summaryrefslogtreecommitdiff
path: root/include/crypto/poly1305.h
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2018-11-17 04:26:26 +0300
committerHerbert Xu <herbert@gondor.apana.org.au>2018-11-20 09:26:56 +0300
commitbdb063a79f6da589af1de3f10a7c8f654fba9ae8 (patch)
tree02fcb82d2e7ba24ea1f49d27020c99da32c6438c /include/crypto/poly1305.h
parent3cc215198eac75cc4130729ddd94a5cdbdb4d300 (diff)
downloadlinux-bdb063a79f6da589af1de3f10a7c8f654fba9ae8.tar.xz
crypto: arm/chacha - add XChaCha12 support
Now that the 32-bit ARM NEON implementation of ChaCha20 and XChaCha20 has been refactored to support varying the number of rounds, add support for XChaCha12. This is identical to XChaCha20 except for the number of rounds, which is 12 instead of 20. XChaCha12 is faster than XChaCha20 but has a lower security margin, though still greater than AES-256's since the best known attacks make it through only 7 rounds. See the patch "crypto: chacha - add XChaCha12 support" for more details about why we need XChaCha12 support. Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include/crypto/poly1305.h')
0 files changed, 0 insertions, 0 deletions