diff options
author | Rik Snel <rsnel@cube.dyndns.org> | 2007-09-19 20:23:13 +0800 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2007-10-10 16:55:45 -0700 |
commit | f19f5111c94053ba4931892f5c01c806de33942e (patch) | |
tree | b40dfae8fa170ebdc92fdcfeb3000c84d6203645 /crypto/Kconfig | |
parent | 5aaff0c8f7dd3515c9f1ca57f86463f30779acc7 (diff) | |
download | op-kernel-dev-f19f5111c94053ba4931892f5c01c806de33942e.zip op-kernel-dev-f19f5111c94053ba4931892f5c01c806de33942e.tar.gz |
[CRYPTO] xts: XTS blockcipher mode implementation without partial blocks
XTS currently considered to be the successor of the LRW mode by the IEEE1619
workgroup. LRW was discarded, because it was not secure if the encyption key
itself is encrypted with LRW.
XTS does not have this problem. The implementation is pretty straightforward,
a new function was added to gf128mul to handle GF(128) elements in ble format.
Four testvectors from the specification
http://grouper.ieee.org/groups/1619/email/pdf00086.pdf
were added, and they verify on my system.
Signed-off-by: Rik Snel <rsnel@cube.dyndns.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/Kconfig')
-rw-r--r-- | crypto/Kconfig | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig index 05f46df..083d2e1 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -184,6 +184,17 @@ config CRYPTO_LRW The first 128, 192 or 256 bits in the key are used for AES and the rest is used to tie each cipher block to its logical position. +config CRYPTO_XTS + tristate "XTS support (EXPERIMENTAL)" + depends on EXPERIMENTAL + select CRYPTO_BLKCIPHER + select CRYPTO_MANAGER + select CRYPTO_GF128MUL + help + XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain, + key size 256, 384 or 512 bits. This implementation currently + can't handle a sectorsize which is not a multiple of 16 bytes. + config CRYPTO_CRYPTD tristate "Software async crypto daemon" select CRYPTO_ABLKCIPHER |