1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
|
<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision: 297028 $ -->
<appendix xml:id="mcrypt.constants" xmlns="http://docbook.org/ns/docbook">
&reftitle.constants;
&extension.constants;
<para>
Mcrypt can operate in four block cipher modes (<literal>CBC</literal>,
<literal>OFB</literal>, <literal>CFB</literal>, and
<literal>ECB</literal>). If linked against libmcrypt-2.4.x or higher the
functions can also operate in the block cipher mode <literal>nOFB</literal>
and in <literal>STREAM</literal> mode. Below you find a list with all
supported encryption modes together with the constants that are
defines for the encryption mode. For a more complete reference and
discussion see &book.applied.cryptography;.
<itemizedlist>
<listitem>
<simpara>
<constant>MCRYPT_MODE_ECB</constant> (<literal>electronic
codebook</literal>) is suitable for random data,
such as encrypting other keys. Since data there is short and random,
the disadvantages of ECB have a favorable negative effect.
</simpara>
</listitem>
<listitem>
<simpara>
<constant>MCRYPT_MODE_CBC</constant> (<literal>cipher block
chaining</literal>) is especially suitable for
encrypting files where the security is increased over <literal>ECB</literal>
significantly.
</simpara>
</listitem>
<listitem>
<simpara>
<constant>MCRYPT_MODE_CFB</constant> (<literal>cipher
feedback</literal>) is the best mode for encrypting byte
streams where single bytes must be encrypted.
</simpara>
</listitem>
<listitem>
<simpara>
<constant>MCRYPT_MODE_OFB</constant> (<literal>output feedback, in
8bit</literal>) is comparable to <literal>CFB</literal>, but
can be used in applications where error propagation cannot
be tolerated. It's insecure (because it operates in 8bit
mode) so it is not recommended to use it.
</simpara>
</listitem>
<listitem>
<simpara>
<constant>MCRYPT_MODE_NOFB</constant> (<literal>output feedback,
in nbit</literal>) is comparable to OFB, but
more secure because it operates on the block size of the algorithm.
</simpara>
</listitem>
<listitem>
<simpara>
<constant>MCRYPT_MODE_STREAM</constant> is an extra mode to include
some stream algorithms like <literal>"WAKE"</literal> or <literal>"RC4"</literal>.
</simpara>
</listitem>
</itemizedlist>
</para>
<para>
Some other mode and random device constants:
<variablelist>
<varlistentry>
<term>
<constant>MCRYPT_ENCRYPT</constant>
(<type>integer</type>)
</term>
<listitem>
<simpara>
</simpara>
</listitem>
</varlistentry>
<varlistentry>
<term>
<constant>MCRYPT_DECRYPT</constant>
(<type>integer</type>)
</term>
<listitem>
<simpara>
</simpara>
</listitem>
</varlistentry>
<varlistentry>
<term>
<constant>MCRYPT_DEV_RANDOM</constant>
(<type>integer</type>)
</term>
<listitem>
<simpara>
</simpara>
</listitem>
</varlistentry>
<varlistentry>
<term>
<constant>MCRYPT_DEV_URANDOM</constant>
(<type>integer</type>)
</term>
<listitem>
<simpara>
</simpara>
</listitem>
</varlistentry>
<varlistentry>
<term>
<constant>MCRYPT_RAND</constant>
(<type>integer</type>)
</term>
<listitem>
<simpara>
</simpara>
</listitem>
</varlistentry>
</variablelist>
</para>
</appendix>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
-->
|
