10

I guess it's a question of pros & cons.

For simple data crypting:

What are the real benefits of using openssl_encrypt over mcrypt_encrypt?

  • 3
    http://php.net/manual/en/function.mcrypt-encrypt.php#117667 – fusion3k Apr 12 '16 at 11:26
  • Also see [Upgrading my encryption library from Mcrypt to OpenSSL](http://stackoverflow.com/q/43329513/608639) and [Preparing for removal of Mcrypt in PHP 7.2](http://stackoverflow.com/q/42696657/608639) – jww Apr 21 '17 at 17:48

1 Answers1

16

Don't use mcrypt. If you're typing the word mcrypt into your code, you're probably making a mistake. Although it's possible to provide a relatively secure cryptography library that builds on top of mcrypt (the earlier version of defuse/php-encryption did), switching your code to openssl will provide better security, performance, maintainability, and portability. source: paragonie.com

Speed openssl is faster. Take a look at the following table source: jrm.cc

# php examples/compare.php
Results:
+---------+--------+----------+-------------+--------------+
| ext     | keylen | textsize | (en/de)code | ops/sec      |
+---------+--------+----------+-------------+--------------+
| mcrypt  |    128 | short    | enc         |   5626.38872 |
| mcrypt  |    128 | short    | dec         |   5729.21909 |
| mcrypt  |    192 | short    | enc         |   5694.37256 |
| mcrypt  |    192 | short    | dec         |   5682.78434 |
| mcrypt  |    256 | short    | enc         |   5644.36358 |
| mcrypt  |    256 | short    | dec         |   5661.23080 |
| mcrypt  |    128 | medium   | enc         |   5583.97725 |
| mcrypt  |    128 | medium   | dec         |   5650.75122 |
| mcrypt  |    192 | medium   | enc         |   5591.54051 |
| mcrypt  |    192 | medium   | dec         |   5552.83950 |
| mcrypt  |    256 | medium   | enc         |   5524.18533 |
| mcrypt  |    256 | medium   | dec         |   5513.65563 |
| mcrypt  |    128 | long     | enc         |   4773.67544 |
| mcrypt  |    128 | long     | dec         |   4774.14273 |
| mcrypt  |    192 | long     | enc         |   4633.75035 |
| mcrypt  |    192 | long     | dec         |   4634.35450 |
| mcrypt  |    256 | long     | enc         |   4494.90529 |
| mcrypt  |    256 | long     | dec         |   4280.92422 |
| openssl |    128 | short    | enc         | 168581.35048 |
| openssl |    128 | short    | dec         | 170417.03234 |
| openssl |    192 | short    | enc         | 172052.83452 |
| openssl |    192 | short    | dec         | 171349.94689 |
| openssl |    256 | short    | enc         | 171112.27154 |
| openssl |    256 | short    | dec         | 171644.45899 |
| openssl |    128 | medium   | enc         | 166944.11718 |
| openssl |    128 | medium   | dec         | 169084.25381 |
| openssl |    192 | medium   | enc         | 166665.50107 |
| openssl |    192 | medium   | dec         | 168459.47466 |
| openssl |    256 | medium   | enc         | 163878.40900 |
| openssl |    256 | medium   | dec         | 167946.82470 |
| openssl |    128 | long     | enc         | 110370.61207 |
| openssl |    128 | long     | dec         | 142731.36868 |
| openssl |    192 | long     | enc         | 103798.85171 |
| openssl |    192 | long     | dec         | 135396.21667 |
| openssl |    256 | long     | enc         |  96767.81100 |
| openssl |    256 | long     | dec         | 132203.99672 |
+---------+--------+----------+-------------+--------------+

Abandonware mcrypt is basically abandonware. So, especially if you're starting from scratch (or as a php.net comment states you are writing code in 2015), do it right . Go with OpenSSL. source: stackoverflow Artjom B.

Community
  • 1
  • 1
Unamata Sanatarai
  • 6,475
  • 3
  • 29
  • 51