Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
will yield different outputs:
echo $des->encrypt(substr($plaintext, 0, 8));
echo $des->encrypt(substr($plaintext, 8, 8));
echo $des->encrypt($plaintext);
The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
another, as demonstrated with the following:
$des->encrypt(substr($plaintext, 0, 8));
echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
outputs. The reason is due to the fact that the initialization vector's change after every encryption /
decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
Put another way, when the continuous buffer is enabled, the state of the \phpseclib\Crypt\DES() object changes after each
encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
however, they are also less intuitive and more likely to cause you problems.
