A Challengers Handbook



Simple Ciphers

Whenever you find some enrypted text of just a few characters the chances are that it has been encrypted very simply. First note that if the characters are mixed like aB6gdh.Ikk7ef and are exactly 13 in number then you are looking at a DES hash, and should crack it in jtr as discussed on the Linux/Unix page under passwd files.

So presumably you have a short piece of text like "ifmmp" and are told it is encrypted, the first thing to try is a simple caesar shift. There are only 26 possibilities, which involve shifting each character by the same number, forward or backward in the alphabet. When a character goes past 'z' you start again from 'a'. It is called a Caesar shift because it was first used by Caesar who would shift characters by three letters in the alphabet in order to encrypt messages. In fact "ifmmp" is a shift of one character from "hello". The special case of a shift by 13 characters (special because a second shift then gives you back the original text) is also known as ROT13. So given a message encrypted with this it is a simple matter to check all of the possibilities straight away.

It is nice to have a program that will display all possible 26 caesar shifts at the same time however the only program that I have found to do this is a bit buggy and so you will have to use the program below, or write something to do it, or use this script.

I will also mention Encrypter 6.0 which will perform Base 64, Binary, Caesar, Hex, Permutation, Rail Fence, Vigenère, Xoft, and Xor as well as doing frequency counts and a few other things, very nice :)

Atbash is another very early cipher which has only one alphabet. This time a becomes z, b becomes y, ..., z becomes a. So atbash decipherment is the same as encipherment.

Of course it is possible to make up other simple schemes of encipherment for very short pieces of text. Typical examples are adding 1 to the first character, 2 to the second, etc. The best way of dealing with generally short examples like this is to write the 26 possible Caesar decryptments out in notepad using a fixed width font, and then examine the diagonals and rows for messages, even possibly looking for zig-zag messages in the table.


So, take your time and look for messages, as shown above, they can be easily missed at a first glance.

Finally I'll mention the pigpen cipher, an early cipher used by the freemasons. It would perhaps more rightly belong under substitution ciphers, as with many simple ciphers you could change the symbols into characters and then treat what came out as a substitution cipher. The pigpen is more of a code, and fairly standard in alphabet, so here is the alphabet:

and here is a message encoded with the cipher, you should be able to figure out how the characters have been changed into the lines and dots:

Back to Encryption