http://www.velocityreviews.com/forums/(E-Mail Removed) wrote:

> XOR does of course beg the question of what you XOR with ?

> 1st years will of course be tempted to XOR with a constant key, which

> means that once you've cracked one password, you've got them all.

> Thus you have a layered test, OK students will crack it, smarter ones

> will realise the general defect.

>

> Although Jarek gives pretty much the simplest algorithm, if you don't

> specify the algorithm than it requires >1st year skill to work out

> whether it's XOR, DES, or something that's really secure.
There is no more secure encyption algorithm than XOR-ing with a

one-time pad. In fact, it is the only known unbreakable encryption

algorithm.

To keep on topic, I have written below an implementation of the

algorithm in C++ that simply XORs each byte of the plaintext with the

corresponding byte of the secret key:

#include <string>

using std::string;

string

EncryptData( const string& plaintext, const string& key)

{

const int len = key.length();

assert(len >= plaintext.length());

string encryptedText;

int pos = -1;

while (++pos < len)

encryptedText += plaintext[pos] ^ key[pos];

return encryptedText;

}

For most uses, XOR is not practical since it requires that the secret

key be at least as long as the plain text (in order to guarantee that

every possible decryption of an encrypted text is just as likely as any

other). Furthermore each randomly generated key can only be used once,

meaning that both parties must each have the same long list of secret

keys in order to encrypt their messages.

Greg