The ISAAC cipher

The ISAAC cipher
You are encouraged to solve this task according to the task description, using any language you may know.

ISAAC is a cryptographically secure pseudo-random number generator (CSPRNG) and stream cipher. It was developed by Bob Jenkins from 1993 ( and placed in the Public Domain. ISAAC is fast - especially when optimised - and portable to most architectures in nearly all programming and scripting languages. It is also simple and succinct, using as it does just two 256-word arrays for its state.

ISAAC stands for "Indirection, Shift, Accumulate, Add, and Count" which are the principal bitwise operations employed. To date - and that's after more than 20 years of existence - ISAAC has not been broken (unless GCHQ or NSA did it, but they wouldn't be telling). ISAAC thus deserves a lot more attention than it has hitherto received and it would be salutary to see it more universally implemented.

Your task, should you choose to accept it, is to translate ISAAC's reference C or Pascal code into your language of choice. The RNG should then be seeded with the string "this is my secret key" and finally the message "a Top Secret secret" should be encrypted on that key. Your program's output ciphertext will be a string of hexadecimal digits. Optional: Include a decryption check by re-initializing ISAAC and performing the same encryption pass on the ciphertext. Please use the C or Pascal as a reference guide to these operations.

Two encryption schemes are possible: (1) XOR (Vernam) or (2) Caesar-shift mod 95 (Vigenère). XOR is the simplest; C-shifting offers greater security. You may choose either scheme, or both, but please specify which you used. Here are the alternative sample outputs for checking purposes:

Message: a Top Secret secret
Key    : this is my secret key
XOR    : 1C0636190B1260233B35125F1E1D0E2F4C5422
MOD    : 734270227D36772A783B4F2A5F206266236978
XOR dcr: a Top Secret secret
MOD dcr: a Top Secret secret

No official seeding method for ISAAC has been published, but for this task we may as well just inject the bytes of our key into the randrsl array, padding with zeroes before mixing, like so:

// zeroise mm array
FOR i:= 0 TO 255 DO mm[i]:=0;
// check seed's highest array element
m := High(seed);
// inject the seed
FOR i:= 0 TO 255 DO BEGIN
	// in case seed[] has less than 256 elements.
	IF i>m THEN randrsl[i]:=0  
		ELSE randrsl[i]:=seed[i];
// initialize ISAAC with seed

ISAAC can of course also be initialized with a single 32-bit unsigned integer in the manner of traditional RNGs, and indeed used as such for research and gaming purposes. But building a strong and simple ISAAC-based stream cipher - replacing the irreparably broken RC4 - is our goal here: ISAAC's intended purpose.


At the top is Bob Jenkins' reference code for ISAAC. Below and in main() is the task's complete solution for XOR and MOD. <lang C> /* Known to compile and work with tcc in win32 & gcc on Linux (with warnings)

readable.c: My random number generator, ISAAC. (c) Bob Jenkins, March 1996, Public Domain You may use this code in any way you wish, and it is free. No warrantee.

  • /
  1. include <stdio.h>
  2. include <stddef.h>
  3. include <string.h>
  4. ifdef _MSC_VER
 typedef unsigned __int32 uint32_t;
  1. else
 #include <stdint.h>
  1. endif

/* a ub4 is an unsigned 4-byte quantity */ typedef uint32_t ub4;

/* external results */ ub4 randrsl[256], randcnt;

/* internal state */ static ub4 mm[256]; static ub4 aa=0, bb=0, cc=0;

void isaac() {

  register ub4 i,x,y;
  cc = cc + 1;    /* cc just gets incremented once per 256 results */
  bb = bb + cc;   /* then combined with bb */
  for (i=0; i<256; ++i)
    x = mm[i];
    switch (i%4)
    case 0: aa = aa^(aa<<13); break;
    case 1: aa = aa^(aa>>6); break;
    case 2: aa = aa^(aa<<2); break;
    case 3: aa = aa^(aa>>16); break;
    aa              = mm[(i+128)%256] + aa;
    mm[i]      = y  = mm[(x>>2)%256] + aa + bb;
    randrsl[i] = bb = mm[(y>>10)%256] + x;
  // not in original readable.c
  randcnt = 0;


/* if (flag!=0), then use the contents of randrsl[] to initialize mm[]. */

  1. define mix(a,b,c,d,e,f,g,h) \

{ \

  a^=b<<11; d+=a; b+=c; \
  b^=c>>2;  e+=b; c+=d; \
  c^=d<<8;  f+=c; d+=e; \
  d^=e>>16; g+=d; e+=f; \
  e^=f<<10; h+=e; f+=g; \
  f^=g>>4;  a+=f; g+=h; \
  g^=h<<8;  b+=g; h+=a; \
  h^=a>>9;  c+=h; a+=b; \


void randinit(int flag) {

  register int i;
  ub4 a,b,c,d,e,f,g,h;
  a=b=c=d=e=f=g=h=0x9e3779b9;  /* the golden ratio */
  for (i=0; i<4; ++i)          /* scramble it */
  for (i=0; i<256; i+=8)   /* fill in mm[] with messy stuff */
    if (flag)                  /* use all the information in the seed */


      a+=randrsl[i  ]; b+=randrsl[i+1]; c+=randrsl[i+2]; d+=randrsl[i+3];
      e+=randrsl[i+4]; f+=randrsl[i+5]; g+=randrsl[i+6]; h+=randrsl[i+7];
    mm[i  ]=a; mm[i+1]=b; mm[i+2]=c; mm[i+3]=d;
    mm[i+4]=e; mm[i+5]=f; mm[i+6]=g; mm[i+7]=h;
  if (flag)
  {        /* do a second pass to make all of the seed affect all of mm */

for (i=0; i<256; i+=8)

      a+=mm[i  ]; b+=mm[i+1]; c+=mm[i+2]; d+=mm[i+3];
      e+=mm[i+4]; f+=mm[i+5]; g+=mm[i+6]; h+=mm[i+7];
      mm[i  ]=a; mm[i+1]=b; mm[i+2]=c; mm[i+3]=d;
      mm[i+4]=e; mm[i+5]=f; mm[i+6]=g; mm[i+7]=h;
  isaac();            /* fill in the first set of results */
  randcnt=0;        /* prepare to use the first set of results */


// Get a random 32-bit value 0..MAXINT ub4 iRandom() { ub4 r = randrsl[randcnt]; ++randcnt; if (randcnt >255) { isaac(); randcnt = 0; } return r; }

// Get a random character in printable ASCII range char iRandA() { return iRandom() % 95 + 32; }

// Seed ISAAC with a string void iSeed(char *seed, int flag) { register ub4 i,m; for (i=0; i<256; i++) mm[i]=0; m = strlen(seed); for (i=0; i<256; i++) { // in case seed has less than 256 elements

       if (i>m) randrsl[i]=0;  else randrsl[i] = seed[i];

} // initialize ISAAC with seed randinit(flag); }

// maximum length of message

  1. define MAXMSG 4096
  2. define MOD 95
  3. define START 32

// cipher modes for Caesar enum ciphermode { mEncipher, mDecipher, mNone };

// XOR cipher on random stream. Output: ASCII string char v[MAXMSG]; char* Vernam(char *msg) { register ub4 i,l; l = strlen(msg); // zeroise v memset(v,'\0',l+1); // XOR message for (i=0; i<l; i++) v[i] = iRandA() ^ msg[i]; return v; }

// Caesar-shift a printable character char Caesar(enum ciphermode m, char ch, char shift, char modulo, char start) { register int n; if (m == mDecipher) shift = -shift; n = (ch-start) + shift; n = n % modulo; if (n<0) n += modulo; return start+n; }

// Caesar-shift a string on a pseudo-random stream char c[MAXMSG]; char* CaesarStr(enum ciphermode m, char *msg, char modulo, char start) { register ub4 i,l; l = strlen(msg); // zeroise c memset(c,'\0',l+1); // Caesar-shift message for (i=0; i<l; i++) c[i] = Caesar(m, msg[i], iRandA(), modulo, start); return c; }

int main() { register ub4 n,l; // input: message and key char *msg = "a Top Secret secret"; char *key = "this is my secret key"; // Vernam ciphertext & plaintext char vctx[MAXMSG], vptx[MAXMSG]; // Caesar ciphertext & plaintext char cctx[MAXMSG], cptx[MAXMSG]; l = strlen(msg); // Encrypt: Vernam XOR iSeed(key,1); strcpy(vctx, Vernam(msg)); // Encrypt: Caesar strcpy(cctx, CaesarStr(mEncipher, msg, MOD, START)); // Decrypt: Vernam XOR iSeed(key,1); strcpy(vptx, Vernam(vctx)); // Decrypt: Caesar strcpy(cptx, CaesarStr(mDecipher,cctx, MOD, START)); // Program output printf("Message: %s\n",msg); printf("Key  : %s\n",key); printf("XOR  : "); // Output Vernam ciphertext as a string of hex digits for (n=0; n<l; n++) printf("%02X",vctx[n]); printf("\n"); // Output Vernam decrypted plaintext printf("XOR dcr: %s\n",vptx); // Caesar printf("MOD  : "); // Output Caesar ciphertext as a string of hex digits for (n=0; n<l; n++) printf("%02X",cctx[n]); printf("\n"); // Output Caesar decrypted plaintext printf("MOD dcr: %s\n",cptx); return 0; } </lang> Sample output:

XOR with decryption check. <lang C sharp> using System;

namespace cipher {

static class Cipher {

// external results static uint[] randrsl = new uint[256]; static uint randcnt; // internal state static uint[] mm = new uint[256]; static uint aa=0, bb=0, cc=0;

static void isaac() {

  uint i,x,y;
  cc++;    // cc just gets incremented once per 256 results 
  bb+=cc;   // then combined with bb 
  for (i=0; i<=255; i++) {
    x = mm[i];
    switch (i & 3) {
     case 0: aa = aa ^ (aa << 13); break;
     case 1: aa = aa ^ (aa >> 6); break;
     case 2: aa = aa ^ (aa << 2); break;
     case 3: aa = aa ^ (aa >> 16); break;
    aa = mm[(i+128) & 255] + aa;
    y  = mm[(x >> 2) & 255] + aa + bb;
    mm[i] = y; 	
    bb = mm[(y >> 10) & 255] + x; 
    randrsl[i]= bb; 


// if (flag==TRUE), then use the contents of randrsl[] to initialize mm[]. static void mix(ref uint a, ref uint b, ref uint c, ref uint d, ref uint e, ref uint f, ref uint g, ref uint h) {

  a = a ^ b << 11; d+=a; b+=c; 
  b = b ^ c >> 2;  e+=b; c+=d; 
  c = c ^ d << 8;  f+=c; d+=e;
  d = d ^ e >> 16; g+=d; e+=f;
  e = e ^ f << 10; h+=e; f+=g;
  f = f ^ g >> 4;  a+=f; g+=h;
  g = g ^ h << 8;  b+=g; h+=a;
  h = h ^ a >> 9;  c+=h; a+=b;


static void Init(bool flag) {

 short i; uint a,b,c,d,e,f,g,h;
  aa=0; bb=0; cc=0;
  a=0x9e3779b9; b=a; c=a; d=a; 
  e=a; f=a; g=a; h=a; 
  for (i=0; i<=3; i++)           // scramble it 
       mix(ref a,ref b,ref c,ref d,ref e,ref f,ref g,ref h);
  do  { // fill in mm[] with messy stuff  
         if (flag) {     // use all the information in the seed 
           a+=randrsl[i  ]; b+=randrsl[i+1]; c+=randrsl[i+2]; d+=randrsl[i+3];
           e+=randrsl[i+4]; f+=randrsl[i+5]; g+=randrsl[i+6]; h+=randrsl[i+7];
         } // if flag
     mix(ref a,ref b,ref c,ref d,ref e,ref f,ref g,ref h);
     mm[i  ]=a; mm[i+1]=b; mm[i+2]=c; mm[i+3]=d;
     mm[i+4]=e; mm[i+5]=f; mm[i+6]=g; mm[i+7]=h;
  while (i<255);
  if (flag) {
  // do a second pass to make all of the seed affect all of mm 
    do {
     a+=mm[i  ]; b+=mm[i+1]; c+=mm[i+2]; d+=mm[i+3];
     e+=mm[i+4]; f+=mm[i+5]; g+=mm[i+6]; h+=mm[i+7];
     mix(ref a,ref b,ref c,ref d,ref e,ref f,ref g,ref h);
     mm[i  ]=a; mm[i+1]=b; mm[i+2]=c; mm[i+3]=d;
     mm[i+4]=e; mm[i+5]=f; mm[i+6]=g; mm[i+7]=h;
    while (i<255);
  isaac();           // fill in the first set of results 
  randcnt=0;       // prepare to use the first set of results 


// Seed ISAAC with a string static void Seed(string seed, bool flag) { for (int i=0; i<256; i++) mm[i]=0; for (int i=0; i<256; i++) randrsl[i]=0; int m = seed.Length; for (int i=0; i<m; i++) {

       randrsl[i] = seed[i];

} // initialize ISAAC with seed Init(flag); }

// Get a random 32-bit value static uint Random() {

   uint result = randrsl[randcnt];
   if (randcnt>255) {
        isaac(); randcnt=0;
   return result;


// Get a random character in printable ASCII range static byte RandA() { return (byte)(Random() % 95 + 32); }

// XOR encrypt on random stream. Output: ASCII byte array static byte[] Vernam(string msg) { int n,l; byte[] v = new byte[msg.Length]; l = msg.Length; // XOR message for (n=0; n<l; n++) { v[n] = (byte) (RandA() ^ (byte)msg[n]); } return v; }

public static void Main() { string msg = "a Top Secret secret"; string key = "this is my secret key"; byte[] xctx= new byte[msg.Length]; byte[] xptx= new byte[msg.Length]; string xtcx= "*******************"; string xtpx= "*******************"; Seed(key,true); // XOR encrypt xctx = Vernam(msg); xtcx = System.Text.Encoding.ASCII.GetString(xctx); // XOR decrypt Seed(key,true); xptx = Vernam(xtcx); xtpx = System.Text.Encoding.ASCII.GetString(xptx); Console.WriteLine("Message: "+msg); Console.WriteLine("Key  : "+key); Console.Write ("XOR  : "); // output ciphertext as a string of hexadecimal digits for (int n=0; n<xctx.Length; n++) Console.Write("{0:X2}", xctx[n]); Console.WriteLine("\nXOR dcr: "+xtpx); } } } </lang> Sample output:

Improved from the C# version. XOR with decryption check. <lang d>import std.algorithm: min; import std.typetuple: TypeTuple; import std.algorithm: copy;

template Iota(uint stop) { // For manual loop unrolling.

   static if (stop <= 0)
       alias Iota = TypeTuple!();
       alias Iota = TypeTuple!(Iota!(stop - 1), stop - 1);


struct ISAAC {

   // External results.
   private uint[mm.length] randResult;
   private uint randCount;
   // Internal state.
   private uint[256] mm;
   private uint aa, bb, cc;

   private void isaac() pure nothrow @safe @nogc {
       cc++;         // cc just gets incremented once per mm.length results.
       bb = bb + cc; // Then combined with bb.
       foreach (immutable i, ref mmi; mm) {
           immutable x = mm[i];
           final switch (i % 4) { // Not enforced final switch.
               case 0: aa ^= (aa << 13); break;
               case 1: aa ^= (aa >>  6); break;
               case 2: aa ^= (aa <<  2); break;
               case 3: aa ^= (aa >> 16); break;
           aa = mm[(i + 128) % $] + aa;
           immutable y = mm[(x >> 2) % $] + aa + bb;
           bb = mm[(y >> 10) % $] + x;
           randResult[i] = bb;
       randCount = 0;

   // If flag is true then use the contents of randResult to initialize mm.
   private pure nothrow @safe @nogc static void mix(ref uint[8] a)  {
       alias shifts = TypeTuple!(11, 2, 8, 16, 10, 4, 8, 9);
       /*static*/ foreach (immutable i, immutable sh; shifts) {
           static if (i % 2 == 0)
               a[i] ^= a[(i + 1) % $] << sh;
               a[i] ^= a[(i + 1) % $] >> sh;
           a[(i + 3) % $] += a[i];
           a[(i + 1) % $] += a[(i + 2) % $];

   private void randInit(bool flag)() pure nothrow @safe @nogc {
       uint[8] a = 0x9E37_79B9; // The Golden Ratio.
       aa = bb = cc = 0;
       // Scramble it.
       /*static*/ foreach (immutable i; Iota!4)
       // Fill in mm with messy stuff. Use all the information in the seed.
       for (size_t i = 0; i < mm.length; i += 8) {
           static if (flag)
               a[] += randResult[i .. i + 8];
           mm[i .. i + 8] = a[];
       // Do a second pass to make all of the seed affect all of mm.
       static if (flag) {
           for (size_t i = 0; i < mm.length; i += 8) {
               a[] += mm[i .. i + 8];
               mm[i .. i + 8] = a[];
       isaac();       // Fill in the first set of results.
       randCount = 0; // Prepare to use the first set of results.

   /// Seed ISAAC with a string.
   /// Uses only the first randResult.length ubytes.
   public void iSeed(bool flag)(in ubyte[] seed) pure nothrow @safe @nogc {
       mm[] = 0;
       randResult[] = 0;
       immutable n = min(randResult.length, seed.length);
       copy(seed[0 .. n], randResult[0 .. n]);
       randInit!flag(); // Initialize ISAAC with seed.

   /// Get a random uint.
   private uint iRandom() pure nothrow @safe @nogc {
       immutable result = randResult[randCount];
       if (randCount > (randResult.length - 1)) {
           randCount = 0;
       return result;

   /// Get a random character in printable ASCII range.
   private ubyte iRandA() pure nothrow @safe @nogc {
       return iRandom() % 95 + 32;

   /// XOR encrypt on random stream.
   /// buffer must be as large as message or larger.
   public ubyte[] vernam(in ubyte[] message, ubyte[] buffer)
   pure nothrow @safe @nogc
   in {
       assert(buffer.length >= message.length);
   } out(result) {
       assert(result.length == message.length);
   } body {
       auto v = buffer[0 .. message.length];
       // XOR message.
       foreach (immutable i, immutable msgi; message)
           v[i] = (iRandA() ^ msgi);
       return v;

   /// XOR encrypt on random stream.
   public ubyte[] vernam(in ubyte[] message) pure nothrow @safe {
       return vernam(message, new ubyte[message.length]);


void main() {

   import std.stdio, std.string;
   immutable message = "a Top Secret secret";
   immutable key = "this is my secret key";
   writeln("Message  : ", message);
   writeln("Key      : ", key);
   ISAAC cipher;
   // Encrypt.
   // iSeed uses only the first ISAAC.randResult.length ubytes.
   const encrypted = cipher.vernam(message.representation);
   // Output ciphertext as a string of hexadecimal digits.
   writefln("Encrypted: %(%02X%)", encrypted);
   // Decrypt.
   const decrypted = cipher.vernam(encrypted);
   writeln("Decrypted: ", decrypted.assumeUTF);


Translation of Pascal. <lang Delphi> {$apptype console} PROGRAM RosettaIsaac; USES SysUtils;

// TASK globals VAR msg : STRING = 'a Top Secret secret'; VAR key : STRING = 'this is my secret key'; VAR xctx: STRING = ; // XOR ciphertext VAR mctx: STRING = ; // MOD ciphertext

// ISAAC globals // external results VAR randrsl: ARRAY[0..256] OF CARDINAL; VAR randcnt: cardinal; // internal state VAR mm: ARRAY[0..256] OF CARDINAL; VAR aa: CARDINAL=0; bb: CARDINAL=0; cc: CARDINAL=0;


  cc := cc + 1;    // cc just gets incremented once per 256 results 
  bb := bb + cc;   // then combined with bb 
  FOR i := 0 TO 255 DO BEGIN
    x := mm[i];
    CASE (i mod 4) OF

0: aa := aa xor (aa shl 13); 1: aa := aa xor (aa shr 6); 2: aa := aa xor (aa shl 2); 3: aa := aa xor (aa shr 16);

    aa := mm[(i+128) mod 256] + aa;

y  := mm[(x shr 2) mod 256] + aa + bb;

    mm[i] := y; 	
    bb := mm[(y shr 10) mod 256] + x; 
    randrsl[i]:= bb; 
  // this reset was not in original readable.c!
  randcnt:=0;  // prepare to use the first set of results 

END; {Isaac}

// if (flag==TRUE), then use the contents of randrsl[] to initialize mm[]. PROCEDURE mix(VAR a,b,c,d,e,f,g,h: CARDINAL); BEGIN a := a xor b shl 11; d:=d+a; b:=b+c; b := b xor c shr 2; e:=e+b; c:=c+d; c := c xor d shl 8; f:=f+c; d:=d+e; d := d xor e shr 16; g:=g+d; e:=e+f; e := e xor f shl 10; h:=h+e; f:=f+g; f := f xor g shr 4; a:=a+f; g:=g+h; g := g xor h shl 8; b:=b+g; h:=h+a; h := h xor a shr 9; c:=c+h; a:=a+b; END; {mix}

PROCEDURE iRandInit(flag: BOOLEAN); VAR i,a,b,c,d,e,f,g,h: CARDINAL; BEGIN

  aa:=0; bb:=0; cc:=0;
  a:=$9e3779b9; 	// the golden ratio
  b:=a; c:=a; d:=a; e:=a; f:=a; g:=a; h:=a; 
  FOR i := 0 TO 3 DO          // scramble it 
  REPEAT  // fill in mm[] with messy stuff 

IF flag THEN BEGIN // use all the information in the seed

      a:=a+randrsl[i  ]; b:=b+randrsl[i+1]; c:=c+randrsl[i+2]; d:=d+randrsl[i+3];
      e:=e+randrsl[i+4]; f:=f+randrsl[i+5]; g:=g+randrsl[i+6]; h:=h+randrsl[i+7];
   mm[i  ]:=a; mm[i+1]:=b; mm[i+2]:=c; mm[i+3]:=d;
   mm[i+4]:=e; mm[i+5]:=f; mm[i+6]:=g; mm[i+7]:=h;


  UNTIL i>255;
  IF (flag) THEN BEGIN
  // do a second pass to make all of the seed affect all of mm 
     a:=a+mm[i  ]; b:=b+mm[i+1]; c:=c+mm[i+2]; d:=d+mm[i+3];
     e:=e+mm[i+4]; f:=f+mm[i+5]; g:=g+mm[i+6]; h:=h+mm[i+7];
     mm[i  ]:=a; mm[i+1]:=b; mm[i+2]:=c; mm[i+3]:=d;
     mm[i+4]:=e; mm[i+5]:=f; mm[i+6]:=g; mm[i+7]:=h;
    UNTIL i>255; 
  isaac();           // fill in the first set of results 
  randcnt:=0;       // prepare to use the first set of results 

END; {randinit}

{ Seed ISAAC with a given string.

 The string can be any size. The first 256 values will be used.}

PROCEDURE iSeed(seed: STRING; flag: BOOLEAN); VAR i,m: CARDINAL; BEGIN FOR i:= 0 TO 255 DO mm[i]:=0; m := Length(seed)-1; FOR i:= 0 TO 255 DO BEGIN // in case seed has less than 256 elements

       IF i>m THEN randrsl[i]:=0  

// Pascal strings are 1-based ELSE randrsl[i]:=ord(seed[i+1]); END; // initialize ISAAC with seed iRandInit(flag); END; {iSeed}

{ Get a random 32-bit value 0..MAXINT } FUNCTION iRandom : Cardinal; BEGIN result := randrsl[randcnt]; inc(randcnt); IF (randcnt >255) THEN BEGIN Isaac(); randcnt := 0; END; END; {iRandom}

{ Get a random character in printable ASCII range } FUNCTION iRandA: BYTE; BEGIN result := iRandom mod 95 + 32; END;

{ convert an ASCII string to a hexadecimal string } FUNCTION ascii2hex(s: STRING): STRING; VAR i,l: CARDINAL; BEGIN result := ; l := Length(s); FOR i := 1 TO l DO result := result + IntToHex(ord(s[i]),2); END;

{ XOR encrypt on random stream. Output: string of hex chars } FUNCTION Vernam(msg: STRING): STRING; VAR i: CARDINAL; BEGIN result := ; FOR i := 1 to length(msg) DO result := result + chr(iRandA xor ord(msg[i])); result := ascii2hex(result); END;

{ Get position of the letter in chosen alphabet } FUNCTION letternum(letter, start: CHAR): byte; BEGIN result := (ord(letter)-ord(start)); END;

{ Caesar-shift a character <shift> places: Generalized Vigenere } FUNCTION Caesar(ch: CHAR; shift, modulo: INTEGER; start: CHAR): CHAR; VAR n: INTEGER; BEGIN n := letternum(ch,start) + shift; n := n MOD modulo; result := chr(ord(start)+n); END;

{ Vigenere mod 95 encryption. Output: string of hex chars } FUNCTION Vigenere(msg: STRING): STRING; VAR i: CARDINAL; BEGIN result := ; FOR i := 1 to length(msg) DO result := result + Caesar(msg[i],iRandA,95,' '); result := ascii2hex(result); END;

BEGIN // 1) seed ISAAC with the key iSeed(key,true); // 2) Vernam XOR encryption xctx := Vernam(msg); // 3) MOD encryption mctx := Vigenere(msg); // program output Writeln('Message: ',msg); Writeln('Key  : ',key); Writeln('XOR  : ',xctx); Writeln('MOD  : ',mctx); END. </lang> Sample output:

XOR version <lang go>package main

import "fmt"

const (

   msg = "a Top Secret secret"
   key = "this is my secret key"


func main() {

   var z state
   fmt.Println("Message: ", msg)
   fmt.Println("Key    : ", key)
   fmt.Println("XOR    : ", z.vernam(msg))


type state struct {

   aa, bb, cc uint32
   mm         [256]uint32
   randrsl    [256]uint32
   randcnt    int


func (z *state) isaac() { +=
   for i, x := range {
       switch i % 4 {
       case 0:
           z.aa = z.aa ^ z.aa<<13
       case 1:
           z.aa = z.aa ^ z.aa>>6
       case 2:
           z.aa = z.aa ^ z.aa<<2
       case 3:
           z.aa = z.aa ^ z.aa>>16
       z.aa +=[(i+128)%256]
       y :=[x>>2%256] + z.aa +[i] = y =[y>>10%256] + x
       z.randrsl[i] =


func (z *state) randInit() {

   const gold = uint32(0x9e3779b9)
   a := [8]uint32{gold, gold, gold, gold, gold, gold, gold, gold}
   mix1 := func(i int, v uint32) {
       a[i] ^= v
       a[(i+3)%8] += a[i]
       a[(i+1)%8] += a[(i+2)%8]
   mix := func() {
       mix1(0, a[1]<<11)
       mix1(1, a[2]>>2)
       mix1(2, a[3]<<8)
       mix1(3, a[4]>>16)
       mix1(4, a[5]<<10)
       mix1(5, a[6]>>4)
       mix1(6, a[7]<<8)
       mix1(7, a[0]>>9)
   for i := 0; i < 4; i++ {
   for i := 0; i < 256; i += 8 {
       for j, rj := range z.randrsl[i : i+8] {
           a[j] += rj
       for j, aj := range a {
 [i+j] = aj
   for i := 0; i < 256; i += 8 {
       for j, mj := range[i : i+8] {
           a[j] += mj
       for j, aj := range a {
 [i+j] = aj


func (z *state) seed(seed string) {

   for i, r := range seed {
       if i == 256 {
       z.randrsl[i] = uint32(r)


func (z *state) random() (r uint32) {

   r = z.randrsl[z.randcnt]
   if z.randcnt == 256 {
       z.randcnt = 0


func (z *state) randA() byte {

   return byte(z.random()%95 + 32)


func (z *state) vernam(msg string) string {

   b := []byte(msg)
   for i := range b {
       b[i] ^= z.randA()
   return fmt.Sprintf("%X", b)


Free Pascal. A fully functional and complete reference solution of the task. <lang Pascal> PROGRAM RosettaIsaac; USES StrUtils;

TYPE iMode = (iEncrypt,iDecrypt); // TASK globals VAR msg : STRING = 'a Top Secret secret'; key : STRING = 'this is my secret key'; xctx: STRING = ; // XOR ciphertext mctx: STRING = ; // MOD ciphertext xptx: STRING = ; // XOR decryption (plaintext) mptx: STRING = ; // MOD decryption (plaintext) mode: iMode = iEncrypt;

// ISAAC globals // external results VAR randrsl: ARRAY[0..256] OF CARDINAL; randcnt: cardinal; // internal state VAR mm: ARRAY[0..256] OF CARDINAL; aa: CARDINAL=0; bb: CARDINAL=0; cc: CARDINAL=0;


  cc := cc + 1;    // cc just gets incremented once per 256 results 
  bb := bb + cc;   // then combined with bb 
  FOR i := 0 TO 255 DO BEGIN
    x := mm[i];
    CASE (i mod 4) OF

0: aa := aa xor (aa shl 13); 1: aa := aa xor (aa shr 6); 2: aa := aa xor (aa shl 2); 3: aa := aa xor (aa shr 16);

    aa := mm[(i+128) mod 256] + aa;

y  := mm[(x shr 2) mod 256] + aa + bb;

    mm[i] := y; 	
    bb := mm[(y shr 10) mod 256] + x; 
    randrsl[i]:= bb; 
  // this reset was not in the original readable.c
  randcnt:=0;  // prepare to use the first set of results 

END; {Isaac}

// if (flag==TRUE), then use the contents of randrsl[] to initialize mm[]. PROCEDURE mix(VAR a,b,c,d,e,f,g,h: CARDINAL); BEGIN a := a xor b shl 11; d:=d+a; b:=b+c; b := b xor c shr 2; e:=e+b; c:=c+d; c := c xor d shl 8; f:=f+c; d:=d+e; d := d xor e shr 16; g:=g+d; e:=e+f; e := e xor f shl 10; h:=h+e; f:=f+g; f := f xor g shr 4; a:=a+f; g:=g+h; g := g xor h shl 8; b:=b+g; h:=h+a; h := h xor a shr 9; c:=c+h; a:=a+b; END; {mix}

PROCEDURE iRandInit(flag: BOOLEAN); VAR i,a,b,c,d,e,f,g,h: CARDINAL; BEGIN

  aa:=0; bb:=0; cc:=0;
  a:=$9e3779b9; 	// the golden ratio
  b:=a; c:=a; d:=a; e:=a; f:=a; g:=a; h:=a; 
  FOR i := 0 TO 3 DO          // scramble it 
  REPEAT  // fill in mm[] with messy stuff 

IF flag THEN BEGIN // use all the information in the seed

      a+=randrsl[i  ]; b+=randrsl[i+1]; c+=randrsl[i+2]; d+=randrsl[i+3];
      e+=randrsl[i+4]; f+=randrsl[i+5]; g+=randrsl[i+6]; h+=randrsl[i+7];
   mm[i  ]:=a; mm[i+1]:=b; mm[i+2]:=c; mm[i+3]:=d;
   mm[i+4]:=e; mm[i+5]:=f; mm[i+6]:=g; mm[i+7]:=h;


  UNTIL i>255;
  IF (flag) THEN BEGIN
  // do a second pass to make all of the seed affect all of mm 
     a+=mm[i  ]; b+=mm[i+1]; c+=mm[i+2]; d+=mm[i+3];
     e+=mm[i+4]; f+=mm[i+5]; g+=mm[i+6]; h+=mm[i+7];
     mm[i  ]:=a; mm[i+1]:=b; mm[i+2]:=c; mm[i+3]:=d;
     mm[i+4]:=e; mm[i+5]:=f; mm[i+6]:=g; mm[i+7]:=h;
    UNTIL i>255; 
  isaac();           // fill in the first set of results 
  randcnt:=0;       // prepare to use the first set of results 

END; {randinit}

{ Seed ISAAC with a given string.

 The string can be any size. The first 256 values will be used.}

PROCEDURE iSeed(seed: STRING; flag: BOOLEAN); VAR i,m: CARDINAL; BEGIN FOR i:= 0 TO 255 DO mm[i]:=0; m := Length(seed)-1; FOR i:= 0 TO 255 DO BEGIN // in case seed has less than 256 elements

       IF i>m THEN randrsl[i]:=0  

// Pascal strings are 1-based ELSE randrsl[i]:=ord(seed[i+1]); END; // initialize ISAAC with seed iRandInit(flag); END; {iSeed}

{ Get a random 32-bit value 0..MAXINT } FUNCTION iRandom : Cardinal; BEGIN iRandom := randrsl[randcnt]; inc(randcnt); IF (randcnt >255) THEN BEGIN Isaac(); randcnt := 0; END; END; {iRandom}

{ Get a random character in printable ASCII range } FUNCTION iRandA: BYTE; BEGIN iRandA := iRandom mod 95 + 32; END;

{ convert an ASCII string to a hexadecimal string } FUNCTION ascii2hex(s: STRING): STRING; VAR i,l: CARDINAL; BEGIN ascii2hex := ; l := Length(s); FOR i := 1 TO l DO ascii2hex += Dec2Numb(ord(s[i]),2,16); END;

{ XOR encrypt on random stream. Output: ASCII string } FUNCTION Vernam(msg: STRING): STRING; VAR i: CARDINAL; BEGIN Vernam := ; FOR i := 1 to length(msg) DO Vernam += chr(iRandA xor ord(msg[i])); END;

{ Get position of the letter in chosen alphabet } FUNCTION letternum(letter, start: CHAR): byte; BEGIN letternum := (ord(letter)-ord(start)); END;

{ Caesar-shift a character <shift> places: Generalized Vigenere } FUNCTION Caesar(m: iMode; ch: CHAR; shift, modulo: INTEGER; start: CHAR): CHAR; VAR n: INTEGER; BEGIN IF m = iDecrypt THEN shift := -shift; n := letternum(ch,start) + shift; n := n MOD modulo; IF n<0 THEN n += modulo; Caesar := chr(ord(start)+n); END;

{ Vigenere mod 95 encryption & decryption. Output: ASCII string } FUNCTION Vigenere(msg: STRING; m: iMode): STRING; VAR i: CARDINAL; BEGIN Vigenere := ; FOR i := 1 to length(msg) DO Vigenere += Caesar(m,msg[i],iRandA,95,' '); END;

BEGIN // 1) seed ISAAC with the key iSeed(key,true); // 2) Encryption mode := iEncrypt; // a) XOR (Vernam) xctx := Vernam(msg); // b) MOD (Vigenere) mctx := Vigenere(msg,mode); // 3) Decryption mode := iDecrypt; iSeed(key,true); // a) XOR (Vernam) xptx:= Vernam(xctx); // b) MOD (Vigenere) mptx:=Vigenere(mctx,mode); // program output Writeln('Message: ',msg); Writeln('Key  : ',key); Writeln('XOR  : ',ascii2hex(xctx)); Writeln('MOD  : ',ascii2hex(mctx)); Writeln('XOR dcr: ',xptx); Writeln('MOD dcr: ',mptx); END.

</lang> Sample output:

Perl has had an ISAAC module for a few years, and it is the recommended way to use ISAAC. This example uses Math::Random::ISAAC which is a pure Perl implementation, but will also allow faster operation if the Math::Random::ISAAC::XS module is installed.

Since ISAAC does not do its own seeding, the Bytes::Random::Secure module is recommended for general use as it includes ISAAC plus a portable way to get good entropy, as well as additional convenience functions.

<lang perl>use warnings; use strict; use Math::Random::ISAAC;

my $message = "a Top Secret secret"; my $key = "this is my secret key";

my $enc = xor_isaac($key, $message); my $dec = xor_isaac($key, join "", pack "H*", $enc);

print "Message: $message\n"; print "Key  : $key\n"; print "XOR  : $enc\n"; print "XOR dcr: ", join("", pack "H*", $dec), "\n";

sub xor_isaac {

 my($key, $msg) = @_;
 # Make an ISAAC stream with the desired seed
 my $rng = Math::Random::ISAAC->new( map { ord } split "",$key );
 # Get ISAAC output in the order the task wants
 my @iranda = map { $_ % 95 + 32 }  # Alpha-tize as the task desires
              reverse               # MRI gives state from the end
              map { $rng->irand }   # Get random inputs...
              0..255;               # a state chunk at a time
 # Encode:
 join "", map { sprintf "%02X",$_ }         # join hex digits
          map { ord($_) ^ shift(@iranda) }  # xor it with rand char
          split "", $msg;                   # Take each character


- Imperative version:

Translation of: C

- Vigniere:

Translation of: Pascal

In the Pascal (and reference version) of the Vigniere encryption, the state engine is not reset after having been used for the XOR version. There are two sets of MOD results below... one with the state engine left from after the XOR, and one with a cleanly reseeded state engine.

<lang racket> </lang>



version 1

<lang rexx>/* REXX ---------------------------------------------------------------

  • 24.07.2014 Walter Pachl translated from Pascal
  • extend with decryption (following Pascal)
  • 25.07.2014 WP changed i+=8 to I=I+8 (courtesy GS)
  • 26.07-2014 WP removed extraneous semicolons
  • --------------------------------------------------------------------*/

Numeric Digits 32 aa=0 bb=0 cc=0 mm.=0 randcnt=0 randrsl.=0 msg='a Top Secret secret' key='this is my secret key' iMode='iEncrypt'

Call iSeed key,1 /* 1) seed ISAAC with the key */ xctx=Vernam(msg) /* 2) Vernam XOR encryption */ mode='iEncrypt' mctx=Vigenere(msg,mode) /* 3) MOD encryption */ Call iSeed key,1 xptx=Vernam(xctx) /* a) XOR (Vernam) */ mode='iDecrypt' mptx=Vigenere(mctx,mode) /* b) MOD (Vigenere) */

                         /* program output             */

Say 'Message: 'msg Say 'Key  : 'key Say 'XOR  : 'c2x(xctx) Say 'MOD  : 'c2x(mctx) Say 'XOR dcr: 'xptx Say 'MOD dcr: 'mptx Exit

isaac: Procedure Expose mm. aa bb cc randrsl. randcnt

 Do i=0 To 255
     When im4=0 Then aa=xor(aa,shl(aa,13))
     When im4=1 Then aa=xor(aa,shr(aa, 6))
     When im4=2 Then aa=xor(aa,shl(aa, 2))
     When im4=3 Then aa=xor(aa,shr(aa,16))

mix: Procedure Expose a b c d e f g h mm. aa bb cc randrsl. randcnt

 a=xor(a,shl(b,11)); d=add(d,a); b=add(b,c)
 b=xor(b,shr(c, 2)); e=add(e,b); c=add(c,d)
 c=xor(c,shl(d, 8)); f=add(f,c); d=add(d,e)
 d=xor(d,shr(e,16)); g=add(g,d); e=add(e,f)
 e=xor(e,shl(f,10)); h=add(h,e); f=add(f,g)
 f=xor(f,shr(g, 4)); a=add(a,f); g=add(g,h)
 g=xor(g,shl(h, 8)); b=add(b,g); h=add(h,a)
 h=xor(h,shr(a, 9)); c=add(c,h); a=add(a,b)

iRandInit: Procedure Expose mm. randrsl. randcnt

 Parse Arg flag
 aa=0; bb=0; cc=0
 a= 2654435769 /* $9e3779b9;        // the golden ratio */
 b=a; c=a; d=a; e=a; f=a; g=a; h=a
 do i=0 TO 3
   Call mix
 do until i>255    /* fill in mm[] with messy stuff */
   IF flag THEN Do /* use all the information in the seed */
     Call setix
     a=add(a,randrsl.i);  b=add(b,randrsl.i1)
     c=add(c,randrsl.i2); d=add(d,randrsl.i3)
     e=add(e,randrsl.i4); f=add(f,randrsl.i5)
     g=add(g,randrsl.i6); h=add(h,randrsl.i7)
   Call mix
   mm.i=a;  mm.i1=b; mm.i2=c; mm.i3=d
   mm.i4=e; mm.i5=f; mm.i6=g; mm.i7=h
 IF flag THEN Do /* do a second pass to make all of the seed affect all of mm  */
   do until i>255    /* fill in mm[] with messy stuff */
     Call setix
     a=add(a,mm.i);  b=add(b,mm.i1); c=add(c,mm.i2); d=add(d,mm.i3)
     e=add(e,mm.i4); f=add(f,mm.i5); g=add(g,mm.i6); h=add(h,mm.i7)
     Call mix
     mm.i=a;  mm.i1=b; mm.i2=c; mm.i3=d
     mm.i4=e; mm.i5=f; mm.i6=g; mm.i7=h
 Call isaac       /* fill in the first set of results        */
 randcnt=0;       /* prepare to use the first set of results */

iseed: Procedure Expose aa bb cc randcnt randrsl. mm. /*---------------------------------------------------------------------

  • Seed ISAAC with a given string.
  • The string can be any size. The first 256 values will be used.
  • --------------------------------------------------------------------*/
 Parse Arg seed,flag
 Do i=0 TO 255
   IF i>m THEN   /* in case seed has less than 256 elements */
 Call iRandInit flag   /* initialize ISAAC with seed */

iRandom: Procedure Expose aa bb cc randcnt randrsl. mm. /* Get a random 32-bit value 0..MAXINT */

 If randcnt>255 Then Do
   Call isaac
 Return irandom

iRandA: Procedure Expose aa bb cc randcnt randrsl. mm. /* Get a random character in printable ASCII range */

 Return iRandA

xor: Procedure Expose aa bb cc randcnt randrsl. mm.

 Parse Arg a,b
 return res//4294967296

Vernam: Procedure Expose aa bb cc randcnt randrsl. mm. /* XOR encrypt on random stream. Output: string of hex chars */

 Parse Arg msg
 Do i=1 to length(msg)
 Return Vernam

letternum: Procedure Expose aa bb cc randcnt randrsl. mm. /* Get position of the letter in chosen alphabet */

 Parse Arg letter,start
 Return letternum

Caesar: Procedure Expose aa bb cc randcnt randrsl. mm. /* Caesar-shift a character <shift> places: Generalized Vigenere */

 Parse Arg m,ch,shift,modulo,start
 IF m='iDecrypt' TheN shift=-shift
 IF n<0 Then n=n+modulo
 Return Caesar

Vigenere: Procedure Expose aa bb cc randcnt randrsl. mm. /* Vigenere mod 95 encryption. Output: string of hex chars */

 Parse Arg msg,m
 Do i=1 to length(msg)
   Vigenere=Vigenere||Caesar(m,substr(msg,i,1),iRandA(),95,' ')
 Return Vigenere

shl: Procedure

 return res//4294967296

shr: Procedure

 return res//4294967296



add: Procedure /* add argumemnts modulo 4294967296 */

 If arg(3)<> Then
 return res//4294967296</lang>
version 2

This can be used to ecrypt a file and thereafter decrypt it. <lang rexx>/* REXX ---------------------------------------------------------------

  • 25.07.2014 Walter Pachl framing version 1 for processing a file
  • --------------------------------------------------------------------*/

Parse Arg fid select

 When fid= Then
 When fid='?' Then Do
   Say 'rexx iscf file prompts you for a key,'
   Say 'encrypts file into fn.enc'
   Say 'and decrypts fn.enc into fn.dec'

Say 'Please enter a key' Parse Pull key enc=fn(fid)'.enc' ; 'erase' enc dec=fn(fid)'.dec' ; 'erase' dec Do While lines(fid)>0

 Call lineout enc,iscx(l,key,'e')

Call lineout enc Do While lines(enc)>0

 Call lineout dec,iscx(l,key,'d')

Call lineout dec Say 'original:' 'type' fid Say 'encrypted:' 'type' enc Say 'decrypted:' 'type' dec Exit iscx: Procedure /* REXX ---------------------------------------------------------------

  • 24.07.2014 Walter Pachl translated from Pascal
  • extend with decoding
  • --------------------------------------------------------------------*/

Numeric Digits 32 aa=0 bb=0 cc=0 mm.=0 randcnt=0 randrsl.=0 Parse Arg msg,key,mode

Call iSeed key,1 /* 1) seed ISAAC with the key */ If mode='e' Then




mctx=Vigenere(msg,mode) /* 3) MOD encryption */ Return mctx

isaac: Procedure Expose mm. aa bb cc randrsl. randcnt

 Do i=0 To 255
     When im4=0 Then aa=xor(aa,shl(aa,13))
     When im4=1 Then aa=xor(aa,shr(aa, 6))
     When im4=2 Then aa=xor(aa,shl(aa, 2))
     When im4=3 Then aa=xor(aa,shr(aa,16))

mix: Procedure Expose a b c d e f g h mm. aa bb cc randrsl. randcnt

 a=xor(a,shl(b,11)); d=add(d,a); b=add(b,c)
 b=xor(b,shr(c, 2)); e=add(e,b); c=add(c,d)
 c=xor(c,shl(d, 8)); f=add(f,c); d=add(d,e)
 d=xor(d,shr(e,16)); g=add(g,d); e=add(e,f)
 e=xor(e,shl(f,10)); h=add(h,e); f=add(f,g)
 f=xor(f,shr(g, 4)); a=add(a,f); g=add(g,h)
 g=xor(g,shl(h, 8)); b=add(b,g); h=add(h,a)
 h=xor(h,shr(a, 9)); c=add(c,h); a=add(a,b)

iRandInit: Procedure Expose mm. randrsl. randcnt

 Parse Arg flag
 aa=0; bb=0; cc=0
 a= 2654435769 /* $9e3779b9;        // the golden ratio */
 b=a; c=a; d=a; e=a; f=a; g=a; h=a
 do i=0 TO 3
   Call mix
 do until i>255    /* fill in mm[] with messy stuff */
   IF flag THEN Do /* use all the information in the seed */
     Call setix
     a=add(a,randrsl.i);  b=add(b,randrsl.i1)
     c=add(c,randrsl.i2); d=add(d,randrsl.i3)
     e=add(e,randrsl.i4); f=add(f,randrsl.i5)
     g=add(g,randrsl.i6); h=add(h,randrsl.i7)
   Call mix
   mm.i=a;  mm.i1=b; mm.i2=c; mm.i3=d
   mm.i4=e; mm.i5=f; mm.i6=g; mm.i7=h
 IF flag THEN Do /* do a second pass to make all of the seed affect all of mm  */
   do until i>255    /* fill in mm[] with messy stuff */
     Call setix
     a=add(a,mm.i);  b=add(b,mm.i1); c=add(c,mm.i2); d=add(d,mm.i3)
     e=add(e,mm.i4); f=add(f,mm.i5); g=add(g,mm.i6); h=add(h,mm.i7)
     Call mix
     mm.i=a;  mm.i1=b; mm.i2=c; mm.i3=d
     mm.i4=e; mm.i5=f; mm.i6=g; mm.i7=h
 Call isaac       /* fill in the first set of results        */
 randcnt=0;       /* prepare to use the first set of results */

iseed: Procedure Expose aa bb cc randcnt randrsl. mm. /*---------------------------------------------------------------------

  • Seed ISAAC with a given string.
  • The string can be any size. The first 256 values will be used.
  • --------------------------------------------------------------------*/
 Parse Arg seed,flag
 Do i=0 TO 255
   IF i>m THEN   /* in case seed has less than 256 elements */
 Call iRandInit flag   /* initialize ISAAC with seed */

iRandom: Procedure Expose aa bb cc randcnt randrsl. mm. /* Get a random 32-bit value 0..MAXINT */

 If randcnt>255 Then Do
   Call isaac
 Return irandom

iRandA: Procedure Expose aa bb cc randcnt randrsl. mm. /* Get a random character in printable ASCII range */

 Return iRandA

xor: Procedure Expose aa bb cc randcnt randrsl. mm.

 Parse Arg a,b
 return res//4294967296

Vernam: Procedure Expose aa bb cc randcnt randrsl. mm. /* XOR encrypt on random stream. Output: string of hex chars */

 Parse Arg msg
 Do i=1 to length(msg)
 Return Vernam

letternum: Procedure Expose aa bb cc randcnt randrsl. mm. /* Get position of the letter in chosen alphabet */

 Parse Arg letter,start
 Return letternum

Caesar: Procedure Expose aa bb cc randcnt randrsl. mm. /* Caesar-shift a character <shift> places: Generalized Vigenere */

 Parse Arg m,ch,shift,modulo,start
 IF m='iDecrypt' TheN shift=-shift
 IF n<0 Then n=n+modulo
 Return Caesar

Vigenere: Procedure Expose aa bb cc randcnt randrsl. mm. /* Vigenere mod 95 encryption. Output: string of hex chars */

 Parse Arg msg,m
 Do i=1 to length(msg)
   Vigenere=Vigenere||Caesar(m,substr(msg,i,1),iRandA(),95,' ')
 Return Vigenere

shl: Procedure

 return res//4294967296

shr: Procedure

 return res//4294967296



add: Procedure /* add argumemnts modulo 4294967296 */

 If arg(3)<> Then
 return res//4294967296

fn: Procedure /* REXX */ parse Arg fid Parse Var fid fn '.' ft Return fn</lang>

Works with: Tcl version 8.6
Translation of: Go

<lang tcl>package require Tcl 8.6

oo::class create ISAAC {

   variable aa bb cc mm randrsl randcnt
   constructor {seed} {

namespace eval tcl { namespace eval mathfunc { proc mm {idx} { upvar 1 mm list lindex $list [expr {$idx % [llength $list]}] } proc clamp {value} { expr {$value & 0xFFFFFFFF} } } } proc mix1 {i v} { upvar 1 a a lset a $i [expr {clamp([lindex $a $i] ^ $v)}] lset a [set idx [expr {($i+3)%8}]] \ [expr {clamp([lindex $a $idx] + [lindex $a $i])}] lset a [set idx [expr {($i+1)%8}]] \ [expr {clamp([lindex $a $idx] + [lindex $a [expr {($i+2)%8}]])}] }

binary scan $seed[string repeat \u0000 256] c256 randrsl set mm [lrepeat 256 0] set randcnt [set aa [set bb [set cc 0]]]

set a [lrepeat 8 0x9e3779b9] foreach i {1 2 3 4} { mix1 0 [expr {[lindex $a 1] << 11}] mix1 1 [expr {[lindex $a 2] >> 2}] mix1 2 [expr {[lindex $a 3] << 8}] mix1 3 [expr {[lindex $a 4] >> 16}] mix1 4 [expr {[lindex $a 5] << 10}] mix1 5 [expr {[lindex $a 6] >> 4}] mix1 6 [expr {[lindex $a 7] << 8}] mix1 7 [expr {[lindex $a 0] >> 9}] } for {set i 0} {$i < 256} {incr i 8} { set a [lmap av $a bv [lrange $randrsl $i [expr {$i+7}]] { expr {clamp($av + $bv)} }] mix1 0 [expr {[lindex $a 1] << 11}] mix1 1 [expr {[lindex $a 2] >> 2}] mix1 2 [expr {[lindex $a 3] << 8}] mix1 3 [expr {[lindex $a 4] >> 16}] mix1 4 [expr {[lindex $a 5] << 10}] mix1 5 [expr {[lindex $a 6] >> 4}] mix1 6 [expr {[lindex $a 7] << 8}] mix1 7 [expr {[lindex $a 0] >> 9}] for {set j 0} {$j < 8} {incr j} { lset mm [expr {$i+$j}] [lindex $a $j] } } for {set i 0} {$i < 256} {incr i 8} { set a [lmap av $a bv [lrange $mm $i [expr {$i+7}]] { expr {clamp($av + $bv)} }] mix1 0 [expr {[lindex $a 1] << 11}] mix1 1 [expr {[lindex $a 2] >> 2}] mix1 2 [expr {[lindex $a 3] << 8}] mix1 3 [expr {[lindex $a 4] >> 16}] mix1 4 [expr {[lindex $a 5] << 10}] mix1 5 [expr {[lindex $a 6] >> 4}] mix1 6 [expr {[lindex $a 7] << 8}] mix1 7 [expr {[lindex $a 0] >> 9}] for {set j 0} {$j < 8} {incr j} { lset mm [expr {$i+$j}] [lindex $a $j] } } my Step

   method Step {} {

incr bb [incr cc] set i -1 foreach x $mm { set shift [lindex {13 -6 2 -16} [expr {[incr i] % 4}]] set aa [expr {$aa ^ ($shift>0 ? $aa<<$shift : $aa>>-$shift)}] set aa [expr {clamp($aa + mm($i+128))}] set y [expr {clamp(mm($x>>2) + $aa + $bb)}] lset mm $i $y set bb [expr {clamp(mm($y>>10) + $x)}] lset randrsl $i $bb }

   method random {} {

set r [lindex $randrsl $randcnt] if {[incr randcnt] == 256} { my Step set randcnt 0 } return $r

   method RandA {} {

expr {([my random] % 95) + 32}

   method vernam {msg} {

binary scan $msg c* b for {set i 0} {$i < [llength $b]} {incr i} { lset b $i [expr {[lindex $b $i] & 255 ^ [my RandA]}] } return [binary encode hex [binary format c* $b]]


}</lang> Demonstrating: <lang tcl>set key "this is my secret key" set msg "a Top Secret secret" ISAAC create demo $key puts "Message: $msg" puts "Key  : $key" puts "XOR  : [demo vernam $msg]"</lang>

Works with: node.js version 0.10.32
Translation of: C#

<lang ecmascript>randrsl = new Uint32Array(256); randcnt = 0; mm = new Uint32Array(256); aa = 0; bb = 0; cc = 0;

function isaac() {

       bb += cc;
       for(var i = 0; i < 256; i++) {
               var x = mm[i];
               var sw = i & 3;
               if(sw == 0) aa = aa ^ (aa << 13);
               else if(sw == 1) aa = aa ^ (aa >>> 6);
               else if(sw == 2) aa = aa ^ (aa << 2);
               else if(sw == 3) aa = aa ^ (aa >>> 16);
               aa = mm[(i+128) & 255] + aa;
               mm[i] = mm[(x >>> 2) & 255] + aa + bb;
               bb = mm[(mm[i] >>> 10) & 255] + x;
               randrsl[i] = bb;


function isaac_mix(x) {

       x[0] = x[0] ^ x[1] << 11;  x[3]+=x[0]; x[1]+=x[2];
       x[1] = x[1] ^ x[2] >>> 2;  x[4]+=x[1]; x[2]+=x[3];
       x[2] = x[2] ^ x[3] << 8;   x[5]+=x[2]; x[3]+=x[4];
       x[3] = x[3] ^ x[4] >>> 16; x[6]+=x[3]; x[4]+=x[5];
       x[4] = x[4] ^ x[5] << 10;  x[7]+=x[4]; x[5]+=x[6];
       x[5] = x[5] ^ x[6] >>> 4;  x[0]+=x[5]; x[6]+=x[7];
       x[6] = x[6] ^ x[7] << 8;   x[1]+=x[6]; x[7]+=x[0];
       x[7] = x[7] ^ x[0] >>> 9;  x[2]+=x[7]; x[0]+=x[1];


function isaac_init(flag) {

       var x = Uint32Array([2654435769, 2654435769, 2654435769, 2654435769,
                            2654435769, 2654435769, 2654435769, 2654435769]);
       aa=0, bb=0, cc=0;
       isaac_mix(x); isaac_mix(x); isaac_mix(x); isaac_mix(x);
       var i = 0;
       while(i < 255) {
               if(flag) for(var j = 0; j < 8; j++) x[j] += randrsl[i+j];
               for(var j = 0; j < 8; j++) mm[i+j] = x[j];
               i += 8;
       if(flag) {
               var i = 0;
               while(i < 255) {
                       for(var j = 0; j < 8; j++) x[j] += mm[i+j];
                       for(var j = 0; j < 8; j++) mm[i+j] = x[j];
                       i += 8;
       randcnt = 0;


function isaac_seed(string, flag) {

       mm = new Uint32Array(256);
       randrsl = new Uint32Array(256);
       var m = string.length;
       for(var i = 0; i < m; i++) randrsl[i] = string.charCodeAt(i);


function isaac_random() {

       var out = randrsl[randcnt++];
       if(randcnt > 255) {
               randcnt = 0;
       return out


function vernam(msg) {

       var out = "";
       for(var i = 0; i < msg.length; i++) {
               var ra = isaac_random() % 95 + 32;
               out += String.fromCharCode(ra ^ msg.charCodeAt(i));
       return out;


function printable_hex(s) {

       out = "";
       for(var i = 0; i < s.length; i++)
               out += (s.charCodeAt(i) / 16 > 1 ?   : '0') + s.charCodeAt(i).toString(16);
       return out;


function run_isaac(key, msg) {

       isaac_seed(key, true);
       // XOR encrypt
       var xctx = vernam(msg);
       // XOR decrypt
       isaac_seed(key, true);
       var xptx = vernam(xctx);
       return [xctx, xptx]


var key = 'this is my secret key' var msg = 'a Top Secret secret' console.log('key: '+key) console.log('msg: '+msg) var z = run_isaac(key, msg) xctx = z[0]; xptx = z[1]; console.log('xor: '+printable_hex(xctx)) console.log('decrypted: '+xptx)</lang>

