The **Kasiski examination** can be used to attack **polyalphabetic substitution ciphers** such as the **Vigenère cipher**, revealing the keyword that was used to encrypt the message. Before this method was devised by Friedrick Kasiski in 1863, the Vigenère cipher was considered “indecipherable” as there was no simple way to figure out the encryption unless the keyword was known. But with the Kasiski examination, even the Vigenère cipher is not safe anymore.

The Kasiski examination is based on the fact that assuming the number of letters of the keyword is *n*, every *n*th column is encoded in the same shift as each other. Simply put, every *n*th column can be treated as a single monoalphabetic substitution cipher that can be broken with frequency analysis. Ergo, all the cryptanalyst needs to do to convert the Vigenère cipher into a Caesar cipher is know the length of the keyword.

To find the length of the keyword, look for a **string of repeated text** in the ciphertext (make sure it is longer than three letters). The distance between two equal repeated strings is likely to be a multiple of the length of the keyword. The **distance** is defined as the number of characters starting from the last letter of the first set of strings to the last letter of the second set of strings (e.g. “abcdefxyzxyzxyzabcdef” -> “abcdef” is repeated” -> distance is “xyzxyzxyzabcdef” which is 15 letters). The reason this works is that if there is a repeated string in the plaintext and the distance between these strings is a multiple of the keyword length, the keyword letters will line up and there will be repeated strings in the ciphertext also. If the distance is not a multiple of the keyword length, even if there is a repeated string of letters in the plaintext, the ciphertext will be completely different as the keyword would not match up and be different.

It is useful recording the distance between each set of repeated strings to find the **greatest common factor**. The number that factors the most into all of these distances (e.g. 6 is a factor of 6, 12, 18…) is most likely the length of the keyword. Once the length of the keyword is found, then every *n*th letter must have been encrypted using the same letter of the keyword. Thus, by recording every *n*th letter in one string, you can obtain what is essentially a Caesar cipher. The Caesar cipher is then attacked using **frequency analysis**. Once a few of these strings (of different positions on the ciphertext) are solved, the keyword can be revealed by checking the shift key against a **tabula recta** (e.g. if a certain string of *n*th letters is found to have been shifted 3 letters each, then the corresponding letter in the keyword must be “D”, which shifts every plaintext letter by 3 in the Vigenère cipher). When the keyword is deduced, every message encrypted using that keyword can now easily be decoded by you.

Although the Kasiski examination appears to be complex, attempting to try it reveals how simple the process is. Thus, it is useful to try encrypting a message using the Vigenère cipher then trying to work out the keyword using the Kasiski examination. Much like the frequency analysis, it is an extremely useful tool in the case of needing to break a secret code.