Vigenère Cipher

Encode and decode the Vigenère cipher with a keyword of your choice. Switch between the classic Vigenère, Autokey, and Beaufort variants, follow along on the interactive tabula recta, and copy, download, or share the result. Everything runs in your browser.

Keyword

Classic Vigenère: the keyword repeats across the message, adding a different shift to each letter.

Plain text

Ciphertext

Enter text above to see the result here.

Tabula recta (Vigenère square)

Find your key letter in the left column and your plain letter along the top row; the cell where they meet is the ciphertext letter. Rows for the letters in your keyword are highlighted.

How to use Vigenère Cipher

1
Choose encode or decode
Pick Encode to turn plain text into ciphertext, or Decode to turn ciphertext back into plain text using the same keyword.
2
Pick a cipher variant
Choose the classic Vigenère, the stronger Autokey whose key never repeats, or the reciprocal Beaufort variant. A short hint under the keyword explains each one.
3
Enter your keyword
Type a keyword such as LEMON. Only the letters A to Z in the keyword are used, and it is repeated or extended automatically to match your message.
4
Type or paste your text
Enter your message and the cipher runs as you type. Letters are enciphered while spaces, digits, and punctuation pass through unchanged.

5
Copy, download, or share
Copy the result, download it as a text file, or share a link that reopens the tool with your exact keyword, text, and settings ready to go.

Understanding the Vigenère Cipher

What is the Vigenère cipher?

The Vigenère cipher is a polyalphabetic substitution cipher that encrypts text using a keyword. Instead of shifting every letter by the same fixed amount, as the Caesar cipher does, it uses each letter of the keyword to apply a different shift to each letter of the message, cycling through the keyword over and over. Because the same plain letter can become several different cipher letters depending on its position, the cipher hides the single-letter frequency pattern that makes simple ciphers so easy to break.

For roughly three centuries it was considered unbreakable, earning the French nickname le chiffre indéchiffrable, the indecipherable cipher. Today it is a favourite in puzzles, escape rooms, and capture-the-flag challenges, and a classic lesson in how a key strengthens a cipher.

How Vigenère encryption works

First you choose a keyword, such as LEMON. The keyword is repeated above the message so that every letter of the plaintext is paired with a letter of the key. Each key letter stands for a shift: A means shift by 0, B by 1, C by 2, and so on up to Z, which shifts by 25. To encrypt, you add each plaintext letter to its key letter and wrap around the alphabet; to decrypt, you subtract instead.

Only the letters A to Z are enciphered, and each keeps its uppercase or lowercase form. Spaces, digits, and punctuation pass through untouched and do not consume a key letter, so the key always stays lined up with the actual letters of the message.

Worked example: keyword LEMON

Take the phrase ATTACK AT DAWN and the keyword LEMON. Lining the repeated keyword up with the letters gives LEMONLEMONLE. Adding each plaintext letter to its key letter, A plus L is L, T plus E is X, T plus M is F, and so on, produces the ciphertext LXFOPVEFRNHR. Notice that the two letters T in ATTACK become different cipher letters, X and F, because they sit under different key letters. That is exactly what defeats simple frequency analysis.

To decode, you reverse the process with the same keyword, subtracting each key letter, or you read the tabula recta backwards. Without the keyword, the ciphertext gives almost nothing away.

The Vigenère formula and the tabula recta

If letters are numbered from 0 to 25, with A as 0 and Z as 25, encryption is C = (P + K) mod 26 and decryption is P = (C - K) mod 26, where P is the plaintext letter, K is the current key letter, and the mod 26 makes the alphabet wrap around. The same operation can be performed by hand using the tabula recta, a 26 by 26 grid of shifted alphabets. Find the key letter on the left and the plaintext letter along the top, and the cell where the row and column meet is the ciphertext letter.

Autokey and Beaufort variants

The Autokey variant fixes the main weakness of the standard cipher, the repeating key. After the keyword runs out, the key continues with the plaintext itself, so the running key never repeats and the cipher is much harder to attack. Decryption recovers the plaintext one letter at a time and feeds it back into the key stream.

The Beaufort variant uses the formula C = (K - P) mod 26. Because subtracting from the key is its own inverse, the same operation both encrypts and decrypts, which made it convenient for the cipher disks once used at sea. This tool supports all three so you can compare them on the same text and keyword.

How to break the Vigenère cipher

The cipher is broken in two stages. First you find the length of the keyword, classically with the Kasiski examination, which looks for repeated groups of letters in the ciphertext and measures the gaps between them, or with the Friedman test, which uses the index of coincidence. Once the key length is known, the ciphertext splits into that many columns, each enciphered with a single Caesar shift, and ordinary frequency analysis cracks each column separately.

This means a Vigenère cipher with a short key on a long message is quite breakable, which is why the strength of the cipher depends heavily on using a long, non-repeating key. The Autokey and one-time-pad ideas grew directly out of trying to remove that repetition.

A short history of the Vigenère cipher

The idea of using a keyword to switch between alphabets was first published by Giovan Battista Bellaso in 1553, building on the polyalphabetic tables of Johannes Trithemius and Leon Battista Alberti. The method was later misattributed to the French diplomat Blaise de Vigenère, whose name stuck even though his own work described the stronger Autokey version. The repeating-key cipher resisted cryptanalysts for centuries until Charles Babbage broke it privately in the 1850s and Friedrich Kasiski published a general method in 1863.

Is the Vigenère cipher secure?

Not by modern standards. Once the Kasiski and Friedman methods were published, any Vigenère cipher with a repeating key became breakable with patience and, today, instantly with a computer. Its real value now is educational and recreational: it is the clearest way to see how a key turns a trivial cipher into a much stronger one, and it remains a staple of puzzles and programming exercises. For genuine security, modern algorithms such as AES are used instead.

Frequently asked questions

What is the Vigenère cipher?

The Vigenère cipher is a polyalphabetic substitution cipher that uses a keyword to encrypt text. Each letter of the keyword applies a different shift to a letter of the message, and the keyword repeats across the whole text. Because the same plain letter can map to different cipher letters, it hides the letter-frequency pattern that breaks simpler ciphers like Caesar.

How is the Vigenère cipher different from the Caesar cipher?

The Caesar cipher shifts every letter by the same fixed amount, so it has only 25 keys and is trivial to break. The Vigenère cipher uses a keyword to apply a different shift to each letter in turn, which is the same as running several Caesar ciphers side by side. This greatly enlarges the key space and conceals the frequency pattern, which is why Vigenère was considered unbreakable for centuries.

What is the keyword, and how is it used?

The keyword is the secret that drives the cipher. Each of its letters stands for a shift, where A is 0, B is 1, and so on. The keyword is repeated above the message so every plaintext letter is paired with a key letter, then the two are added to encrypt or subtracted to decrypt. Only the letters A to Z in the keyword are used, so spaces or digits in it are ignored.

Can you show a worked Vigenère example?

Using the keyword LEMON to encrypt ATTACK AT DAWN, the repeated key lines up as LEMONLEMONLE, and adding the letters gives the ciphertext LXFOPVEFRNHR. The two letters T in the plaintext become different cipher letters because they fall under different key letters. To decode LXFOPVEFRNHR, use the same keyword in Decode mode and the original text comes straight back.

What is the tabula recta or Vigenère square?

The tabula recta is a 26 by 26 grid that lists every shifted alphabet, one per row. To encrypt a letter by hand, find the key letter in the left column and the plaintext letter along the top row; the cell where they meet is the ciphertext letter. The square below the tool is interactive and highlights the rows for the letters in your current keyword.

What are the Autokey and Beaufort variants?

Autokey strengthens the cipher by continuing the key with the plaintext itself once the keyword runs out, so the key never repeats and the cipher is much harder to break. Beaufort uses the formula cipher equals key minus plaintext, which makes it reciprocal: the same operation both encodes and decodes. This tool supports the classic Vigenère, Autokey, and Beaufort variants.

How do you break or crack a Vigenère cipher?

First find the key length, classically with the Kasiski examination, which measures the gaps between repeated groups of ciphertext, or with the Friedman test using the index of coincidence. Once the length is known, the ciphertext is split into that many columns, each encrypted with a single Caesar shift, and frequency analysis solves each column. A short key on a long message is therefore quite breakable.

Why was the Vigenère cipher called indecipherable?

Because for about three hundred years no one published a reliable way to break it, it became known in French as le chiffre indéchiffrable, the indecipherable cipher. Repeating the key disguised the letter frequencies that cryptanalysts relied on. Its reputation lasted until Charles Babbage broke it privately in the 1850s and Friedrich Kasiski published a general method in 1863.

Who invented the Vigenère cipher?

The keyword method was first described by Giovan Battista Bellaso in 1553, drawing on earlier polyalphabetic work by Johannes Trithemius and Leon Battista Alberti. It was later mistakenly credited to the French diplomat Blaise de Vigenère, and the name has stuck ever since, even though Vigenère actually described the stronger Autokey version.

Does it change numbers, spaces, or punctuation?

No. Only the letters A to Z are enciphered, and each keeps its uppercase or lowercase form. Digits, spaces, line breaks, and punctuation pass through unchanged and do not consume a key letter, so the keyword always stays aligned with the actual letters of your message.

Is the Vigenère cipher secure?

Not for real protection. Since the Kasiski and Friedman methods were published, any Vigenère cipher with a repeating key can be broken, and a computer does it instantly. It is best treated as an educational and puzzle cipher that shows how a key strengthens encryption. For genuine security, modern algorithms such as AES should be used instead.

Is my text uploaded to a server?

No. All encoding and decoding happens entirely in your browser, so your text and keyword are never uploaded, logged, or stored. Even a share link keeps your text and keyword in the part of the URL after the hash, which browsers never send to a server, so it stays private until you choose to share it.

How do I write a Vigenère cipher in code?

Loop over the message and keep a counter for letters only. For each letter, convert it and the matching key letter to numbers from 0 to 25, add them for encryption or subtract for decryption, take the result modulo 26 so the alphabet wraps, then convert back to a letter. Skip and copy through any character that is not a letter without advancing the key. In JavaScript charCodeAt and fromCharCode handle the conversions, which is exactly how this in-browser tool works.

Related tools

Keep going with these handy tools

Beaufort Cipher

Gronsfeld Cipher

Autokey Cipher

Running Key Cipher

Porta Cipher

Trithemius Cipher