Frequency Analysis

 

One way to tell if you have a "transposition" style of cipher instead of an encrypting method is to perform a letter frequency analysis on the ciphertext. In English, you will have certain letters (E, T) show up more than others (Q, Z). To use this tool, just copy your text into the top box and a chart showing letter frequency will be generated in the bottom. If you want to see a demo, I can type in some sample text for you.

Note: Approximate values for English text: Friedman IC is around 1.73 and kappa-plaintext is around 0.0665.

Hex analysis

 

Usefull for analyzing hex values?

Special chars numbers lowercase UPPERCASE

ASCII heatmap

 

Dec	Hex	Val		Dec	Hex	Val		Dec	Hex	Val		Dec	Hex	Val
0	0	NUL		32	20	SPACE		64	40	@		96	60	`		128-255	80-FF	High
1	1	SOH		33	21	!		65	41	A		97	61	a
2	2	STX		34	22	"		66	42	B		98	62	b
3	3	ETX		35	23	#		67	43	C		99	63	c
4	4	EOT		36	24	$		68	44	D		100	64	d
5	5	ENQ		37	25	%		69	45	E		101	65	e
6	6	ACK		38	26	&		70	46	F		102	66	f
7	7	BEL		39	27	'		71	47	G		103	67	g
8	8	BS		40	28	(		72	48	H		104	68	h
9	9	TAB		41	29	)		73	49	I		105	69	i
10	A	LF		42	2A	*		74	4A	J		106	6A	j
11	B	VT		43	2B	+		75	4B	K		107	6B	k
12	C	FF		44	2C	,		76	4C	L		108	6C	l
13	D	CR		45	2D	-		77	4D	M		109	6D	m
14	E	SO		46	2E	.		78	4E	N		110	6E	n
15	F	SI		47	2F	/		79	4F	O		111	6F	o
16	10	DLE		48	30	0		80	50	P		112	70	p
17	11	DC1		49	31	1		81	51	Q		113	71	q
18	12	DC2		50	32	2		82	52	R		114	72	r
19	13	DC3		51	33	3		83	53	S		115	73	s
20	14	DC4		52	34	4		84	54	T		116	74	t
21	15	NAK		53	35	5		85	55	U		117	75	u
22	16	SYN		54	36	6		86	56	V		118	76	v
23	17	ETB		55	37	7		87	57	W		119	77	w
24	18	CAN		56	38	8		88	58	X		120	78	x
25	19	EM		57	39	9		89	59	Y		121	79	y
26	1A	SUB		58	3A	:		90	5A	Z		122	7A	z
27	1B	ESC		59	3B	;		91	5B	[		123	7B	{
28	1C	FS		60	3C	<		92	5C	\		124	7C	|
29	1D	GS		61	3D	=		93	5D	]		125	7D	}
30	1E	RS		62	3E	>		94	5E	^		126	7E	~
31	1F	US		63	3F	?		95	5F	_		127	7F	DEL

Manipulation

 

Need to change something from lowercase to uppercase? Count the letters, numbers, and punctuation? Remove spaces or add spaces at every X characters? This can help. Just type some text into the box and click on the links to change things around.

CyberChef: https://gchq.github.io/CyberChef/

Convert: UPPERCASE, lowercase, First Letter, Natural case
Spacing: Remove spaces and tabs, Remove newlines

Other Things: Reverse

Grouping: Make groups of 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 , break after No 1 2 3 4 5 6 7 8 9 10 15 20 25 30 40 50 groups

Binary-type input (bin,hex,base64) functions:

STRINGS

  The current (unmodified) input is: Image visual: Remove all non-hex chars: Remove all non-hex chars and to string:

Binary

 

text

Hex

 

text

Hex binary-inverse, binary-reverse and binary-inverse-reverse:

Octal

 

Three representations. 1 2 3

Decimal

 

text

RSA Decimal

 

After decrypting an RSA message, a large int is obtained. This int can be converted back to a string.

Base32

 

text

Base36

 

Base36 is extremely annoying to program in JavaScript where integers are available until 53 bits.

Python one liner:
a = 'AIDQJB34I3OA5B0BVLPE3OGV6XX23TTIGE6I451CC6V0VPWVWWGL1123EL2K56OS6R3W123WF2B0P90XH6N'
print ("0"+hex(int(a,36))[2:-1]).decode('hex')

Base58

 

Base58 is extremely annoying to program in JavaScript where integers are available until 53 bits.

Base64

 

Base64, also known as MIME encoding, translates binary into safe text. It is used to send attachments in email and to change small bits of unsafe high-character data into stuff that is a lot nicer for text-based system. (Also JWT)

Ascii85 | Base85

 

text

Ascii

 

text

Bin/Hex shift

 

Binary or hex shift

Switch

 

Character switch 0x1424 -> 0x4142 or BADC -> ABCD

Roman numerals

 

Letter a -> LXXVI CI CXVI CXVI CI CXIV XXXII XCVII

Affine Cipher (Multiply)

 

The Affine cipher is a monoalphabetic substitution cipher and it can be the exact same as a standard Caesarian shift when "a" is 1. Mathematically, it is represented as e(x) = (ax + b) mod m. Decryption is a slightly different formula, d(x) = a^-1(x - b) mod m.

To encode something, you need to pick the "a" and it must be coprime with the length of the alphabet. To make this easier, I have the (+) and (-) buttons to change the A to the next higher or lower coprime number.

a: -

b: - {in ([0-25] | [0-94])}

Atbash cipher

 

The Atbash cipher is a very common, simple cipher. It was for the Hebrew alphabet, but modified here to work with the English alphabet. Basically, when encoded, an "A" becomes a "Z", "B" turns into "Y", etc.

The Atbash cipher can be implemented as an Affine cipher by setting both "a" and "b" to 25.

Baconian

 

Francis Bacon created this method of hiding one message within another. It is not a true cipher, but just a way to conceal your secret text within plain sight. The way it originally worked is that the writer would use two different typefaces. One would be the "A" typeface and the other would be "B". Your message would be written with the two fonts intermingled, thus hiding your message within a perfectly normal text.

There are two versions. The first uses the same code for I and J, plus the same code for U and V. The second uses distict codes for every letter.

For example, let's take the message "Test It" and encode it with the distinct codes for each letter. You get a result like "BAABBAABAABAABABAABB ABAAABAABB". The original message is 6 characters long so the encoded version is 6 * 5 = 30 characters. If I were to find a 30-character message and put in "B" letters as bold and italics, we will get "This is a test message with bold for "B".".

When decoding, it will use "0", "A", and "a" as an "A"; "1", "B", and "b" are all equivalent as well. Other letters are ignored.

Distinct codes I=J and U=V Your message: (Swap A and B)

Bifid

 

The Bifid cipher is considered a more secure cipher because it breaks the message apart into two separate streams and then recombines them. This spreads the information out to multiple letters, increasing security. It uses a table with one letter of the alphabet omitted. Often the J is removed and people just use an I instead. Below is an unkeyed grid.

A B C D E F G H I K L M N O P Q R S T U V W X Y Z

To encode a message, you would write your message, "ABCD", then you would figure out the row and column for each letter and write them below the letters, like the example shows. Then you read the numbers off; all of the rows first and then all of the columns. Using this string of numbers, you then look up the letters on the table again and get the encoded message.

letter: A B C D    row: 1 1 1 1 column: 1 2 3 4 The numbers: 1 1 1 1 1 2 3 4     Encoded:  A   A   B   O

All non-letters are ignored and not encoded. The one skipped letter will be automatically translated if you type it in the box. Numbers, spaces, and punctuation will remain in place and will not be encoded.

You can see the example message, or the example from Wikipedia.

Translate the letter A B C D E F G H I J K L M N O P Q R S T U V W X Y Z into

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Alphabet Key: -

Tableau Used:

A B C D E F G H I K L M N O P Q R S T U V W X Y Z

Only Letters - Removes all non-letters from the text.

Caesarian shift

 

This is a standard Caesarian Shift cipher encoder, also known as a rot-N encoder and is also a style of substitution cipher. This way, you can add one, two, or any number up to 25 to your string and see how it changes. This is an offshoot of the rot13 encoder on this web site. To perform this shift by hand, you could just write the alphabet on two strips of paper. Line them up so the top strip's A matches the bottom strip's D (or something) and then you can encode.

This sort of cipher can also be known as a wheel cipher. This is where an inner wheel has the alphabet around the outside, and that is placed upon an outer wheel, also with the alphabet going around it. You can rotate the wheels so that ABC lines up with ABC, or ABC may line up with QRS.

To encode something, just pick an N and type in your message. To decode something, subtract the encryption N from 26 and it should be decoded for you.

Brute force caesar cipher on a specific alphabet:
Possible alphabets which you can copy-paste in the input box below:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
0123456789
1234567890

If special characters are found, a 'smart' alphabet consisting of A-Z plus the special characters is created in an attempt to decode it.

Brute force caesar cipher on an integer or hex range (0x00-0x7F).   From: - To: or Hex values should begin with 0x, otherwise decimal is assumed.

Columnar Transposition

 

A columnar transposition, also known as a row-column transpose, is a very simple cipher to perform by hand. First, you write your message in columns. Then, you just rearrange the columns. For example. I have the message; "Which wristwatches are swiss wristwatches." You convert everything to upper case and write it without spaces. When you write it down, make sure to put it into columns and number them. Let's use five columns.

	Unencoded	Rearranged
Column #:	4 2 5 3 1 W H I C H W R I S T W A T C H E S A R E S W I S S W R I S T W A T C H E S	1 2 3 4 5 H H C W I T R S W I H A C W T E S R E A S W S S I T R S W I H A C W T   S   E

Now, you just read the columns down in the order that you number them. Above, you will see the key is 4 2 5 3 1, which means you write down the last column first, then the second, then the fourth, the first, and finally the middle. When you are all done, you will get "HTHESTHHRASWRASCSCRSSCWWWESWWEIITAIIT". I can put the example's information into the encoder for you: Encode or Decode

This columnar transposition cipher implementation will also move spaces around, so you can take "a b c" with a key of "2 1" and get "  abc" (note the two spaces in front). I suggest you remove all spaces before you encode the text, but they should be preserved even if you don't. Newlines are ignored and not taken into consideration.

Numeric Key - Spaced Numbers Key Word(s) - Duplicates numbered forwards Key Word(s) - Duplicates numbered backwards :
The resulting columnar key:
- Use the key as column order instead of column labels

Columnar Transposition:

Transposition:

Cryptogram / quipqiup

  

quipqiup is a fast and automated cryptogram solver by Edwin Olson. It can solve simple substitution ciphers often found in newspapers, including puzzles like cryptoquips (in which word boundaries are preserved) and patristocrats (inwhi chwor dboun darie saren t). You can also see the online help.

Or use Cryptogram

Digraph

 

Click the button to decode. Digraph calculation is computationally intensive, so it is a manual action. Quipqiup is auto launched after button is pressed.

EBCDIC

 

Extended Binary Coded Decimal Interchange Code (EBCDIC) is an 8-bit character encoding used mainly on IBM mainframe and IBM midrange computer operating systems. EBCDIC descended from the code used with punched cards and the corresponding six bit binary-coded decimal code used with most of IBM's computer peripherals of the late 1950s and early 1960s.

Enigma

 

To learn more about the Enigma Machine, try using the Paper Engima. You can also read the source code used by this Enigma Simulator.

Initialization

1. Rotors:
2. Rotor Start:
3. Rings:
4. Plugboard:

Decoding

1. Rotor:

Gronsfeld cipher (Use Cryptool)

 

Or Gronsfeld

Letter Numbers

 

One of the first ciphers that kids learn is this "letter number" cipher. You replace letters with a number: A=1, B=2, C=3, etc.

When encrypting, only letters will be encoded. Non-letters will be treated like spaces. When decrypting, numbers will be changed back to letters, hyphens will be removed, and the rest fill act like spaces.

Method: "ABC XYZ" becomes 1-2-3 24-25-26 01-02-03 24-25-26 010203 242526

This is your encoded or decoded text:

Least significant bit (LSB)

 

LSB stego like.
Masked with 0x01, 0x02, 0x03 and 0x04:

Morse code

 

Morse Code, created by Samuel Morse, was designed to transmit letters across telegrams. He wanted frequently used letters to have short codes and less frequently used letters to have longer codes.

It has since been used in many other situations. For a lot more information, visit the Wikipedia entry on the topic.

When encrypting, only letters and numbers will be encoded and the rest will be treated like spaces. When decrypting, only periods and hyphens will be decoded and the rest will be treated like spaces. This web page uses International Morse Code with some additional enhancements, but without support for foreign characters. It also is geared to help you decode Morse Code snippets you find with the Reverse (flips the text) and Swap (exchanges periods and hyphens) links.

You can also insert the following phrases from the Kryptos statue: SOS, RQ, SHADOW FORCES, VIRTUALLY INVISIBLE, ...T IS YOUR POSITION, DIGETAL INTERPRETATIT, LUCID MEMORY. (See Photos)

Your message: (Reverse - Swap)

Morse code

Maze

 

Going through the numbers like a maze

1. Maze_hex_↖↳↳() 1. Maze_hex_↰↰↘() 2. Maze_hex_↖↳↱() 2. Maze_hex_↰↲↗() 3. Maze_hex_↙↱↱() 3. Maze_hex_↲↲↗() 4. Maze_hex_↙↱↳() 4. Maze_hex_↲↰↘()

One Time Pad

 

It is said that the one-time pad is the best cipher anywhere. It is uncrackable as long as you keep the messages short, use shorthand and abbreviations, remove unnecessary letters, never reuse a pad, and have a good enough random source for data.

This implementation will take the letters (and letters only) from the pad and encrypt the letters from your message. It leaves spaces, newlines (enters / returns), punctuation, numbers, and all of the things that aren't A-Z alone. Make sure that your pad is at least as long as the number of characters in your message, otherwise your message will not be encoded.

The pad:

Playfair Cipher

 

The Playfair cipher is a digraph substitution cipher. It employs a table where one letter of the alphabet is omitted, and the letters are arranged in a 5x5 grid. Typically, the J is removed from the alphabet and an I takes its place in the text that is to be encoded. Below is an unkeyed grid.

A B C D E F G H I K L M N O P Q R S T U V W X Y Z

To encode a message, one breaks it into two-letter chunks. Repeated letters in the same chunk are usually separated by an X. The message, "HELLO ONE AND ALL" would become "HE LX LO ON EA ND AL LX". Since there was not an even number of letters in the message, it was padded with a spare X. Next, you take your letter pairs and look at their positions in the grid.

"HE" forms two corners of a rectangle. The other letters in the rectangle are C and K. You start with the H and slide over to underneath the E and write down K. Similarly, you take the E and slide over to the H column to get C. So, the first two letters are "KC". "LX" becomes "NV" in the same way.

"LO" are in the same row. In this instance, you just slide the characters one position to the right, resulting in "MP". The same happens for "ON", resulting in "PO". "EA" becomes "AB" in the same way, but the E is at the far edge. By shifting one position right, we scroll around back to the left side and get A.

"ND" are in a rectangle form and beomes "OC". "AL" are both in the same column, so we just move down one spot. "AL" is changed into "FQ". "LX" is another rectangle and is encoded as "NV".

The resulting message is now "KC NV MP PO AB OC FQ NV" or "KCNVMPPOABOCFQNV" if you remove the spaces.

This encoder will do all of the lookups for you, but you still need to do a few things yourself.

1. Manually break apart double letters with X (or any other) characters. Some people break apart all doubles, others break all doubles that happen in the same two-letter chunk. This encoder requires neither in order to be more flexible.
2. Manually make the message length even by adding an X or whatever letter you want. If you don't, the encoder will automatically add an X for you.

All non-letters are ignored and not encoded. The one letter that you select to share a square in the cipher is translated. Numbers, spaces, and punctuation are also skipped. If you leave two letters together in a two-letter chunk, they will be encoded by moving down and right one square ("LL" becomes "RR") where as traditional Playfair ciphers will automatically insert an X for you.

This particular cipher was used by the future U.S. President, John F. Kennedy, Sr. He sent a message about a boat going down.

Translate the letter A B C D E F G H I J K L M N O P Q R S T U V W X Y Z into

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Encode double letters (down and right one spot)

Alphabet Key: -

Tableau Used:

A B C D E F G H I K L M N O P Q R S T U V W X Y Z

Add Spaces - Adds a space after every other letter (only A-Z count) so you can see the letter pairs.
Only Letters - Removes all non-letters from the text.

This is your encoded or decoded text:

Railfence

 

When you rearrange your text in a "wave" sort of pattern (down, down, up, up, down, down, etc.), it is called a railfence. Take the text "WAFFLES FOR BREAKFAST" and arrange them in waves like the diagram below. I substituted * for spaces just to illustrate that the spaces are not removed.

W   L   F   B   K   T
 A F E * O * R A F S
  F   S   R   E   A

You leave the spaces in. Next, you squish together the lines, remembering to keep the spaces in. I did not replace spaces with stars since the spaces are clearly shown in the middle line.

WLFBKT
AFE O RAFS
FSREA

Then you just combine the lines and get WLFBKTAFE O RAFSFSREA. Or you can use this JavaScript-based tool and speed things up quite a bit. There is another site with more of a description and another encoder.

Rails: – The number of rows, which determines the height of the waves.

Offset: – Instead of starting on the top rail and working down, you can start on any rail and move up or down depending on where you place the offset. Should be less than (rail * 2 - 1).

Show the rails

This is your encoded or decoded text. It may be hard to see spaces at the beginning, end, or two in a row. Be careful when copying encrypted text and make sure that it will decrypt to the message properly.

Bruteforce: Reverse:

Rotate

 

This cipher is pretty simple. Basically, you would write all of the letters in a grid, then rotate the grid 90° and read the characters back out. I first heard of this method when Mike posted to the Kryptos Group mailing list. I liked the method and decided to write up a neat little encoder. It was used to decode K3. I can insert the first half for you, then you just copy the decoded text back into the text area above and change the column width to 8 in order to see the secret message.

Spaces are rotated with the letters, enters (newlines) are not. Extra 'X' letters will be added if the number of columns does not divide evenly into the text length.

Box width:

This is your encoded or decoded text:

Skip

 

Ok, I admit that I don't know of an "official" name for this algorithm. I did hear that it is the same method as what a scytale employs. Basically, if you are given the encrypted text, you start at a given letter and then count N letters (wrapping around from the end to the beginning) forward to the next letter. It can be used for the third part of the Kryptos statue. I can also pre-load the K3 information for you.

If you do use this for decoding the Kryptos, you will see that you need to just count every 192^nd letter. Additionally, I have made 5 characters lowercase: The "s" and the "l" are the first two characters, in case you wanted to count by hand. The "y", "a", and "r" are the three letters that are offset from the rest of the text.

Spaces are NOT ignored and will be moved around appropriately as though they were letters. Newlines (enters / returns) will be ignored.

Bypass the first X letters: (0 = start with the first letter, 1 = start with the second letter, ...)

Skip: (When pressed, the next valid number is used - Show all skip possibilities in a new window.)

Substitution

 

A substitution cipher is a pretty basic type of code. You replace every letter with a drawing, color, picture, number, symbol, or another type of letter. This means, if you have your first "E" encoded as a square, all of your other "E"s in the message will also be squares.

KeyboardShift: GoldenBug: Spirit DVD code: Querty to Dvorak: Dvorak to Querty: Querty to Colemak: Colemak to Querty: 1337-sp3ak: Code 39 (aka barcode): Stasi Vernam Tapir: Planet substitution:

Vigenere cipher (Use Cryptool)

 

Or http://smurfoncrack.com/pygenere/index.php
Or http://rumkin.com/tools/cipher/vigenere.php (try as passphrase: password)
Or http://sharkysoft.com/vigenere/

If you manually want to determine/bruteforce keys:

1. Step 1: Determine keysize
2. Step 2: Guessing the Most Probable Key #1
   Step 2: Guessing the Most Probable Key #2
3. Step 3: Trying key variations

A 16^th century French diplomat, Blaise de Vigenere, created a very simple cipher that is moderately difficult for any unintended parties to decipher. It is somewhat like a variable Caesar cipher, but the N changed with every letter. You would "encode" your message with a passphrase, and the letters of your passphrase would determine how each letter in the message would be encrypted.

This is the exact opposite of a "Variant Beaufort." To do the variant, just "decode" your plain text to get the cipher text and "encode" the cipher text to get the plain text again.

If you wanted even more security, you can use two passphrases to create a keyed Vigenere cipher, just like the one that stumped cryptologists for years. Again, a pretty simple trick, but it can ensure that your message is even harder to crack.

Despite its simplicity, the Vigenere cipher is capable of producing 100% crack-proof ciphers, when used correctly. To generate an uncrackable message, you must:

1. Remove all unencryptable signals from the message. (For example, remove spaces and punctuation marks, and use only upper case letters.)
2. Pad the message with random characters (to conceal the original message's length).
3. Use a secret key that comprises only random characters.
4. Use a secret key that is at least as long as the message.
5. Protect the secret key.
6. Never use the secret key again.

Unfortunately, these steps take all the fun out of using a Vigenere cipher. This is because most people prefer to use keys that are derived from words or phrases (violating rule 3). They also choose keys that are significantly shorter than the messages they encrypt (violating rule 4), so that repetition of the secret key is required (violating rule 6). Later, they reuse those already-feeble keys to encrypt other messages (again violating rule 6).

Recently, a judge created his own "Smithy Code" in a legal document, but some errors were made. You can see what people consider to be the correct code with the fixes in upper case.

Passphrase:

This is your encoded or decoded text:

Vigenere Online bruteforce for lengths 2-11 (inclusive) (60seconds)

Web Application specific

 

.NET ViewState Byte Sequences

Byte(s)	Explanation
0x02 [...]	Unsigned integer, compose value from 7 bits of each following byte until leading 8th bit equals 0.
	0x0201 == 00000010 00000001 == 1
	0x027f == 00000010 01111111 == 127
	0x028101 == 00000010 10000001 00000001 == 1 + (1 << 7) == 129
	0x02a1b22a == 00000010 10100001 10110010 00101010 == 33 + (98 << 7) + (42 << 14) == 44052769
0x03 [length] [...]	Container of [length] Booleans
0x05 [length] [...]	String, a container of [length] bytes
0x09	RGBA component
0x0B [...] 0x00	String, usually NULL-terminated, i.e. read bytes until 0x00.
0x0f	Pair (tuple of two objects)
0x10	Triplet (tuple of three objects)
0x15 [length]	Array of strings
0x16 [length]	Container of objects
0x18	Control state
0x1b [12 bytes]	Unit
0x1e [length] [...]	String (identical to 0x05)
0x1f [number]	String reference
0x24 [36 bytes]	UUID
0x64	empty node
0x65	empty string
0x66	Number 0
0x67	Boolean true
0x68	Boolean false
0xff01	ViewState preamble
Notes	The number of elements in a container is defined by [length], which is one or more bytes interpreted as a number in the manner of 0x02.
	A container may be empty, i.e. [length] is 0x00.

NetScaler cookie: IBM WebSphere: Html decode

XOR

 

Exclusive disjunction or exclusive or is a logical operation that outputs true only when both inputs differ (one is true, the other is false). It gains the name "exclusive or" because the meaning of "or" is ambiguous when both operands are true; exclusive or excludes that case. This is sometimes thought of as "one or the other but not both". This could be written as "A or B but not A and B".

Parameter	String?		Value
Input
XOR input (pad)
XOR input (repeat)
ADD input (repeat)
Result (hex.)		0x
Result (string)

Optical recognition

 

High tech optical recognition is best performed by humans. I'll let you do the work...
The cipher name is the image name