Could you give me examples as the quality of the key for substitution type cryptographies such as Caeaser or Vigenere ciphering?

Posted on 2010-11-30
Last Modified: 2012-05-10
Hi there;

Could you give me examples as the quality of the key for substitution type cryptographies such as Caeaser or Vigenere ciphering?

I mean for Caesar cipher, the key length is 3 or for Vigenere cipher, the key length depends on the input plaintext.

But how can one motivate the key quality of those above?

Best regards.
Question by:jazzIIIlove
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
LVL 63

Expert Comment

ID: 34266889
you may want to check out cryptool that is a free, open-source e-learning application, used worldwide in the implementation and analysis of cryptographic algorithms.  @

There is an online version @

For Caesar cipher, see
For Vigenere cipher, see

Hope it helps
LVL 12

Author Comment

ID: 34271858
This question has the intention to learn your ideas from "quality of a substitution cipher".

Could you tell me your ideas w.r.t. quality of a substitution cipher? Good or bad and why?

Kind regards.
LVL 63

Accepted Solution

btan earned 500 total points
ID: 34272227
I am no crypto expert but rather a user instead. The common one is the Public key infrastructure which uses the private and public key concept that would be robust than substitution ciphering. Similar for the NIST Crypto Suit B that include the well known symmetric AES etc. There is no substitution ciphering.

I am not saying that substitution is bad but rather it is more easily breakable since the key is also ASCII compared to the rest. They are all breakable (just a matter of time and immense patience) but it is the measure of work factor that is based on the key length and block/stream ciphering scheme (e.g. CBC, RC4, etc). There isnt any for substitution cipher but rather the other use it as one of the working blocks as in AES (they called it the S-box). That why perpetrator go for the low hanging like keylogging and dumpster diving for the password.

The deployment need should determine the risk appetite and hence the decision to take up ciphering if need be. For example, if you going for military grade or protecting highly sensitive document, I doubt you will want to use substitution scheme. But simple scheme like substitution or transposition scheme is not deem simple to break either.

Each cipher scheme contributes its own strength, so for substitution cipher I see it as contributing confusion, whereas a transposition, it performs diffusion. As mentioned earlier, the AES algorithm use a combination of relatively simple functions. It does not necessarily guaranteed to result in a unbreakable scheme but it does make it more stronger and complex against cryptanalysis. You can check out this

LVL 63

Assisted Solution

btan earned 500 total points
ID: 34272285
Saw this slides and thought it is useful for this query. Check out section 2.3

Good of substitution (or monoalphabetic) ciphers
- Simple and straightforward process to protect information.
- Minimally needed some effort to solve the puzzle (e.g. cross word puzzle). Sound contradicting but I see it as plus (or good enough) for case merely to confuse and hold time. Especially if the plain words are long and may not be as coherent

Bad of substitution (or monoalphabetic) ciphers
- Short words, words with repeated patterns, and common initial and final letters all give clues for guessing the permutation e.g. their frequency distribution reflects the distribution of the underlying alphabet

Apparently, polyalphabetic substitutions (Vigenere) are apparently more secure than monoalphabetic substitutions. But it is mentioned that the ideal substitution cipher is one-time pad.

Advantage of one-time pad
– perfectly secure
– ciphertext does not reveal any information of the corresponding plaintext

– the need for absolute synchronization between sender and receiver
– the need for an unlimited number of keys

Overall, it may be as good enough for the days of written communication where most common ciphers involved some form or substitution or transposition of alphabetical letters. In the digital age, ciphers changed as it revolves commonly on the two types of algorithms--one using the same key to encrypt and decrypt, and one using different keys to encrypt and decrypt (also known as symmetric and asymmetric key algorithms, respectively).

Featured Post

Create Professional Looking Email Signatures

Create "Professional HTML Email Signatures" with ease.
7 Day Money Back Guarantee if not 100% Satisfied.
Affordable - Try it out for 7 Days Totally Risk Free.
Installers provided for over 45 Email clients.
Both Windows & MAC Supported.
Highly Recommended!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Sending a Secure fax is easy with eFax Corporate ( First, just open a new email message. In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question