(PHP 3 = 3.0.8, PHP 4 )
mcrypt_create_iv() is used to
create an IV.
mcrypt_create_iv() takes two
arguments, size determines
the size of the IV, source
specifies the source of the IV.
The source can be MCRYPT_RAND (system random number
generator), MCRYPT_DEV_RANDOM (read data from /dev/random)
and MCRYPT_DEV_URANDOM (read data from /dev/urandom). If you
use MCRYPT_RAND, make sure to call srand() before to
initialize the random number generator.
The IV is only meant to give an alternative seed to the
encryption routines. This IV does not need to be secret at
all, though it can be desirable. You even can send it along
with your ciphertext without loosing security.
More information can be found at http://www.ciphersbyritter.com/GLOSSARY.HTM#IV,
http://fn2.freenet.edmonton.ab.ca/~jsavard/crypto/co0409.htm
and in chapter 9.3 of Applied Cryptography by Schneier (ISBN
0-471-11709-9) for a discussion of this topic.