canada-dark-flag

Privacy Canada is community-supported. We may earn a commission when make a purchase through one of our links. Learn more.

How to Identify an Unknown Cipher

author-image
Ludovic Rembert
Last Updated on July 29, 2024
unknown cipher

Imagine yourself in a situation where you have an encrypted message, and you want to find out the original message. You don’t know the algorithm used, nor do you know the key involved.

How are you going to go about decrypting the message?

What steps should you take to make headway? First, you need to know about the main types of ciphers in use, so you can have a shot at decrypting the message!

Cipher Algorithms


Today, many classes of ciphers exist which vary in complexity and utility. Regardless of the type of cipher, they each have the same goal—create an encrypted message that can be translated back into its original message when the key and cipher used are known.

The following is a list of ciphers with a basic synopsis of each.

Monoalphabetic Substitution Ciphers

Here, each letter in the original message is replaced by a different letter. Many types of monoalphabetic substitution ciphers differ in how the substitution is performed.

Some examples include the Caesar cipher, the affine cipher, the Baconian cipher, and the trithemius cipher.  

Transposition Ciphers

As a basic cipher, transposition ciphers simply modify the position of the characters in a string. The original message is jumbled, but its composition has not changed. Examples include Columnar Transposition and route ciphers.

Polyalphabetic Ciphers

These ciphers substitute characters based on their position in a string. The ciphers may use different alphabets. Examples of polyalphabetic ciphers include the Vigenère cipher, Beaufort cipher, and the Autokey cipher.

Polygraphic Substitution Ciphers

Encrypted Emails

These ciphers substitute blocks of characters with a unique block of characters. The substitution can be achieved through various algorithms.

Examples of polyalphabetic ciphers include the Hill cipher and the Playfair cipher.

It’s clear that there are several classes of ciphers. Within each group of ciphers, several ciphers use different algorithms to achieve the end goal.

As there are a lot of ciphers, how can you know what kind of cipher was used to encrypt a message?

Luckily, there are hints you can find when analyzing an encrypted message. However, the downfall is you likely need a significant amount of ciphered text to determine. If you only have one message of 10-20 characters, you’ll find it quite difficult to make any progress in deciphering the message.

First Thoughts


ciphered message icon

The first thing to address the number of different characters in the ciphered text. In the Baconian Cipher, the ciphered text is composed of a’s and b’s. In the Polybius square cipher, there are typically 5 or 6 different ciphers.

Lastly, the ADFGVX cipher uses only those 6 characters in the name.

If the ciphered text is more complex, and it has more than 26 characters, the cipher is most likely a homophonic substitution cipher or a code and nomenclator cipher.

Ciphers that have exactly 26 different characters automatically eliminate the possibility of a cipher that utilizes a 5×5 grid. Ciphers that use a 5×5 grid include bifid, foursquare, and Playfair. However, if there are 25 characters, it could be one of the 5×5 grid ciphers.

Potential Steps


One of the best initial steps to take is to note the differences between a cipher that uses transposition and one that doesn’t. In the English language, there is a notable frequency of distribution of letters that cannot be modified by transposition ciphers.

Thus, if a ciphered text looks like it could be an English word, as though a word was jumbled, it’s likely a transposition cipher was used.

Next, you should look for signs of a substitution cipher. To do so, you can use the index of coincidence which measures the similarity of frequency distribution to normal distribution. When you calculate the index, if the value is close to 0.06, it’s likely that a substitution cipher was used.

If the value is significantly lower, a more complex cipher—polyalphabetic or polygraphic— was more likely used.  

Another easy indicator you can check is if there is a periodic incidence of coincidence that has peaks at the keyword length. This is a feature of Beaufort, Vigenère, Porta, and Gronsfeld ciphers.  

Lastly, polygraphic ciphers the length of the ciphered text will always be a multiple of the size of the graph used.

Related Read : A Short List of Classical Ciphers

The Bottom Line


The field of cryptography is fascinating, inspiring, and challenging. While there is obvious complexity in the algorithms and theory, there are also trends and hints left like breadcrumbs. These can then be used to aid decryption and the process of determining the type of cipher.

If you’re interested in cryptography and ciphers, you should also explore the field of digital security and how ciphers aid in privacy. Check out this post on cybersecurity and the lack of skilled cybersecurity professionals.

You Might Also Like
Related posts