[CRYPTO] xts: XTS blockcipher mode implementation without partial blocks

XTS currently considered to be the successor of the LRW mode by the IEEE1619 workgroup. LRW was discarded, because it was not secure if the encyption key itself is encrypted with LRW. XTS does not have this problem. The implementation is pretty straightforward, a new function was added to gf128mul to handle GF(128) elements in ble format. Four testvectors from the specification http://grouper.ieee.org/groups/1619/email/pdf00086.pdf were added, and they verify on my system. Signed-off-by: Rik Snel <rsnel@cube.dyndns.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
author: Rik Snel <rsnel@cube.dyndns.org> 2007-09-19 08:23:13 -0400
committer: David S. Miller <davem@sunset.davemloft.net> 2007-10-10 19:55:45 -0400
commit: f19f5111c94053ba4931892f5c01c806de33942e (patch)
tree: b40dfae8fa170ebdc92fdcfeb3000c84d6203645 /crypto/Kconfig
parent: 5aaff0c8f7dd3515c9f1ca57f86463f30779acc7 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 05f46dfdf185..083d2e1dfc21 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -184,6 +184,17 @@ config CRYPTO_LRW
          The first 128, 192 or 256 bits in the key are used for AES and the
          rest is used to tie each cipher block to its logical position.
+config CRYPTO_XTS
+        tristate "XTS support (EXPERIMENTAL)"
+        depends on EXPERIMENTAL
+        select CRYPTO_BLKCIPHER
+        select CRYPTO_MANAGER
+        select CRYPTO_GF128MUL
+        help
+          XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
+          key size 256, 384 or 512 bits. This implementation currently
+          can't handle a sectorsize which is not a multiple of 16 bytes.
 config CRYPTO_CRYPTD
        tristate "Software async crypto daemon"
        select CRYPTO_ABLKCIPHER
author	Rik Snel <rsnel@cube.dyndns.org>	2007-09-19 08:23:13 -0400
committer	David S. Miller <davem@sunset.davemloft.net>	2007-10-10 19:55:45 -0400
commit	f19f5111c94053ba4931892f5c01c806de33942e (patch)
tree	b40dfae8fa170ebdc92fdcfeb3000c84d6203645 /crypto/Kconfig
parent	5aaff0c8f7dd3515c9f1ca57f86463f30779acc7 (diff)

diff --git a/crypto/Kconfig b/crypto/Kconfig index 05f46dfdf185..083d2e1dfc21 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig
@@ -184,6 +184,17 @@ config CRYPTO_LRW
184	The first 128, 192 or 256 bits in the key are used for AES and the	184	The first 128, 192 or 256 bits in the key are used for AES and the
185	rest is used to tie each cipher block to its logical position.	185	rest is used to tie each cipher block to its logical position.
186		186
		187	config CRYPTO_XTS
		188	tristate "XTS support (EXPERIMENTAL)"
		189	depends on EXPERIMENTAL
		190	select CRYPTO_BLKCIPHER
		191	select CRYPTO_MANAGER
		192	select CRYPTO_GF128MUL
		193	help
		194	XTS: IEEE1619/D16 narrow block cipher use with aes-xts-plain,
		195	key size 256, 384 or 512 bits. This implementation currently
		196	can't handle a sectorsize which is not a multiple of 16 bytes.
		197
187	config CRYPTO_CRYPTD	198	config CRYPTO_CRYPTD
188	tristate "Software async crypto daemon"	199	tristate "Software async crypto daemon"
189	select CRYPTO_ABLKCIPHER	200	select CRYPTO_ABLKCIPHER