The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.


Crypt::Ctr - Encrypt Data in Counter Mode


        use Crypt::Ctr;

        my $cipher = new Crypt::Ctr $key, 'Crypt::Rijndael';

        my $ciphertext = $cipher->encrypt($plaintext);
        my $plaintext = $cipher->decrypt($ciphertext);

        my $cipher2 = new Crypt::Ctr $key, 'Digest::MD5';

        $ciphertext = $cipher->encrypt($plaintext);
        $plaintext = $cipher->decrypt($ciphertext);


Generic Counter Mode implementation in pure Perl. The Counter Mode module constructs a stream cipher from a block cipher or cryptographic hash funtion and returns it as an object. Any block cipher in the Crypt:: class can be used, as long as it supports the blocksize and keysize methods. Any hash function in the Digest:: class can be used, as long as it supports the add method.


Counter mode produces the keystream independent from the input. Be sure not to re-use keys in Counter mode. As with Cipher Feedback mode, one should use Counter mode inside authenticated channels, e.g. HMAC.


$cipher = new Crypt::Ctr $key, $algorithm

Constructs a Crypt::Ctr object. If $algorithm is a block cipher, then $key should be of the correct size for that cipher. In most cases you can inquire the block cipher module by invoking the keysize method. If $algorithm is a hash function, then $key can be of any size.

$ciphertext = $cipher->encrypt $plaintext

Encrypts $plaintext. The input is XORed with the keystream generated from the internal state of the Ctr object and that state is updated with the output. $plaintext can be of any length.


Resets the internal state. Remember to do that before decrypting, if you use the same object.

$plaintext = $cipher->decrypt $ciphertext

Decrypts $ciphertext.


This is awfully slow. Some classes in Digest:: do not provide the add method, so they will fail. The internal counter is a Perl integer. This could possibly lead to strange errors when encrypting more than POSIX::LONG_MAX bytes and decrypting it on a different architecture.


Matthias Bauer <>