I was with you until the XOR. Please, use a real encryption algorithm! It's so easy to use strong encryption (via Crypt::CBC and Crypt::Blowfish or any of the others) that there's really no excuse not to.

Good point. My bad.