Hi, On Sat, 4 Aug 2018 11:43:28 +0300 Andrew Savchenko <[email protected]> wrote:
> Do you have any evidence that mcrypt should not be used? Well, PHP was as far as I'm aware its main user and PHP has declared mcrypt support to be deprecated a while ago. > Symmetric cryptography is quite conservative and it took years and > even decades for algorithms and their implementations to become > trusted, so there is nothing wrong in using good old verified > software. When it comes to cipher modes the fact that people use decades old modes is a problem. See efail for a prominent example, but there are many less prominent ones. Look at the mcrypt webpage: http://mcrypt.sourceforge.net/ Modes of Operation: CBC CFB CTR ECB OFB NCFB That is a mixture of very insecure (ECB), insecure in most situations (all others) and totally obscure modes. It doesn't include any authenticated encryption modes, which in most situations is what you want to use. -- Hanno Böck https://hboeck.de/ mail/jabber: [email protected] GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
pgpVU0M0tWo7W.pgp
Description: OpenPGP digital signature
