XOR Cipher Encoder & Decoder
XOR text against a repeating key and output the result as hex or Base64, then decode hex or Base64 back to text. Fast reversible obfuscation, not encryption.
Result
3b000f1e0a5853320c00091052
Repeating-key XOR is obfuscation, not secure encryption. For real protection use AES.
- XOR text against a repeating key
- Output as hexadecimal or Base64
- Decode hex or Base64 back to text
- Works on full UTF-8 byte sequences
- Clear errors for malformed encoded input
- Private, client-side processing
How to use the XOR Cipher Encoder & Decoder
- 1
Choose Encode (text β hex/Base64) or Decode (hex/Base64 β text).
- 2
Enter the key to XOR against your data.
- 3
Type or paste your text or encoded string.
- 4
Pick hex or Base64 as the output format when encoding.
- 5
Read and copy the result below.
About the XOR Cipher Encoder & Decoder
The ByteTools XOR Cipher combines your text with a repeating key using the exclusive-or operation, the building block behind many stream ciphers. Encode to produce a hex or Base64 string, and decode that string back to the original text using the same key.
XOR is fully reversible: applying the same key twice returns the input, so one key both scrambles and restores your message. It is useful for lightweight obfuscation, learning how bitwise ciphers work, and CTF challenges that hide data behind a simple key.
All XOR maths runs locally in your browser with JavaScript on UTF-8 bytes, so nothing you enter is uploaded or stored. Be aware this is obfuscation, not secure encryption β for real protection use a proper AES tool.
Frequently asked questions
What is an XOR cipher?
An XOR cipher encrypts data by combining each byte with a byte from a repeating key using the exclusive-or operation. Because XOR is its own inverse, applying the same key again recovers the original bytes, making encoding and decoding symmetric.
Why is the output shown as hex or Base64?
XORing text often produces bytes that are not printable characters, which would display as garbage or break when copied. Encoding the result as hexadecimal or Base64 turns those raw bytes into safe, copyable text that survives being pasted anywhere.
How do I decode an XOR string?
Switch to decode, enter the exact same key used to encode, and paste the hex or Base64 string. The tool converts it back to bytes, XORs with the key, and shows the recovered UTF-8 text. A wrong key produces unreadable output.
Is an XOR cipher secure?
A repeating-key XOR is easy to break if the key is short or reused, and it is considered obfuscation rather than encryption. Only a one-time pad β a truly random key as long as the message, used once β is provably secure. For real security use AES.
Does the key length matter?
Yes. A longer, more random key repeats less often and is harder to attack, while a single-character key is very weak. Even so, no repeating-key XOR should be trusted with sensitive data; treat it as a puzzle or lightweight scrambler.
Related tools
- Text to Hex ConverterConvert UTF-8 text to a hexadecimal byte string with a choice of separators β space, none,β¦
- Hex to Text ConverterConvert hexadecimal back to readable UTF-8 text, accepting hex with or without spaces, 0x β¦
- Base64 EncoderEncode text or files to Base64 instantly in your browser. UTF-8 safe, with a URL-safe Baseβ¦
- AES Text EncrypterEncrypt text with a password using AES-256-GCM and PBKDF2 in your browser. Get a single Baβ¦