The Vigenère cipher encrypts text by shifting each letter using a repeating keyword. Each letter of the keyword defines a different shift, making Vigenère cipher encryption and decryption far more resistant to simple attacks than a single-shift Caesar cipher.
The Vigenère cipher is one of the most famous classical encryption methods used to demonstrate polyalphabetic substitution in cryptography courses and textbooks worldwide.
How it works
To perform Vigenère cipher encryption and decryption, normalize the text (for compatibility with a 26-letter alphabet: remove accents) and decide how to handle special characters — they can be preserved without encryption or stripped, but the choice must be documented for consistency. Then, repeat the keyword until it covers the full length of the message. Learning how to solve the Vigenère cipher requires mastering this key repetition step.
Formulas
Encryption: C𝑖 = (P𝑖 + K𝑖) mod 26
Decryption: P𝑖 = (C𝑖 - K𝑖 + 26) mod 26
where:
P𝑖 = index (0–25) of the i-th plaintext letter
K𝑖 = index (0–25) of the i-th letter of the repeated key
C𝑖 = index (0–25) of the i-th ciphertext letter
Notice that Vigenère is linear letter-by-letter over ℤ26: the security depends entirely on the length and randomness of the key, not the formula itself.
How to use the Vigenère cipher step by step
- Choose a keyword — any word or phrase (e.g.
LEMON). The longer, the stronger. - Repeat it over the message — write the keyword cyclically above every letter of the plaintext.
- Apply shifts letter by letter — for each pair (plaintext letter, key letter), calculate
C = (P + K) mod 26. - To decrypt — reverse the process:
P = (C − K + 26) mod 26using the same keyword.
Vigenère cipher rules summary
- ●Each letter uses a different shift — unlike Caesar, no two positions necessarily share the same encryption.
- ●The shift comes from the keyword — A=0, B=1, …, Z=25. The key letter determines how far to shift.
- ●The keyword repeats — once the end of the key is reached, it wraps around from the beginning.
- ●Only letters are shifted — spaces, digits, and symbols can be passed through unchanged.
- ●Encryption and decryption use the same key — a symmetric cipher; whoever knows the keyword can reverse the process.
Vigenère cipher solved examples
Practice these three Vigenère cipher examples to master encryption and decryption. Each Vigenère cipher example illustrates a different aspect of how to solve the Vigenère cipher step by step.
Example 1 — Encryption (keyword: LEMON)
Plaintext: ATTACKATDAWN • Key repeated: LEMONLEMONLE
| Row | A | T | T | A | C | K | A | T | D | A | W | N |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Plaintext (P) | 0 | 19 | 19 | 0 | 2 | 10 | 0 | 19 | 3 | 0 | 22 | 13 |
| Key (K) | L=11 | E=4 | M=12 | O=14 | N=13 | L=11 | E=4 | M=12 | O=14 | N=13 | L=11 | E=4 |
| Cipher (C) | L | X | F | O | P | V | E | F | R | N | H | R |
Result: ATTACKATDAWN → LXFOPVEFRNHR
Example 2 — Decryption (keyword: LEMON)
Start with ciphertext LXFOPVEFRNHR and key LEMONLEMONLE.
Apply: P = (C − K + 26) mod 26 for each pair.
L (11) − L (11) = 0 → A
X (23) − E (4) = 19 → T
F (5) − M (12) = −7 + 26 = 19 → T
… and so on for all 12 letters.
Full result: ATTACKATDAWN
Example 3 — Short example (keyword: KEY)
Plaintext: HELLO • Key repeated: KEYKE
Plaintext: H(7) E(4) L(11) L(11) O(14)
Key: K(10) E(4) Y(24) K(10) E(4)
Sum mod 26: 17 8 9 21 18
Ciphertext: R I J V S
HELLO + key KEY → RIJVS
"Le chiffre indéchiffrable": the legend that lasted 300 years
15th century, Florence. Leon Battista Alberti — the same man who designed Renaissance churches — writes the first polyalphabetic cipher in history. The idea: use not one alphabet, but several, rotating with a key. Letter frequency, which betrayed Caesar, would no longer work. With multiple alphabets, the letter E could be encrypted as C, F, or Z — depending on position.
1553, Giovan Battista Bellaso perfects the system with a real keyword. 1586, Blaise de Vigenère publishes his Traicté des Chiffres — and the method is named after him, even though he didn't invent it. For the next 300 years, the cryptographic world considers it unbreakable. "Le chiffre indéchiffrable."
1863, Friedrich Kasiski, a Prussian officer, publishes the definitive attack: he searches for repeated sequences in the ciphertext — which appear when the key aligns with its own repetitions — and measures the distances between them. Those distances reveal the key length. With the length known, each column is a simple Caesar cipher. Three hundred years of myth, cracked in minutes.
In 1920, William Friedman refined the attack with the Index of Coincidence: a statistical measure that estimates the key length even without visible repetitions. Vigenère was never the same.
Sources: David Kahn, The Codebreakers, Ch. 4 (1967). William F. Friedman, The Index of Coincidence and Its Applications in Cryptology (1922).
Hides simple frequencies
In Caesar, the letter E always produces the same output. In Vigenère, E with key A → E, with key C → G, with key L → P… The same letter produces different results depending on the position. Simple frequency analysis goes blind.
Key length is everything
5-letter key: Kasiski breaks it with ~100 letters of ciphertext. 20-letter key: you need more text and more time. A key as long as the message (One-Time Pad) with a perfectly random key: mathematically unbreakable (Shannon, 1949).
DNA of modern ciphers
The idea of applying a repeated key character-by-character — with modular operations — is the same principle used by ChaCha20 (the cipher inside HTTPS today). Vigenère is the 1586 version of what we now call a stream cipher.
How to break the Vigenère cipher
Knowing how to break the Vigenère cipher step by step comes down to two phases: estimate the key length and then solve each column as a Caesar cipher.
Kasiski Test (1863)
Search for repeated sequences of 3+ letters in the ciphertext. The distance between repetitions is a multiple of the key length. With several coincidences, the GCD reveals the exact length.
Index of Coincidence (Friedman, 1920)
Measures the probability that two randomly chosen letters are the same. In English: IC ≈ 0.065. In Vigenère ciphertext: IC ≈ 0.038–0.050. The difference statistically estimates the key length.
Column separation
With the estimated length (e.g. 5), group the letters at positions 0,5,10… / 1,6,11… / etc. Each group is an independent Caesar cipher. Simple frequency analysis cracks each column.
Kasiski Challenge: how long is the key?
In a ciphertext, the sequence QUX
appears at positions 0 and 15.
The sequence VWL
appears at positions 6 and 21.
What key length does this suggest?
Show solution →
Distance 1 (QUX): 15 − 0 = 15
Distance 2 (VWL): 21 − 6 = 15
GCD(15, 15) = 15
→ Probable key length: 15, 5 or 3 (divisors of 15)
The most likely candidate is the smallest: 3 or 5.
This is confirmed with the Index of Coincidence: if IC of each column ≈ 0.065 → correct length.
Common mistakes when using the Vigenère cipher
Using a short or predictable keyword
A keyword like KEY or ABC repeats so often that Kasiski's test can recover it in seconds. Always use a long, random keyword for any real-world Vigenère cipher example.
Reusing the same keyword for multiple messages
If two messages are encrypted with the same keyword, an attacker can XOR the ciphertexts and perform frequency analysis. This is the “depth” attack — one of the most common errors in Vigenère cipher encryption and decryption.
Forgetting to normalize the text
Accented characters, spaces, and punctuation can break decryption if sender and receiver handle them differently. Always agree on a normalization rule before transmitting.
Treating Vigenère as modern-grade security
The Vigenère cipher is a classical encryption method with known, automated attacks. Never use it to protect real sensitive data — use AES-GCM or ChaCha20-Poly1305 instead.
Pros and cons
Pros
- Much stronger than Caesar against basic frequency analysis (if the key is long enough).
- Excellent educational value for introducing polyalphabetism and key-based encryption.
- Simple to implement and reproduce (ideal for interactive tools).
Cons
- Insecure if the key is short or reused (Kasiski/Friedman break it with enough ciphertext).
- Provides no integrity or authenticity — only basic confidentiality.
- Not suitable for protecting real information today.
Keep learning: from Vigenère to modern encryption
Vigenère marked the turning point between classical and modern cryptography. Follow the historical thread:
Caesar (the ancestor)
Caesar uses a single fixed shift. Vigenère generalises that idea to N distinct shifts. Understand Caesar first.
Playfair (digraph alternative)
Playfair encrypts letter pairs with a matrix. Vigenère encrypts letter-by-letter. Completely different attack surfaces.
Affine (the math cipher)
The Affine cipher uses a linear formula C = (aP + b) mod 26. It is a mathematical generalisation of Caesar.
Rail Fence (transposition)
Rail Fence scrambles letter order in a zig-zag rather than substituting them. A completely different class of cipher.
Columnar Transposition
Writes the message into a grid and reads columns in a keyword-defined order. Pure transposition, no substitution.
View all ciphers
Scytale, Beaufort, Autokey, Atbash, Rail Fence, Columnar, Affine, Caesar, Playfair and more.
Free Vigenère Cipher Calculator (Encrypt & Decrypt)
Use this free Vigenère cipher calculator to encrypt and decrypt text instantly. Just type your text and your secret keyword below.
Instantly test Vigenère cipher encryption and decryption with your own keyword.
Enter the text you want to encrypt or decrypt.
The key may only contain letters A–Z (accents and symbols are ignored).
Used by students and developers to test Vigenère cipher encryption and decryption algorithms.