It has thus been proven that the Caesar cipher, the pigpen cipher and any substitution cipher can be simply broken using frequency analysis. The basis for this is that each letter or symbol can only represent a single letter, meaning that letter frequencies (e, t, a, o…) are directly translated onto the cipher language. Ergo, by making each letter represent more than one letter, the letter frequencies can be masked and an additional level of security can be added to the cipher. This is called polyalphabetic substitution and it is the basis for a type of cipher known as the Vigenère cipher.
The cipher was first conceived in 1553 by Giovan Battista Bellaso and has been improved since. It is famous for being rather simple to use despite the difficult to decipher it at a beginner’s level. This trait earned the cipher the nickname “le chiffre indéchiffrable”, which is French for “the indecipherable cipher”.
The Vigenère cipher can be thought of a stack of Caesar ciphers (essentially a cipher within a cipher), where each letter is shifted by a variable key (in a normal Caesar shift, every letter is shifted by the same key). This is achieved by the implementation of a keyword and a table called a tabula recta. A tabula recta is simply a grid made from 26 rows of the alphabet, each row of which is made by shifting the previous one to the left. This table essentially shows all the possible outcomes of a Caesar shift.
Now, let us try encoding a message using the Vigenère cipher. The message “attack at dawn” is encoded using the keyword “nothing”. Ideally, there should be no repeating letters in the keyword for the sake of security. Therefore, if there are any repeating letters, just remove the repeated letters (e.g. “crocodile” -> “crodile”). First, repeat the keyword until it matches the number of letters of the message (e.g. “attackatdawn” is aligned with “nothingnothi”). Then, use the tabula recta to encrypt the message. The rule of thumb is “key-row, message-column”, meaning that the row of the tabula recta starting with the letter of the key is matched against the column starting with the respective letter of the message. To take the first letter as an example, the key letter is “n” and the message letter is “a”. The letter corresponding to where the “n” row and “a” column meets is “N”. If this rule is followed for each letter, the encrypted message becomes: “NHMHKXGGRTDV”. Although it takes some effort to find each letter on the table, the message becomes “indecipherable” to a beginner cryptanalyst as frequency analysis becomes useless. For example, the repeating letter “H” can represent either “t” or “a”. The longer the keyword is, the more secure the Vigenère cipher becomes.
However, the Vigenère cipher is not indecipherable. Next, we will look at a cryptanalysis method called the Kasiski examination that attacks a polyalphabetic cipher such as the Vigenère cipher to gain access to the keyword.