What is the columnar transposition cipher?
The Columnar Transposition Cipher is a transposition cipher, which means it doesn’t change the letters themselves but rearranges their order. The plaintext is written into a table row by row, then read off by columns according to the alphabetical order of the letters in a keyword. In other words, the message is scrambled by reordering its positions rather than substituting characters.
The keyword defines the column reading order based on the alphabetical order of its letters. If the keyword contains repeated letters, a stable order is used — ties are broken by their original position — ensuring the process is reproducible and consistent.
How it works
- Write the keyword above the columns of the table and determine the column order by arranging its letters alphabetically. If there are duplicates, the one appearing first in the original keyword keeps priority (stable order).
- Fill the table row by row with the normalized plaintext (you can remove accents and decide whether to keep or remove spaces and punctuation). If the message doesn’t fill the last row completely, add a padding character and document it so that it can be removed later during decryption.
- Finally, read the table column by column according to the order derived from the keyword. Concatenating these columns produces the ciphertext.
Note: since this is a transposition cipher, the letter frequencies remain unchanged — only their positions are shuffled.
Example
Let’s encrypt the text ATTACKATDAWN using the keyword CLAVE.
First, determine the column order alphabetically:
A(2), C(0), E(4), L(1), V(3) ⇒ indices [2,0,4,1,3].
Then write the message row by row and finally read it column by column in that order:
the resulting ciphertext is AMEAEEUNTACQAR.
Layout (no padding)
Keyword: CLAVE → order: A(2), C(0), E(4), L(1), V(3) ⇒ indices: [2,0,4,1,3] Text: ATAQUEAMANECER → 5 columns (3 rows; 1 empty cell) Table: C L A V E A T A Q U E A M A N E C E R - Reading by columns in order: A(2) → C(0) → E(4) → L(1) → V(3) Blocks: AME | AEE | UN | TAC | QAR Cipher: AMEAEEUNTACQAR
If you use padding, fill the last cell with an agreed character (e.g., X)
and document it so the recipient knows how to remove it during decryption.
History
- A classic example of a transposition cipher, often used in cryptography classes, puzzle design, and recreational cryptograms because of its simplicity and clarity.
- It served as the basis for stronger variants such as the double transposition cipher, which became historically significant by applying two separate transposition stages with different keys.
Classic attacks
- Key length guessing: testing different table widths and evaluating whether the resulting text shows language-like patterns (common bigrams or trigrams).
- Column reconstruction: reordering columns using heuristics (common words, prefixes, or suffix matches) until readable text appears.
- Exploiting padding or normalization rules: if the attacker knows the padding character or normalization scheme, the search space is reduced, making decryption easier.
Unlike substitution ciphers, transposition ciphers preserve letter frequencies — this helps identify them by frequency analysis when attempting cryptanalysis.
Pros & cons
Pros
- Highly educational for understanding transposition, column ordering, and block reading.
- Easy to combine with other techniques (e.g., double transposition) to increase complexity.
- Simple to implement and reproduce with well-defined, stable key ordering.
Cons
- With enough ciphertext, vulnerable to table and key reconstruction.
- Padding and normalization choices must be documented — if revealed, they simplify attacks.
- By itself, provides no integrity or authenticity — it only reorders the message.