Cryptanalysis Techniques
"To know how to defend, you must first know how to attack."
Seven techniques that break almost every classical cipher in this museum β from Al-Kindi's frequency tables (850 AD) to modern hill-climbing algorithms.
Open Codebreaker's Workbench β7 Techniques That Break Classical Ciphers
Languages have predictable letter frequencies. In English, E=12.7%, T=9.1%, A=8.2%. Any cipher that maps one letter to one symbol preserves these frequencies. Count the symbols, compare to known frequencies, recover the key.
In a Vigenère cipher, the same plaintext + same key position = same ciphertext. Identical repeated strings in the ciphertext reveal probable key length. Their spacing is likely a multiple of the key length.
Measures statistical similarity to natural language. English text has an IC of ~0.066. Random text has ~0.038. A polyalphabetic cipher produces values between these β and the IC can reveal the key length without finding repeated strings.
Guess probable plaintext words called "cribs" β military messages often start with standard phrases. The Enigma was broken partly because operators always began with WETTER (weather), HEIL HITLER, or ANX (a header). Known structure is a fatal weakness.
When some plaintext is known, the key can often be derived directly. The Hill cipher's matrix key is recoverable with just two known plaintext-ciphertext pairs by solving a system of linear equations. Enigma used weather forecasts as cribs.
Start with a random key. Decrypt. Score the result using English language statistics β common digrams like TH, HE, IN. Make random changes to the key. Keep improvements, discard downgrades. Repeat millions of times. Works against substitution, Playfair, transposition.
Advanced optimization heuristics that explore key space more broadly than pure hill climbing. Genetic algorithms evolve populations of candidate keys. Simulated annealing occasionally accepts worse solutions to escape local optima. Breaks double transposition, Playfair, Hill cipher in seconds.
Speed comparison: A Vigenère with a 5-letter key that took weeks in the 1800s is cracked in under one second today. Monoalphabetic substitution falls in milliseconds.
Try the Techniques
Apply cryptanalysis tools to real ciphertext.
IC = Ξ£ ni(niβ1) / N(Nβ1) Β· β
Letter Frequencies (gold = input, outline = English)
Drag a probable plaintext word ("crib") across the ciphertext. Where the XOR or subtraction produces readable text, you've found the key position. This is how Bletchley Park broke Enigma β they guessed words like WETTER and HEILHITLER.
If you know some plaintext and its corresponding ciphertext, you can derive the key directly. For a VigenΓ¨re cipher: Key[i] = (Cipher[i] β Plain[i]) mod 26. Enter a matched pair to recover the key.
Watch a hill-climbing algorithm break a Caesar cipher by scoring each shift against English letter frequencies. The algorithm starts at shift 0, tests neighbors, and keeps the best score β climbing toward the correct key.
Simulated annealing improves on hill climbing by occasionally accepting worse solutions to escape local optima. Watch the temperature cool as the algorithm converges on the answer. Higher temperature = more exploration; lower = more exploitation.
12 Famous Codebreaks in History
The moments that changed wars, toppled spies, and birthed the computer.
First documented scientific cryptanalysis. Introduced statistical analysis to codebreaking. Every cipher for the next 400 years was vulnerable.
Ended the myth of the "indecipherable cipher." Babbage kept his method secret; Kasiski published it in 1863 and received the credit.
First widely published method for breaking polyalphabetic ciphers. European diplomatic Vigenère systems collapsed.
Created the first Enigma-breaking machines. Passed their work to Britain and France just before WWII began β giving Bletchley Park a head start.
The US could read Japanese diplomatic traffic before Pearl Harbor. The diplomatic warning was there β the military intelligence chain failed to act on it.
Showed theoretical weaknesses in DES block cipher design. Revolutionized how cryptographers design and evaluate cipher strength.
Shortened WWII by an estimated 2β4 years. The Bombe machine tested thousands of possible Enigma settings per minute, exploiting known plaintext cribs.
Led to the creation of Colossus β the world's first programmable electronic computer. The direct ancestor of modern computing was built to break a cipher.
Soviet operators reused one-time pad key material under wartime pressure. VENONA decoded thousands of messages and exposed Julius Rosenberg and other Soviet spies in the US.
Found linear approximations of DES S-box operations, reducing the work to break DES from 2β΅βΆ to 2β΄Β³. Accelerated the case for replacing DES with AES.
Broke RSA implementations by measuring how long decryption took. The math was fine β the implementation leaked secrets through time. Side-channel security became a new discipline.
Produced two different PDF files with the same SHA-1 hash. Forced the entire internet to migrate from SHA-1 to SHA-256 and SHA-3. Cryptographic hash functions are not forever.
The Big Pattern: Most famous codebreaks succeeded not from pure mathematics, but from human mistakes (reused OTP keys, predictable message headers), protocol flaws (Enigma operators sending the same message twice), and implementation errors (RSA timing leaks). The math is often the last thing that fails. This is as true today as in Caesar's time.