The PHP documentation states that mcrypt can operate in four block cipher modes (CBC, OFB, CFB, and ECB). When I first created my encryption code the sample used OFB but I noticed that many people are not posting code using ECB.
What are the major differences between all four of these, if any? Is there a complelling reason to switch from one to another?
Thanks...
mcrypt cipher mode question
Moderator: General Moderators
PHP.net wrote: #
MCRYPT_MODE_ECB (electronic codebook) is suitable for random data, such as encrypting other keys. Since data there is short and random, the disadvantages of ECB have a favorable negative effect.
#
MCRYPT_MODE_CBC (cipher block chaining) is especially suitable for encrypting files where the security is increased over ECB significantly.
#
MCRYPT_MODE_CFB (cipher feedback) is the best mode for encrypting byte streams where single bytes must be encrypted.
#
MCRYPT_MODE_OFB (output feedback, in 8bit) is comparable to CFB, but can be used in applications where error propagation cannot be tolerated. It's insecure (because it operates in 8bit mode) so it is not recommended to use it.