- Autokey cipher
An autokey cipher (also known as the autoclave cipher) is a
cipherwhich incorporates the message (the plaintext) into the key. There are two forms of autokey cipher: "key autokey" and "text autokey" ciphers. A key-autokey cipher uses previous members of the keystreamto determine the next element in the keystream. A text-autokey uses the previous message text to determine the next element in the keystream.
In modern cryptography, self-synchronizing
stream ciphers are autokey ciphers.
The first autokey cipher was invented by
Girolamo Cardano, and contained a fatal defect that made it useless. A number of attempts were made by other cryptographers to produce a system that was not trivial to break. Eventually one was invented in 1564 by Giovan Battista Bellasousing a “reciprocal table” with five alphabets of his invention and another form was described in 1586 by Blaise de Vigenèrewith a similar reciprocal table of ten alphabets. One popular form of autokey starts with a tabula recta, a square with 26 copies of the alphabet, the first line starting with 'A', the next line starting with 'B', etc., like the one above. In order to encrypt a plaintext, one locates the row with the first letter to be encrypted, and the column with the first letter of the key. The letter where the line and column cross is the ciphertext letter. Giovan Battista Bellasoused the first letter of each word as a primer to start his text autokey. Blaise de Vigenèreused as a primer an agreed-upon single letter of the alphabet.
The autokey cipher as used by the members of the
American Cryptogram Associationis in the way the key is generated. It starts with a relatively short keyword, and appends the message to it. So if the keyword is "QUEENLY", and the message is "ATTACK AT DAWN", the key would be "QUEENLYATTACKATDAWN".
Plaintext: ATTACK AT DAWN... Key: QUEENL YA TTACK AT DAWN.... Ciphertext: QNXEPV YT WTWP...
The ciphertext message would therefore be "QNXEPVYTWTWP".
Using an example message "meet at the fountain" encrypted with the keyword "KILT":
plaintext: MEETATTHEFOUNTAIN (unknown) key: KILTMEETATTHEFOUN (unknown) ciphertext: WMPMMXXAEYHBRYOCA (known)
We try common words,
bigrams, trigrams etc. in all possible positions in the key. For example, "THE":
ciphertext: WMP MMX XAE YHB RYO CA key: THE THE THE THE THE .. plaintext: DFL TFT ETA FAX YRK .. ciphertext: W MPM MXX AEY HBR YOC A key: . THE THE THE THE THE . plaintext: . TII TQT HXU OUN FHY . ciphertext: WM PMM XXA EYH BRY OCA key: .. THE THE THE THE THE plaintext: .. WFI EQW LRD IKU VVW
We sort the plaintext fragments in order of likelihood:
unlikely <------------------> promising EQW DFL TFT ... ... ... ... ETA OUN FAX
We know that a correct plaintext fragment will also appear in the key, shifted right by the length of the keyword. Similarly our guessed key fragment ("THE") will also appear in the plaintext shifted left. So by guessing keyword lengths (probably between 3 and 12) we can reveal more plaintext and key.
Trying this with "OUN" (possibly after wasting some time with the others):
shift by 4: ciphertext: WMPMMXXAEYHBRYOCA key: ......ETA.THE.OUN plaintext: ......THE.OUN.AIN by 5: ciphertext: WMPMMXXAEYHBRYOCA key: .....EQW..THE..OU plaintext: .....THE..OUN..OG by 6: ciphertext: WMPMMXXAEYHBRYOCA key: ....TQT...THE...O plaintext: ....THE...OUN...M
We see that a shift of 4 looks good (both of the others have unlikely Qs), so we shift the revealed "ETA" back by 4 into the plaintext:
ciphertext: WMPMMXXAEYHBRYOCA key: ..LTM.ETA.THE.OUN plaintext: ..ETA.THE.OUN.AIN
We have a lot to work with now. The keyword is probably 4 characters long ("..LT"), and we have some of the message:
Because our plaintext guesses have an effect on the key 4 characters to the left, we get feedback on correct/incorrect guesses, so we can quickly fill in the gaps:
The ease of cryptanalysis is thanks to the feedback from the relationship between plaintext and key. A 3-character guess reveals 6 more characters, which then reveal further characters, creating a cascade effect, allowing us to rule out incorrect guesses quickly.
Autokey in modern ciphers
Modern autokey ciphers use very different encryption methods, but they follow the same approach of using either key bytes or plaintext bytes to generate more key bytes. Most modern
stream ciphers are based on pseudorandom number generators: the key is used to initialize the generator, and either key bytes or plaintext bytes are fed back into the generator to produce more bytes.
stream ciphers are said to be "self-synchronizing", because the next key byte usually depends only on the previous N bytes of the message. If a byte in the message is lost or corrupted, therefore, the key-stream will also be corrupted--but only until N bytes have been processed. At that point the keystream goes back to normal, and the rest of the message will decrypt correctly.
*Bellaso, Giovan Battista, "Il vero modo di scrivere in cifra con facilità, prestezza, et securezza di Misser Giovan Battista Bellaso, gentil’huomo bresciano", Iacobo Britannico, Bressa 1564.
*Vigenère, Blaise de, "Traicté des chiffres ou secrètes manières d’escrire", Abel l’Angelier, Paris 1586. ff. 46r-49v.
*LABRONICUS (Buonafalce, A), "Early Forms of the Porta Table", “The Cryptogram”, vol. LX n. 2, Wilbraham 1994.
*Buonafalce, Augusto, "Bellaso’s Reciprocal Ciphers", “Cryptologia” 30 (1):39-51, 2006.
*LABRONICUS (Buonafalce, A), "Vigenère and Autokey. An Update", “The Cryptogram”, vol. LXXIV n. 3, Plano 2008.
Wikimedia Foundation. 2010.
Look at other dictionaries:
autokey cipher — ˈ ̷ ̷ ̷ ̷ at auto I+ˌ ̷ ̷ noun Etymology: aut + key : a cipher in which each letter serves as key for the next letter or for one at a constant interval … Useful english dictionary
Cipher — For other uses, see Cipher (disambiguation). Edward Larsson s rune cipher resembling that found on the Kensington Runestone. Also includes runically unrelated blackletter writing style and pigpen cipher. In cryptography, a cipher (or cypher) is… … Wikipedia
Vigenère cipher — The Vigenère cipher is a method of encrypting alphabetic text by using a series of different Caesar ciphers based on the letters of a keyword. It is a simple form of polyalphabetic substitution.The Vigenère (pronEng|ˌviːdʒɪˈnɛəɹ, veedj ih nair )… … Wikipedia
Substitution cipher — In cryptography, a substitution cipher is a method of encryption by which units of plaintext are replaced with ciphertext according to a regular system; the units may be single letters (the most common), pairs of letters, triplets of letters,… … Wikipedia
National Cipher Challenge — The National Cipher Challenge is an annual cryptographic competition organised by the University of Southampton School of Mathematics. Competitors attempt to break cryptograms published on the competition website. In the 2007/08 challenge, 1301… … Wikipedia
autoclave cipher — noun Etymology: aut + clave (from Latin clavis key) more at clavicle : autokey cipher … Useful english dictionary
Caesar cipher — The action of a Caesar cipher is to replace each plaintext letter with one fixed number of places down the alphabet. This example is with a shift of three, so that a B in the p … Wikipedia
Classical cipher — A cipher is a means of concealing a message, where letters of the message are substituted or transposed for other letters, letter pairs, and sometimes for many letters. In cryptography, a classical cipher is a type of cipher that was used… … Wikipedia
Transposition cipher — In cryptography, a transposition cipher is a method of encryption by which the positions held by units of plaintext (which are commonly characters or groups of characters) are shifted according to a regular system, so that the ciphertext… … Wikipedia
Stream cipher — The operation of the keystream generator in A5/1, a LFSR based stream cipher used to encrypt mobile phone conversations. In cryptography, a stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher… … Wikipedia