Vigenere Cipher Decoder & Encoder

What Is the Vigenere Cipher?

The Vigenere cipher is a polyalphabetic substitution cipher that encrypts each letter with a Caesar shift chosen by a repeating keyword. With the key KEY, the shifts repeat as K=10, E=4, Y=24, K=10, and so on. Because the shift changes by position, the same plaintext letter can become different ciphertext letters in the same message.

The method commonly called Vigenere was actually described by the Italian cryptographer Giovan Battista Bellaso in 1553, who built on the polyalphabetic disk of Leon Battista Alberti and the tabula recta of Johannes Trithemius. The 19th century mistakenly attributed the cipher to the French diplomat Blaise de Vigenere (1523-1596), and the name stuck even though Vigenere's own contribution was a stronger autokey variant.

For roughly three hundred years the cipher was known as le chiffre indéchiffrable — the indecipherable cipher — because its repeating key hides the simple letter-frequency pattern that breaks monoalphabetic ciphers. That reputation finally collapsed in the 19th century. The Prussian infantry officer Friedrich Kasiski published the first widely known general attack in his 1863 book Die Geheimschriften und die Dechiffrir-Kunst, showing how repeated ciphertext fragments betray the key length. The English polymath Charles Babbage had almost certainly broken Vigenere even earlier, around the 1850s, but never published his method, so credit for the attack went to Kasiski.

How the Vigenere Cipher Works

Encryption Formula

For each plaintext letter at position i:

Cᵢ = (Pᵢ + Kᵢ) mod 26

Pᵢ is the plaintext letter value (A=0, B=1, ... Z=25), and Kᵢ is the matching keyword letter value.

Decryption Formula

Pᵢ = (Cᵢ - Kᵢ + 26) mod 26

Quick Example

Encrypt ATTACK AT DAWN with the key LEMON:

Plaintext: A T T A C K   A T   D A W N
Key:       L E M O N L   E M   O N L E
Cipher:    L X F O P V   E F   R N H R

Result: ATTACK AT DAWN -> LXFOPV EF RNHR

The two T letters encrypt to X and F because they align with different key letters. That position-dependent substitution is the core idea of Vigenere.

Tabula Recta, Vigenere Square, and Vigenere Table

The tabula recta, Vigenere square, and Vigenere table are names for the same 26x26 lookup grid of shifted alphabets. One common orientation is:

1. Use the key letter as the row.
2. Use the plaintext letter as the column.
3. Read the ciphertext at the intersection.

Some books swap row and column labels. For standard Vigenere encryption the result is the same, but decryption instructions depend on the orientation. Use the interactive Vigenere table to trace both directions visually.

Vigenere vs Caesar Cipher

A Vigenere key with one letter is just a Caesar cipher shift. A longer repeating key is what spreads letter frequencies across several shifted alphabets.

Why Vigenere Is Stronger Than Caesar

The Caesar cipher fails to a simple attack: because every letter uses the same shift, the most common ciphertext letter almost always corresponds to plaintext E, and the full frequency profile of the ciphertext is just the English profile rotated by the key. An attacker can read the shift straight off a frequency chart, or simply try all 26 possibilities.

Vigenere defeats that attack by being several Caesar ciphers in rotation. With a key of length n, the first letter, the (n+1)th letter, the (2n+1)th letter, and so on all share one shift, but the neighboring positions use different shifts. Each plaintext E therefore lands on a different ciphertext letter depending on where it sits in the key cycle. The peaks and valleys of English frequency get smeared across n separate alphabets, so a frequency chart of the whole ciphertext looks much flatter and far less like English. The longer and more varied the key, the more thoroughly the single-alphabet signal is erased — which is exactly why simple frequency analysis cannot break Vigenere directly, and why an attacker must first recover the key length to peel the cipher back into its underlying Caesar columns.

Security and Weaknesses of the Vigenere Cipher

Despite its three-century reputation, the Vigenere cipher is not secure by any modern standard, and it should never be used to protect real information.

• The repeating key is the fatal flaw. Reusing the keyword imposes a period on the ciphertext. That periodicity is precisely what Kasiski examination and the Index of Coincidence detect, and once the key length is known the cipher collapses into independently solvable Caesar columns.
• Short keys are very weak. The shorter the key relative to the message, the stronger the periodic pattern and the easier the attack. A one-letter key is just a Caesar cipher; even a short word offers little protection against an automated solver.
• Long ciphertext helps the attacker. Statistical attacks need data. The more ciphertext available under one key, the more reliable the key-length estimate and the column frequency analysis become.

Relationship to the One-Time Pad

The Vigenere cipher becomes genuinely unbreakable only in one extreme case. If the key is truly random, at least as long as the message, and never reused, then it is no longer a repeating-key Vigenere cipher — it is a one-time pad, which offers perfect secrecy. With no repetition there is no period for Kasiski examination to find, and every possible plaintext of the right length is equally consistent with the ciphertext. In other words, the one-time pad is the limiting case of Vigenere with an infinitely long, random, single-use key. What makes everyday Vigenere breakable is exactly the gap between that ideal and a short, repeating, word-based key.

How to Recognize Vigenere Ciphertext

Vigenere ciphertext often has these signs:

• Mostly alphabetic text. Spaces and punctuation may be preserved, especially in classroom or puzzle examples.
• Flattened letter frequencies. The distribution looks less like ordinary English than Caesar ciphertext, but not as uniform as random text.
• Intermediate Index of Coincidence. English Vigenere ciphertext often has an IC between random text and normal English, commonly around 0.04 to 0.05 depending on key length.
• Repeated fragments at related distances. Repeated trigrams or longer sequences whose spacings share factors can reveal likely key lengths through Kasiski examination.

The Cipher Identifier uses these signals to help recognize Vigenere-style ciphertext and estimate a likely key length.

How to Break the Vigenere Cipher

For three centuries the Vigenere cipher resisted analysis because the repeating key flattens the letter frequencies that expose simple substitution ciphers. The breakthrough was realizing that a Vigenere cipher is not one cipher but several Caesar ciphers interleaved together. If you can recover the key length, you can split the ciphertext into separate columns, each enciphered with a single Caesar shift, and solve each one independently. Modern cryptanalysis of Vigenere follows three classic steps.

Step 1: Kasiski Examination

The Kasiski examination, published by Friedrich Kasiski in 1863, finds the key length by looking for repeated sequences in the ciphertext. When a repeated word in the plaintext happens to line up with the same part of the key, it produces an identical ciphertext fragment. The distance between two such repeats is therefore a multiple of the key length.

To run a Kasiski examination, scan the ciphertext for repeated trigrams or longer sequences, measure the gap between each pair of occurrences, and factor those gaps. A factor that appears across many of the gaps — for example 3, 5, or 6 — is a strong candidate for the key length. Spurious repeats produce random spacings, so the true key length stands out as the most common shared factor.

Step 2: Index of Coincidence and the Friedman Test

The Index of Coincidence (IC) measures how likely it is that two letters drawn at random from a text are the same. Ordinary English has an IC of about 0.067, while uniformly random text sits near 0.038. Vigenere ciphertext falls in between, and the longer the key, the closer it drifts toward random.

The Friedman test turns this observation into an estimate of key length: it compares the IC of the whole ciphertext against the known IC values of English and random text. A more reliable variation splits the ciphertext into candidate column groups for each possible key length, then measures the average IC inside those columns. When the columns are split at the correct key length, each column is a single Caesar shift, so its IC jumps back up toward the 0.067 of natural English. The key length whose columns show the highest average IC is the best estimate. Used together, Kasiski examination and the Index of Coincidence usually agree on the key length and cross-check each other.

Step 3: Frequency Analysis of Each Column

Once the key length n is known, write the ciphertext into n columns: column 1 holds letters 1, n+1, 2n+1, and so on. Every letter in a single column was enciphered with the same key letter, which means each column is just a Caesar cipher.

Now apply ordinary frequency analysis to each column. For each of the 26 possible shifts, undo the shift and compare the resulting letter distribution against standard English frequencies — chi-squared scoring or a simple frequency match works well. The shift that best matches English reveals the key letter for that column. Repeat for all n columns and you have recovered the full keyword; decrypting the message is then trivial.

Doing all of this by hand is slow. The Vigenere decoder and solver automates every step: it runs Kasiski examination, computes the Index of Coincidence for candidate key lengths, performs column-by-column frequency analysis, and ranks the most likely keys and plaintexts for you.

Vigenere Cipher in Python, Java, and JavaScript

The core implementation is small: cycle through the keyword, add the key shift for encryption, and subtract it for decryption. These examples preserve case and leave nonletters unchanged.

Python

def vigenere_encrypt(text: str, key: str) -> str:
    key = key.upper()
    out, j = [], 0
    for ch in text:
        if ch.isalpha():
            base = 65 if ch.isupper() else 97
            shift = ord(key[j % len(key)]) - 65
            out.append(chr((ord(ch) - base + shift) % 26 + base))
            j += 1
        else:
            out.append(ch)
    return "".join(out)

Java

static String vigenereEncrypt(String text, String key) {
    key = key.toUpperCase();
    StringBuilder out = new StringBuilder();
    int j = 0;
    for (char ch : text.toCharArray()) {
        if (Character.isLetter(ch)) {
            int base = Character.isUpperCase(ch) ? 'A' : 'a';
            int shift = key.charAt(j % key.length()) - 'A';
            out.append((char) ((ch - base + shift) % 26 + base));
            j++;
        } else {
            out.append(ch);
        }
    }
    return out.toString();
}

JavaScript

function vigenereEncrypt(text, key) {
  key = key.toUpperCase();
  let out = "", j = 0;
  for (const ch of text) {
    if (/[a-zA-Z]/.test(ch)) {
      const base = ch >= "a" ? 97 : 65;
      const shift = key.charCodeAt(j % key.length) - 65;
      out += String.fromCharCode((ch.charCodeAt(0) - base + shift) % 26 + base);
      j++;
    } else {
      out += ch;
    }
  }
  return out;
}

To decrypt, subtract the shift: (value - shift + 26) % 26.

How to Pronounce "Vigenere"

In English, Vigenere is commonly pronounced /ˌviːʒəˈnɛər/, roughly vee-zhuh-NAIR. The name comes from Blaise de Vigenere (1523-1596), a French diplomat and cryptographer.

On this site, the English pages use the plain ASCII spelling Vigenere for consistency with search queries, URLs, and tool labels.

Where Vigenere Still Appears

• CTF and puzzle hunts: solvers must identify the cipher, find the key length, and recover the key.
• Escape rooms: the separate keyword makes clue design flexible.
• Cryptography courses: it demonstrates polyalphabetic substitution, key repetition, Kasiski examination, and the Index of Coincidence.
• Pop culture: shows and games use it because it is recognizable yet still solvable by hand.
• Historical study: it explains why stronger statistical methods were needed after simple substitution ciphers.

Related Polyalphabetic Ciphers

• Beaufort Cipher — A reciprocal variant where encryption and decryption use the same operation.
• Autokey Cipher — Extends the key with plaintext instead of repeating only the primer.
• Gronsfeld Cipher — A Vigenere variant with numeric key digits from 0 to 9.
• Running Key Cipher — Uses a long text passage as the key.
• Trithemius Cipher — Uses a fixed progressive shift instead of a secret repeating keyword.
• Porta Cipher — A reciprocal polyalphabetic cipher based on paired alphabets.
• Quagmire Cipher — Combines mixed alphabets with Vigenere-style shifting.
• Alberti Cipher — An early polyalphabetic disk cipher that predates Bellaso and Vigenere.

Further Reading

• Vigenere decoder and solver — Decrypt with a known key or analyze ciphertext without one
• Vigenere examples and tutorials — Work through short examples and decrypt examples
• Vigenere table — Learn the tabula recta row and column orientation
• Breaking the Vigenere Cipher: Kasiski Examination & Index of Coincidence — A deeper cryptanalysis walkthrough