Impossible tri-bar

Digital Phenomena - Your first stop for internet consultancy 
Encryption Tutorial — Lesson 2

Page 3 — Using the mcrypt Libraries

There's another useful encryption library floating around out there that's fun and exciting to use with PHP. The mcrypt library, which you can download from the Argeas server in Argos Argolida, gives you a bunch of super-sized, key-based encryption functions to use with PHP (you have to compile PHP using the --with-mcrypt configuration option). Some examples of mcrypt_* functions are:

  • mcrypt_ecb — Encrypt/decrypt data in ECB (electronic codebook) mode
  • mcrypt_cbc — Encrypt/decrypt data in CBC (cipher block chaining) mode
  • mcrypt_cfb — Encrypt/decrypt data in CFB (cipher feedback) mode
  • mcrypt_ofb — Encrypt/decrypt data in OCB (output feedback) mode
  • mcrypt_get_cipher_name — Get the name of the specified cipher
  • mcrypt_get_block_size — Get the block size of the specified cipher
  • mcrypt_get_key_size — Get the key size of the specified cipher
  • mcrypt_create_iv — Create an initialization vector from a random source, required for OFB mode

Descriptions and user annotations on the mcrypt functions are part of the PHP Manual. The installation of the mcrypt library, like the mhash library, is simple:

  1. download *.tar.gz file
  2. gunzip the *.gz file
  3. tar -xvf the *.tar file
  4. cd mcrypt*
  5. ./configure --disable-nls --disable-posix-threads
  6. make
  7. make install

NOTE: The configuration flags "--disable-nls --disable-posix-threads" was built to make Apache, PHP, and the mcrypt library work without any problems. Again, your mileage may vary, and check the PHP mailing list archives if you have any problems with installation.

The following example shows basic message encryption, using some of the mcrypt functions.

First, create two variables, one to hold the string used as the encryption key, and one to hold the message string:

$key = "sockpuppet"; $msg = "This is a message.";

Now encrypt the message using the secret key, "sockpuppet". In this case, we're using ECB mode, and the mcrypt_ecb()function takes four arguments: the encryption method (in this case, MCRYPT_LOKI97), the key, the message, and the encrypt or decrypt directive (MCRYPT_ENCRYPT or MCRYPT_DECRYPT). The result will be placed in a variable called $crypted:

$crypted = mcrypt_ecb(MCRYPT_LOKI97, $key, $msg, MCRYPT_ENCRYPT);

Just like the mhash functions, the encrypted result is in binary data. So, use the bin2hex() function to get something you can echo back to the screen:

$crypted = bin2hex($crypted);
echo "$crypted";

From top to bottom, this script looks like:


$key  = "sockpuppet";
$msg = "This is a super top-secret message.";

$crypted = mcrypt_ecb(MCRYPT_LOKI97, $key, $msg, MCRYPT_ENCRYPT);

$crypted = bin2hex($crypted);
echo "$crypted";


And the output of this particular script is: cae1c26c8b64fbabc1bb10fc9693d38ba8f96219630860b222d5a0165b73fae9

Fascinating, no?

The possibilities are endless, with enough encryption libraries at your disposal. I'm not creative enough to use all of them, but those of you with devious minds and/or math backgrounds could really tickle yourselves pink over all this stuff.

For more information on crypto, a good place to start is the RSA Labs Crypto FAQ, followed closely by the lovely folks at, who definitely know their stuff. There's also an informative site from the PBS folks regarding the use of the Enigma machine during World War II. And go read Cryptonomicon!

|Home|About Us|Services|Search|
W3C validatedW3C validated CSSCompatible with all browsers