How to Create and Break Substitution Ciphers: A Comprehensive Guide
Substitution ciphers are a fundamental concept in cryptography, representing one of the earliest and simplest forms of encryption. They involve replacing each letter or character in the plaintext (the original message) with another letter, number, or symbol to create ciphertext (the encrypted message). While easily understood, substitution ciphers can range from simple to surprisingly complex, especially when incorporating multiple substitutions or keys. This comprehensive guide will walk you through the process of creating various types of substitution ciphers, discuss their strengths and weaknesses, and even touch upon methods for breaking them.
## Understanding the Basics
Before diving into creating specific ciphers, let’s clarify some core concepts:
* **Plaintext:** The original, unencrypted message.
* **Ciphertext:** The encrypted message.
* **Key:** The secret information used to encrypt and decrypt the message. The key is essential; without it, deciphering the ciphertext is significantly more difficult.
* **Substitution:** The process of replacing plaintext characters with ciphertext characters.
* **Encryption:** The process of converting plaintext into ciphertext.
* **Decryption:** The process of converting ciphertext back into plaintext.
## Types of Substitution Ciphers
There are various types of substitution ciphers, each with its own characteristics and level of complexity:
* **Simple Substitution Cipher (Monoalphabetic):** Each letter in the plaintext is consistently replaced with the same corresponding letter or symbol in the ciphertext. This is the most basic type.
* **Homophonic Substitution Cipher:** Each letter in the plaintext can be replaced by multiple ciphertext symbols. This makes frequency analysis more difficult.
* **Polyalphabetic Substitution Cipher:** Multiple substitution alphabets are used. The specific alphabet used changes throughout the encryption process, based on a key or pattern. This significantly increases complexity compared to monoalphabetic ciphers.
* **Polygraphic Substitution Cipher:** Groups of letters (e.g., digraphs or trigraphs) are substituted as units, rather than individual letters. This can obscure common letter combinations.
## Creating a Simple Substitution Cipher (Monoalphabetic)
This is the most straightforward type of substitution cipher. Here’s how to create one:
**Step 1: Create the Substitution Alphabet**
1. Write out the standard alphabet (A-Z).
2. Create a second alphabet by rearranging the letters of the standard alphabet. This is your substitution alphabet, and the specific arrangement is your key. You can do this randomly, or use a keyword. Using a keyword involves writing out the keyword first, then appending the remaining letters of the alphabet (omitting any duplicate letters from the keyword). For example, if your keyword is “CIPHER”, your substitution alphabet might start with “CIPHERABDFGJKLMNOPQSTUVWXYZ”.
**Example:**
* Standard Alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZ
* Substitution Alphabet: QWERTYUIOPASDFGHJKLZXCVBNM (Random)
**Step 2: Encryption**
1. Write down your plaintext message.
2. For each letter in the plaintext, find the corresponding letter in the standard alphabet and replace it with the corresponding letter in your substitution alphabet.
**Example:**
* Plaintext: HELLO WORLD
* Substitution Alphabet: QWERTYUIOPASDFGHJKLZXCVBNM
* Ciphertext: JELLO VORLD (spaces often preserved for readability)
**Step 3: Decryption**
1. Write down your ciphertext message.
2. For each letter in the ciphertext, find the corresponding letter in the substitution alphabet and replace it with the corresponding letter in the standard alphabet.
**Example:**
* Ciphertext: JELLO VORLD
* Substitution Alphabet: QWERTYUIOPASDFGHJKLZXCVBNM
* Plaintext: HELLO WORLD
## Creating a Homophonic Substitution Cipher
This cipher adds complexity by allowing multiple ciphertext symbols to represent a single plaintext letter. This makes frequency analysis more difficult.
**Step 1: Assign Multiple Ciphertext Symbols**
1. Write out the standard alphabet (A-Z).
2. Assign multiple ciphertext symbols (numbers, symbols, or letters) to each letter. The number of symbols assigned to each letter should roughly correspond to the letter’s frequency in the language you’re using (e.g., English). For example, ‘E’ might have 12 symbols, while ‘Q’ might have only one or two.
**Example:**
* A: 1, 2, 3
* B: 4, 5
* C: 6, 7
* D: 8, 9, 10
* E: 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22
* F: 23, 24
* G: 25, 26
* H: 27, 28, 29
* I: 30, 31, 32, 33
* J: 34
* K: 35
* L: 36, 37, 38, 39
* M: 40, 41
* N: 42, 43, 44, 45, 46, 47
* O: 48, 49, 50, 51
* P: 52, 53
* Q: 54
* R: 55, 56, 57, 58, 59, 60
* S: 61, 62, 63, 64
* T: 65, 66, 67, 68, 69, 70
* U: 71, 72, 73
* V: 74, 75
* W: 76, 77
* X: 78
* Y: 79, 80
* Z: 81
**Step 2: Encryption**
1. Write down your plaintext message.
2. For each letter in the plaintext, randomly choose one of its assigned ciphertext symbols.
**Example:**
* Plaintext: HELLO WORLD
* Ciphertext: 27 11 36 36 48 76 48 55 36 8
**Step 3: Decryption**
1. Write down your ciphertext message.
2. For each symbol in the ciphertext, find the corresponding letter(s) it represents. Since each symbol represents only one letter, the decryption is straightforward.
**Example:**
* Ciphertext: 27 11 36 36 48 76 48 55 36 8
* Plaintext: HELLO WORLD
## Creating a Polyalphabetic Substitution Cipher (Vigenère Cipher)
The Vigenère cipher is a classic example of a polyalphabetic substitution cipher. It uses a keyword to determine which alphabet to use for each letter in the plaintext.
**Step 1: Choose a Keyword**
1. Select a keyword. This keyword will determine the shifts used for encryption.
**Example:**
* Keyword: KEY
**Step 2: Create the Vigenère Square (Tableau)**
1. Write the alphabet (A-Z) across the top row.
2. Shift the alphabet one position to the left for each subsequent row. The first letter of each row corresponds to a letter of the alphabet (A, B, C,… Z).
(Due to formatting constraints, I cannot perfectly render a Vigenère square. Imagine a 26×26 grid where the first row is the alphabet, and each subsequent row is the alphabet shifted one position to the left.)
**Step 3: Encryption**
1. Write down your plaintext message.
2. Repeat the keyword above the plaintext message until the keyword is as long as the message. If the message is longer than the keyword, the keyword will need to be repeated.
3. For each letter in the plaintext, find the corresponding letter in the keyword above it. Use the keyword letter as the row index in the Vigenère square and the plaintext letter as the column index. The letter at the intersection of that row and column is the ciphertext letter.
**Example:**
* Plaintext: ATTACK AT DAWN
* Keyword: KEYKEY KEYKEY
| | A | T | T | A | C | K | A | T | D | A | W | N |
| :—— | :-: | :-: | :-: | :-: | :-: | :-: | :-: | :-: | :-: | :-: | :-: | :-: |
| Keyword | K | E | Y | K | E | Y | K | E | Y | K | E | Y |
| Ciphertext | K | X | R | K | G | J | K | X | C | K | B | L |
Therefore, the ciphertext is: KXKR GJKX CKBL
**Step 4: Decryption**
1. Write down your ciphertext message.
2. Repeat the keyword above the ciphertext message, as in encryption.
3. For each letter in the ciphertext, find the corresponding letter in the keyword above it. Locate the row in the Vigenère square that corresponds to the keyword letter. Find the ciphertext letter in that row. The column heading of that column represents the plaintext letter.
**Example:**
* Ciphertext: KXKR GJKX CKBL
* Keyword: KEYKEY KEYKEY
| | K | X | R | K | G | J | K | X | C | K | B | L |
| :—— | :-: | :-: | :-: | :-: | :-: | :-: | :-: | :-: | :-: | :-: | :-: | :-: |
| Keyword | K | E | Y | K | E | Y | K | E | Y | K | E | Y |
| Plaintext | A | T | T | A | C | K | A | T | D | A | W | N |
Therefore, the plaintext is: ATTACK AT DAWN
## Creating a Polygraphic Substitution Cipher
Instead of substituting single letters, polygraphic ciphers substitute groups of letters. A common example is the Playfair cipher.
**Step 1: Create the Playfair Square**
1. Choose a keyword (e.g., PLAYFAIR EXAMPLE).
2. Remove duplicate letters from the keyword (PLAYFIREXM).
3. Fill a 5×5 grid with the letters from the keyword, then fill the remaining spaces with the remaining letters of the alphabet (usually combining I and J into one cell).
**Example Playfair Square:**
P L A Y F
I R E X M
B C D G H
K N O Q S
T U V W Z
Note: I and J share a cell.
**Step 2: Prepare the Plaintext**
1. Divide the plaintext into digraphs (pairs of letters). For example, “HELLO WORLD” becomes “HE LL OW OR LD”.
2. If a digraph contains the same letter twice (e.g., LL), insert an ‘X’ between them (e.g., LL becomes LX L).
3. If the plaintext has an odd number of letters, append an ‘X’ to the end.
**Step 3: Encryption**
For each digraph:
1. **If the letters are in the same row:** Replace each letter with the letter to its right (wrapping around to the beginning of the row if necessary).
2. **If the letters are in the same column:** Replace each letter with the letter below it (wrapping around to the top of the column if necessary).
3. **If the letters are in different rows and columns:** Form a rectangle with the two letters. Replace each letter with the letter in the same row but the other corner of the rectangle.
**Example:**
* Plaintext: HELLO WORLD -> HE LX LO WO RL DX
Let’s encrypt ‘HE’:
* H is in row 3, column 5.
* E is in row 2, column 3.
* The rectangle corners are H and E, so we replace H with the letter in row 3, column 3 (D), and E with the letter in row 2, column 5 (M).
* HE becomes DM.
Let’s encrypt ‘LX’:
* L is in row 1 column 2
* X is in row 2 column 4
* The rectangle corners are L and X, so we replace L with the letter in row 1 column 4 (Y) and X with the letter in row 2 column 2 (R)
* LX becomes YR
Let’s encrypt ‘LO’:
* L is in row 1, column 2.
* O is in row 4, column 3.
* The rectangle corners are L and O, so we replace L with the letter in row 1, column 3 (A), and O with the letter in row 4, column 2 (N).
* LO becomes AN.
Let’s encrypt ‘WO’:
* W is in row 5 column 4
* O is in row 4 column 3
* The rectangle corners are W and O, so we replace W with the letter in row 5 column 3 (V) and O with the letter in row 4 column 4 (Q)
* WO becomes VQ
Let’s encrypt ‘RL’:
* R is in row 2 column 2
* L is in row 1 column 2. Since they are in the same column we replace each letter with the one below it. R becomes C and L becomes I.
* RL becomes CI
Let’s encrypt ‘DX’:
* D is in row 3 column 3
* X is in row 2 column 4
* The rectangle corners are D and X, so we replace D with the letter in row 3 column 4 (G) and X with the letter in row 2 column 3 (E)
* DX becomes GE
Therefore, “HELLO WORLD” encrypted with the Playfair cipher (using the keyword PLAYFAIR EXAMPLE) becomes DM YR AN VQ CI GE.
**Step 4: Decryption**
Decryption is the reverse of encryption, using the same key square.
1. **If the letters are in the same row:** Replace each letter with the letter to its *left* (wrapping around if necessary).
2. **If the letters are in the same column:** Replace each letter with the letter *above* it (wrapping around if necessary).
3. **If the letters are in different rows and columns:** Use the same rectangle rule as in encryption.
4. After decrypting remove the added X’s. Consider context when remove the added X’s.
## Strengths and Weaknesses of Substitution Ciphers
* **Simple Substitution Ciphers:** Easy to implement but extremely vulnerable to frequency analysis. The frequency of letters in the ciphertext mirrors the frequency of letters in the plaintext language. For example, ‘E’ is the most common letter in English, so the most frequent ciphertext letter is likely to represent ‘E’.
* **Homophonic Substitution Ciphers:** More resistant to frequency analysis than simple substitution ciphers, but still vulnerable, especially if the frequency distribution of the homophones is not well-balanced.
* **Polyalphabetic Substitution Ciphers:** Significantly stronger than monoalphabetic ciphers because they obscure letter frequencies. The Vigenère cipher, while a step up, is vulnerable to Kasiski examination and frequency analysis if the key is short or repetitive.
* **Polygraphic Substitution Ciphers:** Stronger than monoalphabetic ciphers. The Playfair cipher resists simple frequency analysis because it encrypts digraphs. However, it’s still breakable with techniques like analyzing digraph frequencies and recognizing common plaintext patterns.
## Breaking Substitution Ciphers
Several techniques can be used to break substitution ciphers:
* **Frequency Analysis:** Analyzing the frequency of letters or symbols in the ciphertext. This is most effective against simple substitution ciphers.
* **Kasiski Examination:** Identifying repeated sequences in the ciphertext. This can help determine the length of the key in polyalphabetic ciphers like the Vigenère cipher.
* **Index of Coincidence:** A statistical measure used to estimate the key length of a polyalphabetic cipher.
* **Known-Plaintext Attack:** If a portion of the plaintext is known, it can be used to deduce the key.
* **Brute-Force Attack:** Trying all possible keys until the ciphertext is decrypted into meaningful plaintext. This is feasible only for very short keys or simple ciphers.
* **Dictionary Attack:** Trying words from a dictionary as potential keys. This can be effective if the key is a common word.
## Modern Cryptography
While substitution ciphers are valuable for understanding basic cryptographic principles, they are not secure enough for modern applications. Modern cryptography relies on far more complex algorithms and techniques, such as:
* **Advanced Encryption Standard (AES):** A symmetric-key block cipher widely used for encrypting sensitive data.
* **Rivest-Shamir-Adleman (RSA):** A public-key cryptosystem used for secure data transmission.
* **Elliptic Curve Cryptography (ECC):** Another public-key cryptosystem offering strong security with shorter key lengths.
These modern algorithms use mathematical principles and computational complexity to provide significantly stronger security than substitution ciphers.
## Conclusion
Substitution ciphers provide a fascinating glimpse into the history of cryptography. Understanding how they work and how they can be broken is a valuable exercise for anyone interested in cybersecurity and data protection. While not suitable for modern security needs, they offer a solid foundation for comprehending more advanced cryptographic concepts and appreciating the evolution of encryption techniques.