Vigenère Cipher

A polyalphabetic substitution cipher that uses a repeating keyword to change the shift per letter.

Family: Polyalphabetic substitution Era: 1500s–1800s (popularized in Renaissance Europe) Strength: Weak (by modern standards)

Try in Encoder / Decoder → Try in Breaker → Open Tools →

History & context

The Vigenère cipher is a classical cipher designed to defeat simple frequency analysis. Instead of using one fixed substitution alphabet (like Caesar), it uses many—changing the Caesar shift with each character based on a keyword. It was historically considered strong enough to earn the nickname “le chiffre indéchiffrable” (“the indecipherable cipher”). However, it is breakable with classical methods once you have enough ciphertext. Key breakthroughs include the Kasiski examination and the index of coincidence, which let an attacker estimate the key length and then reduce the problem to multiple Caesar ciphers.

How Vigenère Cipher works

Write the keyword repeatedly under the plaintext. Convert letters to indices (A=0..Z=25). To encode: C[i] = (P[i] + K[i]) mod 26. To decode: P[i] = (C[i] - K[i]) mod 26. Many implementations advance the keyword only when a plaintext/ciphertext letter is processed (skipping spaces/punctuation). This matters a lot when you’re trying to break a real puzzle—keyword alignment changes the result.

Core rules

Keyword letters map to shifts (A=0, B=1, …, Z=25).
Keyword repeats to match message length (unless using a non-repeating variant).
Non-letters may be left unchanged and may or may not advance the key depending on implementation.
Case handling varies (some tools preserve case, others normalize).
If the key is length 1, Vigenère reduces to Caesar.

Worked example

Plaintext: ATTACKATDAWN Keyword: LEMONLEMONLE Indices: L=11 E=4 M=12 O=14 N=13 ... Ciphertext: LXFOPVEFRNHR One character shown: A(0) + L(11) = 11 → L T(19) + E(4) = 23 → X

How to encode / decode

Step-by-step

Choose a keyword (letters only is safest).
Normalize text and key consistently (uppercase/lowercase).
Repeat the keyword to align with the message’s letters.
For each letter, apply the key letter’s Caesar shift.
Keep punctuation/spaces unchanged unless using a stripped variant.

💡 Tip: Security depends heavily on key length and repetition. Short repeating keys create patterns that attackers exploit. If you’re solving puzzles, short keys are *more common* than long random keys.

How to break a Vigenère Cipher

Breaking Vigenère typically follows a structured workflow: 1) Estimate the key length. 2) Split the ciphertext into key-length columns. 3) Solve each column as a Caesar cipher. 4) Rebuild the keyword and decrypt. Two classic tools are Kasiski examination (find repeated chunks and factor spacings) and the index of coincidence (measure how English-like each column is).

Practical checklist

Look for repeated sequences (3–5 letters) and record distances between repeats (Kasiski).
Compute IoC for candidate key lengths and prefer those whose column IoCs look English-like.
For each key position: treat letters at i, i+L, i+2L… as a Caesar cipher and solve via frequency scoring.
Combine the best shifts to produce the keyword, then decrypt and sanity-check.
If results are close-but-wrong: try nearby key lengths, handle punctuation alignment differences, or test alternate scoring.

What frequency looks like

Vigenère ‘smears’ frequency across multiple alphabets. Overall ciphertext frequency looks flatter than Caesar, but not fully random unless the key is long and non-repeating. The breakthrough is column analysis: If the key length is L, then every Lth letter was encrypted with the same shift. Each column is a Caesar cipher, so each column’s letter frequency resembles shifted English. This is why IoC and frequency analysis still work—just after splitting.

Signals to look for:

Overall frequency is flatter than Caesar, but still not random for short keys.
Repeated trigrams/tetragrams often reappear because the same key alignment repeats.
IoC for the full ciphertext is between English and random; IoC per correct column is close to English.
If you guess the right key length, column frequency peaks become obvious and Caesar scoring works well.

Mini example

If you test key length L=5: Split ciphertext into 5 columns by position mod 5. Compute IoC for each column. If average IoC is close to English (~0.066), L is plausible. Then solve each column as Caesar by testing shifts that maximize English frequency similarity.

Common mistakes

Key alignment mismatch: does the key advance over punctuation/spaces or only over letters?
Using too small a ciphertext sample: short text makes key-length estimation noisy.
Assuming the key is a dictionary word (often yes in puzzles, not always).
Forgetting that key length candidates can be multiples of the true length (e.g., 10 when true length is 5).
Over-trusting a single technique—best results come from combining Kasiski + IoC + scoring.

Variants

Autokey Vigenère (key is seeded then continues with plaintext).
Beaufort cipher (a related polyalphabetic cipher with different arithmetic).
Gronsfeld cipher (numeric key, effectively Vigenère with digits).
Running-key cipher (key is a long text like a book; much harder if truly non-repeating).

Practice

Practice breaking by starting with known small key lengths (3–6), then increase difficulty by hiding punctuation handling and using longer ciphertexts.

Try these prompts

Encrypt a paragraph with keyword LEMON and try to recover the key from ciphertext only.
Take a Vigenère ciphertext and compute IoC for key lengths 1–12; pick the top candidates.
Try Kasiski: find repeated 3–5 letter sequences and factor their spacing distances.
Break Vigenère where key advances only on letters (ignore punctuation).

FAQ

Why does Vigenère defeat simple frequency analysis?

Because the same plaintext letter can encrypt to different ciphertext letters depending on the keyword position, flattening overall frequency.

How do I estimate the key length?

Use Kasiski examination (repeat distances) and/or index of coincidence scanning across candidate lengths.

What if my decrypted text is almost readable but slightly wrong?

You may have the wrong key length (often a multiple), wrong punctuation/key-advance behavior, or one column shift mis-guessed.

Does Vigenère encrypt spaces?

Usually no. Many implementations leave spaces/punctuation unchanged and do not advance the key for them—but some variants do.

Is Vigenère secure today?

No. It’s breakable with classical methods given enough ciphertext, and it’s not used for real security.