Re: How secure is XOR encryption?

the security of XOR "encryption" is dependent on the length of the key as follows:

if the key is longer than the message being encrypted and the key is perfectly random, it is provably unbreakable (it's just a one-time pad).

if the key is shorter than the message (so that it has to be repeated to encrypt the entire message), it's trivial to break. using XOR with a key that's repeated is essentially a vigenere cipher and can be broken quite painlessly by looking at the index of coincidence. don't use this method unless you really don't care if the encryption is broken, because it will be by the first hacker who decides to try.

anders pearson

Comment on Re: How secure is XOR encryption?

Replies are listed 'Best First'.
Re: Re: How secure is XOR encryption? by Ovid (Cardinal) on Apr 24, 2002 at 19:27 UTC
thraxil wrote: if the key is longer than the message being encrypted and the key is perfectly random, it is provably unbreakable (it's just a one-time pad). This is true if used as a one-time pad: one-time. In the original post, I got the impression that this encryption is to be used many times, thus falling prey to your second caveat: the key being shorter than the message makes the message insecure. In this case, the cracker can just concatenate the messages (well, it's often more complex than that, but you get the idea). If, however, there were some form of key exchange like the Diffie-Hellman method, then a secure, random key can be distributed, but that seems to take us back to the original problem of creating security because you have to settle on a method of encrypting the random key and you can't just use it to XOR itself :) If you encrypt the random key, you may as well just encrypt the original data. Cheers, Ovid Join the Perlmonks Setiathome Group or just click on the the link and check out our stats.	[reply]
Re: Re: Re: How secure is XOR encryption? by thraxil (Prior) on Apr 25, 2002 at 12:12 UTC
absolutely. i should have been more clear about that. if you re-use a key from a one-time pad, even across multiple messages, all the security is gone. anders pearson	[reply]