Substitution cyphers: why they should not be used & how to crack them

1. Sustitution cyphers: why they should
not be used & and how to crack them
Frequency Analysis
Andrea Tino
This document uses graphic assets from Freepik
Cyphers
A cypher is an algorithm which takes an input text
called plain text, and generates another text, called
cypher text, by transforming the priginal one. The
plain text is not limited its length can vary.
Every cypher needs a key to work. The key allows the
plain text to be encrypted into a cypher text and it
The role of Cryptography
Security is a branch of Computer Science, So ware
Engineering and Mathematics which deals with
problems related to confining access to data only to
those who have the proper set of permissions.
Encryption is a crucial part of this story and it
consists in a broad collection of techniques used to
guarantee that secrets can safely be delivered on
non-secure channels. Encryption is used today in
order to deliver private information over the Internet:
the biggest network we have in the world.
Thanks to cryptography, we do many things over the
Internet: we can pay bills, we can use our credit cards,
check our emails and safely use social networks.
Security is a very important ma er today. Everything we
have is moving to the Cloud and all our data are stored
over the Internet. In order to protect all this information,
Substitution cyphers
Cyphers can work in several different ways. The
oldest, and today least secure, type of cyphers
employ a technique called: key-replacement.
also allows the reverse process to take place:
decryption. The key has a fixed size, it cannot vary.
To successfully decrypt a message, it is necessary to
use the same exact key that was used to encrypt the
message. That is why the key must be kept safe and
distributed (safely), only to authorized people.
The most famous cypher and oldest known in
hostory is Caesar’s cypher: the Roman Emperor used
to send messages to his generals by encrypting them
with a substitution cypher always with the same key
known to him and his closest men in the military.
As it is possible to see, this mechanism allows secret messages to be exchanged even if the message ends up in
the wrong hands. However they key must be not be sent over a non-safe channel.
we must encrypt our data and be sure nobody can
access it except us. This is done automatically by the
services we use: email accounts, smart-phones, etc.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A B CD E F G H I J K L M N O P Q R S T U V W X Y Z
Plain text
#$%!?+0^!@
?+0^!!?+0^
!@?+0^!?+0
^!@?+0^!!@
#$%!!?+0^!
Cypher text
ENCRYPT
DECRYPT
ALICEBOB Message
Message
#$%!?+0^!@
?+0^!!?+0^
!@?+0^!?+0
^!@?+0^!!@
#$%!!?+0^!
Encrypted
message
Original
message
TRUDY
Hey Alice, it
was Trudy who
ate your cake
yesterday!
Don’t tell her
I told you.
Khb Dmlfh, lw
zdv Wuxgb zkr
dwh brxu fdnh
bhvwhugdb!
Grq’w whoo khu
L wrog brx.
Bob sends the
message but before
it encrypts the
message using
Caesar’s Cypher.
Khb Dmlfh, lw
zdv Wuxgb zkr
dwh brxu fdnh
bhvwhugdb!
Grq’w whoo khu
L wrog brx.
Khb Dmlfh, lw
zdv Wuxgb zkr
dwh brxu fdnh
bhvwhugdb!
Grq’w whoo khu
L wrog brx.
Bob sends Alice the
message over Wi-Fi. Since
this is not a secure
channel, Bob decides to
encrypt the message.
Trudy is sniffing Bob and
Alice’s communications
and she successfully
acquires the message.
Alice is Bob’s friend, and
he will send her an
important secret message
that only she should read.
Trudy tries to read the
message content, but she
realizes she cannot as it is
encrypted.
E F G H J MA B C DE F G I J OA B C D
English language Cypher text
D = A
H = E
M = J
Trudy knows Alice and Bob communicate in
English, so she calculates how many times
each le er appears in the cypher-text and
builds the frequency histogram.
Later, she compares the cypher-text
histogram with the one relative to the English
language. The highest and lowest bars give
Trudy indication on the main associations.