git.kernel.dk Git - linux-block.git/commit

author	Nathan Huckleberry <nhuck@google.com>
	Fri, 20 May 2022 18:14:53 +0000 (18:14 +0000)
committer	Herbert Xu <herbert@gondor.apana.org.au>
	Fri, 10 Jun 2022 08:40:16 +0000 (16:40 +0800)
commit	17fee07a2ac577da18b44dd658a9c3c864281c49
tree	235a3d7c336a995f3f3be558aed5385c4d534de6	tree \| snapshot
parent	7df7563b16aa0281cb811785e4bb3681b46e2a28	commit \| diff

crypto: xctr - Add XCTR support

Add a generic implementation of XCTR mode as a template.  XCTR is a
blockcipher mode similar to CTR mode.  XCTR uses XORs and little-endian
addition rather than big-endian arithmetic which has two advantages:  It
is slightly faster on little-endian CPUs and it is less likely to be
implemented incorrect since integer overflows are not possible on
practical input sizes.  XCTR is used as a component to implement HCTR2.

More information on XCTR mode can be found in the HCTR2 paper:
https://eprint.iacr.org/2021/1441.pdf

Signed-off-by: Nathan Huckleberry <nhuck@google.com>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

crypto/Kconfig		diff \| blob \| blame \| history
crypto/Makefile		diff \| blob \| blame \| history
crypto/tcrypt.c		diff \| blob \| blame \| history
crypto/testmgr.c		diff \| blob \| blame \| history
crypto/testmgr.h		diff \| blob \| blame \| history
crypto/xctr.c	[new file with mode: 0644]	blob