Xor Security

Xor has got to be one of the weakest methods of encrypting data. Without the password, it isn’t too hard to find it. The Xor method is more of an encoding algorithm. You have your text, and you have your password. As you loop through each letter in your text, each character in the password is matched up and an XOR operation is performed on the two. When the password runs out of characters, you start at the beginning again.

Xor is weak for a simple reason. If you know a small portion of the unencoded message, you can perform an Xor operation on just the position those characters in the encoded message to get the password. So if you know that your message ends with a period, you can Xor the last character of the encoded message against a period character. People can take it a step further and look for patterns that could translate to words. Others would use statistics such as the space character would appear most, then the letter “E”, and so on.

Well, all this boils down to SecondLife. I’m starting to script my objects to talk to each other for a game that I’m creating within that world. I’m still a bit confused with what approach I should take. I just don’t want people building there own objects to listen in on my objects communications. I’m tempted to look into RSA and RC4 encryption, but the strength is limited to only 16 bits in the game due to the nature of how integers are setup in LSL script. I’ve done something similar in VB Script that had similar limitations.

Comments are closed.

%d bloggers like this: