IBM Z Security - Group home

In this article, we will learn about a simple substitution cipher, the Caesar cipher. The Caesar cipher, also known as a shift cipher, is credited to Julius Caesar, and thus the name ‘Caesar cipher’. The Caesar cipher encryption scheme was used by Julius Caesar and his contemporaries for sending messages containing military secrets. The military secret messages were protected from Caesar’s enemies if they had no idea about how the encryption scheme worked – the Caesar cipher encryption scheme was used to transform the military secret messages into something that looked unintelligible to those who had no idea about the Caesar cipher encryption scheme. The Caesar cipher is a very, very simple encryption scheme that is used to obscure the meaning of a message by shifting each letter comprising the message a few places in the alphabet – it is due to this that the Caesar cipher is also known as a shift cipher. The Caesar cipher belongs to a subset of encryption schemes called substitution ciphers – a substitution cipher is so called because each letter comprising the message gets substituted, which eventually helps in obscuring the meaning of the entire message.

Limitation of the Caesar cipher

The English language has 26 alphabets. Therefore, for a plaintext letter, there can be only 25 different possible ciphertext letters. Obviously, we must not consider that ciphertext letter which is identical to the plaintext letter. The Caesar cipher, therefore, is evidently quite limited in terms of the encryption capabilities that it can offer.

In today’s age and times of extraordinary computing capabilities, the Caesar cipher is not worth implementing at all as an encryption scheme – it is simply not secure at all. However, the Caesar cipher may still find its use in some trivial applications, where the Caesar cipher could be employed as a simple means just to obscure the meaning of messages.

FUN FACT
In the 20^th century, the Caesar cipher was used many a times by lovers in order to send romantic messages in the public section of The Times newspaper. Now, that’s what I call “Cryptic ROMANCE”!!! 😊

In the Caesar cipher encryption scheme, the sender and receiver of the message should both know how the message has been encrypted (the Key) and this information, therefore, must be kept strictly secret so that it doesn’t get out into the hands of a rogue person. The Caesar cipher encryption scheme is, therefore, symmetric. In the Caesar cipher, a randomly chosen number between 1 and 25 constitutes the key. The key is then used by the Caesar cipher encryption algorithm in order to determine the cipher letter that will be used to substitute each letter comprising the plaintext. Therefore, if the key used to encrypt a message is kept secret, only those people who have the knowledge of what the key is should be able to correctly decrypt the message.


Caesar cipher Key Generation Algorithm
The key generation algorithm simply tells us how to choose the key for the Caesar cipher encryption scheme. The key in a Caesar cipher is simply the number of places each letter constituting the message should be moved. As an example, if the key is 5, A becomes F, B becomes G, …, Z becomes E. The key generation algorithm helps choose a number between 1 and 26 – although, for all practical reasons, we would want to avoid choosing the number 26; we certainly don’t want a plaintext A to be encrypted into the ciphertext A, for sure!!! A very simple Caesar cipher key generation algorithm would randomly choose a number between 1 and 25 as the key.

Caesar cipher Encryption Algorithm
The Caesar cipher encryption algorithm encrypts/converts a plaintext message m into a ciphertext message c. In order to encrypt a plaintext message m using the Caesar cipher, each letter constituting the plaintext message m must be moved the same number of places, as determined by the key. The Caesar cipher encryption algorithm lays down the set of instructions to help achieve the plaintext message encryption process to produce a ciphertext message.

The Caesar cipher encryption algorithm breaks down the plaintext message m into a list of corresponding letters (m₁, m₂, …, m_n) that constitute the plaintext message m. Each letter m₁ through m_n gets translated into a number depending upon the letter’s position in the alphabet. For example, A=1, B=2, …, Z=26. The value of the key k is added to the letter value/number – ResultantValue mod 26 is computed and the result gets translated back into a letter, which is the ciphertext letter c₁ corresponding to the plaintext letter m₁.

Caesar cipher Decryption Algorithm
So, by now, we have the Caesar cipher key generation and encryption algorithms and therefore, the only thing that is missing is the Caesar cipher decryption algorithm. The decryption algorithm will take the ciphertext message c and decrypt/convert that back into the plaintext message m. The decryption algorithm simply undoes the operations performed by the encryption algorithm.

You can clearly see that the decryption algorithm flow chart is very similar to that of the encryption algorithm flow chart. The only differences are: -
<i> the decryption algorithm takes the ciphertext message c as the input and returns the original plaintext message m, and
<ii> the value of the key, k is subtracted from the letter value/number; not added, as in the case of the encryption algorithm. And, why is that so?

Let us say that k = key,

                             p = an initial position in the alphabet for the plaintext letter,

                             n = new position in the alphabet for the cipher letter.

n = p + k
If we subtract k from the new position n,
n – k = p + k – k = p >>>>> we get the original/initial position in the alphabet for the plaintext letter back, which is exactly what we want the decryption algorithm to do.

Thus, we have seen that in the Caesar cipher encryption scheme, every letter comprising of the original plaintext message m is shifted the same number of places in the alphabet.


Why is the Caesar cipher insecure?
In cryptography, we consider an encryption scheme to be secure if the output produced by it appears random. One of the key principles here is that an encryption scheme should be able to produce indistinguishable cipher texts – if the encryption scheme is used to encrypt two different plaintext messages, given the two ciphertext messages, one should not be able to figure out which ciphertext message corresponds to which plaintext message.

For example, let us consider the following two different plaintext messages.

                                  Hello and how are you

                                                 and

                                  Doing good

Let us assume that we have encrypted both the plaintext messages using the Caesar cipher. Following are the two ciphertext messages.

                                 jgnnqcpfjqyctgaqw

                                                and

                                 hsmrkkssh

Clearly, just by looking at the two ciphertext messages, we are easily able to figure out which ciphertext message corresponds to which plaintext message. Yes, if the two plaintext messages had been the same length, the two ciphertext messages produced would also have been of the same length, but different length plaintext messages producing varying length ciphertext messages mean that the Caesar cipher doesn’t always produce indistinguishable cipher texts.

As the Caesar cipher encrypts each letter comprising the plaintext message m by moving it the exact same number of places in the alphabet, it means that the encryption process invariably preserves the patterns in the text.

Let us consider the following plaintext message.

      Hello

Following is the corresponding ciphertext message.

      mjqqt

Take note of the fact that the double letters in the plaintext message still appear as double letters (albeit different ones) in the ciphertext message.

Let us consider another plaintext message.

      Eating and drinking

Following is the corresponding ciphertext message.

      hdwlqjdqggulqnlqj

Notice that the common letter combinations like “ing” present in the plaintext message still appear in the ciphertext message, but with different letter combinations.

All these different pattern-preserving observations can inevitably assist the code-breakers in decrypting the Caesar cipher encrypted messages because the code-breakers can look for various clues hidden in the patterns of the letters.

Moreover, since the Caesar cipher key ranges from 1 to 26 (mostly 1 to 25 because key=26 is mostly avoided), it is quite convenient and easy to employ the brute force method, given today’s powerful computing capabilities. The code-breaker will simply try every key until the Caesar cipher encryption scheme is successfully broken. With today’s super powerful computers, breaking the Caesar cipher encryption scheme using the brute force method is super easy and quick.

Thus, we have looked at a variety of techniques that a code-breaker could employ in order to decrypt a Caesar cipher and the code-breaker doesn’t even need to bother about knowing the Caesar cipher key. Successfully breaking the Caesar cipher encryption scheme is greatly aided by the patterns in the text that are preserved by the encryption scheme.

**********************************************************************************************************************************************************
The author of the technical article, Subhasish Sarkar (SS), is an IBM Z Champion for 2020.
**********************************************************************************************************************************************************