If you are getting into cryptography, or just trying to understand the fundamentals, you may have noticed that the exclusive-or
(XOR) operation is used quite often, especially in ciphers. XOR is a simple bitwise operation that allows cryptographers to create strong encryption systems, and consequently is a fundamental building block of practically all modern ciphers.
Let’s dive into the details and see what makes XOR so important.
XOR, or “exclusive or” operates on binary data. It returns true if both of its inputs are opposites (one false and one true), otherwise, it returns false.
For example, in Go, the code would be something like:
func exclusiveOr(a bool, b bool) bool {
return a != b
}
It is interesting to note that if:
Then the XOR cipher is certainly impossible to crack. This is known as a one-time pad. However, a simple XOR shouldn’t be used in production due to the key length needing to be too long to be practical.
For instance, let’s simply encrypt the word “hi” by following these steps:
First, convert “hi” to binary, here is a free tool
01101000 01101001
01010010 01000101
01101000 01101001 (“hi”) XOR 01010010 01000101 (secret key)
00111010 00101100 (encrypted message)
Finally, decrypt the message by XOR’ing the key with the encrypted message again:
00111010 00101100 (encrypted message) XOR 01010010 01000101 (secret key)
01101000 01101001 (“hi”)
XOR works as a cipher because it is its own inverse.
𝑎 = (𝑎 ⊕ 𝑏) ⊕ 𝑏
And, as we demonstrated in our example:
encrypted = message ⊕ key and message = encrypted ⊕ key
The simple XOR cipher isn’t used in production because it is impractical to use keys that are the same length as the message body. However, the XOR is still extremely useful. In fact, it is used in almost all symmetric encryption algorithms.
XOR is the primary operation in the “add round key” step of AES-256. It is also used in the DES cipher.
Also published here.