Hello gurus,

I have this question: How safe is an XOR encrypted data?
Is this considered as strong encryption method?
In intruder's perspective, what would be its weak point or entry point? Well, if this would be the basic method for encryption, perhaps this will be the easiest for them to crack.
How could they possibly find out the "key" used for XOR encryption that has infinite posibility? Or they just do some guessing, too; just like guessing a "password"?

Please share your idea. Thank you.


Owen/

It depends on the amount of data they have available to them. Cracking encryption generally involves looking for a patern in the data. Since the data does not usually repeat is self, this partern is the encryption key. If the code for the encryption is open source, they figure out how to turn this patern into the actual key fairly easily and then decrypt your information. XOR is regarded as a low security encryption method, you should look into the newer, more powerful encryption methods if you are seriously concerned about your data. If it is only to stop average users, then XOR should be fine, but against encryption crackers, it will fall easily.

XOR is definately not strong.
never use it.!
it will take secs to bruteforce all 0xFF keys =)

XORing with the same pattern is really not high security. It's very easy to find out, if the hacker can just debug your code, see where you are decrypting the data and voila, he sees the XOR string right there.

It may be useful for wasting a bit of the hacker's time by XORing in addition to applying some other encryption scheme, but only if you go for longer patterns that do not remain constant. For example (do not do it exactly like this, otherwise we all know hoe to decrypt your data :p), take a pattern of 19 bytes and after you XORed one set of 19 bytes with it, multiply the pattern by some big prime number.

It's not high security, but helps keep amateur hackers off the data.

he sees the XOR string right there.I dont know much about encryption, but can one say that a string is a XOR string just by seeing it as one can do by seeing an MD5 hash?

Can one replace a by 6 and b by c and so on(arbitrary) to disguise the XOR string or MD5 hash....

Please tell me if I am wrong....
Thank You.