3

Is there any difference in adding the plain text and key vs using xor instead(apart from the performance improvements)?

user30735
  • 33
  • 2
  • If you do proper group addition, then there's no difference in security. – SEJPM Jan 18 '16 at 20:08
  • I did it by adding the ascii values of the pt and k modulo 256 and haven't had problems so far. – user30735 Jan 18 '16 at 20:09
  • What "performance improvements", BTW? – otus Jan 18 '16 at 20:09
  • I believe a computer can xor in one go which is faster than adding the values then using modulo. – user30735 Jan 18 '16 at 20:11
  • 1
    @otus, if you do it in assembly, XOR is much much faster than addition (which is implicetely performed $\bmod 2^{64}$) because for the CPU it's much simpler than this pesky addition with the carry and this stuff. And mod 256 is perfectly secure. – SEJPM Jan 18 '16 at 20:18
  • @SEJPM, not really. On all but the smallest CPUs, a word-sized modular addition typically takes the same time as a word-sized XOR. (In some cases it can effectively take less, like if it is combined into LEA on some x86.) It's really just "weird" moduli that will usually cause a slowdown. Or using some high level language that doesn't optimize it away. – otus Jan 18 '16 at 20:57
  • @otus I know this is one for http://programmers.stackexchange.com/ but presumably by "weird moduli", you mean any moduli that's not base 2^n (or preferably 256^n) as it's implicit on a hardware level that XOR requires minimal logic instructions. – Iam Nick Jan 18 '16 at 22:07
  • @IamNick, if it is not a power of two then XOR is not really an alternative anyway. I meant sizes the CPU doesn't support natively (like 8, 16, 32 or 64 bits for amd64). Then you may need an additional instruction to mask the carry. – otus Jan 19 '16 at 07:03
  • @otus, good point actually; well made. This thread should be left to die now. – Iam Nick Jan 19 '16 at 07:08

1 Answers1

6

There is no security difference; there are a handful of practical ones:

  • With xor, you can have the same code to do encryption and decryption

  • With xor, you don't have to pick a 'word size'; a larger CPU can handle 4 or 8 bytes at a time, while a microcontroller can handle 1 byte at a time, without changing the ciphertext

  • With xor, you don't have to worry about endianness (which you would if you, say, added words modulo $2^{32}$

While these are all minor differences, they all point towards xor being slightly better from a practical standpoint

poncho
  • 147,019
  • 11
  • 229
  • 360