I became interested in cryptography a few years ago, and have been slowly working my way through Bruce Schneier's Applied Cryptography (opens new window). From this, I became interested in simple forced decryption (cracking) of cyphers, and directed my attention to the ROT13 algorithm.

ROT13

ROT13 is one of the simplest encryption techniques around, and most kids learn it as a fun way to obscure text. Basically, the idea is to rotate each letter by 13 characters, therefore a 'A' becomes 'A' + 13, which is 'N'. Similarly, 'B' becomes 'O', 'C' becomes 'P' and so on. When we get to the second half of the alphabet, the letters wrap round, so 'M' becomes 'Z', 'N' becomes 'A', etc. The easiest way to use this technique is with a substitution table, as below:

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

N O P Q R S T U V W X Y Z A B C D E F G H I J K L M

To use the table, for each character that needs to be changed find the character in the upper row and replace it with the corresponding character in the bottom row. Of course, with a cypher this simple some tricks are employed to maintain consistency. Firstly, punctuation and spaces are not encrypted. Secondly, lower and upper case letters are both treated in the same way. Implementing these ideas in code is fairly simple.

Caesar Cypher

This rotation of 13 characters for ROT13 can be changed using any integer from 1 to 25, which I naively called ROTx (the real name for this cypher is a Caesar cypher). The challenge I condesidered is to decypher text that has been encrypted with rotation of an unknown integer x.

The method I came up with for decryption is fairly simple, and involves comparing the letter frequency of our encrypted text with known average letter frequencies for the English Language. This has the limitation that it'll only work reliably for English text, but letter frequency tables for different languages can be substituted depending on the language the text is suspected to have been written in.

Letter	Frequency (%)
A	8.167
B	1.492
C	2.782
D	4.253
E	12.702
F	2.228
G	2.015
H	6.094
I	6.966
J	0.153
K	0.772
L	4.025
M	2.406
N	6.749
O	7.507
P	1.929
Q	0.095
R	5.987
S	6.327
T	9.056
U	2.758
V	0.978
W	2.360
X	0.150
Y	1.974
Z	0.074

The frequency table I have used above comes from Wikipedia (opens new window). My code calculates the letter frequency of the cypher text and then tries to match this frequency map with that of the reference frequency table. The program rotates the frequency table one letter at a time, adds up all the differences between the frequency of each letter and the expected frequency, and keeps a record of the total. The lowest total deviation of all the rotations from the known letter frequencies is taken to be the best fit to the text, and hence the correct decryption.

Of course clever things could be done with dictionary lookups, first/last letter frequencies (which will differ from overall letter frequencies) and the like, but as it is I was quite surprised with how little text the program needs to correctly guess the plaintext. Single words such as 'Hello' are decyphered successfully. Whether a decryption is successful or not, it will give the same decrypted text whatever the chosen rotation of the original text - changing the rotation number will not alter the decrypted result.

Encryption

Type some text in the left text box, and choose your rotation amount. Remember to type something in English - gobbledygook won't be decypherable.

The encrypted text will show in the right text box. Copy this text.

Rotation 12345678910111213141516171819202122232425

Decryption

Paste the text from above into the left box below. An algorithm will attempt to use letter frequencies to calculate what rotation was used to encrypt the text, and will show both the rotation and the original text.

The code used for the text boxes below is not connected to the text boxes above in any way, so no cheating is going on! (If you don't believe me, go here (opens new window) to create some rotated text and paste it into the bottom left box for decoding, without using the top encoding text boxes)

Guessed Rotation

Okay, that was pretty cool! Want to see how I did it? Here's my code:

Code

This vue component uses a computed property to calculate the encrypted text, given some plain text and a rotation value.

<template>
	<form>
		<label for="caesar">Rotation</label>
		<select id="caesar" v-model="rotation">
			<option v-for="n in 25" :value="n">{{n}}</option>
		</select>
		<textarea id="plain" v-model="plain" />
		<textarea id="cypher" v-model="cypher" readonly />
	</form>
</template>

<script>
	const caesar = require("./caesar");
	export default {
		data() {
			return {
				plain: "",
				rotation: 13,
			};
		},
		computed: {
			cypher() {
				return caesar.rotate(this.plain, this.rotation);
			}
		}
	};
</script>

<style scoped>
	form {
		margin-top: 4em;
	}

	#caesar {
		margin-bottom: 2em;
		display: block;
		padding: 0.5em;
	}

	#cypher,
	#plain {
		width: 40%;
		height: 5em;
	}
</style>

This Vue component computes the most likely rotation of a piece of encrypted text, and then displays that rotation. It also computes and displays the plain text, using the computed rotation value.

<template>
	<form>
		<label for="caesar_decode">Guessed Rotation</label>
		<input readonly id="caesar_decode" v-model="rotation">
		<textarea class="cypher" v-model="cypher" />
		<textarea class="plain" v-model="plain" readonly />
	</form>
</template>

<script>
	const caesar = require("./caesar");
	export default {
		data() {
			return {
				cypher: "",
			};
		},
		computed: {
			rotation() {
				return caesar.rotation(this.cypher);
			},
			plain() {
				return caesar.rotate(this.cypher, 26 - this.rotation);
			}
		}
	};
</script>

<style scoped>
	form {
		margin-top: 4em;
	}

	#caesar_decode {
		display: block;
		width: 2.5em;
		padding: 0.5em;
		padding-left: 1em;
		padding-right: 0;
		margin-bottom: 2em;
	}

	.cypher,
	.plain {
		width: 40%;
		height: 5em;
	}
</style>

This function is based on one written by me as part of a CodeWars Kata (opens new window), and performs both the rotation and decryption.

exports.rotate = (message, rotation) => !message ? '' : [...message].map((letter) => {
	const char = letter.charCodeAt(0);
	if (64 < char && char < 91) return String.fromCharCode(((char - 65 + rotation) % 26) + 65);
	if (96 < char && char < 123) return String.fromCharCode(((char - 97 + rotation) % 26) + 97);
	return letter;
}).join('');

exports.rotation = (text) => {
	let letters = {};
	for (let j = 0; j < 26; j++) {
		letters[String.fromCharCode(97 + j)] = 0;
	}
	const frequencies = require("./frequencies.json");
	let deviations = [];
	for (let i = 0; i < 26; i++) {
		let freq = Object.assign({}, letters);
		exports.rotate(text, i).split("").forEach((s) => {
			if (s.toLowerCase() in freq) freq[s.toLowerCase()]++;
		});
		let total = 0;
		for (let letter in freq) {
			total += freq[letter];
		}
		let deviation = 0;
		for (let letter in freq) {
			deviation += Math.abs(freq[letter] / total - frequencies[letter]);
		}
		deviations.push(deviation);
	}
	return 26 - deviations.indexOf(Math.min(...deviations));
};

exports.reverse = (text) => !text ? '' : [...text].map((letter) => {
	const char = letter.charCodeAt(0);
	if (64 < char && char < 91) return String.fromCharCode(((27 - (char - 65)) % 26) + 65);
	if (96 < char && char < 123) return String.fromCharCode(((27 - (char - 97)) % 26) + 97);
	return letter;
}).join('');

This is the data set of letter frequencies in English that I use for decryption.

{
	"a": 0.08167,
	"b": 0.01492,
	"c": 0.02782,
	"d": 0.04253,
	"e": 0.12702,
	"f": 0.02228,
	"g": 0.02015,
	"h": 0.06094,
	"i": 0.06966,
	"j": 0.00153,
	"k": 0.00772,
	"l": 0.04025,
	"m": 0.02406,
	"n": 0.06749,
	"o": 0.07507,
	"p": 0.01929,
	"q": 0.00095,
	"r": 0.05987,
	"s": 0.06327,
	"t": 0.09056,
	"u": 0.02758,
	"v": 0.00978,
	"w": 0.0236,
	"x": 0.0015,
	"y": 0.01974,
	"z": 0.00074
}

Out of interest, here's the original code I wrote in PHP. It took me an hour or so to convert this to the Vue example above.

<?php

class cipher
{
 public $plainText;
 public $encodedText;
 public $rotation;
 private $englishLetterFrequencies = array(0.08167, 0.01492, 0.02782, 0.04253, 0.12702, 0.02228, 0.02015, 0.06094, 0.06966, 0.00153, 0.00772, 0.04025, 0.02406, 0.06749, 0.07507, 0.01929, 0.00095, 0.05987, 0.06327, 0.09056, 0.02758, 0.00978, 0.02360, 0.00150, 0.01974, 0.00074);

 function rotateLetter($letter) {
 $inverseRotation = (26 - $rotation);
 $upperCaseStart = ord('A');
 $upperCaseEnd = $upperCaseStart + 25;
 $upperCaseMiddle = $upperCaseEnd - $rotation;
 $lowerCaseStart = ord('a');
 $lowerCaseEnd = $lowerCaseStart + 25;
 $lowercaseMiddle = $lowerCaseEnd - $rotation;
 if ($letter <= $lowerCaseEnd) {
  if ($letter >= $lowerCaseMiddle) {
   return $letter - $inverseRotation;
  }
  if ($letter >= $lowerCaseStart) {
   return $letter + $rotation;
  }
  if ($letter <= $upperCaseEnd) {
   if ($letter >= $upperCaseMiddle) {
    return $letter - $inverseRotation;
   }
   if ($letter >= $upperCaseStart) {
    return $letter + $rotation;
   }
  }
  return $letter;
 }

 function rotateText() {
  for ($i = 0; $i < strlen($this->plainText); $i++)
   $this->encodedText .= chr(rotateLetter(ord($this->plainText{$i})));
  }
 }

 function findFrequencies() {
  for ($i = 0; $i < strlen($this->plainText); $i++) {
   $letter = ord($this->plainText{$i});
   if (($letter >= $lowerCaseStart) && ($letter <= $lowerCaseEnd)) {
    $frequencies[$letter - $lowerCaseStart]++;
   }
   else if (($letter >= $upperCaseStart) && ($letter <= $upperCaseEnd)) {
    $frequencies[$letter - $upperCaseStart]++;
   }
  }
  $letterTotal = array_sum($frequencies);
  for ($i = 0; $i < 26; $i++) {
   $frequencies[$i] /= $letterTotal;
  }
  for ($i = 1; $i < 26; $i++) {
   $frequencies[25] = array_shift($frequencies);
   for ($j = 0; $j < 26; $j++) {
    $shiftDifference[$i] += abs($englishLetterFrequencies[$j] - $frequencies[$j]);
   }
  }
  $minDifference = min($shiftDifference);
  $shiftDifferenceFlip = array_flip($shiftDifference);
  $minPosition = $shiftDifferenceFlip[$minDifference];
 }

}

?>

<?php
if (isset($_POST['Submit']))
{
 $code = new cipher();
 if ($_POST['action'] == 'encode') {
  $code->plainText = $_POST['text'];
  $code->rotation = $_POST['rotation'];
  echo $code->plainText;
 } else {
  $code->encodedText = $_POST['text'];
 }

}
?>
<form enctype="multipart/form-data" method="post" action="/node/9">
<fieldset id="rotdata">
<input type="radio" name="action" value="encode" id="encode" checked="checked" /><label for="encode">Encode</label> with <label for="ROT">ROT</label>
<select name="rotation">
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
<option value="13" selected="selected">13</option>
<option value="14">14</option>
<option value="15">15</option>
<option value="16">16</option>
<option value="17">17</option>
<option value="18">18</option>
<option value="19">19</option>
<option value="20">20</option>
<option value="21">21</option>
<option value="22">22</option>
<option value="23">23</option>
<option value="24">24</option>
<option value="25">25</option>
</select>

<input type="radio" name="action" value="decode" id="decode" /><label for="decode">Decode</label>

<textarea name="text" rows="8" cols="80"></textarea>
<input type="submit" name="submit" value="Submit" />
</fieldset>
</form>

Substitution Cypher

Taking this idea further, a piece of text could be encoded by randomly switching letters, rather than just shunting the alphabet. This would be harder to decrypt than a Caesar cypher, but with enough text we should still be able to decode a message by calculating letter frequencies and comparing them to our reference frequencies.