (RFC2104).
242 This is required for IPSec.
244 config CRYPTO_XCBC
245 tristate "XCBC support"
246 depends on EXPERIMENTAL
247 select CRYPTO_HASH
248 select CRYPTO_MANAGER
249 help
250 XCBC: Keyed-Hashing with encryption algorithm
251 http://www.ietf.org/rfc/rfc3566.txt
252 http://csrc.nist.gov/encryption/modes/proposedmodes/
253 xcbc-mac/xcbc-mac-spec.pdf
255 comment "Digest"
257 config CRYPTO_CRC32C
258 tristate "CRC32c CRC algorithm"
259 select CRYPTO_HASH
260 help
261 Castagnoli, et al Cyclic Redundancy-Check Algorithm. Used
262 by iSCSI for header and data digests and by others.
263 See Castagnoli93. Module will be crc32c.
265 config CRYPTO_CRC32C_INTEL
266 tristate "CRC32c INTEL hardware acceleration"
267 depends on X86
268 select CRYPTO_HASH
269 help
270 In Intel processor with SSE4.2 supported, the processor will
271 support CRC32C implementation using hardware accelerated CRC32
272 instruction. This option will create 'crc32c-intel' module,
273 which will enable any routine to use the CRC32 instruction to
274 gain performance compared with software implementation.
275 Module will be crc32c-intel.
277 config CRYPTO_MD4
278 tristate "MD4 digest algorithm"
279 select CRYPTO_HASH
280 help
281 MD4 message digest algorithm (RFC1320).
283 config CRYPTO_MD5
284 tristate "MD5 digest algorithm"
285 select CRYPTO_HASH
286 help
287 MD5 message digest algorithm (RFC1321).
289 config CRYPTO_MICHAEL_MIC
290 tristate "Michael MIC keyed digest algorithm"
291 select CRYPTO_HASH
292 help
293 Michael MIC is used for message integrity protection in TKIP
294 (IEEE 802.11i). This algorithm is required for TKIP, but it
295 should not be used for other purposes because of the weakness
296 of the algorithm.
298 config CRYPTO_RMD128
299 tristate "RIPEMD-128 digest algorithm"
300 select CRYPTO_HASH
301 help
302 RIPEMD-128 (ISO/IEC 10118-3:2004).
304 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
305 to be used as a secure replacement for RIPEMD. For other use cases
306 RIPEMD-160 should be used.
308 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
309 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
311 config CRYPTO_RMD160
312 tristate "RIPEMD-160 digest algorithm"
313 select CRYPTO_HASH
314 help
315 RIPEMD-160 (ISO/IEC 10118-3:2004).
317 RIPEMD-160 is a 160-bit cryptographic hash function. It is intended
318 to be used as a secure replacement for the 128-bit hash functions
319 MD4, MD5 and it's predecessor RIPEMD
320 (not to be confused with RIPEMD-128).
322 It's speed is comparable to SHA1 and there are no known attacks
323 against RIPEMD-160.
325 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
326 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
328 config CRYPTO_RMD256
329 tristate "RIPEMD-256 digest algorithm"
330 select CRYPTO_HASH
331 help
332 RIPEMD-256 is an optional extension of RIPEMD-128 with a
333 256 bit hash. It is intended for applications that require
334 longer hash-results, without needing a larger security level
335 (than RIPEMD-128).
337 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
338 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
340 config CRYPTO_RMD320
341 tristate "RIPEMD-320 digest algorithm"
342 select CRYPTO_HASH
343 help
344 RIPEMD-320 is an optional extension of RIPEMD-160 with a
345 320 bit hash. It is intended for applications that require
346 longer hash-results, without needing a larger security level
347 (than RIPEMD-160).
349 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
350 See <http://home.esat.kuleuven.be/~bosselae/ripemd160.html>
352 config CRYPTO_SHA1
353 tristate "SHA1 digest algorithm"
354 select CRYPTO_HASH
355 help
356 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
358 config CRYPTO_SHA256
359 tristate "SHA224 and SHA256 digest algorithm"
360 select CRYPTO_HASH
361 help
362 SHA256 secure hash standard (DFIPS 180-2).
364 This version of SHA implements a 256 bit hash with 128 bits of
365 security against collision attacks.
367 This code also includes SHA-224, a 224 bit hash with 112 bits
368 of security against collision attacks.
370 config CRYPTO_SHA512
371 tristate "SHA384 and SHA512 digest algorithms"
372 select CRYPTO_HASH
373 help
374 SHA512 secure hash standard (DFIPS 180-2).
376 This version of SHA implements a 512 bit hash with 256 bits of
377 security against collision attacks.
379 This code also includes SHA-384, a 384 bit hash with 192 bits
380 of security against collision attacks.
382 config CRYPTO_TGR192
383 tristate "Tiger digest algorithms"
384 select CRYPTO_HASH
385 help
386 Tiger hash algorithm 192, 160 and 128-bit hashes
388 Tiger is a hash function optimized for 64-bit processors while
389 still having decent performance on 32-bit processors.
390 Tiger was developed by Ross Anderson and Eli Biham.
392 See also:
393 <http://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
395 config CRYPTO_WP512
396 tristate "Whirlpool digest algorithms"
397 select CRYPTO_HASH
398 help
399 Whirlpool hash algorithm 512, 384 and 256-bit hashes
401 Whirlpool-512 is part of the NESSIE cryptographic primitives.
402 Whirlpool will be part of the ISO/IEC 10118-3:2003(E) standard
404 See also:
405 <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
407 comment "Ciphers"
409 config CRYPTO_AES
410 tristate "AES cipher algorithms"
411 select CRYPTO_ALGAPI
412 help
413 AES cipher algorithms (FIPS-197). AES uses the Rijndael
414 algorithm.
416 Rijndael appears to be consistently a very good performer in
417 both hardware and software across a wide range of computing
418 environments regardless of its use in feedback or non-feedback
419 modes. Its key setup time is excellent, and its key agility is
420 good. Rijndael's very low memory requirements make it very well
421 suited for restricted-space environments, in which it also
422 demonstrates excellent performance. Rijndael's operations are
423 among the easiest to defend against power and timing attacks.
425 The AES specifies three key sizes: 128, 192 and 256 bits
427 See <http://csrc.nist.gov/CryptoToolkit/aes/> for more information.
429 config CRYPTO_AES_586
430 tristate "AES cipher algorithms (i586)"
431 depends on (X86 || UML_X86) && !64BIT
432 select CRYPTO_ALGAPI
433 select CRYPTO_AES
434 help
435 AES cipher algorithms (FIPS-197). AES uses the Rijndael
436 algorithm.
438 Rijndael appears to be consistently a very good performer in
439 both hardware and software across a wide range of computing
440 environments regardless of its use in feedback or non-feedback
441 modes. Its key setup time is excellent, and its key agility is
442 good. Rijndael's very low memory requirements make it very well
443 suited for restricted-space environments, in which it also
444 demonstrates excellent performance. Rijndael's operations are
445 among the easiest to defend against power and timing attacks.
447 The AES specifies three key sizes: 128, 192 and 256 bits
449 See <http://csrc.nist.gov/encryption/aes/> for more information.
451 config CRYPTO_AES_X86_64
452 tristate "AES cipher algorithms (x86_64)"
453 depends on (X86 || UML_X86) && 64BIT
454 select CRYPTO_ALGAPI
455 select CRYPTO_AES
456 help
457 AES cipher algorithms (FIPS-197). AES uses the Rijndael
458 algorithm.
460 Rijndael appears to be consistently a very good performer in
461 both hardware and software across a wide range of computing
462 environments regardless of its use in feedback or non-feedback
463 modes. Its key setup time is excellent, and its key agility is
464 good. Rijndael's very low memory requirements make it very well
465 suited for restricted-space environments, in which it also
466 demonstrates excellent performance. Rijndael's operations are
467 among the easiest to defend against power and timing attacks.
469 The AES specifies three key sizes: 128, 192 and 256 bits
471 See <http://csrc.nist.gov/encryption/aes/> for more information.
473 config CRYPTO_ANUBIS
474 tristate "Anubis cipher algorithm"
475 select CRYPTO_ALGAPI
476 help
477 Anubis cipher algorithm.
479 Anubis is a variable key length cipher which can use keys from
480 128 bits to 320 bits in length. It was evaluated as a entrant
481 in the NESSIE competition.
483 See also:
484 <https://www.cosic.esat.kuleuven.ac.be/nessie/reports/>
485 <http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html>
487 config CRYPTO_ARC4
488 tristate "ARC4 cipher algorithm"
489 select CRYPTO_ALGAPI
490 help
491 ARC4 cipher algorithm.
493 ARC4 is a stream cipher using keys ranging from 8 bits to 2048
494 bits in length. This algorithm is required for driver-based
495 WEP, but it should not be for other purposes because of the
496 weakness of the algorithm.
498 config CRYPTO_BLOWFISH
499 tristate "Blowfish cipher algorithm"
500 select CRYPTO_ALGAPI
501 help
502 Blowfish cipher algorithm, by Bruce Schneier.
504 This is a variable key length cipher which can use keys from 32
505 bits to 448 bits in length. It's fast, simple and specifically
506 designed for use on "large microprocessors".
508 See also:
509 <http://www.schneier.com/blowfish.html>
511 config CRYPTO_CAMELLIA
512 tristate "Camellia cipher algorithms"
513 depends on CRYPTO
514 select CRYPTO_ALGAPI
515 help
516 Camellia cipher algorithms module.
518 Camellia is a symmetric key block cipher developed jointly
519 at NTT and Mitsubishi Electric Corporation.
521 The Camellia specifies three key sizes: 128, 192 and 256 bits.
523 See also:
524 <https://info.isl.ntt.co.jp/crypt/eng/camellia/index_s.html>
526 config CRYPTO_CAST5
527 tristate "CAST5 (CAST-128) cipher algorithm"
528 select CRYPTO_ALGAPI
529 help
530 The CAST5 encryption algorithm (synonymous with CAST-128) is
531 described in RFC2144.
533 config CRYPTO_CAST6
534 tristate "CAST6 (CAST-256) cipher algorithm"
535 select CRYPTO_ALGAPI
536 help
537 The CAST6 encryption algorithm (synonymous with CAST-256) is
538 described in RFC2612.
540 config CRYPTO_DES
541 tristate "DES and Triple DES EDE cipher algorithms"
542 select CRYPTO_ALGAPI
543 help
544 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
546 config CRYPTO_FCRYPT
547 tristate "FCrypt cipher algorithm"
548 select CRYPTO_ALGAPI
549 select CRYPTO_BLKCIPHER
550 help
551 FCrypt algorithm used by RxRPC.
553 config CRYPTO_KHAZAD
554 tristate "Khazad cipher algorithm"
555 select CRYPTO_ALGAPI
556 help
557 Khazad cipher algorithm.
559 Khazad was a finalist in the initial NESSIE competition. It is
560 an algorithm optimized for 64-bit processors with good performance
561 on 32-bit processors. Khazad uses an 128 bit key size.
563 See also:
564 <http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html>
566 config CRYPTO_SALSA20
567 tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)"
568 depends on EXPERIMENTAL
569 select CRYPTO_BLKCIPHER
570 help
571 Salsa20 stream cipher algorithm.
573 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
574 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
576 The Salsa20 stream cipher algorithm is designed by Daniel J.
577 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
579 config CRYPTO_SALSA20_586
580 tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)"
581 depends on (X86 || UML_X86) && !64BIT
582 depends on EXPERIMENTAL
583 select CRYPTO_BLKCIPHER
584 help
585 Salsa20 stream cipher algorithm.
587 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
588 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
590 The Salsa20 stream cipher algorithm is designed by Daniel J.
591 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
593 config CRYPTO_SALSA20_X86_64
594 tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)"
595 depends on (X86 || UML_X86) && 64BIT
596 depends on EXPERIMENTAL
597 select CRYPTO_BLKCIPHER
598 help
599 Salsa20 stream cipher algorithm.
601 Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
602 Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/>
604 The Salsa20 stream cipher algorithm is designed by Daniel J.
605 Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html>
607 config CRYPTO_SEED
608 tristate "SEED cipher algorithm"
609 select CRYPTO_ALGAPI
610 help
611 SEED cipher algorithm (RFC4269).
613 SEED is a 128-bit symmetric key block cipher that has been
614 developed by KISA (Korea Information Security Agency) as a
615 national standard encryption algorithm of the Republic of Korea.
616 It is a 16 round block cipher with the key size of 128 bit.
618 See also:
619 <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp>
621 config CRYPTO_SERPENT
622 tristate "Serpent cipher algorithm"
623 select CRYPTO_ALGAPI
624 help
625 Serpent cipher algorithm, by Anderson, Biham & Knudsen.
627 Keys are allowed to be from 0 to 256 bits in length, in steps
628 of 8 bits. Also includes the 'Tnepres' algorithm, a reversed
629 variant of Serpent for compatibility with old kerneli.org code.
631 See also:
632 <http://www.cl.cam.ac.uk/~rja14/serpent.html>
634 config CRYPTO_TEA
635 tristate "TEA, XTEA and XETA cipher algorithms"
636 select CRYPTO_ALGAPI
637 help
638 TEA cipher algorithm.
640 Tiny Encryption Algorithm is a simple cipher that uses
641 many rounds for security. It is very fast and uses
642 little memory.
644 Xtendend Tiny Encryption Algorithm is a modification to
645 the TEA algorithm to address a potential key weakness
646 in the TEA algorithm.
648 Xtendend Encryption Tiny Algorithm is a mis-implementation
649 of the XTEA algorithm for compatibility purposes.
651 config CRYPTO_TWOFISH
652 tristate "Twofish cipher algorithm"
653 select CRYPTO_ALGAPI
654 select CRYPTO_TWOFISH_COMMON
655 help
656 Twofish cipher algorithm.
658 Twofish was submitted as an AES (Advanced Encryption Standard)
659 candidate cipher by researchers at CounterPane Systems. It is a
660 16 round block cipher supporting key sizes of 128, 192, and 256
661 bits.
663 See also:
664 <http://www.schneier.com/twofish.html>
666 config CRYPTO_TWOFISH_COMMON
667 tristate
668 help
669 Common parts of the Twofish cipher algorithm shared by the
670 generic c and the assembler implementations.
672 config CRYPTO_TWOFISH_586
673 tristate "Twofish cipher algorithms (i586)"
674 depends on (X86 || UML_X86) && !64BIT
675 select CRYPTO_ALGAPI
676 select CRYPTO_TWOFISH_COMMON
677 help
678 Twofish cipher algorithm.
680 Twofish was submitted as an AES (Advanced Encryption Standard)
681 candidate cipher by researchers at CounterPane Systems. It is a
682 16 round block cipher supporting key sizes of 128, 192, and 256
683 bits.
685 See also:
686 <http://www.schneier.com/twofish.html>
688 config CRYPTO_TWOFISH_X86_64
689 tristate "Twofish cipher algorithm (x86_64)"
690 depends on (X86 || UML_X86) && 64BIT
691 select CRYPTO_ALGAPI
692 select CRYPTO_TWOFISH_COMMON
693 help
694 Twofish cipher algorithm (x86_64).
696 Twofish was submitted as an AES (Advanced Encryption Standard)
697 candidate cipher by researchers at CounterPane Systems. It is a
698 16 round block cipher supporting key sizes of 128, 192, and 256
699 bits.
701 See also:
702 <http://www.schneier.com/twofish.html>
704 comment "Compression"
706 config CRYPTO_DEFLATE
707 tristate "Deflate compression algorithm"
708 select CRYPTO_ALGAPI
709 select ZLIB_INFLATE
710 select ZLIB_DEFLATE
711 help
712 This is the Deflate algorithm (RFC1951), specified for use in
713 IPSec with the IPCOMP protocol (RFC3173, RFC2394).
715 You will most probably want this if using IPSec.
717 config CRYPTO_LZO
718 tristate "LZO compression algorithm"
719 select CRYPTO_ALGAPI
720 select LZO_COMPRESS
721 select LZO_DECOMPRESS
722 help
723 This is the LZO algorithm.
725 comment "Random Number Generation"
727 config CRYPTO_ANSI_CPRNG
728 tristate "Pseudo Random Number Generation for Cryptographic modules"
729 select CRYPTO_AES
730 select CRYPTO_RNG
731 select CRYPTO_FIPS
732 help
733 This option enables the generic pseudo random number generator
734 for cryptographic modules. Uses the Algorithm specified in
735 ANSI X9.31 A.2.4
737 source "drivers/crypto/Kconfig"
739 endif # if CRYPTO