What is the XOR?

XOR is a logical operation, pronounced exclusive or. What an XOR cipher does is that it first converts the plaintext into a stream of binary. Then it takes the key, converts it into a sequence of binary numbers and repeats the sequence as many times as necessary to encrypt the plaintext stream. For each digit of the message, the digit is XORed (see truth table below) with a corresponding digit from the key to get the encrypted message.

Truth table:
a | b | result
--------------
0 | 0 | 0
1 | 0 | 1
0 | 1 | 1
1 | 1 | 0
==============

For example, to encrypt 1011

KEY 0101
  XOR
MSG 1011
----
RES 1110

To decrypt an XOR encrypted message, simply reapply the XOR operation to the ciphertext with the key to get the plaintext, such as:

KEY 0101
  XOR
MSG 1110
----
RES 1011

Known-Plaintext Attack

The known-plaintext attack is done when the attacker knows part of the plaintext, called a crib. Because the crib must exist in the ciphertext, this allows the computer systems to rapidly eliminate all the potential keys whose decryptions don't contain the crib, along with other optimizations.

Tools

• CyberChef XOR recipe
• CyberChef XOR brute force recipe