Tools / Affine Cipher
Affine Cipher Tool
Encrypt or decrypt text with the affine cipher using keys a and b. If you don't know the keys, use Brute force mode to try all valid key pairs and rank candidates by English letter frequency.
Alphabet mapping (ciphertext → plaintext)
| Plain | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z |
| Plain | O | J | E | Z | U | P | K | F | A | V | Q | L | G | B | W | R | M | H | C | X | S | N | I | D | Y | T |
Encryption: E(x) = (ax + b) mod 26 • Decryption: D(x) = a'(x − b) mod 26, where a' is the modular inverse of a
How the affine cipher works
The affine cipher is a monoalphabetic substitution cipher. Each letter of the alphabet is mapped to another using the formula:
E(x) = (a * x + b) mod 26 D(x) = a_inv * (x - b) mod 26
Where x is the 0-indexed letter position (A=0, B=1, ..., Z=25), a is the multiplicative key, and b is the additive (shift) key. a_inv is the modular multiplicative inverse of a mod 26.
The key a must be coprime to 26 (i.e., gcd(a, 26) = 1) so that every letter maps to a unique output and the cipher is invertible. The valid values of a are: 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25 (12 values). With 26 choices for b, there are 12 × 26 = 312 distinct affine keys. All of them are tried in brute force mode.
When a=1, the affine cipher reduces to a Caesar (ROT) cipher. Use the ROT / Caesar Cipher tool for that specific case, or the Frequency Analysis tool to interactively build the substitution mapping when you have a long ciphertext.
The affine cipher is vulnerable to known-plaintext attack: if you know even two plaintext-ciphertext letter pairs, you can solve the two-equation system to recover a and b directly without brute force.