Four-Square Cipher

Encode and decode the Four-Square cipher, the two-keyword digraph cipher invented by Félix Delastelle. Letters are enciphered in pairs across four 5×5 squares — two plain and two mixed by your keywords — making it noticeably stronger than Playfair. Set both keywords, follow the live four-square grid and the pair-by-pair breakdown, and copy, download, or share the result. Everything runs in your browser.

Keywords

Keyword 1 (top-right)

Keyword 2 (bottom-left)

25-letter alphabet: I and J share a cell, so a decoded J reads back as I. The classic choice for the Four-Square cipher.

Plain text

Cipher text

Enter text above to see the result here.

Four-square grid

Plaintext letters are found in the two plain squares (top-left and bottom-right); cipher letters are read from the two keyword squares (top-right and bottom-left), with keyword cells highlighted.

Plain square

I/J

Keyword 2 square

I/J

Keyword 1 square

I/J

Plain square

I/J

How to use Four-Square Cipher

1
Choose encode or decode and an alphabet
Pick Encode to turn plain text into Four-Square cipher pairs, or Decode to turn them back. Choose the I/J-merged alphabet (the classic default) or drop-Q to keep J distinct.
2
Enter the two keywords
Type a keyword for the top-right square and another for the bottom-left square. Both sides must share both keywords. Leave one or both blank to use a plain square in its place.
3
Type or paste your text
Enter your message and it is converted as you type. The steps panel shows each plaintext pair over the cipher pair it becomes.
4
Read the four-square grid
Open the grid to see the two plain squares and the two keyword squares, with the keyword cells highlighted, so you can trace any pair by eye.

5
Copy, download, or share
Copy the result, download it as a text file, or share a link that reopens the tool with your exact text, keywords, and alphabet ready to go.

Understanding the Four-Square Cipher

What is the Four-Square cipher?

The Four-Square cipher is a hand cipher that enciphers letters two at a time, invented by the French cryptographer Félix Delastelle around 1902 — the same prolific mind behind the Bifid and Trifid ciphers. It is a close relative of the older Playfair cipher, but where Playfair uses a single 5×5 square, the Four-Square spreads the work across four squares arranged in a 2×2 block. Two of them hold the plain alphabet and two are mixed by separate keywords, so the cipher hides single-letter frequencies and is meaningfully harder to break by hand than Playfair.

Because it works on pairs of letters — digraphs — rather than single letters, the Four-Square is a polygraphic substitution cipher. Enciphering pairs flattens the letter-frequency fingerprint that makes simple substitution ciphers fall in minutes, and using two independent keywords roughly doubles the key material compared with Playfair. It never reached the fame of Playfair, which armies actually fielded, but it is a beautiful, very learnable demonstration of how a small change in layout buys a real jump in strength.

How the Four-Square cipher works

Lay out four 5×5 squares in a 2×2 block. The top-left and bottom-right squares hold the plain alphabet in order; the top-right and bottom-left squares each hold a keyword-mixed alphabet (the keyword's distinct letters first, then the rest of the alphabet). Because 26 letters must fit in 25 cells, one letter is folded — classically I and J share a cell.

To encipher a pair of letters, find the first letter in the top-left plain square and the second letter in the bottom-right plain square. The two cipher letters are read from the keyword squares: the first is the letter in the top-right square that shares the first letter's row and the second letter's column; the second is the letter in the bottom-left square that shares the second letter's row and the first letter's column. In short: the two plain letters mark out a rectangle across the squares, and the two opposite corners in the keyword squares are the cipher pair. Decoding simply reverses the path — locate the cipher letters in the keyword squares and read the plain letters back out of the plain squares.

The two keywords and the plain squares

The Four-Square cipher has two independent secrets: the keyword for the top-right square and the keyword for the bottom-left square. Each is built exactly like a keyed Playfair or Polybius square — the keyword's unique letters are written in first, in order and without repeats, and the rest of the alphabet follows. The live grid below highlights the keyword cells so you can watch the mixing; the two plain squares always stay in plain alphabetical order, because they are only ever used to *find* letters, never to disguise them.

Both sender and receiver must share both keywords and agree on the alphabet variant. You can leave a keyword blank to use a plain square in its place — and if you leave both blank, all four squares are identical and the cipher reduces to a fixed letter-pair transposition, a handy way to see the geometry before any keyword mixing is layered in.

I/J merged or drop-Q

Twenty-six letters do not fit in twenty-five cells, so one letter has to give way. The classic Four-Square convention, shared with Playfair, merges I and J into one cell: a J in the message is enciphered as I, and a decoded I might stand for either — almost always obvious from context. This is the default here.

The alternative drops Q from the squares entirely (and from the text), which keeps I and J distinct — useful when the J/I ambiguity matters more than the rare Q. Pick the variant with the toggle above; the live grid relabels itself, and both sides must use the same variant or the message will not decode.

A worked Four-Square example

Take the word ATTACK with keyword 1 EXAMPLE (top-right) and keyword 2 KEYWORD (bottom-left), using the I/J-merged alphabet. ATTACK splits into the pairs AT, TA, CK. For the first pair, A sits at row 1, column 1 of the top-left plain square, and T sits at row 4, column 4 of the bottom-right plain square.

The first cipher letter is read from the top-right keyword square at A's row and T's column, which lands on M; the second is read from the bottom-left keyword square at T's row and A's column, which also lands on M — so AT enciphers to MM. Carrying on, TA becomes OW and CK becomes PA, so ATTACK encrypts to MM OW PA. Note that the cipher can produce a doubled letter like MM, something Playfair never does. Decoding with the same two keywords reverses each pair straight back to ATTACK.

Decoding a Four-Square message

Decoding runs the same machinery backwards. Split the cipher text into pairs, find the first letter of each pair in the top-right keyword square and the second in the bottom-left keyword square, then read the plain letters out of the two plain squares at the matching rows and columns. This tool does all of that for you when you choose Decode and enter the same two keywords and alphabet variant that were used to encode.

Because only A–Z letters live on the squares, any spaces, digits, and punctuation in the original message were dropped during encoding and will not reappear. A lone final letter was padded (with X, or Z when that letter is itself X) so the message could be split into whole pairs, so a decoded message may end in an extra filler letter — that is inherent to digraph ciphers, not a fault of the tool.

Four-Square versus Playfair, and security

The Four-Square improves on Playfair in two ways. It uses two keywords instead of one, doubling the key material, and it never needs to insert a filler between doubled letters the way Playfair does, because the two halves of a pair are read from different squares — so a pair like LL or EE enciphers cleanly. Those changes make it a little more tedious by hand but distinctly harder to attack, while keeping the same easy-to-picture grid idea.

By modern standards, though, the Four-Square is still a classical cipher and not secure against a computer. Like all digraph substitution ciphers it preserves the frequency of letter pairs, so with enough text it yields to digraph-frequency analysis and known-plaintext attacks. Its value today is educational — it is an elegant step up from Playfair that makes the benefit of more key material tangible. For protecting real information, always use a modern, peer-reviewed algorithm such as AES, and keep the Four-Square for history, puzzles, and capture-the-flag challenges.

Frequently asked questions

What is the Four-Square cipher?

The Four-Square cipher is a digraph (letter-pair) substitution cipher invented by Félix Delastelle around 1902. It uses four 5×5 squares in a 2×2 block — two holding the plain alphabet and two mixed by separate keywords — to encipher letters two at a time. It is a stronger relative of the Playfair cipher, using two keywords instead of one and never needing to split doubled letters.

How does the Four-Square cipher work?

Lay out four 5×5 squares. To encipher a pair, find the first letter in the top-left plain square and the second in the bottom-right plain square; the cipher pair is the letter in the top-right square sharing the first letter's row and the second's column, followed by the letter in the bottom-left square sharing the second letter's row and the first's column. Decoding reverses this — find the cipher letters in the keyword squares and read the plain letters back out of the plain squares.

Why does the Four-Square cipher use two keywords?

The two keywords mix the top-right and bottom-left squares independently, which roughly doubles the key material compared with Playfair's single keyword and makes the cipher harder to break. The two plain squares stay in alphabetical order because they are only used to locate plaintext letters, not to disguise them. Both sender and receiver must share both keywords and the same alphabet variant.

Can you show a worked Four-Square example?

With keyword 1 EXAMPLE, keyword 2 KEYWORD, and the I/J-merged alphabet, ATTACK splits into AT, TA, CK. For AT, A is at row 1 column 1 of the top-left plain square and T at row 4 column 4 of the bottom-right plain square; reading the top-right square at A's row and T's column gives M, and the bottom-left square at T's row and A's column also gives M, so AT becomes MM. TA becomes OW and CK becomes PA, so ATTACK encrypts to MM OW PA.

How do you decode a Four-Square cipher?

Split the cipher text into pairs, find the first letter of each pair in the top-right keyword square and the second in the bottom-left keyword square, then read the plain letters out of the two plain squares at the matching rows and columns. In this tool, choose Decode and enter the same two keywords and alphabet variant used to encode, and it rebuilds the message for you.

How is the Four-Square different from the Playfair cipher?

Both are digraph ciphers built on 5×5 squares, but the Four-Square uses four squares and two keywords where Playfair uses one square and one keyword. The Four-Square also never inserts a filler between doubled letters — because the two halves of a pair are read from different squares, a pair like LL enciphers cleanly — whereas Playfair must split doubles. These changes make the Four-Square a little more work by hand but distinctly harder to break.

What is the difference between I/J merged and drop-Q?

Twenty-six letters do not fit in twenty-five cells, so one must give way. The classic option merges I and J into one cell, so a J is enciphered as I and a decoded J reads back as I. The alternative removes Q from the squares and the text, keeping I and J distinct. Pick whichever suits your message; both sides must use the same variant or the cipher will not decode correctly.

Can the Four-Square cipher produce double letters?

Yes. Because the two halves of a pair are read from two different squares, a plaintext pair can encipher to a doubled letter such as MM or LL, and doubled plaintext like LL enciphers without any filler. This is a visible difference from Playfair, which can never output a doubled pair and must split doubled plaintext with an X. It is normal and does not indicate an error.

What happens to spaces, numbers, and punctuation?

Only A–Z letters exist on the squares, so spaces, digits, and punctuation are stripped before enciphering and do not reappear when you decode. If the message has an odd number of letters, a filler (X, or Z when the last letter is itself X) is added so it can be split into whole pairs, so a decoded message may end in an extra letter. This loss of formatting is inherent to the cipher.

Do I have to use a keyword in both squares?

No. You can leave either keyword blank to use a plain alphabetical square in its place, and leaving both blank makes all four squares identical — which turns the cipher into a fixed letter-pair transposition, a useful way to see the geometry before keyword mixing. For real use, two strong, different keywords give the most security, and both must be shared with the recipient.

How secure is the Four-Square cipher?

Not secure by modern standards. It is stronger than Playfair thanks to two keywords and cleaner handling of doubled letters, but it is still a classical digraph cipher: it preserves letter-pair frequencies, so with enough ciphertext it falls to digraph-frequency analysis and known-plaintext attacks. It was a reasonable hand cipher in its day and is excellent for learning, but for real protection use a modern algorithm such as AES.

Is my text uploaded to a server?

No. All encoding and decoding happens entirely in your browser, so your text is never uploaded, logged, or stored. Even a share link keeps your text and keywords in the part of the URL after the hash, which browsers never send to a server, so your message stays private until you choose to share the link.

Related tools

Keep going with these handy tools

Two-Square Cipher

Playfair Cipher

Bifid Cipher

Trifid Cipher

Hill Cipher

Caesar Cipher