Introduction XOR encryption is a trivially simple symmetric cipher which is used in many applications where security is not a defined requirement.Exclusive-OR encryption, while not a public-key system such as RSA, is almost unbreakable through brute force methods. It is susceptible to patterns, but this weakness can be avoided through first compressing the file (so as to remove patterns). Exclusive-or encryption requires that both encryptor and decryptor have access to the encryption key, but the encryption algorithm, while extremely simple, is nearly unbreakable. Code: A ^ 0 = A A ^ A = 0 B ^ A ^ A = B ^ 0 = B where ^ denotes the exclusive disjunction (XOR) operation. With this logic, a string of text can be encrypted by applying the bitwise XOR operator to every character using a given key. To decrypt the output, merely reapplying the key will remove the cipher. The XOR operator is extremely common as a component in more complex ciphers. By itself, using a constant repeating key, a simple XOR cipher can trivially be broken using frequency analysis. Its primary merit is that it is simple to implement, and that the XOR operation is computationally inexpensive. Recently, probably the makers of a media player 3wplayer(reported by Norton Antivirus as a spyware threat), encoded DVD rip avi files and put them up on torrent portals. One intelligent guy amazingly figured out the hidden trick and decrypted the avi file, which otherwise can only be played in 3wplayer. Read more about it here http://forum.mininova.org/index.php?showtopic=234994521 An Example PHP: // Let's define our key here $key = 'G4E'; // Our plaintext/ciphertext $text = 'Programming Forums'; // Our output text $outText = ''; // Iterate through each character for($i=0;$i<strlen($text);$i++) { for($j=0;$j<strlen($key);$j++,$i++) { $outText .= $text{$i} ^ $key{$j}; } }
I guess, there's a bug in the code, the correct one should be PHP: // Let's define our key here $key = 'G4E'; // Our plaintext/ciphertext $text = 'Programming Forums'; // Our output text $outText = ''; // Iterate through each character for($i=0;$i<strlen($text);) // Dont need to increment here { for($j=0;$j<strlen($key);$j++,$i++) { $outText .= $text{$i} ^ $key{$j}; } }
Check this out http://www.go4expert.com/articlesamples/php_xor_cipher/, I've added an additional base64 encoding of the ciphertext 'cause it generates some binary data!
This allows you to take a file encrypted with the XOR cipher and, with only some assumed knowledge about its format, deduce both the plain text and the key. Key Length: This is so you can specify the key length manually. The algorithm is perfectly capable of finding this value on its own, but its choice is based on the most probable length. If it chooses an incorrect value for the key length you will not get the correct solution. This gives the user the option of specifying the length, in the case where the algorithm chooses the wrong one. You can find the possible key lengths in the data output. Set KAPPA_P: The KAPPA_P value is described below. One would use this option if the target plain text is something other than standard ASCII. To get the KAPPA_P for your target plain text use the option for getting KAPPA_P below. (Default is: .06721) Only IOC: This means the program will only print the IOC (Index of Coincidence) information about the ciphertext. One would use this option to get an idea of the possible key lengths and if the KAPPA_P value needs to be adjusted. A better KAPPA_P value will lead to more accurate key length predictions. ALPHA Threshold: The algorithm depends on a PHI test to determine its probable key lengths. In this test there is a PHI_R (PHI random) and a PHI_P (PHI plain text) and an observed PHI. To choose a key length that looks good we want our observed PHI to fall between PHI_R and PHI_P: the closer to PHI_P the better. The problem is, there are many observed PHI values that meet this criteria. So we are using ALPHA to represent a requirement for marking candidate key intervals. We expect the candidate keys to be at least ALPHA percent of PHI_P. The default is 85%. If the key interval is a rhythmic, then it is best to adjust this percent to a value that yields a fairly standard interval, and thus a base key length with multiples. DELTA Threshold: Once the key length is deduced the algorithm moves on to a basic monoalphabetic analysis of the ciphertext at intervals of the key length. This means that if the first character of the key is an 'H' that a decryption based on 'H' should, for all 256 bytes, yield something that looks like our target plain text. The target plain text here is referred to as DELTA data, and the DELTA Threshold is how close we would like our decryption based on 'H' (or some key character) to be to our DELTA data. The default DELTA Threshold is 45%, because it works empirically. There is a 20% scalar thrown in behind the scenes for the calculation of the best looking key, but 45% works well for standard ASCII English text. One may want to change this value if working with anything else. DELTA Data: This is a file that looks and smells like the original plain text, but is NOT the same. For all intents and purposes this is the same data file use for the alternate KAPPA_P test. It will allow for an empirical frequency table based on something OTHER than standard ASCII English text. The data here will be used in conjunction with the DELTA Threshold above; however, you may not need to change the Threshold from its default value. So again, use this option when you are trying to solve a cipher for for anything other than standard ASCII English text. Key Length: Set KAPPA_P: Only IOC: ALPHA Threshold: DELTA Threshold: DELTA Data: Crack This File:
Code: // Let's define our key here $key = 'G4E'; // Our plaintext/ciphertext $text = 'Programming Forums'; // Our output text $outText = ''; // Iterate through each character for($i=0;$i<strlen($text);$i++) // Dont need to increment here { for($j=0;$j<strlen($key);$j++) { $outText .= $text{$i} ^ $key{$j}; } }
