Coded Messages: Cracking Messages

As a spy, being able to send encrypted messages to your partners in espionage is a great skill to know, but just as important is being able to decrypt messages from counterespionage rings.

In this instructable, I'll discuss how to discern what type of encryption may be used for a particular message and how to crack the message to learn its contents.

Check out the first half of my Coded Messages Series! Coded Messages: Sending Messages

• Pen
• Pencil
• Paper
• Codebreaker Charts

Image by Pexals from Pixabay

• The plaintext is the message that is being encrypted by the sender of the message, and will be written in lowercase letters, and surounded by quotation marks.

• The ciphertext is the encrypted message that is actually sent to the recipient to be decrypted, and will be written using uppercase letters, and surounded by quotation marks.

• An intercept is a piece of encrypted text that has been discovered by an interceptor. That is, it is a ciphertext when you do not know the cipher used.

• Most ciphers use a key to make the encryption unique and hence more secure. The key usually takes the form of either a number or a word, and it always changes the more general algorithm for the encryption in some way. By using a key, the sender is trying to make the plaintext irretrievable should the ciphertext fall into the hands of an interceptor who does not know the key, even if they know which cipher has been used. This is at the very heart of cryptography, and is known as Kerckhoffs's Principle (or Shannon's Maxim). The key will always be written in lowercase, and in italics.

• The alphabet used in the encryption process can make a big difference to the ciphertext. It consists of the letters and symbols which will be transformed by the cipher. More importantly, any symbol which is NOT in the alphabet will be left unaltered in the ciphertext. The standard alphabet we shall use is the 26 Roman Letters "abcdefghijklmnopqrstuvwxyz". This means that any spaces, punctuation marks or numbers will not be changed in the ciphertext. Other alphabets can also be used containing these extra characters. Some ciphers use two or more alphabets mixed into each other.

• A null is a letter or simple placed at the end of a message to make it the right length. Nulls are often used to add a small measure of extra security to a message.

• A code is not the same thing as a cipher. A cipher is a group of letters in a particular, secret order. A code is a word that is used to replace another word. An example of a code would be this: "The pigeon flies at noontime" which is equal to: "The train leaves at noon."

While there are many different types of ciphers, (including monoalphabetic substitution ciphers, simple transposition ciphers, polyalphabetic substitution ciphers, fractionating ciphers, and digraph substitution ciphers) the two examples included in this instrucabe are are a fractionating transposition cipher which combines a modified Polybius square with a single columnar transposition, (ADFGVX) and a polyalphabetic substitution cipher (Vigenére).

Monoalphabetic ciphers are likely the most common cipher. They were also among the first ciphers used in human history. Early examples include the Caesar cipher (used by Julius Caesar himself), the Atbash cipher, and non-standard hieroglyphs. Unfortunately, Monoalphabetic ciphers are very weak by today's standards. Monoalphabetic ciphers are easily susceptible to frequency analysis and brute force attacks.

Polyalphabetic substitution ciphers are the cryptographer's answer to frequency analysis. The first known example of a polyalphabetic substitution cipher is the Alberti Cipher. Polyalphabetic substitution is essentially the same as monoalphabetic substitution, except that at random (or mathematically generated) points, a different alphabet is used (thus defeating the advantage of freqency anaysis). The Vigenére cipher is another example of a polyalphabetic substitution cipher. While frequency analysis is not feasible for polyalphabetic substitution ciphers, the Kasiski analysis method is effective.

Simple transposition ciphers are not susceptible to frequency analysis like monoalphabetic ciphers are, but there are still ways to decipher intercepted transposition messages. A few examples of simple transposition ciphers is the rail fence cipher, route cipher, and columnar transposition cipher. While frequency analysis will not have much of an effect on transposition ciphers (because the letters in a transposition cipher are not replaced, they are merely jumbled) frequency analysis can give a great indication to what language the cipher was written in, thus giving the interceptor a great hint. The main technique used for deciphering transposition ciphers is anagramming. 

"In polyalphabetic substitution ciphers where the substitution alphabets are chosen by the use of a keyword, the Kasiski examination allows a cryptanalyst to deduce the length of the keyword. Once the length of the keyword is discovered, the cryptanalyst lines up the ciphertext in n columns, where n is the length of the keyword. Then each column can be treated as the ciphertext of a monoalphabetic substitution cipher. As such, each column can be attacked with frequency analysis. Similarly, where a rotor stream cipher machine has been used, this method may allow the deduction of the length of individual rotors.

The Kasiski examination involves looking for strings of characters that are repeated in the ciphertext. The strings should be three characters long or more for the examination to be successful. Then, the distances between consecutive occurrences of the strings are likely to be multiples of the length of the keyword. Thus finding more repeated strings narrows down the possible lengths of the keyword, since we can take the greatest common divisor of all the distances.

The reason this test works is that if a repeated string occurs in the plaintext, and the distance between corresponding characters is a multiple of the keyword length, the keyword letters will line up in the same way with both occurrences of the string. For example, consider the plaintext:

crypto is short for cryptography.

"crypto" is a repeated string, and the distance between the occurrences is 20 characters. If we line up the plaintext with a 6-character keyword "abcdef" (6 does not divide into 20):

abcdefabcdefabcdefabcdefabcdefabc
crypto is short for cryptography.

the first instance of "crypto" lines up with "abcdef" and the second instance lines up with "cdefab". The two instances will encrypt to different ciphertexts and the Kasiski examination will reveal nothing. However, with a 5-character keyword "abcde" (5 divides into 20):

abcdeabcdeabcdeabcdeabcdeabcdeabc
crypto is short for cryptography.

both occurrences of "crypto" line up with "abcdea". The two instances will encrypt to the same ciphertext and the Kasiski examination will be effective." (Source: https://en.wikipedia.org/wiki/Kasiski examination)

Homophonic Substitution is used to reduce the effectiveness of frequency analysis. To use homophonic substitution, give each of the most common letters that occur in the message several symbols. Use the different symbols equally if possible.

Fractionating Ciphers are ciphers that use a fractionating method. Fractionating refers to the splitting of letters into two or more symbols. ADFGVX is a prime example of this. Fractionating is different from homophonic substitution is that homophonic substitution gives more, different, symbols for the same letter. Fractionating uses the same symbols for the letter, the change being that two symbols are used.

Digraph substitution ciphers are much like monoalphabetic ciphers, except that instead of replacing single letters with single letters, pairs of letters replace pairs of letters. Examples of this would include two-square and four-square.

Image by Gordon Johnson from Pixabay

Monoalphabetic ciphers can often be broken by frequency analysis. To use frequency analysis, simply take the intercept and count how many times a single symbol occurs. Once you have counted all of the separate symbols and know all of the times they occur. In English, the letter E is most common.

The chart below shows that amount of times English letters appear in a study of several thousand words.

The following is a list of the 50 most common words in the English language.

The 

Of

And

To

In

A

Is

That

For

It

As

Was

With

Be

By

On

Not

He

I

This

Are

Or

His

From

At

Which

But

Have

An

Had

They

You

Were

There

One

All

We

Can

Her

Has

There

Been

If

More

When

Will

Would

Who

So

No

Image by Pexels from Pixabay

A polyalphabetic cipher is a cipher that uses more than one alphabet. While a cipher has to use more than one alphabet (or set of symbols) in order to be included in this category, it can also use the same alphabet twice. Examples of this would include ADFGVX, Autokey, and Vigenére.

Image by Gerd Altmann from Pixabay

Because transposition ciphers are not susceptible to frequency analysis, we must use a different technique. The most common technique for transposition ciphers is anagraming. Transposition ciphers do not replace letters with symbols, rather, the letters are scrambled.

Homophonic substitution reduces the effectiveness of frequency analysis by replacing certain letters (or symbols) with letters (or symbols) that sound similar, but do not follow correct syntax (language structure) rules. While homophonic substitution does not make ciphers impervious to attack, it does make it more secure. An interesting fact about homophonic substitution is that humans can comprehend the plaintext (including the homophonic substitution) and computers either seriously struggle or cannot understand it at all. An example of homophonic substitution would be this: Mete me at the prk or Chek owt the man in graye.

Image by OpenClipart-Vectors from Pixabay

Fractionating is the process of splitting a single symbol into two or more different (sometimes one of the fractionated symbols is the same) symbols. Like the picture above, fractionation takes a single symbol and breaks it into several symbols. ADFGVX is an example of a cipher that uses fractionation.

Digraph substitution is somewhat similar to fractionation, because it also takes a single symbol and splits it into two other symbols. Unlike fractionation, which can have 2, 3, or even 10 symbols representing a single letter or number, digraph substitution only uses two symbols to represent the plaintext symbol. An example of digraph substitution using ADFGVX would be this:

Plaintext: This is an example of digraph substitution. 

Key: INSTRUCTABLES

Ciphertext: AG AF FF AG AV AG AV AF FX VA FG GD AA AG AX DA GG GX

For Reference on how to use ADFGVX, check out my instructable on using ciphers. https://www.instructables.com/Coded-Messages-Sending-Messages/