I know this isn't totally PHP-related, but I expect some people here have experience with what I'm doing. I am using mcrypt (in particular, MCRYPT_3DES) to encrypt some data which will be sent to another server in a GET or POST string. What information do I need to provide to the other side? I know I will need to provide the key, but what about the initialisation vector? This has to be set up for every call to mcrypt_generic_init, but am I right in assuming that it's only important in the encryption and not used in decryption? The matter is complicated by the fact that the receiving server will be using ASP, but I assume any ASP decryption component will just require a key, correct? Any comments welcome.
