Today I’m going to present a 28 letter message that has been encrypted with a Playfair cipher. To my knowledge, such a short Playfair cryptogram has never been solved before.
Last Thursday, I reported on how Magnus Ekhall from Sweden solved my Playfair challenge from April 2019. With only 30 plaintext letters (extended to a 32 letter ciphertext), this cryptogram is the shortest of its kind that has ever been broken.
Magnus was not the first one of my readers to set a Playfair world record. Before him, George Lasry had solved a Playfair cryptogram consisting of only 50 letters. Later, a 40 letter Playfair challenge was solved by Nils Kopal.
In all three cases, a Playfair cipher with a random matrix (i.e., not based on a keyword) was used. US cryptanalyst Alf Monge broke a 30 letter Playfair in the 1930s, but this one was keyword-based, which made things easier.
According to George Lasry, the unicity distance for a Playfair cipher applied on an English text is 22. This means that a ciphertext of 22 letters or shorter does not have an unambiguous solution. If the ciphertext is longer, a unique solution exists and can, at least in theory, be found.
The best method to break a Playfair encryption appears to be hill climbing. George, Nils, and Magnus have used this technique for their record-breaking cryptanalysis stunts. Their work has improved the hill climbing methods applied for codebreaking considerably.
How the Playfair works
I’m sure, meanwhile most readers know how the Playfair cipher works. For those who don’t, this section gives an explanation.
The Playfair cipher substitutes letter pairs. So, the cleartext needs to be written as a sequence of letter pairs (the following cleartext is a Shakespeare quote taken from Robert Thouless’ life-after-death experiment):
BA LM OF HU RT MI ND SG RE AT NA TU RE SS EC ON DC OU RS EC HI EF NO UR IS HE RI NL IF ES FE AS T
The Playfair cipher requires that no letter pair consist of two equal letters. Therefore, we add an X between the two Ss:
BA LM OF HU RT MI ND SG RE AT NA TU RE SX SE CO ND CO UR SE CH IE FN OU RI SH ER IN LI FE SF EA ST
If the number of letters in the cleartext is odd, another X needs to be added at the last position, but this is not the case here. Next, we set up a 5×5 matrix containing the letters of the alphabet in a random order (we identify the J with the I, in order to get a 25 letter alphabet):
S U R P I E A B C D F G H K L M N O Q T V W X Y Z
As you might have noticed, the letter order in the matrix has been derived with the keyword SURPRISE. It would be more secure to use a completely random order of the letters.
Now, we replace the cleartext letter pairs (BA, LM, OF, HU, …) according to the three Playfair rules. Here are the rules in a diagram:
Here are the same rules in text form (I refer to the letter pair to be replaced as XY):
- If X and Y are not in the same column and not in the same row (this is the most frequent case), form a rectangle and replace the two letters by the other two corner letters (the upper cleartext letter is replaced by the other upper letter in the rectangle, the lower cleartext letter by the lower one). For instance, LM becomes FT.
- If the two letters stand in the same row, each one is replaced by its right neighbor. Here, BA becomes CB.
- If the two letters stand in the same column, each one is replaced by its lower neighbor. In our example, AN becomes GW.
When we apply the Playfair rules on our cleartext with our 5×5 matrix, we get the following ciphertext: