Lab 2: XOR Operator and Entropy

In this lab, you will explore XOR operation, an essential component of many cryptosystems, and the one-time pad, which is unbreakable but impractical. You will compare the effectiveness of XOR with AND and OR operators. In that way, you will be able to practice the importance of entropy in Cryptography. You will also explore the effect of key length in encryption operations.

You will use two cloud-based systems in this lab: Cryptii and hexed.it. You will find the details of both within the instructions. You will also use CrypTool to generate a key by using the RNG (random number generator) in this tool.

You will use the cat image below throughout this lab. Please don’t use the image in this file; instead, download the file cat.bmp in Canvas. (Image courtesy: Betul Karabacak)

Bitmap File Details

Learning/refreshing some information about bitmap files in general and cat.bmp specifically will help you gain insights into what you will be doing in this lab.

Let’s examine the file by checking some properties of it.

It is a 100 x 67 pixel, 256-color bitmap image. The size of the file is 7,778 bytes.

256-color bitmap image means that this file can only store at most 256 different colors. Because the color of each pixel of the image is represented by 8 bits. Therefore, a pixel can be assigned to one of the (2^8=256) possible colors. For example, in this image,

Black is coded as 00000000

Red is coded as 11110000

Yellow is coded as 11111100

White is coded as 11111111

These are the facts:

a) 8 bit corresponds to 1 byte in the digital world.

b) A bitmap file with 100 x 67 pixels has 6700 pixels.

c) Each pixel is represented by 1 byte in a 256 Color bitmap.

Therefore, the data portion of the file takes up 6700 bytes. (Data portion means pixels). The total size of the file is 7778 bytes. Therefore, the header of the file takes up 1078 bytes. The header of a file stores critical data called metadata, metadata stores color table, the size information, resolution details, among other things.

In this lab, you will encrypt the data portion and most of the header portion of the file so that you will still be able to open the encrypted bitmap image with an image viewer, and you will be able to analyze the strength of the different encryption operations.

Although the word “encryption” has been used in this lab, the actual operations are nothing more than ANDing, ORing, and XORing an input data with an operand.

Hex Editor

In this lab, you will use a cloud-based hex editor hosted at
https://hexed.it/.

At the time of this lab, if you cannot open the hex editor website for some reason, please download WinHex from
https://www.x-ways.net/winhex/ or your favorite hex editor.

Lab Instructions

1. Navigate to
https://hexed.it/. You will see the page below.

2. Click the Open file on the top menu and upload the cat.bmp from your computer.

You will not see 1s and 0s after you opened the file in a hex editor. As the name implies, the hex editor shows the file’s content in hexadecimal (hex) format.

00000000 (black) is 00 in hex format. (00 is called an octet)

11110000 (red) is F0.

11111100 (yellow) is FC.

11111111 (white) is FF.

The octets shown in the screenshot above are not used to represent colors; they belong to the header of the bitmap file. 1078 bytes were reserved for the header; therefore, the octets representing the colors (data portion) starts at the 1079th octet. The position where the data portion starts is way lower than the portion shown in the screenshot above. The screenshot is just showing the beginning portion of the header. Fortunately, you don’t need to navigate to the end of the header in this lab, as you will encrypt most of the header along with all data (6700 pixels).

3. Select the portion of the file with your mouse, as shown below.

That is the portion of the header that you will not encrypt. If you encrypt this portion, you cannot open the bitmap file by using an image viewer. Once you try to open it, the image viewer will warn you with a message similar to “this is not a valid image file.”

4. Press CTRL-I to invert the selection.

The size of the selected portion is 7727 bytes in total, as shown in the left-most part of the status bar. (1027 bytes belong to the header, 6700 bytes belong to the data). It is the part of the file that you will encrypt.

5. On a separate browser window, navigate to
https://cryptii.com/. Configure the Cryptii, as shown below.

Cryptii is a popular software as a service tool to perform certain encoding, encryption, and hashing operations. It is easy to use and fast.

6. Switch back to
https://hexed.it/ and right-click on the selected area with the size 7727 bytes (1) and select the “Export selected byte as code snippet” option. (2)

2

1

7. At the Export as code Snippet window, select the style as Plain Data (1), click on the Code Snippet portion of the box to automatically select the long string (data portion of the bitmap image)(2). Right-click on the selected text and copy the text.

1

2

To be on the safe side, open notepad.exe, paste the text to the notepad, and save the file as bmp_data.txt.

8. Switch to the Cryptii window and delete the Operand B (Repeating) as shown below.

Note: Throughout this lab, you will use Operand B as the key of the encryption operations. You will use Cryptool to generate this key value in the upcoming steps. That’s why you deleted the default value.

9. Paste the clipboard’s content -the unencrypted data copied from the bitmap file- to the input portion in Cryptii by pressing CTRL-V. The Cryptii window should be like the below.

At this point, you will need the Operand B to complete the AND operation. The Cryptii will take the input you pasted and ANDed the input with the Operand B in blocks (repeatedly). (We are calling this operating as “Encryption” in the context of this lab; however, be aware that it is not an encryption operation.) Now it is time to obtain a value for the Operand B by using CrypTool.

Steps 10-15 are to obtain a random key by using CrypTool. You can skip steps 10-15, and continue with the Step-16 and paste the key:
41 4E B4 32 53 DE 29 53 33 DA E2 83 A3 5E 4A D7 into the Operand B field of Cryptii
if you prefer to do so. For the ones who are curious about software-based random number generators, proceed with Step-10. Note that your key will be different than the one shown here.

10. Navigate to and make a reservation for Lab-2. Open Windows 10 VM, type in isecstudent as the password, and run CrypTool 2 by double clicking the CrypTool 2 icon on the desktop.

You will use CrypTool to generate a key to perform operations on the original bytes of the bitmap image. We want the key to be a truly random number; if you watched the Frequency stability property short film this week, you should have understood that humans favor certain sequences.

11. Click on the New (1), type “random” in the search box (2), and drag and drop the Random Number Generator to the project space (3).

3

2

1

12. Click on the green-colored random number generator, and stretch it (1), change the algorithm to RNGCryptoServiceProvider (2), and type 16 to the Output length field (3).

1

3

2

13. Click on the small purple arrow on the top right corner of the random number generator box, drag the mouse to an empty area at the right-hand side, and release the mouse button to see an output menu shown below. Select the text output option.

14. You will see the following text output field.

14. Click the play button (1) and get a random 16-byte key (2).

2

1

15. Copy the output by selecting all, right-clicking your mouse, and selecting the copy.

To be on the safe side, paste the 16-byte random string to a new text file and save the file as operandb.txt

16. Switch to the Cryptii window and paste the string to Operand B field. The space characters in Operand B do not make any difference in the output; it is a 16-byte (128-bit) key.

After pasting Operand B, Cryptii will automatically calculate the output by ANDing the input with the Operand B by 16-byte blocks and using the operand B repeatedly for each 16-byte block. Now it is time to paste the output to the original file already opened in
https://hexed.it/ and check how the bitmap file will look like after exporting the new file and opening it with an image viewer.

17. Click on any portion at the output field of Cryptii and press CTRL-A to select all the text. Right-click and click copy.

18. Switch to
https://hexed.it/ and close the Export as Code Snippet window if you haven’t done it by clicking on the X on the top right. Right-click on the selected text (1) -the unencrypted bitmap data- and click on the Delete selected bytes. (2)

2

1

19. Click on the Yes to confirm the deletion; keep the size of the deleted byte in mind (7727 bytes)

20. Right-click on the small + icon (1) and click on the Insert bytes here … in the menu poped-up. (2)

1

2

21. Type 7727 into the first field (1), delete the default content from the Fill pattern field, and press CTRL-V to paste the content of the clipboard (2), which is the content of the output box of the Cryptii (the result of the unencrypted bitmap data ANDed with Operand B), and click on the Apply button (3).

3

2

1

22. Your new bitmap file is ready to export. Click on the Export on the top. Rename the exported file as cat_AND.bmp. Keep the file for submission to your instructor.

Open the cat_AND.bmp with an image viewer. One can still notice the cat in the image.

23. Switch back to the Cryptii window. Choose the OR operation without changing the input and Operand B (Key).

It is normal if Cryptii becomes unresponsive for 10 to 15 seconds. Don’t mess with the browser window and click on the Wait button if the browser prompts a message indicating that the Page is unresponsive. If the Cryptii window keeps freezing after clicking the Wait button twice, then close the browser window, open the cryptii.com webpage on a new browser window. Paste the content of bmp_data.txt you created in step-7 to the input field and operandb.txt you created in step-15 to the Operand B field.

24. Copy the text in the output field.

25. Repeat steps 3, 4, 18, 19, 20, 21, and 22 by using
https://hexed.it/. This time save the file as cat_OR.bmp at the end of step-22. Keep the file for submission to your instructor.

Open the cat_OR.bmp with an image viewer. As with the AND operator, one can still notice the cat in the image.

26. Switch back to the Cryptii window. Choose the XOR operation without changing the input and Operand B (Key). Copy the text in the output field.

It is normal if Cryptii becomes unresponsive for 10 to 15 seconds. Don’t mess with the browser window and click on the Wait button if the browser prompts a message indicating that the Page is unresponsive. If the Cryptii window keeps freezing after clicking the Wait button twice, then close the browser window, open the cryptii.com webpage on a new browser window. Paste the content of bmp_data.txt you created in step-7 to the input field and operandb.txt you created in step-15 to the Operand B field.

27. Repeat steps 3, 4, 18, 19, 20, 21, and 22 by using
https://hexed.it/. This time save the file as cat_XOR.bmp at the end of step-22. Keep the file for submission to your instructor.

Open the cat_XOR.bmp with an image viewer. In this case, nobody can know what the original image was.

28. Switch back to the Cryptii window. Keep the XOR operation. Don’t change the input. Delete the last 14 octets of the Operand B (Key) and keep the first two octets. Copy the text in the output field.

It is normal if Cryptii becomes unresponsive for 10 to 15 seconds. Don’t mess with the browser window and click on the Wait button if the browser prompts a message indicating that the Page is unresponsive. If the Cryptii window keeps freezing after clicking the Wait button twice, then close the browser window, open the cryptii.com webpage on a new browser window. Paste the content of bmp_data.txt you created in step-7 to the input field and type the first two octets of the key in the operandb.txt file you created in step-15 into the Operand B field.

29. Repeat steps 3, 4, 18, 19, 20, 21, and 22 by using
https://hexed.it/. At this time, save the file as cat_XOR_2octets.bmp at the end of step-22. Keep the file for submission to your instructor.

This is the end of the lab.

Questions

1. Compare the following files and explain the difference by using mathematical facts.

cat_AND.bmp

cat_OR.bmp

cat_XOR.bmp

Hint: Think about the “entropy” concept and carefully analyze the truth tables of AND, OR, and XOR operations.

2. Why can’t the XOR operation in this lab be considered a one-time pad sample? What is the difference between the process in step-26 and a legitimate one-time pad operation?

3. Compare the following files. What is wrong with the second one? Why can the cat image be seen, although you used XOR operation in both?

cat_XOR.bmp

cat_XOR_2octets.bmp

4.

In symmetric key encryptions, the same key is used for encryption and decryption operations. You used AND, OR, and XOR operators to “encrypt” plain-text data (bitmap file). Prove that the XOR logic operation is symmetrical, meaning that Operand B -used to encrypt the bitmap data- can be used to decrypt the encoded bitmap file. Prove this (1) mathematically (by using the truth table of the XOR operator) and (2) practicing on the Crypti tool. Send two screenshots for the proof (2) to your instructor; one showing the encryption and one showing the decryption. Note that you don’t have to use the bitmap file and hexed.it in proof (2). You can use a random string and a random operand B.

Also, show that AND and OR operators corrupt the original image because these operators are irreversible (lossy). Therefore, the AND/OR operations performed in this lab cannot be regarded as encoding, encryption, or anything similar by no means. Choose one of the operators and prove this by using the truth table (1) and practicing in Cryptii (2).