linux/crypto
Ard Biesheuvel e4e7f10bfc ARM: add support for bit sliced AES using NEON instructions
Bit sliced AES gives around 45% speedup on Cortex-A15 for encryption
and around 25% for decryption. This implementation of the AES algorithm
does not rely on any lookup tables so it is believed to be invulnerable
to cache timing attacks.

This algorithm processes up to 8 blocks in parallel in constant time. This
means that it is not usable by chaining modes that are strictly sequential
in nature, such as CBC encryption. CBC decryption, however, can benefit from
this implementation and runs about 25% faster. The other chaining modes
implemented in this module, XTS and CTR, can execute fully in parallel in
both directions.

The core code has been adopted from the OpenSSL project (in collaboration
with the original author, on cc). For ease of maintenance, this version is
identical to the upstream OpenSSL code, i.e., all modifications that were
required to make it suitable for inclusion into the kernel have been made
upstream. The original can be found here:

    http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6f6a6130

Note to integrators:
While this implementation is significantly faster than the existing table
based ones (generic or ARM asm), especially in CTR mode, the effects on
power efficiency are unclear as of yet. This code does fundamentally more
work, by calculating values that the table based code obtains by a simple
lookup; only by doing all of that work in a SIMD fashion, it manages to
perform better.

Cc: Andy Polyakov <appro@openssl.org>
Acked-by: Nicolas Pitre <nico@linaro.org>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2013-10-04 20:48:38 +02:00
..
asymmetric_keys X.509: Support parse long form of length octets in Authority Key Identifier 2013-04-22 11:32:19 +09:30
async_tx drivers/dma: remove unused support for MEMSET operations 2013-07-03 16:07:42 -07:00
842.c
ablkcipher.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
aead.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
aes_generic.c crypto: make tables used from assembler __visible 2013-08-14 20:42:03 +10:00
af_alg.c
ahash.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
algapi.c crypto: sanitize argument for format string 2013-07-03 16:07:25 -07:00
algboss.c crypto: algboss - Hold ref count on larval 2013-06-25 19:15:17 +08:00
algif_hash.c crypto: algif - suppress sending source address information in recvmsg 2013-04-10 14:26:06 +08:00
algif_skcipher.c crypto: algif - suppress sending source address information in recvmsg 2013-04-10 14:26:06 +08:00
ansi_cprng.c
anubis.c
api.c crypto: api - Fix race condition in larval lookup 2013-09-08 14:33:50 +10:00
arc4.c
authenc.c crypto: use ERR_CAST 2013-02-04 21:16:53 +08:00
authencesn.c crypto: use ERR_CAST 2013-02-04 21:16:53 +08:00
blkcipher.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
blowfish_common.c
blowfish_generic.c
camellia_generic.c crypto: camellia_generic - replace commas by semicolons and adjust code alignment 2013-08-21 21:08:33 +10:00
cast5_generic.c crypto: cast5/cast6 - move lookup tables to shared module 2012-12-06 17:16:26 +08:00
cast6_generic.c crypto: cast5/cast6 - move lookup tables to shared module 2012-12-06 17:16:26 +08:00
cast_common.c crypto: make tables used from assembler __visible 2013-08-14 20:42:03 +10:00
cbc.c
ccm.c crypto: use ERR_CAST 2013-02-04 21:16:53 +08:00
chainiv.c crypto: use ERR_CAST 2013-02-04 21:16:53 +08:00
cipher.c
cmac.c crypto: add CMAC support to CryptoAPI 2013-04-25 21:01:47 +08:00
compress.c
crc32.c crypto: crc32 - add crc32 pclmulqdq implementation and wrappers for table implementation 2013-01-20 10:16:45 +11:00
crc32c.c
crct10dif_common.c crypto: crct10dif - Add fallback for broken initrds 2013-09-12 15:31:34 +10:00
crct10dif_generic.c crypto: crct10dif - Add fallback for broken initrds 2013-09-12 15:31:34 +10:00
cryptd.c crypto: cryptd - disable softirqs in cryptd_queue_worker to prevent data corruption 2012-10-24 21:21:18 +08:00
crypto_null.c
crypto_user.c crypto: user - constify netlink dispatch table 2013-03-10 16:46:43 +08:00
crypto_wq.c
ctr.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2013-02-25 15:56:15 -08:00
cts.c crypto: use ERR_CAST 2013-02-04 21:16:53 +08:00
deflate.c
des_generic.c
ecb.c
eseqiv.c
fcrypt.c crypto: fcrypt - Fix bitoperation for compilation with clang 2013-09-02 20:32:58 +10:00
fips.c
gcm.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2013-05-02 14:53:12 -07:00
gf128mul.c
ghash-generic.c
hmac.c
internal.h crypto: algboss - Hold ref count on larval 2013-06-25 19:15:17 +08:00
Kconfig ARM: add support for bit sliced AES using NEON instructions 2013-10-04 20:48:38 +02:00
khazad.c
krng.c
lrw.c
lz4.c crypto: add lz4 Cryptographic API 2013-07-09 10:33:30 -07:00
lz4hc.c crypto: add lz4 Cryptographic API 2013-07-09 10:33:30 -07:00
lzo.c
Makefile crypto: crct10dif - Add fallback for broken initrds 2013-09-12 15:31:34 +10:00
md4.c
md5.c
michael_mic.c
pcbc.c
pcompress.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
pcrypt.c drivers: avoid format strings in names passed to alloc_workqueue() 2013-07-03 16:07:41 -07:00
proc.c
ripemd.h
rmd128.c
rmd160.c
rmd256.c
rmd320.c
rng.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
salsa20_generic.c
scatterwalk.c crypto: scatterwalk - Add support for calculating number of SG elements 2013-08-21 21:27:58 +10:00
seed.c
seqiv.c crypto: use ERR_CAST 2013-02-04 21:16:53 +08:00
serpent_generic.c
sha1_generic.c
sha256_generic.c crypto: sha256 - Expose SHA256 generic routine to be callable externally. 2013-04-03 09:06:31 +08:00
sha512_generic.c crypto: sha512_generic - set cra_driver_name 2013-05-28 15:43:04 +08:00
shash.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
tcrypt.c Reinstate "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework" 2013-09-07 12:56:26 +10:00
tcrypt.h crypto: ctr - make rfc3686 asynchronous block cipher 2013-01-08 07:03:04 +01:00
tea.c
testmgr.c Reinstate "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework" 2013-09-07 12:56:26 +10:00
testmgr.h Reinstate "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework" 2013-09-07 12:56:26 +10:00
tgr192.c
twofish_common.c
twofish_generic.c
vmac.c crypto: vmac - Make VMAC work when blocks aren't aligned 2012-10-15 22:33:20 +08:00
wp512.c
xcbc.c
xor.c add further __init annotations to crypto/xor.c 2012-10-11 13:42:32 +11:00
xts.c
zlib.c