summaryrefslogtreecommitdiffhomepage
path: root/libs/luci-lib-nixio/axTLS/ssl/BigIntConfig.in
diff options
context:
space:
mode:
Diffstat (limited to 'libs/luci-lib-nixio/axTLS/ssl/BigIntConfig.in')
-rw-r--r--libs/luci-lib-nixio/axTLS/ssl/BigIntConfig.in132
1 files changed, 132 insertions, 0 deletions
diff --git a/libs/luci-lib-nixio/axTLS/ssl/BigIntConfig.in b/libs/luci-lib-nixio/axTLS/ssl/BigIntConfig.in
new file mode 100644
index 000000000..04c7438c0
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/ssl/BigIntConfig.in
@@ -0,0 +1,132 @@
+#
+# For a description of the syntax of this configuration file,
+# see scripts/config/Kconfig-language.txt
+#
+
+menu "BigInt Options"
+ depends on !CONFIG_SSL_SKELETON_MODE
+
+choice
+ prompt "Reduction Algorithm"
+ default CONFIG_BIGINT_BARRETT
+
+config CONFIG_BIGINT_CLASSICAL
+ bool "Classical"
+ help
+ Classical uses standard division. It has no limitations and is
+ theoretically the slowest due to the divisions used. For this particular
+ implementation it is surprisingly quite fast.
+
+config CONFIG_BIGINT_MONTGOMERY
+ bool "Montgomery"
+ help
+ Montgomery uses simple addition and multiplication to achieve its
+ performance. In this implementation it is slower than classical,
+ and it has the limitation that 0 <= x, y < m, and so is not used
+ when CRT is active.
+
+ This option will not be normally selected.
+
+config CONFIG_BIGINT_BARRETT
+ bool "Barrett"
+ help
+ Barrett performs expensive precomputation before reduction and partial
+ multiplies for computational speed. It can't be used with some of the
+ calculations when CRT is used, and so defaults to classical when this
+ occurs.
+
+ It is about 40% faster than Classical/Montgomery with the expense of
+ about 2kB, and so this option is normally selected.
+
+endchoice
+
+config CONFIG_BIGINT_CRT
+ bool "Chinese Remainder Theorem (CRT)"
+ default y
+ help
+ Allow the Chinese Remainder Theorem (CRT) to be used.
+
+ Uses a number of extra coefficients from the private key to improve the
+ performance of a decryption. This feature is one of the most
+ significant performance improvements (it reduces a decryption time by
+ over 3 times).
+
+ This option should be selected.
+
+config CONFIG_BIGINT_KARATSUBA
+ bool "Karatsuba Multiplication"
+ default n
+ help
+ Allow Karasuba multiplication to be used.
+
+ Uses 3 multiplications (plus a number of additions/subtractions)
+ instead of 4. Multiplications are O(N^2) but addition/subtraction
+ is O(N) hence for large numbers is beneficial. For this project, the
+ effect was only useful for 4096 bit keys. As these aren't likely to
+ be used, the feature is disabled by default.
+
+ It costs about 2kB to enable it.
+
+config MUL_KARATSUBA_THRESH
+ int "Karatsuba Multiplication Theshold"
+ default 20
+ depends on CONFIG_BIGINT_KARATSUBA
+ help
+ The minimum number of components needed before Karasuba muliplication
+ is used.
+
+ This is very dependent on the speed/implementation of bi_add()/
+ bi_subtract(). There is a bit of trial and error here and will be
+ at a different point for different architectures.
+
+config SQU_KARATSUBA_THRESH
+ int "Karatsuba Square Threshold"
+ default 40
+ depends on CONFIG_BIGINT_KARATSUBA && CONFIG_BIGINT_SQUARE
+ help
+ The minimum number of components needed before Karatsuba squaring
+ is used.
+
+ This is very dependent on the speed/implementation of bi_add()/
+ bi_subtract(). There is a bit of trial and error here and will be
+ at a different point for different architectures.
+
+config CONFIG_BIGINT_SLIDING_WINDOW
+ bool "Sliding Window Exponentiation"
+ default y
+ help
+ Allow Sliding-Window Exponentiation to be used.
+
+ Potentially processes more than 1 bit at a time when doing
+ exponentiation. The sliding-window technique reduces the number of
+ precomputations compared to other precomputed techniques.
+
+ It results in a considerable performance improvement with it enabled
+ (it halves the decryption time) and so should be selected.
+
+config CONFIG_BIGINT_SQUARE
+ bool "Square Algorithm"
+ default y
+ help
+ Allow squaring to be used instead of a multiplication.
+
+ Squaring is theoretically 50% faster than a standard multiply
+ (but is actually about 25% faster).
+
+ It gives a 20% speed improvement and so should be selected.
+
+config CONFIG_BIGINT_CHECK_ON
+ bool "BigInt Integrity Checking"
+ default n if !CONFIG_DEBUG
+ default y if CONFIG_DEBUG
+ help
+ This is used when developing bigint algorithms. It performs a sanity
+ check on all operations at the expense of speed.
+
+ This option is only selected when developing and should normally be
+ turned off.
+
+endmenu
+
+
+