\
If you are getting into cryptography, or just trying to understand the fundamentals, you may have noticed that the `exclusive-or` (XOR) operation is used quite often, especially in ciphers. XOR is a simple bitwise operation that allows cryptographers to create strong encryption systems, and consequently is a fundamental building block of practically all modern ciphers. 

\
Let’s dive into the details and see what makes XOR so important.

\
## What is XOR (**⊕**)?

XOR, or “exclusive or” operates on binary data. It returns true if both of its inputs are opposites (one false and one true), otherwise, it returns false.

\
 ![](https://cdn.hackernoon.com/images/akEBIg10DrPMiavDpnZxfHb098y2-6793kcf.png)

For example, in Go, the code would be something like:

\
```javascript
func exclusiveOr(a bool, b bool) bool {
	return a != b
}
```

\
## XOR Cipher - The Perfect Cipher

It is interesting to note that if:


1. The key is the same size as the message
2. The key is kept secret and generated truly randomly

\
Then the XOR cipher is certainly **impossible** to crack. This is known as a [one-time pad](https://en.wikipedia.org/wiki/One-time_pad). However, a simple XOR shouldn’t be used in production due to the key length needing to be too long to be practical.

\
## Cipher Example

For instance, let’s simply encrypt the word “hi” by following these steps:


1. First, convert “hi” to binary, [here](https://www.rapidtables.com/convert/number/ascii-to-binary.html) is a free tool

   \

```javascript
01101000 01101001
```

\

2. Next, create a random secret key that has the same length:

\
```javascript
01010010 01000101
```

\

3. Then, create an encrypted message by XOR’ing the message and the key:

\
```javascript
01101000 01101001 (“hi”) XOR 01010010 01000101 (secret key)

00111010 00101100 (encrypted message)
```

\

4. Finally, decrypt the message by XOR’ing the key with the encrypted message again:

   \

```javascript
00111010 00101100 (encrypted message) XOR 01010010 01000101 (secret key)

01101000 01101001 (“hi”)
```

\
## How does it work?

XOR works as a cipher because it is its own inverse.

\
> 𝑎 = (𝑎 **⊕** 𝑏) **⊕** 𝑏

\
And, as we demonstrated in our example:

\
> *encrypted* = *message* **⊕** *key* and *message* = *encrypted* **⊕** *key*

\
## Is XOR used in production ciphers?

The simple XOR cipher isn’t used in production because it is impractical to use keys that are the same length as the message body. However, the XOR is still extremely useful. In fact, it is used in almost all symmetric encryption algorithms. 

\
XOR is the primary operation in the “add round key” step of AES-256. It is also used in the [DES cipher.](http://page.math.tu-berlin.de/\~kant/teaching/hess/krypto-ws2006/des.htm)

\

---

Also published [here](https://blog.boot.dev/cryptography/why-xor-in-cryptography/).

Hess

2022 - HackerNoon Contributor of the Year - Algorithms

2022 - HackerNoon Contributor of the Year - Cryptography

2022 - HackerNoon Contributor of the Year - Github

2022 - HackerNoon Contributor of the Year - Job Hunting

2022 - HackerNoon Contributor of the Year - Mathematics

2022 - HackerNoon Contributor of the Year - Online Education

Coding Guru of 2022

Super Career Strategist of 2022

Learn to code on Boot.dev

Nominated for 2022 - HackerNoon Contributor of the Year - Algorithms

Nominated for 2022 - HackerNoon Contributor of the Year - Mathematics

Nominated for 2022 - HackerNoon Contributor of the Year - Cryptography

Nominated for Coding Guru of 2022

Nominated for 2022 - HackerNoon Contributor of the Year - Github

Nominated for 2022 - HackerNoon Contributor of the Year - Online Education

Nominated for 2022 - HackerNoon Contributor of the Year - Job Hunting

Nominated for Super Career Strategist of 2022

Too Long; Didn't Read

Build JavaScript blockchain apps easily with Lisk

Why Is XOR the Perfect Cipher?

Why Is XOR the Perfect Cipher?

Too Long; Didn't Read

Companies Mentioned

@wagslane

RELATED STORIES