"Virtues of a perfect cipher: that they be not laborious to write and read; that they be impossible to decipher; and, in some cases, that they be without suspicion." - Francis Bacon
The Alberti Cipher is a type of polyalphabetic cipher. A polyalphabetic cipher is similar to a Substitution, cipher. In some cases the multiple alphabets are just rotations of the existing the existing alphabet. This generates an encrypted ciphertext that cannot be solved by simple frequency analysis, because the mapping of plaintext letters to ciphertext letters is one-to-many, which is to say the plaintext letters have different ciphertext corespondents at different places in the text. The Alberti cipher is a particular kind of polyalphabetic cipher, and operates as described below.
Leon Battista Alberti, the bastard son of an Italian noble, developed
a
method of encipherment which revolutionized encryption in the
West.
The Alberti cipher, described in his 1467 treatise on
encipherment, De Cifris (Alberti, Leon Battista, A Treatise on
Ciphers, trans. A. Zaccagnini. Foreword by David Kahn, Galimberti,
Torino 1997), is the first polyalphabetic cipher. Alberti's
treatise was written for his friend Leonardo Dati and was never
printed in the 15th centurey.
Alberti, who is
considered to have been surpassed only by Leonardo
Da Vinci as a
Renaissance Man. Also known for his work in architecture,
writing and painting,
Alberti's insights into perspective have
particularly influenced subsequent
painters of his era. But he is
most widely recognized as the father of
Western Cryptology.
The Alberti cipher traditionally consisted of two
metal discs,
one mobile, and one immobile, attached by a common axle so
that the
inner disc may be rotated. Around the outside of the outer disc
are
inscribed the uppercase letters in the Latin alphabet, which is the
English alphabet less J, U, and W, and also without
H, K, or Y, since
Alberti felt they were
superfluous. The outer disc also included the numbers
1 through 4
for use with a codebook containing preselected phrases and words
with assigned four-digit values. Alberti designed his cipher
technique with
courtesans and diplomats in mind.
The inner disc had a randomized uppercase Latin alphabet, which
is the English alphabet minus u, w, and j, and with et (probably meaning '&').
Alberti thought his cipher was unbreakable, and this assumption
was based on his inquiries into frequency analysis, which is the
most effective method of deciphering monoalphabetic cryptograms; given
enough cryptotext one can use the frequency of the letters in reference to
a normal distribution to find the shift, and solve the cryptogram, this system
fails to solve polyalphabetic cryptograms since the letter distribution is garbled.
Interestingly, Alberti's studies involving cryptology were only a passing
interest, at the suggestion of his friend, and secretary to the pope,
Dato, Alberti decided to investigate encryption, and eventually
published a book on the subject, despite its lack of relevance to his
architecture and painting.
The process of encrypting into the Alberti cipher is simplified by
Alberti's discs. On the inner disc was a mark which could be
lined up with a letter on the outer disc as a key, so that if you wanted
to encrypt or decrypt a message you only needed to know the correct
letter to match the mark to. In order to decrypt a message written
using Alberti's discs you had to have a matching alphabet on your inner
disc. To make matters more complicated the disc could be turned during
an encryption so that a different alphabet is used periodically.
This was the first instance of the polyalphabetic cipher. When encrypting
an interval of rotation can be predetermined by those reading and writing
the ciphertext, adding a shift based on the letters in a secret shared keyword.
The traditional discs shown below were the only method
of using this type of cipher until the 16th century. Below is an example of
Alberti's cipher disc.
(NOTE: In this diagram, the letters on the outer disc should be
uppercase and those on the inner disc should be lowercase. The example
given below is based on this representation of the disk. Click here
for an image of the actual Alberti
cipher disk. )
Encrypting a Message with Alberti Cipher
Alberti's 20 character Latin alphabet can be seen around the outer ring of the discs, the four numbers at the end being, again, used in reference to a codebook containing preselected phrases. Alberti deliberately left numbers off the inner disc so no numbers appeared in the ciphertext, so it contained a scrambled version of the normal Latin alphabet instead of Alberti's. This was a very effective method of concealing the code-numbers, since they blended in with the other garbled words, becoming indestinguishable.
The Alberti cipher was not periodic. Each correspondent had a different randomized alphabet in his position. In the 16th century Giovan Battista della Porta used a system of keywords to implement a cipher that can be seen as a variation of the Alberti cipher. One keyword was used to form a permutation of the alphabet, the other keyword was used to specify a sequence for the multiple alphabets to occur in. This technique, which was labeled the 'double cipher' has been more accurately described as polyalphabetic. Porta's permutation technique was based on a 2-dimensional table, for an example here's a version of Porta's table based on a 26 character alphabet:
Equivalent to the outer disc a b c d e f g h i j k l m n o p q r s t u v w x y z 0 A L B E R T I C P H D F G H J K M N O S U V W X Y Z 1 Z A L B E R T I C P H D F G H J K M N O S U V W X Y N 2 Y Z A L B E R T I C P H D F G H J K M N O S U V W X u 3 X Y Z A L B E R T I C P H D F G H J K M N O S U V W m 4 W X Y Z A L B E R T I C P H D F G H J K M N O S U V b 5 V W X Y Z A L B E R T I C P H D F G H J K M N O S U e 6 U V W X Y Z A L B E R T I C P H D F G H J K M N O S r 7 S U V W X Y Z A L B E R T I C P H D F G H J K M N O 8 O S U V W X Y Z A L B E R T I C P H D F G H J K M N o 9 N O S U V W X Y Z A L B E R T I C P H D F G H J K M f 10 M N O S U V W X Y Z A L B E R T I C P H D F G H J K 11 K M N O S U V W X Y Z A L B E R T I C P H D F G H J S 12 J K M N O S U V W X Y Z A L B E R T I C P H D F G H h 13 H J K M N O S U V W X Y Z A L B E R T I C P H D F G i 14 G H J K M N O S U V W X Y Z A L B E R T I C P H D F f 15 F G H J K M N O S U V W X Y Z A L B E R T I C P H D t 16 D F G H J K M N O S U V W X Y Z A L B E R T I C P H s 17 H D F G H J K M N O S U V W X Y Z A L B E R T I C P 18 P H D F G H J K M N O S U V W X Y Z A L B E R T I C 19 C P H D F G H J K M N O S U V W X Y Z A L B E R T I 20 I C P H D F G H J K M N O S U V W X Y Z A L B E R T 21 T I C P H D F G H J K M N O S U V W X Y Z A L B E R 22 R T I C P H D F G H J K M N O S U V W X Y Z A L B E 23 E R T I C P H D F G H J K M N O S U V W X Y Z A L B 24 B E R T I C P H D F G H J K M N O S U V W X Y Z A L 25 L B E R T I C P H D F G H J K M N O S U V W X Y Z A
In this case the uppercase-letters correspond to the randomized inner alphabet of the discs, we use ALBERTICIPHER as the keyword to form the alphabet. The top letters correspond to the outer disc, and the numbers on the left represent the indexes of the multiple alphabets, a second keyword is used to denote a sequence of indexes used to select a row for the table. For Porta's type of cipher, the cryptographic key would consist of the permutation given in the first row of the table plus the shift that should be made after each letter of plaintext. Each new shift value, in Porta's method, or each character in the second keyword, signifies a new ciphertext alphabet.
As an example of this cipher we encrypt the message "this is a test of alberti" using the table above.
An Example of Alberti CipherWe begin by writing the second keyword, CATWALK, repeatedly under the plaintext.
this is a test of alberti CATW AL K CATW AL KCATWAL
Now replace the letters in the keyword with their number equivalents, where A=0, B=1, C=2 and so on.
t--h--i--s i--s a t--e--s--t o--f a--l--b--e--r--t--i 2 0 19 22 0 11 10 2 0 19 22 0 11 10 2 0 19 22 0 11
Next the character corresponding to the coordinates, defined by the plaintext character and the index shift value, (i.e. (t,2) = N, (h,0) = C, etc.)
this is a test of alberti NCKW PC M NRZX JU MHLFVSX
The message is obviously unrecognizable. Also it should be noted that frequency analysis is useless since, non-corresponding letters h and s, and t and i have both been reassigned to matching letters C and X, respectively.
Decrypting a Message with the Alberti CipherTo decrypt a secret message, write out the encrypted characters with their corresponding shifts.
N--C--K--W P--C M N--R--Z--X J--U M--H--L--F--V--S--X c--a--t--w a--l k c--a--t--w a--l k--c--a--t--w--a--l 2 0 19 22 0 11 10 2 0 19 22 0 11 10 2 0 19 22 0 11
Now you could look up the plaintext characters in a table like the one above, only with the plaintext and permutation alphabets switched, to get the original message.
this is a test of alberti
We have implemented a version of Alberti'd cipher as a part of HcryptoJ API, using the classes AlbertiEngine.java, which handles substitutions, and AlbertiKey.java, which utilizes the keywords. The computer implements the cipher first by forming a plaintext-alphabet, and then a ciphertext-alphabet, which is based on a keyword. In the table above the keyword was ALBERTICIPHER (with the repeated characters dropped), so the alphabet was formed with those characters and then the remaining characters in the alphabet are added alphabetically. A second keyword is used to create the period and sequence of shifts, for instance:
The key is wrapped until the message is filled, then the corresponding numerical value of the letter within the plaintext (a=0, b=1, c=2. . .) is used to encode the characters in the message, taking the index of the plaintext, adding the shift value taken from the second key, modulo 26, and then leaving a the index of a ciphertext character. Again, this is simplified by the computer into two arrays containing the alphabets, where each character is listed in its alphabetical order, and given a number, corresponding to that order, which is the index. This process is simplified to the mathematical algorithmKey2 = CATWALK Cycle = CATWAL KC ATWALK Message = Encode Me Please
(PlaintextCharacterIndex+Shift)%26 = CiphertextCharacterIndex
The process works a lot like addition, where the characters represent numbers in a mod 26 number set.
Recognizing Polyalphabetic CiphersE N C O D E M E P L E A S E + C A T W A L K C A T W A L K -------------------------------- B H H O X S B B K O P A C U
The Alberti Cipher and all its relations, the polyalphabetic ciphers, are distinguished by their effect on letter frequencies. Assuming the language being dealt with is English, then the letter 'E' would normally be the most frequent letter, or in a mono-alphabetic cipher some other letter would be assigned the same frequency as 'E'. With a polyalphabetic cipher this does not occur. A letter may repeat and mean two different things, or never occur, even though when decrypted it is the most frequent letter in the writing. This invulnerability to frequency analysis is what caused Alberti to call his cipher unbreakable, and is the reason nearly all modern encryption is based on this method.
Analysis of Polyalphabetic CiphersWhat if you don't have the key to a polyalphabetic cipher, how hard would it be to decipher a message?
In general, polyalphabetic ciphers become more complex and harder to decipher the more frequent the shift change becomes. Since the shift change is one of many factors that complicate solving a polyalphabetic cryptogram, a system for solving the cryptogram must be developed that works around the changing shift. Jean-Guillaume-Hubert-Victor-Francois-Alexandre-Auguste Kerckhoffs' method for solving polyalphabetic ciphers, published in 1881 in his La Cryptographie militaire, required that multiple messages encrypted with the same key be used in conjunction, to form monoalphabetic ciphers.
1 2 3 4 5 6 . . . Message1 U L A K M H . . . Message2 I O W E Q V . . . Message3 B X Z E F N . . . . . .