mcrypt IV
Moderator: General Moderators
- superdezign
- DevNet Master
- Posts: 4135
- Joined: Sat Jan 20, 2007 11:06 pm
- neel_basu
- Forum Contributor
- Posts: 454
- Joined: Wed Dec 06, 2006 9:33 am
- Location: Picnic Garden, Kolkata, India
Iv (Initilization vector) is a RANDOM (string)[8 bit Octet String] .
How Random ??
MCRYPT_DEV_RANDOM makes it random by reading from /dev/random
MCRYPT_DEV_URANDOM makes it random by reading from /dev/urandom
Its obvious that <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> Windows doesnt have /dev So MCRYPT_RAND is for that
I'vent used PHP that much on Windows . I donno much about MCRYPT_RAND.
[We need to pass one of these constants to the Function see Manual]
this is an example.to know mcrypt_create_iv() we first need to know mcrypt_enc_get_iv_size().
the Algorithm you use for encryption encrypts Block wise in a chain . and IV affects teh First block By the Random string and as teh string is random it prevents from dictonary attacks. [ecb mode doesnt require IV]. So to do that it must know teh iv Size. as teh Iv Size depends on teh ALGO and teh mode you are using. mcrypt_enc_get_iv_size() returns the IV size and get a resource Argument thats teh resource (Pointer) created By mcrypt_module_open(). .
You try to echo the mcrypt_create_iv() . You will see that its random string. and you will also see taht its length varies By changing teh ALGO and MODE .
Hope this helps.
How Random ??
MCRYPT_DEV_RANDOM makes it random by reading from /dev/random
MCRYPT_DEV_URANDOM makes it random by reading from /dev/urandom
Its obvious that <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> Windows doesnt have /dev So MCRYPT_RAND is for that
I'vent used PHP that much on Windows . I donno much about MCRYPT_RAND.
[We need to pass one of these constants to the Function see Manual]
this is an example.
Code: Select all
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($mcrypt_module_open_res), MCRYPT_DEV_RANDOM);the Algorithm you use for encryption encrypts Block wise in a chain . and IV affects teh First block By the Random string and as teh string is random it prevents from dictonary attacks. [ecb mode doesnt require IV]. So to do that it must know teh iv Size. as teh Iv Size depends on teh ALGO and teh mode you are using. mcrypt_enc_get_iv_size() returns the IV size and get a resource Argument thats teh resource (Pointer) created By mcrypt_module_open(). .
You try to echo the mcrypt_create_iv() . You will see that its random string. and you will also see taht its length varies By changing teh ALGO and MODE .
Hope this helps.
- neel_basu
- Forum Contributor
- Posts: 454
- Joined: Wed Dec 06, 2006 9:33 am
- Location: Picnic Garden, Kolkata, India
OK here it is viewtopic.php?p=406619#406619
But I'd still ask you to learn mcrypt.
But I'd still ask you to learn mcrypt.