When I was a boy, I was fascinated by the idea of writing in code. I invented my own very basic algorithm and used it to create secret diary entries. Anyone could have broken it, of-course, because I simply rearranged the letters of each word in a particular way, but that wasn’t the point. It was fun, it was exciting, it was like being a spy sending important coded messages back to base.
Codes and ciphers have been used for millennia, and in this blog I’m going to look back at their evolution over that time, from the simplest of codes used in the Roman armies to the more advanced use of public and secret keys for modern encryption.
What’s the Difference between Codes and Ciphers?
The difference between a code and a cipher lies in how the secret message is generated. When using a code, each letter is replaced by a different character, and the mapping from one to the other is fixed – e.g. an A always becomes £, and a B always becomes %.
In a cipher, an algorithm is used to transform the message to a string of characters rather than using a straight substitution. That’s best explained by looking at the following examples.
A Simple Substitution Code
An example of a simple substitution code is shown in this picture, which allows each letter of the alphabet to be changed to a symbol.
The sequence of lines around every letter is different. For example, the lines around A form a ⌋, and those around E form ☐, and those symbols are then used instead of the letter. To allow for the repetition for the second half of the alphabet, a bar can be placed above the symbol.
The beauty of creating the symbols from a simple set of grids like this is that it’s easy to reproduce the table, and the recipient doesn’t need special equipment to decode it.
A Simple Cipher: Caesar’s Cipher
A cipher is a way of encrypting a message that applies an algorithm to the text rather than a straightforward substitution. In its simplest form, it can be very similar to a substitution code. For example, it could be a simple rotation: the algorithm could be “rotate the alphabet backwards by three characters”. Consider a disk with two concentric rings with the alphabet written all the way round the edge of both rings. If you now take the outer ring and rotate it left by three characters relative to the inner ring, you have an easy way to map characters from the inner ring to the outer. “ABC” at the start of the alphabet would map to “XYZ” on the outer ring. Hence “EAVESDROP” would be encrypted as “BXSBPAOLM”.
This was apparently one of the earliest known methods of encryption and was used in Roman times by Caesar to send messages to his army commanders in the field; it has become known as Caesar’s Cipher.
How to Break a Simple Code or Cipher
These simple codes and ciphers are very easy to break if you have a large enough sample of text because the patterns of the original words are still there. In English, you can identify an E because it’s the most commonly used letter; the second most common letter is a T, and so on as shown in the graph. Similarly, the most common letters for words to begin with are known (T, O, A, W…), as are the most common ones to end with (E, S, T, D…). It’s also known how frequently particular letters form pairs (TH is the most common, followed by ER and then ON), and which letters are most likely to form a double (SS is the most common double, followed by EE and then TT).
Comparing the frequency at which symbols or letters occur in the encoded text with the known distributions for different languages allows the original letters to be identified.
Improved Security with the Playfair Cipher
Charles Wheatstone made a significant development in encryption in 1854 when he created a system that removed those obvious patterns, making it much harder to crack at the time. It became known as the Playfair Cipher, after Lord Playfair who promoted its use to the army.
Wheatstone’s suggestion was that if pairs of letters were encrypted rather than single letters, it would become extremely difficult to identify the original patterns. His method was to start with a secret keyword or phrase to create a 5×5 table (giving 25 squares, so nearly the complete English alphabet). Duplicate letters in the keyword are removed and any blank squares at the end are filled with the remaining letters from the alphabet. To adjust for only having 25 spaces, I and J can be put into the same square. For example, if the keyword is EAVESDROP, the initial letters entered in the grid are EAVSDROP to remove the repeated E. The remaining squares are then populated with the letters that haven’t yet been used:
An algorithm that uses that grid is now applied to the original text. The text to be encrypted is first broken into pairs of letters, so A FAST PACED THRILLER is chopped into AF AS TP AC ED TH RI LL ER, ready to be put into the encryption square. Those pairs are now swapped with ones from the grid: a rectangle is put round the original pair and the letters are swapped with those in the other corners of the rectangle. For example, AF would become EG using this keyword, AS would become SA, TP would become NC, etc.
This method was used by British Forces in both first and second world wars for short-lived non-critical messages because it was very fast to use and didn’t require specialist equipment. For example, if the message related to something that was due to happen in the next 10 minutes, it was safe to use the Playfair Cipher because it would take more than 10 minutes to break the code, and by that time it no longer mattered if the enemy had decrypted the message.
With the speed of modern computer technology, text encrypted using a Playfair Cipher can now broken in a fraction of a second, so it can no longer be used.
The Enigma Machine

One of the most famous encryption systems is the German Enigma machine, invented in 1918 at the end of the First World War by Arthur Scherbius. It used a keyboard with a rotary mechanism that determined what letter should be transmitted for each entered character. The keyboard was linked to a set of illuminated letters, where the connection between key and illuminated letter changed each time a character was encoded. The operator pressed the key for a letter, and the rotary mechanism connected that key to one of the light behind the set of letters. This illuminated letter was then used in the message. Every key press rotated the mechanism, resulting in different connections between keys and lights each time, so any patterns in the original text were removed.
If the recipient set up an identical machine so that its mechanism made the same sequence of connections as the originating one, the received message could be decrypted in the same way.
This was used by the Germans during World War Two, and the way this cipher was finally broken at Bletchley Park is a fascinating part of history that has led to some great books and films. Maybe I’ll come back to that in the future.
Modern Encryption: Public Keys and Private Keys
With computers came, not only the ability to break codes, but also the ability to create more powerful encryption. Modern methods use an interesting mathematical principle associated with large prime numbers (a prime number is a number that can’t be created by multiplying two other numbers – for example, 7 and 11 are short prime numbers). When two very large prime numbers are multiplied together, it’s extremely hard to work backwards to work out what the two original numbers were. This fact is used to allow the use of what are known as “private” keys and “public keys” for encryption and decryption.
Two very large prime numbers are selected for the “private key”, and are multiplied together. The resulting product forms a “public key”. Because of the mathematical difficulty of working back from the public key to determine the two original prime numbers, the public key can be shared freely and it’s almost impossible for someone holding it to work out the two originating numbers. Therefore, they cannot work out its associated private key.
The way this is used to pass secure messages is as follows: the person who wants to receive a secure message, generates a public and private key pair and then distributes their public one to everyone who wants to talk to them. For someone to communicate with the originator, they use the distributed public key, put it into an algorithm along with their message, and generate encrypted text. Because of the mathematics, it’s only the person with the matching private key who can decrypt it because that’s the only person who knows the original large prime numbers.
What’s HTTPS?
Websites used for shopping and banking, where sensitive information needs to be entered, have website addresses that begin https://. The “s” at the end tells you that communication with that website will be encrypted using the public key / private key method described above, even though you don’t get involved in the process personally.
The website has a public key that it shares freely in the form of what’s called a “certificate” and securely holds its matching private key. For you to enter information on that website such as your credit card details, the internet browser on your computer uses the site’s public key to encrypt your card information before sending it. The receiving site can then decrypt what was sent using its secret private key; anyone intercepting what you send over the internet only sees encrypted data, which they cannot decrypt.
Summary of Codes and Ciphers
So encryption has come a long way since the days of Caesar, now benefiting from the speed with which modern computers can manipulate extremely large numbers. It seems only fair to end by playing with a coded goodbye: Vlgbogcankbfllre!

Ian Coates is the author of a thriller, Eavesdrop, first published by Bad Day Books, the suspense and thriller imprint of Assent Publishing. He worked in the high tech electronics industry for 30 years, where he specialised in the design of radio communication equipment. His intimate knowledge of that environment always triggered his imagination to think about the mysterious world of spies, and allowed him to bring a unique authenticity to his thriller. Ian is proud to support the British Science Association and donates a proportion of his book proceeds to that charity. He lives and writes in Worcestershire, England, and is a member of the Society of Authors and the International Thriller Writers Association.