Background: The double lock protocol works as follows: two parties, A and B, each have a key. Party A sends an encrypted message to B by XOR encrypting with its key. Party B XOR encrypts the encrypted message with its key and sends the double encrypted message to A. Party A XOR decrypts with its key and sends the result to B. Party B then XOR decrypts with its key to see the original message. An eavesdropper should not be able to decrypt easily and should not be able to get key information because it is never transmitted.
Instructions:Enter a plaintext sentence in the textfield labeled "Message:" then hit return. A random key is generated for A and shown in the textfield labeled "Key A:". A random key is generated for B and shown in the textfield labeled "Key B:". The protocol above is followed and the results are shown at each step in various textfields down to the decrypted result at the bottom. What is the terrible flaw that this protocol has?
Source code: DoubleLock.java