Simple XOR Encryption/Decryption in C++ (And Several Other Languages)
For details on how to implement XOR encryption using Go, see this post.
If you are looking for XOR encryption for other languages, including C, C#, Dart, Go, Groovy, Java (Android Compatible), JavaScript, Objective-C, and Python, I have made them available at this GitHub repo.
XOR encryption (or Exclusive-OR encryption) is a common method of encrypting text into a format that cannot be trivially cracked by the average person. XOR encryption is great for storing things like game save data, and other data types that are stored locally on a users computer, that while not a big deal if they are tampered with, you would like to deter people from doing so. XOR encryption is also used often as a part of more complex encryption algorithms.
The idea behind it is that if you don't know the original character or the XOR encryption key, it is impossible to determine what either one is. However, the reason that it is not entirely secure is that data almost always contains patterns (JSON uses '{' and '}' characters, XML contains plenty of '<' and '>' characters, etc.) so if someone is able to determine the pattern and unlock even one character, they will have the key to unlocking everything else.
However secure or insecure XOR encryption really is, it has plenty of valid use cases. Any kind of deterrent added to data that you don't want users to tamper with but that they will have easy access to is a prime candidate, so long as security isn't paramount.
The concept is simple, you define a key character, and for every character in the string you want to encrypt, you apply the key. Once you want to unencrypt the encrypted data, you simply go through the string and apply the key again.
Here's a very simple implementation in C++, which uses the ^ character for XOR:
#include<iostream> usingnamespace std; string encryptDecrypt(stringtoEncrypt) { char key = 'K'; //Any char will work string output = toEncrypt; for (int i = 0; i < toEncrypt.size(); i++) output[i] = toEncrypt[i] ^ key; return output; } int main(intargc, constchar * argv[]) { string encrypted = encryptDecrypt("kylewbanks.com"); cout << "Encrypted:" << encrypted << "\n"; string decrypted = encryptDecrypt(encrypted); cout << "Decrypted:" << decrypted << "\n"; return 0; } |
And here's the output:
Encrypted: 2'.<)*% 8e($& Decrypted:kylewbanks.com |
As you can see, the encrypted string looks like gibberish, and would deter non-technical people from bothering to tamper with the file. However, if you run something through that algorithm with repetitive characters (JSON, XML, etc.), more tech-savvy individuals may be able to pick up on what you are doing. While you can't quite make it unbreakable, you can make it ridiculously hard to brute-force by using multiple keys in a pattern like so:
string encryptDecrypt(string toEncrypt) { char key[3] = { 'K', 'C', 'Q' }; //Any chars will work string output = toEncrypt; for (int i = 0; i < toEncrypt.size(); i++) output[i] = toEncrypt[i] ^ key[i % (sizeof(key) / sizeof(char))]; return output; } |
There are two differences here:
- key is now defined as a char array.
- We now use the char at index modulos the size of the key array to XOR, rather than the same key for each character to encrypt.
Now running the same string through there, we get the following output:
Encrypted: :=.43*-:8m2$. Decrypted:kylewbanks.com |
It doesn't look that much more secure, but the reason for using multiple keys rather than just one, is that for each additional key you use, you effectively double the amount of time it takes to brute force the encrypted string.
Full source in a variety of languages available on GitHub.
来自:https://kylewbanks.com/blog/Simple-XOR-Encryption-Decryption-in-Cpp
最新文章
- 在线倍增法求LCA专题
- Linux常用命令学习7---(磁盘管理df du、磁盘的分区和格式化fdisk parted)
- pay-as-you-go
- php基础25:each()
- maven Spring 4.2+SpringMVC+dubbo解决TypeProxyInvocationHandler.invoke(SerializableTypeWrapper.java:239)
- 每日学习心得:SQL查询表的行列转换/小计/统计(with rollup,with cube,pivot解析)
- 在ASPxGridView的主从表显示中,有什么属性可以只让其每次选择只展开一列?
- 世界上还有一个东西叫Virtual Pascal
- 20145102 Java 实验一
- union all 简单用法
- spring的基本配置
- spring framework 4 源码阅读
- struts2 实现过程和xml配置
- Keil C51.uew
- InnoDB引擎数据存放位置
- hdu_2446_Shell Pyramid(数学,二分)
- java web 开发手册
- Git简介及安装
- 算法练习:求字符串的最长重复子串(Java实现)
- SqlBulkCopy 批量插入