Reprinted from the product is slightly Library: http://www.pinlue.com/article/2020/03/1209/3910018006025.html
This paper describes a simple and efficient and very secure encryption method: XOR encryption.
A, XOR operation
Among the logic operation, in addition to AND and OR, there is a XOR operation, Chinese called "exclusive OR operation."
It is defined as: two values are the same, it returns false, true otherwise. That is, XOR can be used to determine whether the two values are different.
true XOR true // false
false XOR false // false
true XOR false // true
true XOR false // true
JavaScript language binary arithmetic, there is a dedicated XOR operator, ^ writing.
1 ^ 1 // 0
0 ^ 0 // 0
1 ^ 0 // 1
0 ^ 1 // 1
Code above, if the two bits of the same binary, returns 0, indicating false; 1 otherwise, indicates true.
Two, XOR application
XOR operation has a wonderful feature: If a value do it twice XOR, will return the value itself.
// first XOR
1010 ^ 1111 // 0101
// second XOR
0101 ^ 1111 // 1010
In the above code, the original value is 1010, then randomly selecting one value (in the example is 1111), the XOR done twice, and finally will always get the original value 1010. This is mathematically very easy to prove.
Third, the encryption application
XOR of this feature, so that it can be used to encrypt information.
message XOR key // cipherText
cipherText XOR key // message
In the above code, the original information is Message, key is a key, the first encrypted text will be XOR cipherText. After the other side to get, and then do a key XOR operation, will be reduced to give the message.
Fourth, perfect secrecy
During World War II, countries in order telegraph encryption, cryptography done a lot of research and practice, including XOR encryption.
After the war, American mathematician Shannon (Claude Shannon) his published research, proved that as long as two conditions are met, XOR encryption is unbreakable.
Is not less than the length of the message key
key must be disposable, and randomly generated every time
The reason is simple, if every time the key is random, then CipherText has generated all possible values, and are evenly distributed and can not be seen from the CipherText any feature of message. In other words, it has the largest "information entropy" and therefore impossible to crack. This is called "perfect secrecy" XOR of (perfect secrecy).
The above two conditions are met key, called the one-time pad (abbreviated as the OTP), meaning "one-time pad", such as the previous cipher key are printed, each time use, which must be selected from key.
Five examples: hashed
The following example uses XOR, the user's login password is encrypted. Actual operating results to see here.
The first step, when the user sets the login password, calculates a hash of the password used here is the MD5 algorithm, other hash algorithms may also be used.
const message = md5(password);
A second step of generating a random key.
// Generate a random integer in the range [min, max]
function getRandomInt (min, max) {return Math.floor (Math.random () * (max - min + 1)) + min;} // generate a random hexadecimal value in between 0 ~ f
function getHex () {let n = 0; for (let i = 4; i> 0; i--) {n = (getRandomInt (0, 1) 1)) + n;} return n.toString (16); } // generates a 32-bit hexadecimal value, is used as a disposable Key
function getOTP() { const arr = []; for (let i = 0; i 32; i++) { arr.push(getHex()); } return arr.join(""); }
The above code, the generated key is a 32-bit hexadecimal value corresponding to 128 of the binary hash MD5 generated.
A third step of performing the XOR operation to obtain the encrypted message.
function getXOR(message, key) { const arr = []; for (let i = 0; i 32; i++) { const m = parseInt(message.substr(i, 1), 16); const k = parseInt(key.substr(i, 1), 16); arr.push((m ^ k).toString(16)); } return arr.join(""); }
Use this method to save the user's login password, even if the encrypted text leaked, as long as the one-time key (key) does not leak, and the other can not crack.