# ROT13 Cipher

## Introduction §

The ROT13 cipher is a substitution cipher with a specific key where the letters of the alphabet are offset 13 places. I.e. all 'A's are replaced with 'N's, all 'B's are replaced with 'O's, and so on. It can also be thought of as a Caesar cipher with a shift of 13.

The ROT13 cipher offers almost no security, and can be broken very easily. Even if an adversary doesn't know a piece of ciphertext has been enciphered with the ROT13 cipher, they can still break it by assuming it is a substitution cipher and determining the key using hill-climbing. The ROT13 cipher is also an Caesar cipher with a key of 13, so breaking it as a Caesar cipher also works.

## The Algorithm §

The ROT13 cipher is essentially a substitution cipher with a fixed key, if you know the cipher is ROT13, then no additional information is needed to decrypt the message. The substitution key is:

```ABCDEFGHIJKLMNOPQRSTUVWXYZ
NOPQRSTUVWXYZABCDEFGHIJKLM
```

To encipher a message, find the letter you wish to encipher in the top row, then replace it with the letter in the bottom row. In the example below, we encipher the message 'ATTACK AT DAWN'. The first letter we wish to encipher is 'A', which is above 'N', so the first ciphertext letter is 'N'. The next letter is 'T', which is above 'G', so that comes next. The whole message is enciphered:

```ATTACK AT DAWN
NGGNPX NG QNJA
```

To decipher a message, the exact same procedure is followed. Find 'N' in the top row, which is 'A' in the bottom row. Continue until the whole message is deciphered.

Plaintext

Ciphertext

## Other Implementations §

To encipher your own messages in python, you can use the pycipher module. To install it, use pip install pycipher. To encipher messages with the Rot13 cipher (or another cipher, see here for documentation):

```>>>from pycipher import Rot13
>>>Rot13().encipher('defend the east wall of the castle')
'qrsraqgurrnfgjnyybsgurpnfgyr'
>>>Rot13().decipher('qrsraqgurrnfgjnyybsgurpnfgyr')
'DEFENDTHEEASTWALLOFTHECASTLE'
```

## Cryptanalysis §

The ROT13 cipher is trivial to break since there is no key, as soon as you know it is an ROT13 cipher you can simply decrypt it. If you didn't know it was a ROT13 cipher, you could break it by assuming the ciphertext is a substitution cipher, which can still be easily broken, see here. Alternatively, it can be broken if it is assumed to be a Caesar cipher, see here for a guide on breaking them.