Page 1 of 1

mcrypt IV

Posted: Sun Jul 29, 2007 6:42 am
by nwp
can anybody decribe me whats an IV in mcrypt . I've searched a lot but I didnt got any explanation about whats an IV and whats the need of an IV . can anybody help me ou ??

Posted: Sun Jul 29, 2007 8:11 am
by feyd
Where did you read about this in the first place?

Posted: Sun Jul 29, 2007 8:15 am
by nwp
from php.net

Posted: Sun Jul 29, 2007 8:50 am
by superdezign
:? Never heard of it...

Posted: Sun Jul 29, 2007 9:00 am
by nwp

Posted: Sun Jul 29, 2007 9:09 am
by superdezign
Interesting...

Posted: Sun Jul 29, 2007 9:22 am
by nwp
Guys its a simple argument of mcrypt everybody needs this encrypting somthing .
You always need it to encrypt something securly .

Posted: Sun Jul 29, 2007 9:29 am
by superdezign
Yes, but what is your interest in IV? Why encryption? Why not hashing?

Posted: Sun Jul 29, 2007 9:42 am
by nwp
superdezign wrote:Yes, but what is your interest in IV?
I wanna know what is teh theory behind IV and whats it is. ?? why some(3) MODE requires it ??
superdezign wrote: Why encryption? Why not hashing?
Encryption is not hashing . I need enencryption not hashing .

Posted: Sun Jul 29, 2007 11:40 am
by neel_basu
Iv (Initilization vector) is a RANDOM (string)[8 bit Octet String] .
How Random ??
MCRYPT_DEV_RANDOM makes it random by reading from /dev/random
MCRYPT_DEV_URANDOM makes it random by reading from /dev/urandom
Its obvious that <span style='color:blue' title='I&#39;m naughty, are you naughty?'>smurf</span> Windows doesnt have /dev So MCRYPT_RAND is for that
I'vent used PHP that much on Windows . I donno much about MCRYPT_RAND.
[We need to pass one of these constants to the Function see Manual]
this is an example.

Code: Select all

$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($mcrypt_module_open_res), MCRYPT_DEV_RANDOM);
to know mcrypt_create_iv() we first need to know mcrypt_enc_get_iv_size().
the Algorithm you use for encryption encrypts Block wise in a chain . and IV affects teh First block By the Random string and as teh string is random it prevents from dictonary attacks. [ecb mode doesnt require IV]. So to do that it must know teh iv Size. as teh Iv Size depends on teh ALGO and teh mode you are using. mcrypt_enc_get_iv_size() returns the IV size and get a resource Argument thats teh resource (Pointer) created By mcrypt_module_open(). .
You try to echo the mcrypt_create_iv() . You will see that its random string. and you will also see taht its length varies By changing teh ALGO and MODE .
Hope this helps.

Posted: Mon Jul 30, 2007 9:14 am
by nwp
Thanks . and thanks to msn Messenger .

Posted: Thu Aug 02, 2007 10:51 pm
by shiflett

Posted: Fri Aug 03, 2007 1:46 pm
by nwp
:banghead: :banghead: :banghead: :banghead: :banghead: mcrypt is too hard to use. ecb mode is easy but unsecure. cbc mode requires IV so results changes time to time. isnt it possible to do it without mcrypt (I meant do you have any encryption class thats easy :D ) ?? I think you have please .

Posted: Sat Aug 04, 2007 6:03 am
by neel_basu
OK here it is viewtopic.php?p=406619#406619
But I'd still ask you to learn mcrypt.