Could you give me examples as the quality of the key for substitution type cryptographies such as Caeaser or Vigenere ciphering?

Posted on 2010-11-30
Last Modified: 2012-05-10
Hi there;

Could you give me examples as the quality of the key for substitution type cryptographies such as Caeaser or Vigenere ciphering?

I mean for Caesar cipher, the key length is 3 or for Vigenere cipher, the key length depends on the input plaintext.

But how can one motivate the key quality of those above?

Best regards.
Question by:jazzIIIlove
  • 3
LVL 61

Expert Comment

ID: 34266889
you may want to check out cryptool that is a free, open-source e-learning application, used worldwide in the implementation and analysis of cryptographic algorithms.  @

There is an online version @

For Caesar cipher, see
For Vigenere cipher, see

Hope it helps
LVL 12

Author Comment

ID: 34271858
This question has the intention to learn your ideas from "quality of a substitution cipher".

Could you tell me your ideas w.r.t. quality of a substitution cipher? Good or bad and why?

Kind regards.
LVL 61

Accepted Solution

btan earned 500 total points
ID: 34272227
I am no crypto expert but rather a user instead. The common one is the Public key infrastructure which uses the private and public key concept that would be robust than substitution ciphering. Similar for the NIST Crypto Suit B that include the well known symmetric AES etc. There is no substitution ciphering.

I am not saying that substitution is bad but rather it is more easily breakable since the key is also ASCII compared to the rest. They are all breakable (just a matter of time and immense patience) but it is the measure of work factor that is based on the key length and block/stream ciphering scheme (e.g. CBC, RC4, etc). There isnt any for substitution cipher but rather the other use it as one of the working blocks as in AES (they called it the S-box). That why perpetrator go for the low hanging like keylogging and dumpster diving for the password.

The deployment need should determine the risk appetite and hence the decision to take up ciphering if need be. For example, if you going for military grade or protecting highly sensitive document, I doubt you will want to use substitution scheme. But simple scheme like substitution or transposition scheme is not deem simple to break either.

Each cipher scheme contributes its own strength, so for substitution cipher I see it as contributing confusion, whereas a transposition, it performs diffusion. As mentioned earlier, the AES algorithm use a combination of relatively simple functions. It does not necessarily guaranteed to result in a unbreakable scheme but it does make it more stronger and complex against cryptanalysis. You can check out this

LVL 61

Assisted Solution

btan earned 500 total points
ID: 34272285
Saw this slides and thought it is useful for this query. Check out section 2.3

Good of substitution (or monoalphabetic) ciphers
- Simple and straightforward process to protect information.
- Minimally needed some effort to solve the puzzle (e.g. cross word puzzle). Sound contradicting but I see it as plus (or good enough) for case merely to confuse and hold time. Especially if the plain words are long and may not be as coherent

Bad of substitution (or monoalphabetic) ciphers
- Short words, words with repeated patterns, and common initial and final letters all give clues for guessing the permutation e.g. their frequency distribution reflects the distribution of the underlying alphabet

Apparently, polyalphabetic substitutions (Vigenere) are apparently more secure than monoalphabetic substitutions. But it is mentioned that the ideal substitution cipher is one-time pad.

Advantage of one-time pad
– perfectly secure
– ciphertext does not reveal any information of the corresponding plaintext

– the need for absolute synchronization between sender and receiver
– the need for an unlimited number of keys

Overall, it may be as good enough for the days of written communication where most common ciphers involved some form or substitution or transposition of alphabetical letters. In the digital age, ciphers changed as it revolves commonly on the two types of algorithms--one using the same key to encrypt and decrypt, and one using different keys to encrypt and decrypt (also known as symmetric and asymmetric key algorithms, respectively).

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now