Find out about the substitution cipher and get messages automatically cracked and created online.

For a long time, the Vigenère cipher was known as 'le chiffre indéchiffrable' (French for 'the indecipherable cipher'). The Oxford mathematician and author of
*Alice's Adventures in Wonderland*, Lewis Carroll, described it as unbreakable in 1868, several centuries after the Italian cryptologist Giovan Battista Bellaso first came up with it in the 1550's.
The name of the cipher comes from a mistake: the French cryptographer Blaise de Vigenère (1523-1596) described such a cipher in 1586, and the cipher has since come to be wrongly named after him.

In contrast to the straightforward Caesar and substititution ciphers, the Vigenère cipher is a **polyalphabetic** cipher. In a **monoalphabetic** cipher, like the Caesar
cipher, each plaintext letter, like the 'L' in 'HELLO', is only ever represented by one letter in the ciphertext (e.g. 'M' in 'IFMMN'). In a polyalphabetic cipher, however,
each plaintext letter can be represented by several different letters in the ciphertext. It is possible, therefore, that 'HELLO' might become, for example, 'ISNWL'.

Using more than one alphabet is an attractive proposition if you are trying to keep your message secure. Messages encoded with a single alphabet quickly give up their secrets once we start counting letter frequencies, and this is because a single alphabet used in the ciphertext does not disguise the structure of the plaintext language behind it. If, for example, you see the three-letter sequence of 'JWN' appearing more than any other sequence in the ciphertext, then there is a good chance that it represents the plaintext 'THE', the most commonly occurring sequence of 3 letters in normal English.

If you have more than one alphabet at your disposal, then the first time 'THE' appears in the plaintext, it might be represented as 'BLC', but the next time it occurs, it might become something completely different in the ciphertext, like 'RKS'. No wonder Lewis Carroll thought that the Vigenère cipher was unbreakable!

But, after describing how it works, we shall see that it is not as unbreakable as it first appears.

The easiest way to think about the Vigenère cipher is as a series of different Caesar ciphers, one after the other.

Behind this short Vigenère cipher is this repeating key of Caesar ciphers:

The first character in the plaintext, 'L', is encoded with a Caesar cipher that applies a shift of 22, so the 'L' becomes an 'H'; the second character has a shift of 3 applied, and becomes an 'O', and so on. Once we reach the end of the key, we simply go back to the start of it again, so the sixth character also has a shift of 22 applied to it.

In this case, the length of the key is 5, so 5 different Caesar ciphers are employed. But the key length can be any size, and this is what makes the Vigenère cipher so interesting. If you are trying to crack it, your first problem is trying to work out how long the key is. But we will deal with that later. For the moment, notice how, in the example above, there are 4 H's in the ciphertext. The first 'H' represents 'L' in the plaintext, the second and fourth represent 'S', and the third represents 'E'.

If this were a monoalphabetic cipher, we would notice that 'H' appears most often in the ciphertext and thus expect it to represent 'E' in the plaintext, but such an assumption would only be right in one of the four cases here, and even that is largely by coincidence.

The key to the Vigenère cipher has been presented here as a series of numbers. In the example above: 22, 3, 9, 15, 1. It is not uncommon to see the key presented using letters, and the letters are often chosen to form a word, which makes remembering the key a lot easier. For instance, the key of 19, 17, 8, 2, 10, 24 can be turned into the letters 'TRICKY', using A = 0, B = 1 .... Z = 25.