5

I have a 128 bit encryption key that I would like to break up into three parts that when XOR'ed together reproduce the key.

How do I do this?

crawfish
  • 853
  • 4
  • 11
  • 14

2 Answers2

10

Pick two other 128 bit values at random (random_1 and random_2), then work out the equations to see how it works:

key ^ random_1 = xor_1

Now split xor_1 the same way:

xor_1 ^ random_2 = xor_2

Flipping that equation around, we get:

xor_1 = xor_2 ^ random_2

Now substitute back into the first equation:

key = random_1 ^ xor_2 ^ random_2

So your code will just do xor = key ^ random_1 ^ random_2 and you distribute everything but the key.

Qsario
  • 1,016
  • 1
  • 9
  • 18
1

Just XOR the salt values in and then XOR them out to reverse it.

If key' = key ^ salt1 ^ salt2, then key = key' ^ salt1 ^ salt2.

It's pretty trivial to implement, but it's also pretty trivial to reverse engineer.

What are you trying to protect with this, and who are you trying to protect it from?

tbroberg
  • 635
  • 3
  • 11
  • I am storing the key in an encrypted file, but don't want to store it as a single part, so i'm dispersing it throughout the file in this manner. Is there a better method than that to make the key harder to recognize? – crawfish Jul 13 '12 at 19:57
  • 3
    If the attacker can step through your code, he can set a breakpoint after you reassemble the key. It's not a bad idea to scramble the key a bit to make him work for it a little, but it's not really possible to hide keys in software. You need something like a FIPS-140 cryptomodule to really hide keys. Having said that, the XOR scheme is better than nothing. Another idea would be to take a hash (e.g. SHA-1) of some arbitrary collection of _secret stuff_ and use that as your key, but an attacker could still step to the point after that and retrieve the key. – tbroberg Jul 13 '12 at 20:13
  • Just for the record, if you want to be secure, please use PGP rather than writing your own encryption. If you're trying to solve a DRM problem, where the user's computer has the key but the user should not have the key, there are no good solutions. – Qsario Jul 14 '12 at 01:22
  • Qsario : my application needs to encrypt/decrypt information stored in a database, as a result I do not believe I can use PGP. – crawfish Jul 16 '12 at 20:09
  • tbroberg : The XOR-ing is mainly just to prevent someone from getting the key just from seeing the code. If they are able to step through it, I think I've already lost the battle. But I do agree that it doesn't add much security past just obfuscation. – crawfish Jul 16 '12 at 20:10
  • Yes, by all means, it can't hurt to obfuscate it. The pitfall is where you pour lots of time into securing the door and then leave the window wide open. We try to find the weakest points and make them as strong as we can manage and then stop. It sounds like you have a good handle on the limitations, and from there you just do the best you can. Suggestion - If you like, you can collect bits of key material from all over if you just hash over them all and use the hash as the key. – tbroberg Jul 17 '12 at 08:05