If you're seeing this message, it means we're having trouble loading external resources on our website.

If you're behind a web filter, please make sure that the domains *.kastatic.org and *.kasandbox.org are unblocked.

Main content

The Caesar cipher

The Caesar Cipher, used by Julius Caesar around 58 BC, is a substitution cipher that shifts letters in a message to make it unreadable if intercepted. To decrypt, the receiver reverses the shift. Arab mathematician Al-Kindi broke the Caesar Cipher using frequency analysis, which exploits patterns in letter frequencies. Created by Brit Cruise.

Want to join the conversation?

  • spunky sam blue style avatar for user Michael pignatari
    why would Caesar use ciphers?
    (27 votes)
    Default Khan Academy avatar avatar for user
    • aqualine ultimate style avatar for user Musiclovererer
      Caesar used ciphers so that important information, such as the location of a attack or the date it would be carried out, would be unknown to enemies but know to the rest of his troop. If his messages were ever intercepted, the enemy would't immediately understand what the cipher meant.
      (20 votes)
  • blobby green style avatar for user Aiman Rafeed
    At , what if one uses a 'Random' shift like A is D, D is K.....rather using shift 3 or 4 or anything? Then Frequency fingerprint won't work right?
    (16 votes)
    Default Khan Academy avatar avatar for user
  • blobby green style avatar for user Aayush
    Decoding the Caesar Cipher based on the "fingerprint" requires a large sample space . I mean lets say if the message contains few words or only single word even that frequency distribution wont help in that case ..
    (25 votes)
    Default Khan Academy avatar avatar for user
    • blobby green style avatar for user danny
      To the original question, yes, shorter messages make it harder to detect the frequency distribution, but you'd be surprised how quickly it shows up.
      To Skylear's comment: A Caesar Cipher does have a sample space. The random variable is the number used for the shift. In your example, you encoded JASON IS BLUE using a shift of 2, but 2 could have been 1 or 23 or 14. In fact, it could have been any number from 1 to 26. So the sample space has 26 possibilities (there are 26 different ways to apply a caesar's cipher to the message).
      (12 votes)
  • hopper cool style avatar for user Sven Fulenchek
    So if the shift is 3, wouldnt a Z be a C?
    (7 votes)
    Default Khan Academy avatar avatar for user
  • duskpin ultimate style avatar for user Raveena Weerabahu
    A cipher method I found quite interesting is the "Pig Pen Cipher" which is, according to wikipedia; "a geometric simple substitution cipher which exchanges letters for symbols which are fragments of a grid". I found the basic substitution quite simple but what about Pig Pen Cipher's that contain code words that disrupt the order of letters in the grid?
    (9 votes)
    Default Khan Academy avatar avatar for user
    • aqualine ultimate style avatar for user Bailey B
      I do not quite understand what you are saying, but if you are saying something about cracking the Pig Pen cipher I can give you some advice. If you want to now how the Pig Pen cipher works, skip the next paragraph.

      The Pig Pen cipher is one of the many symbol ciphers, where a symbol is designated to each letter in the alphabet. Now, the Pig Pen cipher is very common code, so many people might know it, but say a random code is made up. You would collect the sample, and analyze it the same way. You would make a chart of the symbol frequency though, and compare each symbols height to a letter.

      If you wanted to know how a Pig Pen cipher works, read below.
      A Pig Pen Cipher is a symbolic cipher, with a different symbol representing each letter of the alphabet. It is a set code, and never changes. The link below shows a chart with each letter in its part of the grid. (Obviously you do not draw the letter in the secret note.)
      (4 votes)
  • primosaur ultimate style avatar for user Josiah Korzan
    How would you find the frequency of an encrypted message?
    (3 votes)
    Default Khan Academy avatar avatar for user
    • purple pi purple style avatar for user APDahlen
      Hello Josiah,

      You could do it manually by printing the note on paper. Then use a scissors to cut the individual letters. Next sort the letters into 26 bins ( a through z). Finally count the number of times each letter occurred.

      Most would argue this is an inefficient way to do the operation but that is what the statistical analysis tells us to do...

      In reality you would uses a computer program to count the number of times a letter occurred. The computer could do the calculation for the entire dictionary in minutes.

      Ref: https://en.wikipedia.org/wiki/Letter_frequency


      (8 votes)
  • blobby green style avatar for user Danielle
    At MEET is encrypted as PHHN. M is shifted "ahead" 3 letters to P, E is shifted "ahead" 3 letters to H (twice over), but then T is encrypted by shifting to the letter that PRECEDES it (by three)... why?
    (5 votes)
    Default Khan Academy avatar avatar for user
  • leaf yellow style avatar for user D
    When did Caesar start using this cipher?
    (3 votes)
    Default Khan Academy avatar avatar for user
  • male robot donald style avatar for user Muskaan Maurya
    I am not able to understand how shifts are determined using frequency?
    (3 votes)
    Default Khan Academy avatar avatar for user
    • starky ultimate style avatar for user jdsutton
      Well for example E is the most common letter in the English alphabet. So if you look at some cryptotext and see that C is the most common symbol, you might infer that C actually represents the letter E. Shifting by -2 would give that result (E --> D --> C), so you might try shifting by +2 to decrypt.
      (4 votes)
  • blobby green style avatar for user markyosullivan
    Is Caesar's code still used in today's world? If so, what sort of things use it?
    (3 votes)
    Default Khan Academy avatar avatar for user

Video transcript

SPEAKER 1: The first well known cipher, a substitution cipher, was used by Julius Caesar around 58 BC. It is now referred to as the Caesar Cipher. Caesar shifted each letter in his military commands in order to make them appear meaningless should the enemy intercept it. Imagine Alice and Bob decided to communicate using the Caesar Cipher First, they would need to agree in advance on a shift to use-- say, three. So to encrypt her message, Alice would need to apply a shift of three to each letter in her original message. So A becomes D, B becomes E, C becomes F, and so on. This unreadable, or encrypted message, is then sent to Bob openly. Then Bob simply subtracts the shift of three from each letter in order to read the original message. Incredibly, this basic cipher was used by military leaders for hundreds of years after Caesar. JULIUS CAESAR: I have fought and won. But I haven't conquered over man's spirit, which is indomitable. SPEAKER 1: However, a lock is only as strong as its weakest point. A lock breaker may look for mechanical flaws. Or failing that, extract information in order to narrow down the correct combination. The process of lock breaking and code breaking are very similar. The weakness of the Caesar Cipher was published 800 years later by an Arab mathematician named Al-Kindi. He broke the Caesar Cipher by using a clue based on an important property of the language a message is written in. If you scan text from any book and count the frequency of each letter, you will find a fairly consistent pattern. For example, these are the letter frequencies of English. This can be thought of as a fingerprint of English. We leave this fingerprint when we communicate without realizing it. This clue is one of the most valuable tools for a codebreaker. To break this cipher, they count up the frequencies of each letter in the encrypted text and check how far the fingerprint has shifted. For example, if H is the most popular letter in the encrypted message instead of E, then the shift was likely three. So they reverse the shift in order to reveal the original message. This is called frequency analysis, and it was a blow to the security of the Caesar cipher.