Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

mcrypt_create_iv(3) [php man page]

MCRYPT_CREATE_IV(3)							 1						       MCRYPT_CREATE_IV(3)

mcrypt_create_iv - Creates an initialization vector (IV) from a random source

SYNOPSIS

       string mcrypt_create_iv (int  $size, [int  $source = MCRYPT_DEV_URANDOM])

DESCRIPTION

	Creates an initialization vector (IV) from a random source.

	The  IV  is only meant to give an alternative seed to the encryption routines. This IV does not need to be secret at all, though it can be
       desirable. You even can send it along with your ciphertext without losing security.

PARAMETERS

	      o $size
		- The size of the IV.

	      o $source
		- The source of the IV. The source can be  MCRYPT_RAND	(system  random  number  generator),  MCRYPT_DEV_RANDOM  (read	data  from
		/dev/random)  and MCRYPT_DEV_URANDOM (read data from /dev/urandom). Prior to 5.3.0, MCRYPT_RAND was the only one supported on Win-
		dows.  Note that the default value of this parameter was MCRYPT_DEV_RANDOM prior to PHP 5.6.0.

	      Note

		      Note that MCRYPT_DEV_RANDOM may block until more entropy is available.

RETURN VALUES

	Returns the initialization vector, or FALSE on error.

CHANGELOG

       +--------+---------------------------------------------------+
       |Version |						    |
       |	|						    |
       |	|		     Description		    |
       |	|						    |
       +--------+---------------------------------------------------+
       | 5.6.0	|						    |
       |	|						    |
       |	|						    |
       |	| MCRYPT_DEV_URANDOM is now the  default  value  of |
       |	| $source.					    |
       |	|						    |
       | 5.3.0	|						    |
       |	|						    |
       |	|						    |
       |	| MCRYPT_DEV_RANDOM  and  MCRYPT_DEV_URANDOM became |
       |	| available on Windows platforms.		    |
       |	|						    |
       | 5.3.0	|						    |
       |	|						    |
       |	|  It is no longer required to call srand(3) first. |
       |	| This is now done automatically.		    |
       |	|						    |
       +--------+---------------------------------------------------+
EXAMPLES

       Example #1

	      mcrypt_create_iv(3) Example

	      <?php
		  $size = mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB);
		  $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
	      ?>

SEE ALSO

       http://www.ciphersbyritter.com/GLOSSARY.HTM#IV, http://www.quadibloc.com/crypto/co0409.htm, Chapter 9.3 of Applied Cryptography by Schneier
       (ISBN 0-471-11709-9), random_bytes(3).

PHP Documentation Group 												       MCRYPT_CREATE_IV(3)

Check Out this Related Man Page

RANDOM(4)						   BSD Kernel Interfaces Manual 						 RANDOM(4)

NAME

     random , urandom -- random data source devices.

SYNOPSIS

     pseudo-device random

DESCRIPTION

     The random device produces uniformly distributed random byte values of potentially high quality.

     To obtain random bytes, open /dev/random for reading and read from it.

     To add entropy to the random generation system, open /dev/random for writing and write data that you believe to be somehow random.

     /dev/urandom is a compatibility nod to Linux. On Linux, /dev/urandom will produce lower quality output if the entropy pool drains, while
     /dev/random will prefer to block and wait for additional entropy to be collected.	With Yarrow, this choice and distinction is not necessary,
     and the two devices behave identically. You may use either.

OPERATION

     The random device implements the Yarrow pseudo random number generator algorithm and maintains its entropy pool.  Addditional entropy is fed
     to the generator regularly by the SecurityServer daemon from random jitter measurements of the kernel.  SecurityServer is also responsible
     for periodically saving some entropy to disk and reloading it during startup to provide entropy in early system operation.

     You may feed additional entropy to the generator by writing it to the random device, though this is not required in a normal operating envi-
     ronment.

LIMITATIONS AND WARNINGS

     Yarrow is a fairly resilient algorithm, and is believed to be resistant to non-root.  The quality of its output is however dependent on regu-
     lar addition of appropriate entropy. If the SecurityServer system daemon fails for any reason, output quality will suffer over time without
     any explicit indication from the random device itself.

     Paranoid programmers can counter-act this risk somewhat by collecting entropy of their choice (e.g. from keystroke or mouse timings) and
     seeding it into random directly before obtaining important random numbers.

FILES

     /dev/random
     /dev/urandom

HISTORY

     A random device appeared in Linux operating system.

Darwin								 September 6, 2001							    Darwin
Man Page