Whenever the subject of cryptography is brought up in mainstream literature, the authors invariably try explaining it with the *substitution cipher*, but modern encryption is something entirely different. There were quite a few mechanical substitution systems in use until the 1970s, all seemingly based on *Enigma*, but this post is an attempt to explain (partially) how today’s encryption works, using a system that’s quite easy to understand.

I’ve found the best way to learn about modern cryptography is to learn the different systems in the right sequence. XOR encryption is the foundation, block ciphers XOR binary digits and rotate them, Triple-DES and AES are improvements on that, and RSA is often used for communicating DES and AES keys. Most decent encryption we use today are essentially variations and combinations of all this.

So, to start at the beginning: I used to wonder how mathematics could be used for encrypting stuff like text, images, audio, etc. The answer is the files are actually very long binary numbers – or very long strings of 1s and 0s. It’s also the case that letters in a text file translate to 7-digit (we’ll call it a byte here) ASCII codes. So we have numbers mathematical operations can be performed on to encrypt/decrypt text.

This means it’s possible to convert text and a password into two ASCII binary strings – the *plaintext stream* and the *keystream* – and use them as inputs for a Boolean (logic) operation. The output will be an encrypted stream (*cipherstream*) which translates to something unreadable if converted to text.

If the plaintext is much longer than the password, the *keystream* could be a repeating sequence, although a proper system would be designed to prevent any discernable pattern in the ciphertext.

The process is also reversible if the right Boolean operator, XOR, is used with the *cipherstream* and the *keystream* used as inputs.

**The XeroCrypt Application**

I started work on a software application last year (XeroCrypt), which I still haven’t got round to finishing, but the XOR module demonstrates the following encryption/decryption with a GUI.

1. Reads text input and converts it to ASCII binary (*plaintext stream*).

2. Reads an alphanumeric password and converts it into ASCII binary (*keystream*).

3. XOR the *plaintext stream* with the *keystream*.

4. Convert the output to ASCII text.

So the output after this operation is again the encrypted text, known as the ciphertext. To decrypt this, we simply reverse the operation, using the ciphertext and the password as inputs.