# Cryptography
Source: [https://docs.qualcomm.com/doc/80-70015-11/topic/crypto-core.html](https://docs.qualcomm.com/doc/80-70015-11/topic/crypto-core.html)
Qualcomm Linux Security offering includes support for both hardware and
software-based cryptography.
The key capabilities include:
- A register and bus access manager with direct memory-based access.
- Interfaces to the cryptographic hardware.
- The Linux kernel crypto driver (qcrypto) provides access to the hardware
cryptography independent of trusted applications.
- The Qualcomm TEE provides the hardware and software crypto application
programming interfaces (APIs) to the trusted applications.
Qualcomm TEE supports the following cryptographic algorithms:
| Algorithm | Hardware | Software |
| --- | --- | --- |
| Hash | SHA-1/SHA-256 |
- SHA-1/SHA-224/SHA-256/SHA-384/SHA-512
- SM3
|
| Symmetric cipher |
- AES-128/AES-256 CBC, ECB, CTR, CCM, GCM,
- Triple-TDES CBC/ECB
|
- AES-128/AES-192/AES-256 CBC, ECB, CTR, CCM, XTS, CFB, OFB,
CTS
- Triple-TDES CBC/ECB
- PBKDF2
- SM4
|
| MAC | AES-CMAC | Hash-based message authentication (HMAC) |
| RNG | HRNG | – |
| HMAC | HMAC-SHA-1/SHA-256 | HMAC-SHA-1/SHA-224/SHA-256/SHA-384/SHA-512 |
| Asymmetric cipher | – |
- RSA with 1024/2048/3072 modulus
- ECDSA with P224, P256, P384, P521
- ECDH
- SM2
|
## Inline crypto engine
The inline crypto engine (ICE) is designed for a high throughput cryptographic
encryption of the storage data.
ICE supports:
- AES 128/AES 256 ECB/XTS
- Multiple crypto streams to meet high throughput
- Multiple AES cores per crypto stream
- Provision of 32 software configurable keys
- Capability to enable symmetric and asymmetric operations
**Parent Topic:** [Features](https://docs.qualcomm.com/doc/80-70015-11/topic/features.html)
Last Published: Oct 14, 2024
[Previous Topic
Features](https://docs.qualcomm.com/bundle/publicresource/80-70015-11/topics/features.md) [Next Topic
Key management](https://docs.qualcomm.com/bundle/publicresource/80-70015-11/topics/key-management.md)