@Article{Riv11e,
  author = 	 { Ronald L. Rivest },
  pages = 	 { 281--284 },
  doi =          { 10.1080/00207161003596708 },                  
  title = 	 { On the invertibility of the {XOR} of rotations of a binary word },
  journal = 	 { International Journal of Computer Mathematics },
  publisher =    { Taylor and Francis },                  
  issn =         { 1029--0265 },                  
  date =         { 2011 },                   
  OPTyear = 	 { 2011 },
  volume = 	 { 88 },
  number = 	 { 2 },
  keywords =     { invertibility, exclusive-or, rotation, binary words, circulant matrix },                  
  abstract =     {
        We prove the following result regarding operations on a binary word whose length is a power of
        two: computing the exclusive-or of a number of rotated versions of the word is an invertible
        (one-to-one) operation if and only if the number of versions combined is odd. (This result is
        not new; there is at least one earlier proof, due to Thomsen [Cryptographic hash functions, PhD thesis,
        Technical University of Denmark, 28 November 2008]. Our proof may be new.)                  
                 },
}