Classical Cipher Comparison Table
Compare 23 classical ciphers side by side. This reference table covers cipher type, key format, security level, key space size, and best use cases to help you choose the right cipher for your needs.
Full Cipher Comparison
| Cipher | Type | Key Type | Key Space | Security | Year |
|---|---|---|---|---|---|
| Caesar Cipher | Monoalphabetic Substitution | Single integer (1-25) | 25 | Very Weak | ~58 BC |
| ROT13 | Monoalphabetic Substitution | Fixed (shift of 13) | 1 | None (obfuscation only) | 1982 |
| Atbash Cipher | Monoalphabetic Substitution | None (fixed mapping) | 1 | Very Weak | ~500 BC |
| Affine Cipher | Monoalphabetic Substitution | Two integers (a, b) | 312 | Weak | ~1900s |
| Keyword Cipher | Monoalphabetic Substitution | Keyword string | ~2×10²⁶ | Weak | ~1500s |
| Pigpen Cipher | Symbol Substitution | None (fixed grid) | 1 | Very Weak | ~1700s |
| Polybius Square | Fractionation | 5×5 grid arrangement | ~2×10²⁶ | Weak | ~150 BC |
| Vigenère Cipher | Polyalphabetic Substitution | Keyword string | 26ⁿ (n = key length) | Moderate | 1553 |
| Beaufort Cipher | Polyalphabetic Substitution | Keyword string | 26ⁿ (n = key length) | Moderate | ~1857 |
| Autokey Cipher | Polyalphabetic Substitution | Keyword + plaintext extension | 26ⁿ (non-repeating key) | Moderate-Strong | 1586 |
| Trithemius Cipher | Polyalphabetic Substitution | None (auto-incrementing shift) | 1 | Weak | 1508 |
| Gronsfeld Cipher | Polyalphabetic Substitution | Numeric key (digits 0-9) | 10ⁿ (n = key length) | Weak-Moderate | ~1700s |
| Porta Cipher | Polyalphabetic Substitution | Keyword string (13 alphabets) | 13ⁿ (n = key length) | Moderate | 1563 |
| Running Key Cipher | Polyalphabetic Substitution | Book/text passage (same length as message) | Very large (full text) | Moderate-Strong | ~1800s |
| Playfair Cipher | Digraph Substitution | 5×5 keyword matrix | ~2×10²⁶ | Moderate | 1854 |
| Four-Square Cipher | Digraph Substitution | Two 5×5 keyword matrices | (~2×10²⁶)² | Strong (for classical) | 1902 |
| Hill Cipher | Polygraphic Substitution | N×N invertible matrix | Very large (matrix dependent) | Moderate-Strong | 1929 |
| Alberti Disk Cipher | Polyalphabetic Substitution | Disk position + shift schedule | Variable (depends on rotation frequency) | Moderate | 1467 |
| Baconian Cipher | Binary Encoding / Steganography | None (fixed 5-bit encoding) | 1 | Weak (steganographic only) | 1605 |
| Homophonic Cipher | Homophonic Substitution | Multiple symbols per letter | Very large (mapping dependent) | Moderate-Strong | ~1400s |
| Morse Code | Encoding (not encryption) | None (standard mapping) | 1 | None (encoding, not cipher) | 1837 |
| Vernam Cipher (OTP) | Stream Cipher | Random key (same length as message) | 26ⁿ (truly random) | Perfect (information-theoretically secure) | 1917 |
| Straddling Checkerboard | Fractionation | Letter arrangement + row headers | Very large | Moderate | ~1940s |
| Quagmire Cipher | Polyalphabetic Substitution | 1-3 keyword alphabets + indicator | Very large (multiple mixed alphabets) | Strong (for classical) | ~1900s |
Caesar vs ROT13 vs Atbash: Monoalphabetic Comparison
Caesar, ROT13, and Atbash are the simplest substitution ciphers. They all replace each letter with a fixed counterpart, but they differ in how that substitution is determined. The table below shows the same plaintext encrypted under each system.
| Feature | Caesar Cipher | ROT13 | Atbash Cipher |
|---|---|---|---|
| Substitution Rule | Shift each letter forward by k positions | Shift each letter forward by 13 positions | Reverse the alphabet (A↔Z, B↔Y, ...) |
| Key | Integer 1-25 (variable) | None (fixed at 13) | None (fixed reversal) |
| Key Space | 25 | 1 | 1 |
| Self-Inverse? | No (decrypt requires reverse shift) | Yes (apply twice → original) | Yes (apply twice → original) |
| "HELLO" encrypted | KHOOR (shift 3) | URYYB | SVOOL |
| "ATTACK" encrypted | DWWDFN (shift 3) | NGGNPX | ZGGZXP |
| Formula | E(x) = (x + k) mod 26 | E(x) = (x + 13) mod 26 | E(x) = (25 − x) mod 26 |
| Handles Numbers? | Optional (with extended alphabet) | No (letters only; use ROT5 for digits) | No (letters only) |
| Origin | Julius Caesar, ~58 BC | Usenet forums, 1982 | Hebrew scholars, ~500 BC |
| Best Use Case | Teaching encryption fundamentals | Hiding spoilers, casual obfuscation | Historical study and puzzles |
When should you use which?
- Caesar: best for teaching substitution fundamentals and introducing the idea of a secret parameter.
- ROT13: best for quick reversible obfuscation when you do not want to manage a key.
- Atbash: best for historical, literary, and puzzle contexts involving mirrored alphabets.
Vigenère vs Beaufort vs Autokey: Polyalphabetic Comparison
Vigenère, Beaufort, and Autokey are all polyalphabetic ciphers built around a keyword, but they differ in key expansion, reciprocity, and whether they leave repeating-key patterns behind.
| Feature | Vigenère Cipher | Beaufort Cipher | Autokey Cipher |
|---|---|---|---|
| Encryption Formula | C = (P + K) mod 26 | C = (K − P) mod 26 | C = (P + Kᵢ) mod 26 |
| Key Extension | Keyword repeats cyclically | Keyword repeats cyclically | Keyword + plaintext appended as key |
| Self-Reciprocal? | No (decrypt subtracts key) | Yes (same operation encrypts and decrypts) | No (decrypt requires iterative key recovery) |
| Repeating Key Pattern? | Yes — vulnerable to Kasiski | Yes — vulnerable to Kasiski | No — key is non-repeating |
| "HELLO" + key "KEY" | RIJVS | DSJJG | RIJSS |
| "ATTACK" + key "KEY" | KXDKEM | KVFAOQ | KXDKEK |
| Key Derivation | KEY→KEYKE→KEYKEY... | KEY→KEYKE→KEYKEY... | KEY→KEYHE→KEYHELLO... |
| Tabula Recta | Standard (row = key, col = plain) | Reversed (row = key, col = cipher) | Standard (same as Vigenère) |
| Cracking Method | Kasiski + frequency analysis | Same as Vigenère (Kasiski + Friedman) | Known-plaintext attack, statistical methods |
| Security Level | Moderate | Moderate | Moderate-Strong |
| Inventor | Giovan Battista Bellaso (1553), later attributed to Vigenère | Sir Francis Beaufort (~1857) | Blaise de Vigenère (1586) |
When should you use which?
- Vigenère: the standard starting point for learning keyword-based polyalphabetic encryption.
- Beaufort: useful when you want reciprocal encryption and decryption with one operation.
- Autokey: stronger than Vigenère for short messages because it removes the repeating-key pattern.
How do classical ciphers compare in security?
Security levels range from none to perfect. By modern standards, most classical ciphers fall between very weak and moderate, with their main value lying in education, history, and puzzles.
| Security | Ciphers | Main Vulnerability |
|---|---|---|
| Perfect | Vernam (One-Time Pad) | None — unbreakable if used correctly |
| Strong | Four-Square, Quagmire, Homophonic | Extensive cryptanalysis, large known-plaintext needed |
| Moderate | Vigenère, Beaufort, Autokey, Playfair, Hill, Porta, Running Key | Kasiski examination, known-plaintext attacks, pairwise frequency analysis |
| Weak | Affine, Keyword, Gronsfeld, Trithemius, Polybius | Frequency analysis, small key space, predictable patterns |
| Very Weak / None | Caesar, ROT13, Atbash, Pigpen, Morse, Baconian | Brute force in seconds, no secret key, known mapping |
What are the main types of classical ciphers?
Classical ciphers can be grouped by how they transform plaintext. These categories are useful both for choosing a cipher and for deciding how to attack one analytically.
| Cipher Type | How It Works | Examples | Key Weakness |
|---|---|---|---|
| Monoalphabetic Substitution | Each letter always maps to the same ciphertext letter | Caesar, Atbash, Affine, Keyword | Preserves letter frequency — easy to crack with frequency analysis |
| Polyalphabetic Substitution | Uses multiple alphabets cycling by keyword | Vigenère, Beaufort, Autokey, Porta | Repeating keys create detectable patterns |
| Digraph / Polygraphic | Encrypts 2+ letters together as a unit | Playfair, Four-Square, Hill | Digraph or polygraphic frequency analysis |
| Fractionation | Converts letters into numbers or coordinates, then transforms them | Polybius, Straddling Checkerboard | Frequency analysis on coordinate pairs |
| Stream Cipher | Combines plaintext with a keystream one symbol at a time | Vernam (One-Time Pad) | Key management — key must be truly random and never reused |
When were these classical ciphers invented?
Classical ciphers span more than 2,500 years of cryptographic history, from ancient scholars to 20th-century intelligence systems.
| Era | Period | Ciphers Introduced | Key Advance |
|---|---|---|---|
| Ancient | 500 BC – 100 BC | Atbash, Caesar, Polybius | First substitution and fractionation concepts |
| Renaissance | 1400s – 1600s | Alberti, Vigenère, Porta, Trithemius, Autokey, Baconian | Polyalphabetic substitution emerges |
| Industrial | 1700s – 1800s | Playfair, Beaufort, Pigpen, Morse | Digraph encryption and practical field ciphers |
| Modern Classical | 1900s – 1940s | Four-Square, Hill, Vernam, Straddling Checkerboard | Stronger mathematical foundations and provable security |
Best Use Cases by Cipher
| Cipher | Best For | How It Is Cracked |
|---|---|---|
| Caesar Cipher | Education, puzzles, ROT13 | Brute force, frequency analysis |
| ROT13 | Spoiler hiding, casual obfuscation | Apply ROT13 again (self-inverse) |
| Atbash Cipher | Biblical studies, simple encoding | Known pattern, frequency analysis |
| Affine Cipher | Math education, modular arithmetic | Brute force (312 keys), frequency analysis |
| Keyword Cipher | Memorable key encryption | Frequency analysis |
| Pigpen Cipher | Visual encoding, children's games | Known symbol grid |
| Polybius Square | Coordinate-based encoding, telegraphy | Frequency analysis on coordinate pairs |
| Vigenère Cipher | Historical encryption, education | Kasiski examination, Friedman test |
| Beaufort Cipher | Reciprocal encryption (same operation encrypts/decrypts) | Same as Vigenère (Kasiski, Friedman) |
| Autokey Cipher | Improved Vigenère without repeating key | Known-plaintext attack, statistical methods |
| Trithemius Cipher | Historical study, progressive shift concept | Known pattern (predictable shifts) |
| Gronsfeld Cipher | Numeric-key variant of Vigenère | Same as Vigenère with smaller key space |
| Porta Cipher | Self-reciprocal polyalphabetic cipher | Frequency analysis on half-alphabets |
| Running Key Cipher | Long-key encryption using existing text | Statistical analysis, known-book attack |
| Playfair Cipher | Military field use, digraph encryption | Digraph frequency analysis |
| Four-Square Cipher | Dual-key digraph encryption | Extensive digraph frequency analysis |
| Hill Cipher | Mathematical/matrix-based encryption | Known-plaintext attack with linear algebra |
| Alberti Disk Cipher | First polyalphabetic cipher, historical study | Pattern analysis on rotation points |
| Baconian Cipher | Hidden messages in plain text, steganography | Pattern recognition on binary groups |
| Homophonic Cipher | Defeating frequency analysis | Statistical analysis, hill climbing |
| Morse Code | Telegraph communication, emergency signals (SOS) | Standard reference chart |
| Vernam Cipher (OTP) | Provably unbreakable encryption when used correctly | Unbreakable if key is truly random, used once, kept secret |
| Straddling Checkerboard | Compact encoding for spy communications | Frequency analysis on variable-length codes |
| Quagmire Cipher | Advanced polyalphabetic with mixed alphabets | Extensive cryptanalysis, pattern detection |
Frequently Asked Questions
What is the difference between Caesar cipher and Vigenere cipher?
The Caesar cipher uses a single fixed shift value to replace each letter, making it vulnerable to frequency analysis with only 25 possible keys. The Vigenere cipher uses a keyword to apply different shifts to each letter, creating a much larger key space and making it substantially harder to break.
Which classical cipher is the most secure?
The Vernam cipher, or one-time pad, is the only classical cipher with mathematically proven perfect security when used correctly. Among practical classical ciphers, Four-Square and Quagmire are usually considered the strongest because of their larger key spaces and more complex substitution structure.
What is the difference between monoalphabetic and polyalphabetic ciphers?
Monoalphabetic ciphers use one fixed substitution alphabet for the whole message, so letter frequencies remain visible. Polyalphabetic ciphers rotate through multiple alphabets based on a keyword, flattening frequency distributions and making classical frequency analysis much less effective.
Why is ROT13 not considered encryption?
ROT13 is simply a fixed Caesar shift of 13 with no secret key. Because everyone knows the transformation, it provides no real confidentiality and is used only for light obfuscation, such as hiding spoilers.
How do digraph ciphers like Playfair differ from single-letter ciphers?
Single-letter ciphers encrypt one symbol at a time, while digraph ciphers encrypt pairs of letters together. That changes the analysis unit from 26 single letters to 676 possible pairs, which makes direct frequency analysis more difficult.
What is the difference between Caesar, ROT13, and Atbash?
All three are monoalphabetic substitution ciphers. Caesar lets you choose a shift from 1 to 25, ROT13 is the fixed 13-shift special case, and Atbash reverses the alphabet entirely. ROT13 and Atbash are both self-inverse, while a general Caesar cipher is not.
What is the difference between Vigenère, Beaufort, and Autokey ciphers?
Vigenère and Beaufort both repeat a keyword, but they differ in how the key interacts with plaintext. Beaufort is reciprocal, meaning the same operation can encrypt and decrypt. Autokey extends the key with plaintext, removing the repeating-key pattern and making it more resistant to Kasiski-style analysis.