Encrypting the data of sensitive information is very essential in enterprise environment; especially when we are working on multiple environments (Dev/Test/Production) and increasingly developer are having access to production data for the legitimate purpose of production support. Securing the data and preventing its access outside the application is a mandatory requirement for today’s business solution. In spite of that many business application store sensitive information as plain data because of performance issues, accessibility from different application and complexity associated with cryptographic techniques.
There many solution available at database level and in application level. Many of them are product specific or technology specific. Like SQL server 2008 allow you to encrypt the data in database level, table level and column level. But if you are using SQL server 2000 or my SQL most probably you have no option other than developing some custom application or using application level encryption which eats your performance and limit you accessibility.
My objective here is provide simple solution of encryption using XOR that will very effective and very high performing compare to other hash algorithms.
XOR cipher is a simple encryption algorithm that operates according to the principles:
1 + 0 = 1
0+1 =1
1+1 =0
0+0=0
(A + B)+ C = A + (B + C),
(B + A) + A = B + 0 = B,
XOR bit operator is extremely common as a component in more complex ciphers. Its primary merit is that it is simple to implement, and that the XOR operation is computationally inexpensive. If the key is random and is as long as the message (so it never repeats), the XOR cipher is more secure. With a key that is truly random, the result is a one-time pad, which is unbreakable even in theory.
Here is the sample in C#
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace SimpleXORMultipleEncryption
{
class Program
{
static void Main(string[] args)
{
string plaintTxt = "Sample Plain Message";
string plaintTxtResult = string.Empty;
string encryptTxt = string.Empty;
string key = "123456";
encryptTxt = XOREncryptDecryptStr(plaintTxt, key,3);
Console.WriteLine(encryptTxt);
plaintTxtResult = XOREncryptDecryptStr(encryptTxt, key,3);
Console.WriteLine(plaintTxtResult);
Console.ReadLine();
}
private static string XOREncryptDecryptStr(string inputStr, string keyTxt,int keyLoop)
{
string resultStr = string.Empty;
char[] inputStrarr = inputStr.ToCharArray();
char[] key = keyTxt.ToCharArray();
char[] resultStrarr = new char[inputStrarr.Length];
while (keyLoop > 0)
{
int k = 0;
for (int i = 0; i < inputStrarr.Length; i++)
{
while (k < key.Length - 1)
{
k++;
resultStrarr[i] = (char)(inputStrarr[i] ^ key[k]);
}
k = 0;
}
keyLoop--;
}
resultStr = new string(resultStrarr);
return resultStr;
}
}
}
Note: The above code sample is provided as is without any warranty.
In the sample “XOREncryptDecryptStr” takes three parameter inputStr, keyTxt and KeyLoop.
You call the XOREncryptDecryptStr to encrypt and also to decrypt. To encrypt you set the
inputStr as plain txt and to decrypt you set the inputStr as encrypted text. The KeyTxt is the key that is used to secure the message. By randomly generating it theoretically it is impossible to break it. keyLoop is my idea of adding additional complexity by encrypting the results again. You can do as many loops you want the above algorithm will not break.
This simple solution can be easily added to any solution and it is not technology and frame work specific. It uses the fundamental XOR bit operator to secure the data.