Software Development

Correcting The Future

Breaking Vigenère Autokey Cipher

Thursday, April 30, 2009 7:21:55 AM

Charles Babbage broke the autokey cipher in secret, and several years later, Kasiski accomplished the same feat in 1863. Looking online, I could not find any substantial descriptions as to how this was done (and there seems to be some confusion as to exactly WHICH variant Kasiski broke). I originally thought that many cryptographic algorithms were complex and difficult to understand. Not so. They are actually very simple.

The Vigenère cipher comes in many different flavours. There are the autokey variants as well as the Quagmire variants. A simple explanation can be found here.

In simple terms, you have a top row with "ABCDE..." along with a column with the same alphabet. The column is the key lookup and the row is the plaintext lookup. Inside the grid is your alphabet shifted back one character per row.

  A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
B B C D E F G H I J K L M N O P Q R S T U V W X Y Z A
C C D E F G H I J K L M N O P Q R S T U V W X Y Z A B
D D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
E E F G H I J K L M N O P Q R S T U V W X Y Z A B C D
F F G H I J K L M N O P Q R S T U V W X Y Z A B C D E
G G H I J K L M N O P Q R S T U V W X Y Z A B C D E F
H H I J K L M N O P Q R S T U V W X Y Z A B C D E F G
I I J K L M N O P Q R S T U V W X Y Z A B C D E F G H
J J K L M N O P Q R S T U V W X Y Z A B C D E F G H I
K K L M N O P Q R S T U V W X Y Z A B C D E F G H I J
L L M N O P Q R S T U V W X Y Z A B C D E F G H I J K
M M N O P Q R S T U V W X Y Z A B C D E F G H I J K L
N N O P Q R S T U V W X Y Z A B C D E F G H I J K L M
O O P Q R S T U V W X Y Z A B C D E F G H I J K L M N
P P Q R S T U V W X Y Z A B C D E F G H I J K L M N O
Q Q R S T U V W X Y Z A B C D E F G H I J K L M N O P
R R S T U V W X Y Z A B C D E F G H I J K L M N O P Q
S S T U V W X Y Z A B C D E F G H I J K L M N O P Q R
T T U V W X Y Z A B C D E F G H I J K L M N O P Q R S
U U V W X Y Z A B C D E F G H I J K L M N O P Q R S T
V V W X Y Z A B C D E F G H I J K L M N O P Q R S T U
W W X Y Z A B C D E F G H I J K L M N O P Q R S T U V
X X Y Z A B C D E F G H I J K L M N O P Q R S T U V W
Y Y Z A B C D E F G H I J K L M N O P Q R S T U V W X
Z Z A B C D E F G H I J K L M N O P Q R S T U V W X Y


This is called a Vigenère tableau.

So if you have a key of "SECRET" and a plaintext of "HELPME", you would look up S in the leftmost column and H in the top row. Then you look in the grid where they intersect to find the encrypted letter to use. In this case, it would be Z. If you continue, you would get "ZINGQX" as your encrypted text. If your plaintext is longer than the key, then you simply reuse the key "SECRETSECRETSECRET..." repeat as needed.

To decode it, you would have the key and the ciphertext. So you simply work backwards. You still lookup the key letter S in the column, but this time you scan that row until you reach Z (the enciphered letter). Once found, you go all the way up the column to find the plaintext letter.

Because of the repeated key, you can find repeated sequences in the ciphertext. Once these are found, you can look at the distance between those sequences and find out the length of the key.

For example, we can try this with Kryptos' first section. (Kryptos is a sculpture at the CIA with encoded text on it).

EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD


What we do is shift this cipher by one letter and then count all the letters that are the same between the two lines. After that, we shift by two letters and compare with the original. On and on until we are satisfied that we've found the most probable key length. Usually, keys are not longer than 20 letters.

EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
 EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                                              X


Shifted by one letter, there is only ONE incidence. So we continue.

Shift: 2 Incidence: 2
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
  EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                                   X    X                         
Shift: 3 Incidence: 3
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
   EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                                      X     X                 X   
Shift: 4 Incidence: 2
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
    EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                     X     X                                  
Shift: 5 Incidence: 3
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
     EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                                      X X                   X
Shift: 6 Incidence: 2
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
      EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
         X                                        X            
Shift: 7 Incidence: 3
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
       EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                                        X  X          X      
Shift: 8 Incidence: 0
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
        EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                                                              
Shift: 9 Incidence: 1
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
         EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                                                  X           
Shift: 10 Incidence: 4
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
          EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                        X                 X         X     X


Shift values also count towards any of their factors. So any incidences found in shift of 6 also count toward shifts of 2 and 3. With a computer, you can scan the entire distance of the ciphertext. Or you can do it by hand if you have enough time. Here, we can already see that a shift of 10 comes out ahead in individual incidence counts. If we were to scan the entire string, 10 would be the most likely choice since shifts of 20, 30 and 40 would add to our results.

Shift: 20 Incidence: 7
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                    EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                         X      X                 XXXXX     

Shift: 30 Incidence: 2
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                              EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                                          XX                  

Shift: 40 Incidence: 2
EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                                        EMUFPHZLRFAXYUSDJKZLDKRNSHGNFIVJYQTQUXQBQVYUVLLTREVJYQTMKYRDMFD
                                                X   X


When you see two or three (or more) letters in a row being identical, this is a very strong indication that you're on the right track. So our key length is either 20, 10, 5, or 2 or anything that factors into both 10 and 20. 10 is the right choice.

What we do now is split our cipher text into 10 groups. Since we have 10 letters in our unknown keyword, we skip 10 letters each time. We take letters #1, #11, #21, etc. Our second group is #2, #12, #22, etc. and so on. We do this because our first group is always encoded using the same letter as a key. If we had used "SECRETCODE" as a key, then the first group would have been encrypted with "SSSSSSS...", the second group with "EEEEEEEE...". This is why we can simply shift the ciphertext down one row at a time. When we encode something, we must look at one specific row. In this case, we know it's always the same row. We simply don't know which one. If the key were not always the same letter, we could not do this as each letter points to a different row.

Now that we know the correct plaintext is simply shifting those letters up or down a row in our Vigenère tableau, we compute all 26 different shifts. In the above tableau, a ciphertext of "ABCD" will be shifted as "BCDE" one row below. In fact, take ANY letter, and the one below it in the tableau is always the same.

English has a special distribution use of letters. For example, the letter E is the most common. By attributing a specific importance value to each letters (from 0 to 9), we can then calculate which of the 26 different possibilities has a distribution that looks the most like English.

The importance value table is the following one taken from the US ARMY Cryptography manual. For any group, simply add the values for each letter together.

ABCDEFGHIJKLMNOPQRSTUVWXYZ
84779657812768862889655360


For our example, we will use the K1 section of the Kryptos sculpture. Note that Kryptos doesn't use "ABCD..." for its tableau, but rather "KRYPTOSABCD..." (You don't use the same letter twice). The difference is moot though. It's simply a different ordering. Instead of K going to L, K goes to R instead. And topmost row used for plaintext lookup is also "KRYPTOSABCD...".

  K R Y P T O S A B C D E F G H I J L M N Q U V W X Z
K K R Y P T O S A B C D E F G H I J L M N Q U V W X Z 
R R Y P T O S A B C D E F G H I J L M N Q U V W X Z K
Y Y P T O S A B C D E F G H I J L M N Q U V W X Z K R
P P T O S A B C D E F G H I J L M N Q U V W X Z K R Y
T T O S A B C D E F G H I J L M N Q U V W X Z K R Y P
O O S A B C D E F G H I J L M N Q U V W X Z K R Y P T
S S A B C D E F G H I J L M N Q U V W X Z K R Y P T O
A A B C D E F G H I J L M N Q U V W X Z K R Y P T O S
B B C D E F G H I J L M N Q U V W X Z K R Y P T O S A
C C D E F G H I J L M N Q U V W X Z K R Y P T O S A B
D D E F G H I J L M N Q U V W X Z K R Y P T O S A B C
E E F G H I J L M N Q U V W X Z K R Y P T O S A B C D
F F G H I J L M N Q U V W X Z K R Y P T O S A B C D E
G G H I J L M N Q U V W X Z K R Y P T O S A B C D E F
H H I J L M N Q U V W X Z K R Y P T O S A B C D E F G
I I J L M N Q U V W X Z K R Y P T O S A B C D E F G H
J J L M N Q U V W X Z K R Y P T O S A B C D E F G H I
L L M N Q U V W X Z K R Y P T O S A B C D E F G H I J
M M N Q U V W X Z K R Y P T O S A B C D E F G H I J L
M N Q U V W X Z K R Y P T O S A B C D E F G H I J L M
Q Q U V W X Z K R Y P T O S A B C D E F G H I J L M N
U U V W X Z K R Y P T O S A B C D E F G H I J L M N Q
V V W X Z K R Y P T O S A B C D E F G H I J L M N Q U
W W X Z K R Y P T O S A B C D E F G H I J L M N Q U V
X X Z K R Y P T O S A B C D E F G H I J L M N Q U V W
Z Z K R Y P T O S A B C D E F G H I J L M N Q U V W X


Here is a table representing each possibilities usage for the above ciphertext of K1 in Kryptos for each of our 10 groups.

EADVQVM 42 MXKJVJF 24 UYRYYYD 45 FUNQUQ 30 PSSTVT 45 HDHQLM 36 ZJGULK 21 LKNXTY 35 RZFQRR 32 FLIBED 41 
FBEWUWN 43 NZRLWLG 40 VPYPPPE 44 GVQUVU 29 TAAOWO 46 IEIUMN 45 KLHVMR 35 MRQZOP 30 YKGUYY 31 GMJCFE 34 
GCFXVXQ 31 QKYMXMH 32 WTPTTTF 53 HWUVWV 33 OBBSXS 35 JFJVNQ 23 RMIWNY 41 NYUKST 39 PRHVPP 38 HNLDGF 40 
HDGZWZU 30 URPNZNI 44 XOTOOOG 49 IXVWXW 29 SCCAZA 38 LGLWQU 32 YNJXQP 26 QPVRAO 37 TYIWTT 46 IQMEHG 37 
IEHKXKV 36 VYTQKQJ 27 ZSOSSSH 47 JZWXZX 12 ADDBKB 32 MHMXUV 33 PQLZUT 30 UTWYBS 38 OPJXOO 34 JUNFIH 36 
JFIRZRW 36 WPOURUL 46 KASAAAI 50 LKXZKZ 14 BEECRC 44 NINZVW 34 TUMKVO 36 VOXPCA 37 STLZSS 40 LVQGJI 28 
LGJYKYX 30 XTSVYVM 42 RBABBBJ 33 MRZKRK 26 CFFDYD 39 QJQKWX 15 OVNRWS 42 WSZTDB 33 AOMKAA 40 MWUHLJ 32 
MHLPRPZ 40 ZOAWPWN 40 YCBCCCL 45 NYKRYR 38 DGGEPE 41 ULURXZ 30 SWQYXA 32 XAKOEC 37 BSNRBB 36 NXVIML 37 
NIMTYTK 48 KSBXTXQ 31 PDCDDDM 47 QPRYPY 34 EHHFTF 44 VMVYZK 24 AXUPZB 27 ZBRSFD 33 CAQYCC 37 QZWJNM 22 
QJNOPOR 41 RACZOZU 37 TEDEEEN 60 UTYPTP 42 FIIGOG 40 WNWPKR 34 BZVTKC 27 KCYAGE 37 DBUPDD 37 UKXLQN 28 
ULQSTSY 46 YBDKSKV 34 OFEFFFQ 43 VOPTOT 45 GJJHSH 29 XQXTRY 31 CKWORD 37 RDPBHF 38 ECVTEE 48 VRZMUQ 27 
VMUAOAP 47 PCERARW 51 SGFGGGU 40 WSTOSO 46 HLLIAI 45 ZUZOYP 26 DRXSYE 41 YETCIG 44 FDWOFF 38 WYKNVU 32 
WNVBSBT 43 TDFYBYX 41 AHGHHHV 46 XAOSAS 43 IMMJBJ 26 KVKSPT 32 EYZAPF 35 PFODJH 35 GEXSGG 35 XPRQWV 29 
XQWCACO 40 OEGPCPZ 41 BIHIIIW 48 ZBSABA 32 JNNLCL 38 RWRATO 46 FPKBTG 32 TGSELI 46 HFZAHH 35 ZTYUXW 29 
ZUXDBDS 35 SFHTDTK 48 CJIJJJX 22 KCABCB 32 LQQMDM 30 YXYBOS 35 GTRCOH 44 OHAFMJ 36 IGKBII 35 KOPVZX 24 
KVZECEA 40 AGIOEOR 54 DLJLLLZ 36 RDBCDC 40 MUUNEN 43 PZPCSA 35 HOYDSI 44 SIBGNL 40 JHRCJJ 25 RSTWKZ 32 
RWKFDFB 38 BHJSFSY 40 EMLMMMK 42 YECDED 45 NVVQFQ 28 TKTDAB 39 ISPEAJ 40 AJCHQM 31 LIYDLL 42 YAOXRK 35 
YXRGEGC 43 CILAGAP 49 FNMNNNR 52 PFDEFE 43 QWWUGU 29 OROEBC 44 JATFBL 35 BLDIUN 40 MJPEMM 34 PBSZYR 32 
PZYHFHD 39 DJMBHBT 38 GQNQQQY 27 TGEFGF 40 UXXVHV 29 SYSFCD 42 LBOGCM 37 CMEJVQ 30 NLTFNN 46 TCAKPY 38 
TKPIGIE 47 ELNCICO 54 HUQUUUP 39 OHFGHG 38 VZZWIW 23 APAGDE 43 MCSHDN 43 DNFLWU 39 QMOGQQ 25 ODBRTP 42 
ORTJHJF 40 FMQDJDS 37 IVUVVVT 43 SIGHIH 43 WKKXJX 16 BTBHEF 39 NDAIEQ 42 EQGMXV 30 UNSHUU 41 SECYOT 47 
SYOLILG 49 GNUELEA 52 JWVWWWO 34 AJHIJI 33 XRRZLZ 26 COCIFG 41 QEBJFU 28 FUHNZW 32 VQAIVV 33 AFDPSO 43 
APSMJMH 42 HQVFMFB 36 LXWXXXS 32 BLIJLJ 28 ZYYKMK 22 DSDJGH 35 UFCLGV 36 GVIQKX 25 WUBJWW 26 BGETAS 43 
BTANLNI 52 IUWGNGC 44 MZXZZZA 17 CMJLML 34 KPPRNR 38 EAELHI 48 VGDMHW 35 HWJURZ 27 XVCLXX 28 CHFOBA 40 
COBQMQJ 30 JVXHQHD 32 NKZKKKB 20 DNLMNM 42 RTTYQY 40 FBFMIJ 31 WHENIX 40 IXLVYK 31 ZWDMZZ 18 DIGSCB 39 
DSCUNUL 49 LWZIUIE 43 QRKRRRC 43 EQMNQN 35 YOOPUP 40 GCGNJL 33 XIFQJZ 20 JZMWPR 26 KXENKK 26 EJHADC 39


What we do now is look for the highest total in each column. But we must be careful that we only start by choosing an entry that is MUCH higher than the rest. If there isn't a clear winner, then we don't pick anything for that column just yet.

Looking at the first column, there isn't a clear winner. There is only one 49, but many 48's, 47's and 46's. The second column isn't much better. But the third column has a 60 and the next highest value is 53. That looks very promising.

What we do now is lay out our selections one above the other.

1
2
3 TEDEEEN 60
4
5
6
7
8
9
0


Our plaintext SHOULD appear by reading the letters top down (from the left).

We now take a look at column 4 in our table. This doesn't look promising, but we'll take a look at the highest value just to try out. We'll do this for column 2 as well.

1
2 ELNCICO 54
3 TEDEEEN 60
4 WSTOSO 46
5
6
7
8
9
0


We check to see if anything is impossible. However, we should note that sometimes, encryption operators insert spelling mistakes on purpose. So we look for an overabundance of impossibilities. Here, everything looks OK except for perhaps the ETW. But that is not impossible. Note the "ND" starting at the third letter? Could this be "AND"? We'll try it. In the first column, we'll look to find the entry that has an A in its third letter.

BTANLNI 52

This also happens to be the highest entry in the first column. Now, it actually looks promising.

1 BTANLNI 52
2 ELNCICO 54
3 TEDEEEN 60
4 WSTOSO 46
5
6
7
8
9
0


Words are starting to come out now. "BETW" is likely BETWEEN. So we can fill out the next three entries and see if the other columns start to form words as well.

1 BTANLNI 52
2 ELNCICO 54
3 TEDEEEN 60
4 WSTOSO 46
5 EHHFTF 44
6 EAELHI 48
7 NDAIEQ 42
8 
9
0


Note that the fifth entry was not the highest for that column. In fact, there are three other entries higher, and another one that has a value of 44. This is why we need to start at the very beginning with very obvious entries. It doesn't mean we'll be right, but it does lessen our chances of being wrong. And it also helps in selecting less obvious choices later on as we've done here.

The sixth column WAS the highest, but not the seventh although it was close. So this all looks very good so far.

The second letters seem to be forming "SHAD". This looks like SHADE or SHADOW or some variant. The Q at the end would likely suggest being followed by a U. So we'll try that.

1 BTANLNI 52
2 ELNCICO 54
3 TEDEEEN 60
4 WSTOSO 46
5 EHHFTF 44
6 EAELHI 48
7 NDAIEQ 42
8 DNFLWU 39
9
0


That makes no sense. SHADN can't be right. Something isn't working out. Let's try the highest value and see what that gives us. Let's try SHADE.

1 BTANLNI 52
2 ELNCICO 54
3 TEDEEEN 60
4 WSTOSO 46
5 EHHFTF 44
6 EAELHI 48
7 NDAIEQ 42
8 YETCIG 44
9
0


Not sure on this. Column 9 and 10 don't have any obvious choices. Personally, I'd be lost here. I already know the solution, but you would need to try different possibilities. TLE could be LITTLE. But that would not work for the other words. Anyways, one more variant of "SHAD" could be "SHADING". I'm not going to pretend I could have come up with it, but that's what code breaker do.

1 BTANLNI 52
2 ELNCICO 54
3 TEDEEEN 60
4 WSTOSO 46
5 EHHFTF 44
6 EAELHI 48
7 NDAIEQ 42
8 SIBGNL 40
9 UNSHUU 41
0 BGETAS 43

BETWEEN SUBTLE SHADING AND THE ABSENCE OF LIGHT LIES THE NUANCE OF IQLUSION


Note the Q. Plaintext is often mixed up with intentional spelling errors to throw off anyone trying to crack the code.

At this point, we have the plaintext and still don't know what the key was. We can obtain the key easily enough. We simply take the first ten letters of the ciphertext "EMUFPHZLRF" and the first ten letters of the plaintext "BETWEENSUB" and use that to find out the key with the use of the tableau. Using the KRYPTOS tableau, we look across the top row for the B and then go down until we see the letter E. Now we go to the front of that row and we get the letter P. Continue for all other pairs of letters and we get the key "PALIMPSEST" which is a document that has been erased and written over.

You can now attempt to decode the second part of KRYPTOS on you own if you wish. You have MUCH more ciphertext to play with so it should be a lot easier.

VFPJUDEEHZWETZYVGWHKKQETGFQJNCE
GGWHKK?DQMCPFQZDQMMIAGPFXHQRLG
TIMVMZJANQLVKQEDAGDVFRPJUNGEUNA
QZGZLECGYUXUEENJTBJLBQCRTBJDFHRR
YIZETKZEMVDUFKSJHKFWHKUWQLSZFTI
HHDDDUVH?DWKBFUFPWNTDFIYCUQZERE
EVLDKFEZMOQQJLTTUGSYQPFEUNLAVIDX
FLGGTEZ?FKZBSFDQVGOGIPUFXHHDRKF
FHQNTGPUAECNUVPDJMQCLQUMUNEDFQ
ELZZVRRGKFFVOEEXBDMVPNFQXEZLGRE
DNQFMPNZGLFLPMRJQYALMGNUVPDXVKP
DQUMEBEDMHDAFMJGZNUPLGEWJLLAETG


But this article wasn't about repeated keys, it was about autokey ciphers. It is said that autokey ciphers make frequency analysis useless since the keys don't repeat. While this may be true on the surface, it is only trivially true and not of much consequence.

An autokey cipher is one where you have a key, but instead of repeating the key, you use the plaintext itself. So if you have key of "SECRET" and a plaintext of "HELPMEOUTOFHEREIMFREAKINGOUT" then the key would actually be:

"SECRETHELPMEOUTOFHEREIMFREAKINGOUT"

See this link for a much better description.

I will re-encode the above K2 plaintext (which is shown encoded) using an autokey cipher.

VFPJUDEEVUHCUWRNGSZNKARFFNVXILD  
PFNVXI?ANLBDHYUBYVGYAIXDSMXKFB  
PITVXDUYNWWTTPIZVUITXOYBXQENNTX  
MJQKHMFBTJZBHBFLHZYKOLFOJFQISQQJ  
HNPCYKDKYAWQYFIIHMDSFFERJGSDFJQ  
ZJWTWNFG?FNSSDYQRUXKSFVKVSUZCRF  
ZIKFUEKVIEZFFLPIZYHTSBTRYJELFSDU  
NQMYVHW?VXKCRFCAQZHCPENQSGPEXZU  
FXQLYVZUAEIVGLYNEIIFKXQJZWLPLV  
YWBTNURIALZAGVKNTDMTQHEKYCOZYTE  
FGNZUYTXOSQLAATPIIAVALTZXROPKZS  
NXQJWJWWJJRGEFGAOIRXLLGDLBBFDRP


Here, we don't know what the key length (before appending the plaintext) actually is. Obviously, if you compare this with the previous ciphertext, it's obvious, but we usually don't have isologs (messages enciphered with different keys or different methods). I'm not sure if there actually IS a technique for finding out the key length. But you can try the above frequency analysis for each of the suspected key lengths. It's more tedious, but with the help of a computer, it's not that bad if the key length isn't that long.

For this example, we'll assume we already know the key length. It's eight. So we do the same thing as before and create 8 groups of letters by taking each successive eighth letter.

In this case, we have a problem. The key isn't always the same. Each successive letter uses the previous plaintext letter as its key. So we're almost never using the same row twice. Hence, frequency analysis is useless. Actually, that's a complete lie. If we take a guess as to the first letter's key, say 'A', then with a key and its ciphertext (the first letter), we can reproduce the assumed plaintext letter. With that plaintext letter, we can use it as the key for the next letter and retrieve its plaintext letter and use that as the key for the next letter and so on all the way down. This will allow us to retrieve the assumed plaintext. We only have a 1 in 26 chance of picking the correct initial letter. But that's not a problem since we will try ALL 26 letters just as in the last example. But instead of shifting the ciphertext, we instead decode the entire ciphertext in each group using our assumed key letter. Once we have our 26 deciphered plaintext candidates, one of them will actually be the correct plaintext for each group, except that they will be eight letters apart. That's why we do the same thing for all eight columns and do frequency analysis.

Think of it this way. The first letter of the key will encipher the first plaintext letter. That first plaintext letter will encipher the 9th plaintext letter. The 9th plaintext letter will encipher the 17th plaintext letter and so on. In effect, this reduces the problem to a one letter autokey cipher. All we need to do is find the correct initial key letter and this will allow us to decode the entire sequence for that group. And if we try all letters from A to Z, then we can do frequency analysis to find out which one uses letters in the same proportions that English does.

Let's try it on the ciphertext shown above.

AIASSSYEGENOHTTGANNNWIOUTEHHONSAGYGTIXVSVESNTCTZ 350 AOJJPJQBMMEQDYDYMMWHSAQYGXTFBMVADFKPMTDQDQDVRST 265 AVMAIAAKFCSVYSEQVTEJCPMHFGRDBRBPZHFOVTATQCJPGMZ 281 ACKNONCSYKZCCUNWLEPGPJBGZGLKYZTQYICGYLCPYGEGPFV 265 AHANVNYVAFDHYHERMIPDGNAMPCWIAOSNSVXTPRRFQUSHGHQ 315 APQGTPOODGBFBLECQPAZOROTADXBSPJOJPGDAPSGAKOEYVJ 280 ATWTSGILGDOSQHFPSHMMOOAQSWAPQGAOYCJMAEQOFDNTADK 305 ATIWSEEAIIITDTROWOAOHHBTMWTLOILATEFMIIDEVEIRESU 358 
BHBOAOPDHDQTIPOFBMQMXHSQODIGSMASHRHPJWWOWDAMOBOX 297 BTLITIUANLFNERERNLXGASURHWOECLWSEERYNPENENEUYOO 348 BUNSJSBZGBAUPOFNWPFIDYNGGFYCCKCYKGGTWPBPUBLYHLK 268 BBRMSMDOPZKBDQQVMDTFTICFKFMZPXONPHDFPJDYPFFFTEW 269 BGBMWMPUBEEGPGFKNHTCHMBLTBXHBTAMAUZPTKYEUQAGHGU 278 BYUFOYSTEFCECJFBUYBXSKSPBCZAAYLTLYHCBYAFBZSDPUL 283 BPXPAFJJHCSOUGGYAGNLSTBNAVBYUFBTPBLLBDUTGCQPBCR 281 BPJVADFSJHJPEPYTXTBTIGCPNVOJSHMSODGLJHEDWDJKFOV 277 
CGCTBTTCICUPJYSECLULZGANSCJFALBOIKIYLVXTXCBLSASW 303 CPMHOHVSQJGMFKFKQJZFBOVKIVSDDJXOFDYRQYFMFMFQPTS 249 CQQOLOCXHABQTTGMXYGHERQFHEPBDZDRRFHPXYCYVAMRIJR 281 CAYLALETTXRAENUUNCOEOHDERENXTWSMTGEETIERTEGEODX 353 CFCLXLTQCDFFTFGZQGOBILCJOAZGCPBLBQKYOZPDVNBFIFV 258 CRVESRAPFEDDDIGAVRCWAZAYCBKSBRMPMRIBCRBECXACTQM 304 CYZYBELIIBATVFHRBFQJAPCMBUCRVECPTAMJCCVPHBUYCBY 283 CYLUBCGOLGLYFYPPZPCPJFDYQUSIAGNOSCHJLGFCXCLZGTW 275 
DFDPCPOBJBVYLRADDJVJKFBMABLEBJCTJZJRMUZPZBCJASAV 247 DYNGSGWOUIHLGZGZUIKECTWZJUACEIZTGCPKURGLGLGNTPA 278 DNUTMTDWISCNOPHLZRHGFKUEIDTAEXEKYEIYZRDRWSNKJIY 304 DSPJBJFPOWYSFMVQQBSDSGEDYDQWOVALOFFDOHFKODHDSCZ 277 DEDJZJONDCGEOEHXUFSAJJDISSKFDYCJCNRRSXTCWMCEJEW 286 DKWDAKBYGDECEHHSWKDVBXBRDAROCKNYNKJADKCDDWBBONN 278 DRKRCDMHJABPWEIKCEUIBYDLCQDKWDDYOSNIDBWYIAVRDAP 296 DRMQCBHTMFMRGRTYKYDYLEERUQAHBFQTABIIMFGBZBMXHPX 280 
EEEYDYSALAWRMKBCEIWIRECLBAMDCIDPLXLKNQKYKADIBOBU 307 ERQFAFXTVHIJHXHXVHRDDPXXLQBBFHKPHBTZVKHJHJHMOYB 250 EMVPNPEVJODMSYIJKKIFGZVDJCOSFWFZPDJRKKEKXOQZLHP 245 EOTICIGYSVPOGLWNUAACAFFCPCUVSUBJSEGCSGGZSCICABK 302 EDEIKISMEBHDSDIWVEASLIEHAOREERDIDMYKAWOBXLDDLDX 325 EZXCBZCRHCFBFGIOXZEUCWCKESYTDZQRQZLSEZDCEVCASMQ 262 EKRKDCNGLSCYXDJZDDVHCREJDNEZXCERSOQHEAXRJSWKEST 284 EKNNDAIPNENKHKORRRERMDFKVNBGCEUPBAJHNEHAKANWIYZ 301 
FDFRERASMSXKNZCBFHXHYDDJCSNCDHEYMWMZQNRRRSEHCTCQ 301 FKUEBEZPWGJIIWIWWGYCEYZWMNCAGGRYIAOXWZIIIIILSRC 285 FLWYQYFULTELARJIRZJEHXWCLBSOGVGXTCLKRZFZZTUXMGT 263 FTOHDHHRAUTTHJXMVSBBBEGBTBVUAQCIADHBAFHXABJBBAR 287 FCFHRHALFAICACJVWDBOMHFGBTYDFKEHELPZBVSAZJECMCZ 281 FXZBCXDKIBGAGFJTZXFQDVDZFOPPEXUKUXMOFXEBFUDSALU 247 FZYZEBQFMODRZCLXECWGDKFIEMFXZBFKATUGFSZKLOXZFOO 248 FZQMESJYQDQZIZSKYKFKNCGZWMCFDDVYCSLGQDISRSQVJRK 238 
GCGKFKBONOZZQXDAGGZGPCEIDOQBEGFRNVNXUMYKYOFGDPDN 266 GZVDCDKYXFLHJVJVXFPBFRKVNMDSHFYRJSSWXXJHJHJJAKD 233 GJXRURGQMPFJBKLHYXLDIWXBMAATHUHWOBMZYXGXKPVWNFO 251 GPSGEGIKBQOPIIZLWOCACDHAOAWQBNDHBCIABEIWBALACSY 298 GBGGYGBJGSJBBBLUXCCTNGGFCPPCGZFGFJTXCUASKIFBNBK 248 GWKADWEZJAHSHELPKWGNEUEXGTTYFWVZVWNTGWFAGQEOBJV 271 GXPXFAUENTEKKBMWFBXFEZGHFLGWKAGZBPVFGOKZMTZXGTS 245 GXULFOLRUCUXJXAZPZGZQBHXXLDEECWRDOMFUCJOYOUULKR 258 
HBHZGZCTQTKXUWESHFKFTBFHETUAFFGKQUQWVLPZPTGFEYEM 270 HXWCDCRRZEMGLULUZETAGKRUQLEOIEPKLOAVZWLGLGLIBZE 281 HIZKVKHNNYGICZMGPWMCJVZANSBPIQIVSANXPWHWRYWVQES 264 HYAFFFJZCNSYJHKJXTDSDCISSSXNCMEGCBJSCDJVCSMSDOP 281 HAHFPFCIHOLACAMQZBDPQFHEDYTBHXGFGIOWDQBORHGAQAR 289 HVRSEVFXLSIOIDMYRVHMFQFWHPORGVWXWVQPHVGSHNFTCIW 294 HWTWGSVDQPFZRANVGAZEFXHGGJHVRSHXCYWEHTRXNPKWHPA 277 HWVJGTMKVBVWLWBXTXHXUAIWZJEDFBXKETNEVBLTPTVQMZY 253 
IAIXHXDPUPRWVVFOIEREOAGGFPVSGEHZUQUVWJTXTPHEFRFL 300 IWXBEBYKKDNFMQMQKDOSHZYQUJFTJDTZMTBUKVMFMFMHCXF 244 IHKZWZIMQRHHDXNFTVNBLUKSQOCYJNJUASQWTVIVYRXUUDA 266 IRBEGELXDMARLGRIZPEOEBJOAOZMDLFFDALODCLUDONOETT 318 ISIETEDHITMSDSNNKAEYUEIDEROAIWHEHHSVENCTYGHSUSY 350 IUYOFUGWMOJTJCNRYUILGNGVIYSKHUXWXUUYIUHOIMGPDHX 285 IVOVHOWCUYGXYSQUHSKDGWIFHIIUYOIWDRXDIPYWQYRVIYB 288 IVWIHPNZWAWVMVCWOWIWVSJVKIFCGAZZFPQDWAMPTPWNNXP 265 
JSJWIWEYVYYVWUGTJDYDSSHFGYWOHDIXVNVUXIOWOYIDGKGJ 279 JVZAFAPZRCQENNNNRCSOIXPNVIGPLCOXNPCQRUNENENGDWG 298 JGRXXXJLUKIGEWQEOUQAMQROUTDRLMLQBOUVOUJUPKZQVCB 247 JKCDHDMWELBKMFYHKYFTFALTBTKLEJGEESMTEBMQETQTFPO 290 JOJDODEGJPNOEOQMRSFRVDJCFKSSJVIDIGAUFMDPPFIOVOP 288 JQPTGQHVNTLPLBQKPQJJHMHUJRAZIQZVZQVRJQITJLHYEGZ 220 JUSUITXBVRHWPOUQIORCHVJEIHJQPTJVEKZCJYPVURYUJRC 262 JUXHIYQXXSXUNUDVSVJVWOLURHGBHSKXGYUCXSNYOYXMQWT 259 
KVKGZGUMSMFFAEWQKKFKJVXYWMAUXKZHSCSEBOIGIMZKWJWS 237 KFCWVWGIEZTRPCPCEZJUZHGCSOWNRZIHPNNDEEPRPRPPQGW 281 KPEHBHKAOJZPUGTRIETWYDEUOQQLRBRDMUOFIEKEGJCDSZM 281 KJNKXKYGUAMJYYFTDMVQVWRQMQDAUSWRUVYQUXYDUQTQVNI 248 KUKKIKUPKNPUUUTBEVVLSKKZVJJVKFZKZPLEVBQNGYZUSUG 218 KDGQWDXFPQRNRXTJGDKSXBXEKLLIZDCFCDSLKDZQKAXMUPC 245 KEJEZQBXSLXGGUODZUEZXFKRZTKDGQKFUJCZKMGFOLFEKLN 226 KEBTZMTHBVBEPEQFJFKFAUREETWXXVDHWMOZBVPMIMBBTGH 268 
LOLVJVFRWRPUXQHPLCPCAOIEHRXTICJWWMWQZHSVSRJCHZHI 282 LUKSGSTXYBUDQMQMYBATJWTMWHHYMBSWQYDNYQQDQDQFEVH 261 LFYWZWLJVZJFFVUDSQUSNNYTVPEKMLMNCTVUSQLQTZKNWBC 258 LZDCICNVFJCZNEPGRRGPGSMPCPRJFIHDFONPFANNFPUPGYS 294 LTLCSCFFLYQTFTULYOGKWCLBGZAOLUJCJFBQGLEYTEJTWTT 286 LNTPHNIUQPMYMAUZTNLIILIQLKBXJNKUKNWKLNJPLJIRFFK 266 LQAQJPZAWKIVTTVNJTYBIULDJGLNTPLUFZKBLRTUVKPQLKD 255 LQZGJRUWZOZQQQEUAULUXTMQYGHAIORWHRVBZOQRSRZLUVO 249 
MTMULUGKXKTQZNIYMBTBBTJDIKZPJBLVXLXNKGAUAKLBIXIH 251 MQROHOOWPAVCULULPABPLVOLXGIRNAAVUREMPNUCUCUEFUI 312 MEPVKVMIWXLEGUVCANVOQMPPWYFZNJNMDPWQANMNOXRMXAD 276 MXEBJBQUGIDXQDTFYKHYHONYDYYIGHICGTQYGSQMGYVYHRA 274 MPMBABGEMRUPGPVJPTHZXBMAHXBTMQLBLECNHJFRODLPXPO 274 MMOYIMJQUYNRNSVXOMMHJJJNMZCWLMRQRMXZMMLYMIJKGER 255 MNBNLYKSXZJUOPWMLPPAJQMCLFMMOYMQGXRAMKOQWZTNMZE 253 MNKFLKVVKTKNUNFQBQMQZPNNPFISJTYVIKWAKTUKAKKJVUS 243 
NPNQMQHZZZONKMJRNAOACPLCJZKYLAMUZJZMRFBQBZMAJWJG 224 NNYTITSVTSWBVJVJTSCYMUSJZFJKQSBUVKFLTMVBVBVDGQJ 252 NDTURUNHXWMDHQWBBMWTULTYXRGXQIQLEYXNBMNMSWYLZSE 281 NWFALAUQHHEWUCOEPZIRITQRERPHHGJBHPURHOULHRWRIKB 301 NYNABAHDNKVYHYWITPIXZANSIWCPNNMAMDDMIIGKSCMYZYS 299 NLSRJLLNVRQKQOWWSLNGLILMNXDVMLYNYLZXNLMRNHLZHDY 284 NMCMMRROZXLQSYXLMYTSLNNBMENLSRNNHWYSNZSNXXOMNXF 298 NMREMZWURPRMVMGNCNNNKYQMTEJOLPPUJZXSRPVZBZRIWQA 265 
OLOBTBKGEGLAFSYIOULUULPWYGFJPUTCETESGKQBQGTUYEYR 300 OAHMRMMDJQCVBTBTJQUJTCMTEKYHSQQCBHXOJSBVBVBXZBY 247 OXJCGCOYDETXKBCVQSCMAOJJDIZFSPSOWJDAQSOSMEHOEQW 276 OEXUPUABKYWEAWLZIGRIRMSIWIIYKRYVKLAIKNAOKICIRHQ 292 OJOUQUKXOHBJKJCPJLRFEUOQREULOATUTXVSRPZHMWTJEJM 263 OOMIYOPABISHSNCEMOORPPPSOFVDTOHAHOEFOOTIOYPGKXH 331 OSUSTIGNEFPBMJDOTJJQPAOVTZOOMIOAKEHQOGMADFLSOFX 294 OSGZTGCCGLGSBSZAUAOAFJSSJZYNPLICYGDQGLBGQGGPCBN 268 
PNPDYDXICIICDBKLPWIWNNRZKIDMRWYECSCBEYMDMIYWKGKP 294 PCFQZQJFHVAXSSSSHVNMYEJSCYKJTVMESJVAHBSXSXSKWDK 259 PKHEEEPTBGYKXDAXMBAQOAHMBLWHTOTAUMBCMBPBJGFACVU 282 PGVWRWODXTUGOZIRGIZLZQTLULGTXPKXXNOLXUOAXLALZJM 258 PMPWMWXKPJSMXMAOHNZHCWPVZGNNPCYWYKQBZOWJJZYMCMJ 230 PAJLKARCSLTJTUAGJAPPRORBPHQFYAFCFACHPAYLPTRIXKF 294 PBNBYLEUCHRDJMBAYMHVRCPXYRPAJLPCXGFVPIJCBHIBPHV 277 PBERYIAEENEBSBWCNCPCDMTBHRKURNGEKIBVENSIMIEOADL 324 
QYQNNNIXKXSMRLLKQSSSDYMBLXRRMSNQKIKLYECNCXNSLVLF 287 QMPPJPAUOOXAWIWIOODRNQAIKELZUOCQWZGJOLWAWAWCHNL 278 QCOQYQQGZVNCINXACLXPVJORZKHWUHUJFRZMCLQLAVPJKOF 239 QVGSMSVNIGFVVBSDTXJKJPUKFKTGIFLAIYVKITVJIKXKJZC 243 QRQSCSICQZWRIRXHOYJWKSQOJVDYQMNSNCELJHHZABNRKRA 266 QJAKLJMMWKUZUTXVAJQFMHMLQWEUNJPMPJKWQJNKQGMXICP 219 QLDLNKYTKWMNARZJNROOMMQANDQJAKQMIVPOQXAMZWSLQWG 254 QLYDNXXQYYYLWLHMDMQMRRULODLTMYTQLXZOYYWXCXYHXNB 268 
RURFKFVLALGEBDXNRZGZLUZRXLBQZZKGABADCTJFJLKZXIXO 238 REDVWVHHFXOKTBTBFXLQKGHBATXMYXJGTMQCFDTKTKTYUFX 264 RYFGCGRSSIKYVFOKJDOVPCFQSNUJYAYCNQSEJDRDHIDCAXN 288 RIQZZZPFVSNIPRGPELWNWVYNNNESVOXKVUPNVWPCVNONWMJ 277 RQRZJZVYRMTQVQOAFUWJAZRXWILUREKZKYMDWAUMHRKQAQH 242 RCHNXCZETNYMYWOIHCROZAZDRJMHKCDEDCAJRCKNRSZLVYD 286 RDLDKNCWAJZFHQSCKQFXZERKKPRCHNREVIDXRLHESJGDRJQ 263 RDCPKLOGCUCDTDUELEREBQYDFPXWZUEGXLSXCUTLJLCAOFI 295 
SJSAOARFFFMSGOPHSQMQVJTVPFGITQOBFPFOHZUAUFOQPDPK 283 SSILYLNCLNDUCPCPLNVIOBNPFZPGANUBCGZTLOCUCUCWKAP 300 SWLBHBSREDOWRADUUODLBTLIEHKEAYATXIESUOSONDITFNX 330 SDZQTQBARRXDBVMXJFYHYLAHXHJRRKPURJBHRMBTRHDHYGU 266 SISQUQRWSGCIRIDYLJYEFQSNYDVJSSOQOWWOYYKGNVOIFIN 292 STNHPTTSCHAGAMDDNTSKTYTOSEWCOTISITFESTOHSRTFRWI 356 SOVOOHHMFETANIETOILNTSSUOXSTNHSSRDINSFNSEEMOSEZ 354 SOHXOFDBHJHOCOKSVSSSGIAOLXPMTJJBPFENHJCFUFHYDAQ 286 
TMTCPCZHDHJBEARJTVJVQMYXRHELYVPDDODAFRNCNHPVRFRY 301 TBGNKNLEIUBWAOAOIUQLPDLODRRIOUNDAIWSIAAWAWAZXCR 315 TZIDFDTPCFPZZCBWNABNSSILCJXGOTOSVLCBNATALFGSDUV 295 TFWVYVSCZPVFSXJKHHKJKNOJVJHPZYRWZMSJZQSSZJBJKIN 213 TLTVNVZZTIALZLBTIMKGDVTUKFQMTBPVPZUAKTXILXPLDLL 269 TSLJRSYBAJOIOQBFLSTYYTYATGUEPSGBGSDGTSPJTPYHZZG 289 TAQAPJFQDGYCLLCSPLIUYBTWPKTSLJTBZFGUTHLBCGJATGW 277 TAFKPHBDFMFAAAXBQBTBELOAIKRQYMHDRHCUFMAHNHFTBCM 297 
URUMQMJWRWALYJMZUOAOERNAMWYKNOQNRHRJPDDMDWQOMUME 288 ULTYLYBQSTZSXHXHSTEKQNBHRDMXVTDNXXHISJXSXSXBIMM 273 UBSNPNUFKUQBJMZSDJZYWISKKZIVVGVIGKKLDJUJBUTIRTG 236 UUHONOWMJFGUWAACOWLZLYVZGZOFJEMSJRWZJPWIJZZZLXD 233 UKUODOJBUXXKJKZGSRLVROUTLUERULQOQBFJLGIXBAQKRKB 242 UIBZMINLXZVXVPZUBIUENGNJUVFQQITLTIRVUIQZUFNWJBT 254 UJEJQZPPRVNMBKKIQKSTNLUSQCUIBZULJUTTUWBLKVAJUVH 245 UJPCQWZNPRPJXJILELULYKVJSCMPNRONMWKTPRXWDWPGZMC 257 
VKVLULLVYVBJPINXVTBTFKQSNVPZQTUMYGYITCELEVUTNQND 283 VJORMRCNAPKOZGZGAPFZUMCGYCNWWPEMZWIHAIZOZOZAJLN 257 VAAMTMVERQUALLKOEIKRXHAZRXJUWFWHHZRJEIVICQOHYPH 279 VQITQTXLLEHQXSBBSVMXMRWXHXSELDNOLKXXLYXHLXKXMWE 263 VZVTETLAVWZZLZKFAKMUYTVPMQFKVJUTUAGIMFJWCSUZYZC 241 VHCXNHQJZXWWWYKQCHVDQFQIVUGNUHOJOHYUVHUXVEQVLAO 250 VIFIUXTYYUQLCZRHUZAPQJVOUBVHCXVJLQOPVVCJRUBIVUI 254 VITBUVKMTKTIZIJJFJVJPZWIABNYQKSMNVRPTKZVEVTFKLD 247 
WZWJVJMUPUCITHQWWPCPGZUOQUTXUPVLPFPHOBFJFUVPQNQC 252 WISKNKDMBYRTKFKFBYGXVLDFPBQVXYFLKVJGBHKTKTKSLJQ 237 WSBLOLWDYNVSMJRTFHRKZGBXYWLQXEXGIXYIFHWHDNSGPYI 275 WNJPUPZJMDINZOCAAUNWNKXWIWADMCQTMZZWMRZGMWRWNVF 255 WXWPFPMSWVKXMXREBZNQPPWYNNGZWIVPVSHHNELVDOVXPXD 263 WGDWQGUIKWXVXRRNDGWCUEUHWQHMVGSISGPQWGVWWDUUMSS 270 WHGHVWORPQUJDXYGVXBYUIWTVAWGDWWIMNSYWUDIYQCHWQJ 264 WHOAVURLOZOHKHLIGIWITXXHBAQRUZALQUYYOZKUFUOERJE 275 
XXXIWINQTQDHOGUVXYDYHXVTUQOWVYWJTETGSAGIGQWYUMUB 274 XHAZQZELCRYPRERECRHWWJEETAUUZRGJRULFCGRPRPROMIU 294 XOCJSJXCPMWONIYPGGYZKFCWPVMNZDZFJWPHGGXGEMAFTRJ 249 XMLYVYKINCJMKTDSBQQVQZZVJVBCNBUPNXKVNKKFNVYVQUG 225 XWXYGYNOXURWNWYDCXQNTYXRQMHXXHWYWOIGQDMUETWWTWE 275 XFEVUFVHRVZUZKYMEFXBVDVGXNILWFAHAFTNXFWVXCVQNOA 267 XGHGWVSKTNVIEWPFWWCRVHXPWSXFEVXHNMARXQEHPNDGXNL 283 XGSSWQYJSXSGRGMHHHXHOWZGCSUKVXBJUQPRSXRQGQSDYIF 251 
YQYEREWJBJHDCCZMYXHXMQKKZJCNKXRFBABCDPLELJRXZHZT 238 YDEUXUIGGWSZOAOAGWMNRFIABPZLPWLFOLUBGCOZOZORVEZ 278 YRGFDFYOAHRRWESZLCSUTBGNAMVIPSPBQNADLCYCIHEBBWQ 301 YHUXKXTEWOQHTKHYFJXMXUPMQMFOWTZZWQTMWVTBWMSMXLL 251 YNYXLXWRYLONWNSSGQXIBXYWXHMQYDRXRRNCXSVLIKRNBNI 282 YBIMZBKDOMPLPVSHIBYTKSKCYINGRBEDEBBIYBRMYOKJWRE 279 YCMCRMDVBIKEINABRNGWKDYZRYYBIMYDWHEWYJIDAIHCYIU 293 YCDYRJSFDQDCOCVDMDYDCNPCGYZVKQFFZJAWDQOJLJDSSEJ 258 
ZWZHXHQNONEGSFVUZRERIWWPVNSVWRXIODOFASHHHNXRVLVA 296 ZGBXUXFJDKPYYDYDDKIVXIFDOSVQKKHIYQMEDFYYYYYTNHV 258 ZTDIAIZBTLXTQHPYHFPXREDVTUNMKCKELVTGHFZFFLBEOKL 281 ZLMRWRRHQBLLRPEOCNUUUXKULUCBQAVYQWRUQZREQUPUUQH 264 ZVZRHRQTZQYVQVPCDWUMORZKULIWZGXRXTJFUCNQFPXVOVF 237 ZEFUVEWGYUKQKZPLFEZAWCWFZMJJXEBGBEOMZEXUZBWNQTB 228 ZFIFXUAZOMWHFVTEXVDKWGZYXOZEFUZGQLBKZNFGTMEFZMM 238 ZFAOXNPIAWAFYFNGIGZGSVKFDOVZWWCIVNTKAWYNHNACPHG 282


Again, we look for the highest value in a column that is WAY above all the other values in that same column. Note that this time, since we're retrieving the plaintext key at every step, the original key is also retrieved and will show up in the first column of letters below. The plaintext will follow in the next columns reading top down.

1 AIASSSYEGENOHTTGANNNWIOUTEHHONSAGYGTIXVSVESNTCTZ 350
2 BTLITIUANLFNERERNLXGASURHWOECLWSEERYNPENENEUYOO 348
3 SWLBHBSREDOWRADUUODLBTLIEHKEAYATXIESUOSONDITFNX 330
4 CAYLALETTXRAENUUNCOEOHDERENXTWSMTGEETIERTEGEODX 353
5 ISIETEDHITMSDSNNKAEYUEIDEROAIWHEHHSVENCTYGHSUSY 350
6 STNHPTTSCHAGAMDDNTSKTYTOSEWCOTISITFESTOHSRTFRWI 356
7 SOVOOHHMFETANIETOILNTSSUOXSTNHSSRDINSFNSEEMOSEZ 354
8 ATIWSEEAIIITDTROWOAOHHBTMWTLOILATEFMIIDEVEIRESU 358


In this case, all the choices were VERY obvious. There was no contest and we obtain the plaintext and key with very great ease. The last 8 letters are incorrect and this means that either the key changed, the encoding method changed or there are missing letters. In this case, there is a missing letter in the ciphertext. If you add it, you will get XLAYERTWO which is the correct result.

So once you have the proper key length for an autokey cipher, decoding it is a snap. If you have a lot of cipher text like the above, you don't even need the key length. Simply analyze each possible key length from 1 to 20 or something like that. English words will instantly pop out if you have the correct key length. Small messages are a bigger problem though as seen with our first example.

In essence, autokey offers no more security than a repeated key. There is one exception though. In all our examples, we assumed that the index used for the plaintext was either "ABCD..." or "KRYPTOSABCD...". This is called the plaintext key. The insides of the tableau is mixed up by what is called a ciphertext key. In our example, we used the same for both "KRYPTOSABCDEF...". But if it is not the same and is not "ABCDEF...", then we have a real problem because we don't know how the cipher letters map to the plaintext letters. These kinds of ciphers require THREE keys. In our examples, we were using two keys. "KRYPTOS" was used for mixing up the alphabet in the tableau and then another unknown key was used to encipher the plaintext. Requiring three keys is a bit much, but would provide much more security. Without this third key, autokey and repeated key Vigenère ciphers offer identical protection. No more, no less. And we've just shown why.

As a side note, and perhaps a piece of trivia for those interested in Kryptos, the letters in K2 that are deciphered as X's are ASTT when encrypted in the official ciphertext. However, there is a missing X as told by Jim Sanborn himself just before the last eight characters. This would have been enciphered as an S. So we have ASTTS. But there is another X in the word SIX. This is enciphered as an O. ASTTSO. And if we take the misspelled word, the U is encoded as an R. ASTTSOR anagram gives STRATOS. It's not actually a word, but a prefix. LAYERTWO is also interesting. Stratos can mean a sedimentary layer or a layer of atmosphere like the stratosphere. But Jim Sanborn has an interest in archeology. Also, the second layer of rocks is where he inscribed his Morse code. Each segment of Morse code is always in two lines. These could be clues to the different possible matrix sizes for K3. If STRATOS and LAYER TWO are indeed clues to deciphering K3, then this would be an example of what is called steganography.

UndoPart 1 to K4 of Kryptos Solved! (Update: Aug 3, 2009)

Comments

Unregistered user Tuesday, June 2, 2009 5:48:22 PM

Anonymous writes: Yes, but how hard would it be to Make legible sentences of the right order from someone else's diary to make sure that the X's mimic telegraph stops within a Quagmire III Vigenere and manage to have said X's reveal the word Stratos? We can't reach quite that far or we'll find a lot of random coincidences. Aim for the probably not simply the possible my friend. Not that I've figured anything new out myself...

Unregistered user Tuesday, June 2, 2009 5:50:37 PM

Anonymous writes: Oops, K2 was the weird Sanborn statement, K3 was the diary! Still though, it's like the folks who build pyramids out of the text and re-enact the tomb opening. It's just too far out there.

Vorlath Wednesday, June 3, 2009 5:05:03 PM

I can tell you that stratos is a clue. I've decoded way past all this.

Write a comment

New comments have been disabled for this post.

June 2012
S M T W T F S
May 2012July 2012
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30

Videos

Blogs

  • Artima

    Blogs about programming

  • Memel

    Power Computing Theory

  • Quotes

    Random Thoughts about Programming, Life, Universe and Everything

  • Donate to Project V

    The link is on under the left nagivation bar

News

  • OSNews

    News about programming and OS.

  • /.

    News about anything related to computers.

  • proggit

    Programming articles

My Software

  • CSRegEx

    C++ non-recursive regular expressions library

  • CSParser

    C++ LR(1) Parser Generator

  • CS::SkipList

    C++ Generic SkipList Container Library