Nihilist cipher

Nihilist cipher

In the history of cryptography, the Nihilist cipher is a manually operated symmetric encryption cipher originally used by Russian Nihilists in the 1880s to organize terrorism against the czarist regime. The term is sometimes extended to several improved algorithms used much later for communication by the First Chief Directorate with its spies.



First the encipherer constructs a Polybius square using a mixed alphabet. This is used to convert both the plaintext and a keyword to a series of two digit numbers. These numbers are then added together in the normal way to get the ciphertext, with the key numbers repeated as required.


Consider the Polybius square created using the keyword ZEBRAS:

  1 2 3 4 5
1 Z E B R A
2 S C D F G
3 H I K L M
4 N O P Q T
5 U V W X Y

with a plaintext of "DYNAMITE WINTER PALACE" and a key of RUSSIAN. This expands to:

PT:  23  55   41  15  35  32  45  12  53   32  41  45  12  14  43  15  34  15  22  12
KEY: 14  51   21  21  32  15  41  14  51   21  21  32  15  41  14  51  21  21  32  15
CT:  37  106  62  36  67  47  86  26  104  53  62  77  27  55  57  66  55  36  54  27

Nihilist cryptanalysis

Because each symbol in both plaintext and key is used as a whole number without any fractionation, the basic Nihilist cipher is little more than a numerical version of the Vigenère cipher, with multiple-digit numbers being the enciphered symbols instead of letters. As such, it can be attacked by very similar methods. An additional weakness is that the use of normal addition (instead of modular addition) leaks further information. For example, (assuming a 5 × 5 square) if a ciphertext number is greater than 100 then it is a certainty that both the plaintext and key came from the fifth row of the table.

Later variants or derivatives

During World War II, several Soviet spy rings communicated to Moscow Centre using two ciphers which are essentially evolutionary improvements on the basic Nihilist cipher. A very strong version was used by Max Clausen in Richard Sorge's network in Japan, and by Alexander Foote in the Lucy spy ring in Switzerland. A slightly weaker version was used by the Rote Kapelle network.

In both versions, the plaintext was first converted to digits by use of a straddling checkerboard rather than a Polybius square. This has the advantage of slightly compressing the plaintext, thus raising its unicity distance and also allowing radio operators to complete their transmissions quicker and shut down sooner. Shutting down sooner reduces the risk of the operator being found by enemy radio direction finders. Increasing the unicity distance increases strength against statistical attacks.

Clausen and Foote both wrote their plaintext in English, and memorized the 8 most frequent letters of English (to fill the top row of the checkerboard) through the mnemonic (and slightly menacing) phrase "a sin to err" (dropping the second "r"). The standard English straddling checkerboard has 28 characters and in this cipher these became "full stop" and "numbers shift". Numbers were sent by a numbers shift, followed by the actual plaintext digits in repeated pairs, followed by another shift. Then, similarly to the basic Nihilist, a digital additive was added in, which was called "closing". However a different additive was used each time, so finally a concealed "indicator group" had to be inserted to indicate what additive was used.

Unlike basic Nihilist, the additive was added by non-carrying addition (digit-wise addition modulo 10), thus producing a more uniform output which doesn't leak as much information. More importantly, the additive was generated not through a keyword, but by selecting lines at random from almanacs of industrial statistics. Such books were deemed dull enough to not arouse suspicion if an agent was searched (particularly as the agents' cover stories were as businessmen), and to have such high entropy density as to provide a very secure additive. Of course the figures from such a book are not actually uniformly distributed (there is an excess of "0" and "1" (see Benford's Law), and sequential numbers are likely to be somewhat similar), but nevertheless they have much higher entropy density than passphrases and the like; at any rate, in practice they seem never to have been successfully cryptanalysed.

The weaker version generated the additive from the text of a novel or similar book (at least one Rote Kapelle member actually used The Good Soldier Schweik, which may not have been a good choice if one expected to be searched by Nazis!) This text was converted to a digital additive using a technique similar to a straddling checkerboard.

The ultimate development along these lines was the VIC cipher, used in the 1950s by Reino Häyhänen. By this time, most Soviet agents were instead using one-time pads. However, despite the theoretical perfection of the one-time pad, in practice they were broken, while VIC was not.

See also


  • David Kahn. The Codebreakers. 1968, 1974 edition Redwood Burn Ltd. pp 344, 368.

Wikimedia Foundation. 2010.

Look at other dictionaries:

  • nihilist cipher — noun Usage: usually capitalized N Etymology: nihilist (I); from its use by the Russian nihilists : a substitution method replacing each letter by its row and column numbers in an alphabet square …   Useful english dictionary

  • Nihilist — may refer to: a person who believes human existence has no objective meaning, purpose, or intrinsic value, see nihilism Nihilist movement, a Russian political and cultural movement Nihilist (band), a Swedish death metal band Nihilist, the only… …   Wikipedia

  • VIC cipher — The VIC cipher was a pencil and paper cipher used by the Soviet spy Reino Häyhänen, codenamed VICTOR . FAQ It was arguably the most complex hand operated cipher ever seen, when it was first discovered. The initial analysis done by the NSA in 1953 …   Wikipedia

  • Dorabella Cipher — The text of the Dorabella Cipher, in Elgar s handwriting The Dorabella Cipher is an enciphered letter written by Edward Elgar to Miss Dora Penny, which was accompanied by another dated July 14, 1897. Penny was never able to decipher it and its… …   Wikipedia

  • Substitution cipher — In cryptography, a substitution cipher is a method of encryption by which units of plaintext are replaced with ciphertext according to a regular system; the units may be single letters (the most common), pairs of letters, triplets of letters,… …   Wikipedia

  • Caesar cipher — The action of a Caesar cipher is to replace each plaintext letter with one fixed number of places down the alphabet. This example is with a shift of three, so that a B in the p …   Wikipedia

  • Classical cipher — A cipher is a means of concealing a message, where letters of the message are substituted or transposed for other letters, letter pairs, and sometimes for many letters. In cryptography, a classical cipher is a type of cipher that was used… …   Wikipedia

  • Hill cipher — Hill s cipher machine, from figure 4 of the patent In classical cryptography, the Hill cipher is a polygraphic substitution cipher based on linear algebra. Invented by Lester S. Hill in 1929, it was the first polygraphic cipher in which it was… …   Wikipedia

  • Transposition cipher — In cryptography, a transposition cipher is a method of encryption by which the positions held by units of plaintext (which are commonly characters or groups of characters) are shifted according to a regular system, so that the ciphertext… …   Wikipedia

  • Book cipher — A book cipher is a cipher in which the key is some aspect of a book or other piece of text; books being common and widely available in modern times, users of book ciphers take the position that the details of the key is sufficiently well hidden… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”

We are using cookies for the best presentation of our site. Continuing to use this site, you agree with this.