Tools / Vigenère Cipher
Vigenère Cipher
Encrypt or decrypt text with the Vigenère polyalphabetic substitution cipher. Enter the key (letters only) and the ciphertext to recover the plaintext. Non-letter characters pass through unchanged.
Only letters are used; digits and symbols are ignored. Repeats cyclically.
Paste text and enter the key to get started.
How the Vigenère cipher works
Unlike a simple Caesar cipher that shifts every letter by the same amount, the Vigenère cipher uses a repeating keyword. Each letter of the key determines the shift for the corresponding letter in the message: A=0, B=1, …, Z=25. This makes frequency analysis harder because the same plaintext letter can map to different ciphertext letters depending on its position.
Decryption is the reverse: subtract the key letter's shift (mod 26) from each ciphertext letter. The key repeats cyclically until the message is fully processed.
Challenges solved with this tool: picoCTF 2022 - Vigenere.
The Vigenère cipher was considered unbreakable for centuries and was nicknamed le chiffre indéchiffrable (the indecipherable cipher). The weakness discovered in the 19th century is that the key repeats, so every nth character (where n is the key length) is encrypted with the same shift. This creates multiple interleaved Caesar ciphers, each crackable independently with frequency analysis once you know the key length.
To find the key length when it is unknown, apply the Kasiski examination or compute the index of coincidence. The Kasiski method looks for repeated trigrams in the ciphertext - repeated sequences often occur because the same plaintext was encrypted with the same key segment. The distance between these repeats is typically a multiple of the key length. The index of coincidence measures how "peaked" the frequency distribution is; English text has a higher index of coincidence than random data, so you can test different key lengths and pick the one that gives each slice the most English-like distribution.
In CTF challenges, the key is usually given explicitly and your job is just to decrypt. However, some harder challenges omit the key and require you to recover it. A useful shortcut: if you know part of the plaintext (such as the picoCTF{ flag prefix), XOR-ing those known bytes against the corresponding ciphertext bytes directly recovers the first characters of the key. Even a partial key often reveals its full form if it is a recognizable English word or phrase.