A cipher is an algorithm for converting ordinary text (referred to as the "plaintext") into an encrypted message (the "ciphertext") in order to hide the information. This process is called encryption, and typically uses a "key", such as a word or number.

To recover the plaintext from the ciphertext (which is called decryption), you need to know which cipher and key was used to encrypt it. You then apply the corresponding decryption algorithm to the ciphertext, to convert it back to the plaintext.

Ciphers can be broadly categorised into two groups; Traditional and Modern. Traditional ciphers can be performed using pen and paper, while modern ciphers are typically implemented as computer.

Traditional Ciphers

There are many types of traditional ciphers, and for each type it's possible to create endless variations. The American Cryptogram Association (ACA) has standardised quite an extensive list of ciphers, and provided a description of how each one works. However, be aware that ciphers used in geocache puzzles may not conform exactly to these rules.

The most basic cipher is a simple substitution cipher, where each letter is replaced by another letter. These can be solved fairly easily by hand, although automated solvers are available (see below).


Cryptanalysis is the process of analysing and (hopefully) decrypting a cipher, where you don't know the key. There are various techniques for attacking ciphers, and some of the more technical and in-depth descriptions are provided in the following:

  • FM 34-40-2 - US Army basic cryptanalysis field manual (also available at numerous other sites, such as here).
  • 24 part Classical Cryptography Course delivered by LANAKI in 1995, while president of the American Cryptogram Association.
  • MAS335 cryptography course notes from University of London.

Cipher Tools

There are various useful tools available online, which will assist with various tasks. For example, do you want to:

Encrypt Or Decrypt Using A Cipher

If you want to encrypt some text using a particular cipher, or you want to decrypt some cipher text where you know (or are guessing) the cipher type and the key, then there are numerous sites with online tools for various ciphers. Here are a few examples:

  • Ruffneck - Online encryption and decryption tools for a large number of traditional ciphers, including some of the more obscure ones.
  • Rumkin - Online encryption and decryption for many traditional ciphers.
  • CrypTool - This is a downloadable tool for various ciphers, but also has some available online.
  • Cipherclerk - A Java applet that implements a large number of ciphers.
  • Webcrypt - A Java web browser with built in modules for encrypting and cryptanalysing some classical ciphers.
  • The cifer application (available as a ubuntu/debian linux package) provides various tools for breaking cryptograms.

Identify An Unknown Cipher

If you have some ciphertext, but don't know which cipher was used to produce it, then try this cool online tool. It will generate some statistics from the ciphertext, and match against statistics for each cipher in the ACA cipher list. It then ranks the ACA ciphers in order of "similarity" to your ciphertext, and I've found it to be pretty accurate. However, note that it assumes that the plaintext is natural English, so may not work well if the text is something like numbers (e.g. "South thirty four point...") or a foreign language.

Crack A Simple Substitution Cipher

If you have ciphertext generated using a simple substitution cipher (where one letter is substituted for another), but don't know the key, then try one of these online tools. These work if the spaces have been left between words (called an "Aristocrat") or removed (a "Patristrocrat"):


Rumkin cryptogram solver

Purplehell cryptogram solver

Alternatively you can download the Monoalphabetic Substitution Cipher Solver from and run it on your Windows computer.

Crack A Vigenere Cipher

A Vigenere cipher is a step up in difficulty from a substitution cipher, where the mapping between plain and cipher text changes between each letter. If you have Vigenere ciphertext and no key, then try Smurfoncrack's Vigenere solver.

Crack A Railfence cipher

Online tools like the one at Purple Hell, let you try various numbers of rails, and starting offsets. Just work through the numbers until you find sensible plaintext. 

More Powerful Tools

To attack other ciphers, or more difficult cases, you really need to download tools to run locally on your computer. The following Windows applications are especially worthwhile:

  • Cryptocrack is a powerful classical cipher cracker, which can solve over 50 different types of ciphers. These are based on the  American Cryptogram Association standard definitions of the ciphers, so can fail if you are dealing with a modified or nonstandard cipher.

  • zkdecrypto was developed as a open source, general case homophonic cipher solver. However, it will also handle monophonic ciphers well. 

ROT Codes

ROT refers to a series of simple shift ciphers. The original was ROT13, designed to provide an easy means to obscure text, for example to include spoilers in online forums and Usenet. Users could then choose whether to decode the obscured text or not. ROT13 works by substituting each characters with the one 13 places ahead in the alphabet, so the same implementation can be used for encoding or decoding (moving ahead by 13 places twice brings you back to the start).

This is an example of a Caesar Cipher, which is a simple substitution cipher where each letter is substituted by the letter N positions away in the alphabet.

ROT13 only works for letters, so variants have been produced for other sets of characters, such as:

  • ROT5 - for numbers 0-9

  • ROT18 - for a combination letters and numbers (36 characters)

  • ROT47 - for all printable ASCII characters except spaces (94 characters)

Examples of online tools to perform these encryptions/decryptions are at:

Modern Ciphers

The Enigma Machine

The Enigma Machine is an early version of a modern cipher, used extensively by Germany to encrypt communications during World War. It is implemented in a typewriter sized device which uses a set of mechanical rotors that turn and change the encryption system for each letter of plaintext entered. To encrypt or decrypt using the enigma machine, you need to know which version of machine is used, the rotors loaded into each position, the reflector loaded (for some machines), and the plugboard settings (pairs of letters). There are many detailed descriptions of the enigma machine available, such as Dirk Rijmenants website.

Some online Enigma Machine simulators are:

Some puzzles require quite detailed knowledge of actual Enigma procedures.

The Purple Machine

A Japanese rotor machine used during WW2. The encryption/decryption key typically has four 2 digit numbers (the sixes and twenties), a 3 digit number (motion), and two alphabetic strings, like the following:


There is a Purple simulator available at crytpocellar, but it runs on older versions of Windows.

Other Cipher Resources

  • Bion's site - Lots of interesting stuff

  • Solitaire Cipher - A modern pencil and paper created by Bruce Schneier, designed to be mathematically analysable for vulnerabilities. An online implementation of an encrypter/decrypter can be found here.

  • Crytologica Magazine