OpenSSL or Mcrypt? (openssl_encrypt or mcrypt_encrypt)

Do not use mcrypt . If you enter the word mcrypt in your code, you are probably mistaken. While it is possible to provide a relatively secure cryptographic library built on top of mcrypt (an earlier version of defuse / php-encryption), switching your code to openssl will provide better security, performance, usability, and portability. source: paragonie.com

Openssl speed is faster. Take a look at the following source table : jrm.cc

 # php examples/compare.php Results: +---------+--------+----------+-------------+--------------+ | ext | keylen | textsize | (en/de)code | ops/sec | +---------+--------+----------+-------------+--------------+ | mcrypt | 128 | short | enc | 5626.38872 | | mcrypt | 128 | short | dec | 5729.21909 | | mcrypt | 192 | short | enc | 5694.37256 | | mcrypt | 192 | short | dec | 5682.78434 | | mcrypt | 256 | short | enc | 5644.36358 | | mcrypt | 256 | short | dec | 5661.23080 | | mcrypt | 128 | medium | enc | 5583.97725 | | mcrypt | 128 | medium | dec | 5650.75122 | | mcrypt | 192 | medium | enc | 5591.54051 | | mcrypt | 192 | medium | dec | 5552.83950 | | mcrypt | 256 | medium | enc | 5524.18533 | | mcrypt | 256 | medium | dec | 5513.65563 | | mcrypt | 128 | long | enc | 4773.67544 | | mcrypt | 128 | long | dec | 4774.14273 | | mcrypt | 192 | long | enc | 4633.75035 | | mcrypt | 192 | long | dec | 4634.35450 | | mcrypt | 256 | long | enc | 4494.90529 | | mcrypt | 256 | long | dec | 4280.92422 | | openssl | 128 | short | enc | 168581.35048 | | openssl | 128 | short | dec | 170417.03234 | | openssl | 192 | short | enc | 172052.83452 | | openssl | 192 | short | dec | 171349.94689 | | openssl | 256 | short | enc | 171112.27154 | | openssl | 256 | short | dec | 171644.45899 | | openssl | 128 | medium | enc | 166944.11718 | | openssl | 128 | medium | dec | 169084.25381 | | openssl | 192 | medium | enc | 166665.50107 | | openssl | 192 | medium | dec | 168459.47466 | | openssl | 256 | medium | enc | 163878.40900 | | openssl | 256 | medium | dec | 167946.82470 | | openssl | 128 | long | enc | 110370.61207 | | openssl | 128 | long | dec | 142731.36868 | | openssl | 192 | long | enc | 103798.85171 | | openssl | 192 | long | dec | 135396.21667 | | openssl | 256 | long | enc | 96767.81100 | | openssl | 256 | long | dec | 132203.99672 | +---------+--------+----------+-------------+--------------+ 

Abandonware mcrypt is basically a failure. Therefore, especially if you start from scratch (or as the state of php.net comments , you write code in 2015), do it right, go with OpenSSL. fooobar.com/questions/837435 / ...