The Vigen` ere Cipher

Based on a publication in 1585 by Blaise de Vigen`ere, the Vigen`ere cipher is based on applying a number of Caesar ciphers in sequence with different shift values to produce a polyalphabetic cipher. A typical systematic way of doing this is to use an alphabetic (Vigen`ere) table which consists of the alphabet written out 26 times in different rows where each alphabet is shifted cyclically to the left relative to the previous alphabet. This is equivalent to producing 26 Caesar ciphers as illustated in the Table 2. Having constructed a Vigen`ere table, the encryption process is based

ABCDEFGHIJKLMNOPQRSTUVWXYZ A ABCDEFGHIJKLMNOPQRSTUVWXYZ B BCDEFGHIJKLMNOPQRSTUVWXYZA C CDEFGHIJKLMNOPQRSTUVWXYZAB D DEFGHIJKLMNOPQRSTUVWXYZABC E EFGHIJKLMNOPQRSTUVWXYZABCD F FGHIJKLMNOPQRSTUVWXYZABCDE .. . ...

Table 2: A Vigen`ere table consisting of the alphabet written out 26 times in different rows where each alphabet is shifted cyclically to the left relative to the previous alphabet - equivalent to producing 26 Caesar ciphers.

on a cipher obtained using a different alphabet from one of the rows which depends on a repeating keyword. For example, consider the plaintext:

HILTERS ONLY GOT ONE BALL

We then choose a key which is as long as the plaintext ignoring spaces. This can be done by, for example, choosing a simple password and repeating it until it matches the length of the plaintext, for example. Suppose we choose the password ADOLPH, then the key becomes

ADOLPHA DOLP HAD OLP HADO

Using the Vigen`ere table, the first letter of the plaintext, H, is enciphered using the alphabet in row A, which is the first letter of the key. This is done by looking at the letter in row H and column A of the Vigen`ere table, namely H. Similarly, for the second letter of the plaintext, the second letter of the key is used; the letter at row I and column D is L. The rest of the plaintext is enciphered in a similar fashion to yield

Plaintext: HILTERS ONLY GOT ONE BALL Key: ADOLPHA DOLP HAD OLP HADO Ciphertext: HLHWTYS RBWN NOW CYT IAOZ

Decryption is performed by finding the position of the ciphertext letter in a row of the table, and then taking the label of the column in which it appears as the plaintext. For example, in row A, the ciphertext H appears in column H, which is taken as the first plaintext letter. The second letter is decrypted by looking up L in row D of the table which occurs in column I and so on. We can express the process algebraically using a number association in which the letters A, B, ..., Z are taken to be the numbers 0, 1, ..., 25 respectively, with modulo 26 addition, i.e.

Ci = (Pi+ Ki)MOD(26)

for encryption of the plaintext array Pi to the ciphertext array Ci using the key Ki and

Pi = (Ci− Ki)MOD(26) for decryption.

Compared to the monoalphabetic Caesar cipher, the Vigen`ere cipher, like all polyalphabetic ciphers cannot easily be broken using statistical analysis, i.e. inter- preting the histogram of the ciphertext. For example, the letter E can be enciphered as any of several letters in the alphabet at different points in the message thus de- feating the simple frequency analysis associated with a Caesar cipher. The critical weakness in the Vigen`ere cipher is the relatively short and repeated nature of its key. If a cryptanalyst discovers the key’s length then the cipher text can be treated as a series of different Caesar ciphers, which individually are trivially broken.

The example given above is based on the construction of key through the repe- tition of a short password. Key repetition of any type is a source of major weakness

in the construction of a cipher. In some cases, use of the Enigma cipher was based on key repetition. The rotor and plug board settings for a given day and usually at a set time (i.e. the key for the message(s) yet to be sent) were communicated by radio transmission using standard Morse code (as were the encrypted messages). This transmission was sometimes repeated in order to give the recipient(s) multi- ple opportunity to receive the key without ambiguity. For a period of time, the transmission was repeated three times, although this was reduced to just twice later on. Worse still, in some rare but important cases, the passwords were composed of simple names, e.g. the name of some operators’ girlfriends. Thus, in many cases, a simple password consisting of an identifiable name was transmitted two or three times sequentially leading to near perfect temporal correlation of the initial commu- nication. This was a phenomenally irresponsible way of using the Enigma cipher. In today’s environment it is like choosing the name of your girlfriend as a password for your personal computer, shouting it out a number of times to your colleagues in an open plan office and then wondering why everyone seems to know something about your private parts! This example of key repetition illustrates how relatively easy it was for the British war time intelligence services to decipher some Enigma encrypted messages.

There are some obvious improvements to the Vigen`ere cipher that can be easily introduced. The first is to produce a key that is not based on repeating a simple password. The second is to use a Vigen`ere table in which the rows are randomly permutated. We can think of the table as being an example of an encryption algo- rithm which can be made publicly accessible. The problem is then how to exchange the key to the recipient of the encrypted messages without this vital information being compromised.