## XOR Encryption

While studying for my latest certification, I noticed that I haven’t seen any posts on basic encryption techniques here on the froup… And I know some of you have lots of questions! So…

XOR encryption.

What is XOR encryption? Well, XOR encryption is rather weak in and of itself, but XOR operations are used in just about every popular symmetrical encryption technique such as DES and Twofish. XOR is the operation that performs the encryption and allows one to decrypt ciphertext provided you have the password.

A few definitions:

Symmetrical encryption= encryption technique in which the “shared secret” password performs both encryption and decryption functions.

Ciphertext= encrypted message

Plaintext= unencrypted message

Key= password used to encrypt plaintext and decrypt ciphertext.

Symmetrical encryption relies on on both the person sending a message and the recipient knowing the secret password. Problems with this revolves around making sure that nobody else acquires the password, the encryption technique and the length of the key used to encrypt the data.

So what is XOR? XOR means “exclusive OR”. It compares 2 bits, and returns true (“1”) only if one of the bits does not equal the other. A XOR truth table would look like so:

Bit 1 | Bit 2 | Result |

0 | 0 | 0 |

1 | 0 | 1 |

0 | 1 | 1 |

1 | 1 | 0 |

The encryption algorithm we’ll be using is C=(p XOR k), where C is ciphertext, p is plaintext and k is the key.

So how do we use this? Let’s start with something simple like encrypting the letter “a” with the key “z”.

First, we’ll take the ASCII value of “a” which is 97. The ASCII value of “z” is 122. You can find these values on any ASCII chart, or use the Asc() function in VBScript. Most other programming languages will have a similar function.

97 in binary is 1100001

122 in binary is 1111010

XOR Sum: 0011011

11011 in decimal is 27. Now that “a” is encrypted, how do we decrypt it? Using the formula P=(c XOR k)

The encrypted sum: 0011011

The key: 1111010

XOR Sum: 1100001

1100001=97 in decimal, which is the ASCII value for… “a” !

Now, you may be asking yourself “how can I convert the decimal ASCII value to binary so it can be XOR’d?”. Well, it’s not that hard, and I’m going to show you how. I’m assuming that you already have a basic understanding of counting in binary. If not, go read a tutorial. We’ll wait…. OK, now that you know all about binary, I’ll show you how to convert decimal to binary programatically:

The easiest wayt to do it is to take the number to be converted, X, and divide it by 2. If there is a remainder (called the *modulo*) write a 1 down off to the side. If it divides evenly, write a 0. Take the quotient, and divide by 2 again. If there is a remainder, write a 1 to the **LEFT** of the previous 1 or 0. If there is no remainder, write a 0 to the **LEFT** of the previous 1 or 0. Continue on until you reach 0, always writing a 1 or 0 to the left of the previous 1s or 0s. Now you have a binary representation of your decimal number.

Example:

20 is your decimal number. Convert to binary.

DECIMAL | BINARY | |

20/2=10 mod 0 | 0 | |

10/2=5 mod 0 | 00 | |

5/2=2 mod 1 | 100 | |

2/2=1 mod 0 | 0100 | |

1/2=0 mod 1 | 10100 |

OK, so how do we do this in a program or script? Simple. This example is in VBScript, but this ports over easily to any language, since it uses basic math functions that are in all programming languages

dim a,b,c

a=Wscript.Arguments(0)

Do While a <> 0

b=a mod 2

if b=1 then

c=”1″+c

else

c=”0″+c

end if

a=Int(a/2)

Loop

Wscript.Echo c

The *mod* operator tells the script that we want it to only return the remainder (or modulus).

So how do we convert binary to decimal in a script? Simple math… knowing that each digit left is one power higher than the one to the right of it, we just figure the length of the binary number, then get the value for each digit, adding it to the sum until we’re done.

Example:

10100 is your binary number. Convert to decimal

10100 really means (1*2^4)+(0*2^3)+(1*2^2)+(0*2^1)+(0*2^0)

Which turns into (1*16)+(0*8)+(1*4)+(0*2)+(0*1)=16+0+4+0+0=20

A script would look something like this:

dim a,b,c,d

a=StrReverse(Wscript.Arguments(0)) ‘Reverse the string so it’s easier to multiply through using position number

For b=1 to Len(a)

c=Mid(a,b,1)

d=d+(c*2^(b-1))

Next

Wscript.echo d

So how do we encrypt an entire message with a key longer than one letter? We take in the plaintext one letter at a time, and encrypt it with one letter of the key. The next letter of the plaintext is encrypted with the next letter of the key. So:

P(1) XOR K(1)= C(1)

P(2) XOR K(2)= C(2)

What do you do if your message is longer than your key? Go back to the beginning of the key and start over! ie, with a 20 byte message, and a 10 byte key, after P(10) XOR K(10)= C(10), the next operation would be P(11) XOR K(1)= C(11).