A Sequel to Cryptography

I have promised that in this article I will continue showing you real-world encryption algorithms and more specifically that we are going to XOR. Throughout this part we will find out what exactly is XOR, how to implement it into an encryption algorithm, and ultimately a few techniques for breaking XOR-based encryptions. Does that sound provocative?

Let's move on to the serious stuff. We have algorithms to understand and code, so there's definitely no time to waste. Grab your coffee or energy drink, and let's have fun!

All About XOR

Before we move on, allow me to give you a warning: Keep in mind that the encryption algorithm described in this article is solely for educational purposes. You should not rely on it for top-priority files and/or data. However, the author guarantees that the algorithms presented in this article will not do any harm to your computer- they do not contain any virus, Trojan, worm, spy-ware, mal-ware, or anything that's malicious. Thanks for your time; now we can carry on.

The abbreviation XOR stands for eXclusive OR. It's basically a logical operation; check out its truth-table below. It is true if and only if only one of the operands is true.

So let's memorize the definition of XOR: "either of the two, but not both."

"Why is this important to us?" you ask. It is because the XOR algorithm is based on this logical operation. Let me explain. In our algorithm we will proceed through the content of our file and apply the XOR algorithm to each and every byte. When we encrypt we do the following: XOR the plaintext (source file) with the given password. When we decrypt, we XOR the ciphertext (encrypted file) with the given password.

It is crucial to point out that the XOR process is the same for both encryption and decryption. Because we "flip" the bits or bytes on each step we can "deflip" them using the same scheme once again. There are a multitude of variations of XOR.

The following lines represent the heart of our XOR algorithm:

while ((s.read((char*)&c, sizeof(c))))

  {

       if (key[i]=='')

          i=0;

       c=key[i] ^ c;

       d.write((char*)&c, sizeof(c));

       i++;

  }

Variables: "s" is source; "d" is destination; "c" represents the character that we are going to XOR; "key" stands for the password key. Keep in mind that the key doesn't equal the user-specified key. It goes through the following process to make it acceptable for our XORing algorithm:

for (int i=0; i<255; i++)

   key[i]='§';

scanf("%s",key); int temp=0;

for (i=0;i<255;i++)

{  if (key[i]=='') break;

   temp=i;

}

   strcpy(key_backup, key);

   for (i=temp; i>=0; i--)

       key[temp-i]=key[temp-i] & (~key_backup[i]);

Variables: "key" is the password specified by the user; "key_backup" is the backup of the original "key" string. This process is required to make the password ready to run.

Basically we fill the "key" string with "§" characters before loading the password. Due to this the password gets stored starting from the beginning of the key string and the rest of the 255 positions remain filled with that special character. After this, we apply the following formula to each of characters of the key:

key[temp-i]=key[temp-i] & (~key_backup[i])

Note: The "~" operator stands for the complement of the given value. To specify the complement of a value the computer does the following: it changes all of the 1s to 0s and all of the 0s to 1s from the stored binary address of the aforementioned value. For example: 01111101's complement is 10000010. In the above formula "i" is the start expression of a "for" loop that starts from the length of the key and gets decremented by one until reaches its beginning (zero).