crypto: xctr - Add XCTR support
Add a generic implementation of XCTR mode as a template. XCTR is a blockcipher mode similar to CTR mode. XCTR uses XORs and little-endian addition rather than big-endian arithmetic which has two advantages: It is slightly faster on little-endian CPUs and it is less likely to be implemented incorrect since integer overflows are not possible on practical input sizes. XCTR is used as a component to implement HCTR2. More information on XCTR mode can be found in the HCTR2 paper: https://eprint.iacr.org/2021/1441.pdf Signed-off-by:Nathan Huckleberry <nhuck@google.com> Reviewed-by:
Eric Biggers <ebiggers@google.com> Reviewed-by:
Ard Biesheuvel <ardb@kernel.org> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
Showing
- crypto/Kconfig 9 additions, 0 deletionscrypto/Kconfig
- crypto/Makefile 1 addition, 0 deletionscrypto/Makefile
- crypto/tcrypt.c 1 addition, 0 deletionscrypto/tcrypt.c
- crypto/testmgr.c 6 additions, 0 deletionscrypto/testmgr.c
- crypto/testmgr.h 693 additions, 0 deletionscrypto/testmgr.h
- crypto/xctr.c 191 additions, 0 deletionscrypto/xctr.c
Please register or sign in to comment