Grade 6 Math Circles

February 11-13, 2025

Alice is trying to send a message to her friend Bob. Due to the secretive nature of the message, she
disguises it with a secret code that only her and Bob know. When Bob receives the message, he must
decode it to read the hidden, original message.

This process of disguising a message using a secret code known as a cipher is called encryption. The
message before any encryption has been applied is called the plaintext. Like the name suggests, it
is just regular, readable text. Ciphertext is the scrambled, unreadble version of the message after
encrpytion. It typically looks like random characters to someone who doesn’t know how to decode
it.

Cryptography is the process of hiding or disguising information so that only the person the message
is intended for can read it.

Stop and Think

1
Atbash Cipher

Originally created in 600 B.C. using the Hebrew alphabet, the Atbash cipher is a simple cipher,
created by reversing the alphabet. That is, A becomes Z, B becomes Y, C becomes X, and so on,
until Z becomes A.

plaintext A B C D E F G H I J K L M
ciphertext Z Y X W V U T S R Q P O N
plaintext N O P Q R S T U V W X Y Z
ciphertext M L K J I H G F E D C B A

This is more easily represented below:

Example 1
The plaintext MATH IS FUN! can be encrypted into the ciphertext NZGS RH UFM! using the
Atbash cipher.

Exercise 1
Encrypt and decrypt the respective plaintext or ciphertext using the Atbash cipher.
(a) WATERLOO MATH IS PINK
(b) KRVXV LU KR

Caesar Cipher

One of the most well-known ciphers is the Caesar cipher. It is named after Julius Caesar who
invented this cipher to send coded messages to his generals in the fields. Caesar encrypted all of his
messages by shifting every letter in the alphabet 3 units over, as shown below:

2
 plaintext A B C D E F G H I J K L M
ciphertext D E F G H I J K L M N O P
plaintext N O P Q R S T U V W X Y Z
ciphertext Q R S T U V W X Y Z A B C

Example 2
Suppose Julius Caesar wanted to send the following message to his troops:
BEWARE THE SALAD THIEF

Using the cipher chart above, we can replace each plaintext letter with its corresponding cipher-
text letter to get the encrypted message:

EHZDUH WKH VDODG WKLHI

When Caesar’s troops receive the coded message, they can decode it by replacing each ciphertext
letter with its corresponding plaintext letter.

We can also use the Caesar shift with shift numbers other than 3.

Exercise 2
Encrypt and decrypt the following messages using the shift number given in parenthesis.
(a) BUBBLEGUM POP (6)

plaintext A B C D E F G H I J K L M
ciphertext G
plaintext N O P Q R S T U V W X Y Z
ciphertext

(b) VCMZJ YRJ CVWK KYV SLZCUZEX (17)

plaintext A B C D E F G H I J K L M
ciphertext R
plaintext N O P Q R S T U V W X Y Z
ciphertext

3
 Stop and Think
What happens when you do a Caesar shift of 26 units on the message BUBBLEGUM POP?

Substitution Ciphers

The Atbash cipher and the Caesar cipher are both examples of substitution ciphers. In both of
these ciphers, we replaced letters in the alphabet with other letters in the alphabet.

This seems simple enough. Can we switch the letters in the alphabet with any letters we want?

Yes! Below is a substitution cipher that I created with no pattern or shift number in mind:

plaintext A B C D E F G H I J K L M
ciphertext T L A X M H I K V Z C F Q
plaintext N O P Q R S T U V W X Y Z
ciphertext W R E O S N G J D Y U B P

You can even make a cipher using numbers and symbols!

Example 3
Below is a very simple cipher that replaces every letter in the alphabet with a number:
plaintext A B C D E F G H I J K L M
ciphertext 1 2 3 4 5 6 7 8 9 10 11 12 13
plaintext N O P Q R S T U V W X Y Z
ciphertext 14 15 16 17 18 19 20 21 22 23 24 25 26

What happens if we use this cipher to decode the message 143526?

We immediately run into a problem. Is the first ciphertext character a 1 or a 14? Would that give
us the plaintext letter A or N?

When making a secret code, the person creating it has to think about how easy it would be for the
other person to decode a message using the cipher. It would be a big problem if the person who is
supposed to get the message can’t understand it!

4
To fix our issue in the last example, we can modify our cipher:

plaintext A B C D E F G H I J K L M
ciphertext 01 02 03 04 05 06 07 08 09 10 11 12 13
plaintext N O P Q R S T U V W X Y Z
ciphertext 14 15 16 17 18 19 20 21 22 23 24 25 26

Exercise 3
Using the new cipher above, decode the message 0715151905.

Pigpen Cipher
One of the most famous symbol substitution ciphers is the Pigpen cipher. In this cipher, every letter
in the alphabet corresponds to a unique symbol.

plaintext A B C D E F G H I J K L M
ciphertext A B C D E F G H I J K L M
plaintext N O P Q R S T U V W X Y Z
ciphertext N O P Q R S T U V W X Y Z

This is more commonly represented as follows:

Retrieved from: https://en.wikipedia.org/wiki/Pigpen_cipher

5
 Exercise 4
Encrypt a message with the Pigpen cipher. Exchange your message with a partner, and try to
decode theirs!

Breaking Ciphers

So far, we have looked at a bunch of different substitution ciphers, and how to encrypt and decrypt
their messages. Now, let’s focus on another big part of cryptography—that is, how to break a
cipher. Breaking a cipher means to decipher an encrypted message without knowing the secret to
crack it. When we talk about ciphers, we’re interested in knowing how secure a cipher is. A cipher
is considered secure if it’s difficult to break.

Every cipher has a key that is either passed along with the message, or agreed upon by the sender
and receiver of the message beforehand. This key tells the recipient how to decode the message. In
the Caesar cipher, the key is the shift number. A shift number of 3 means that you must shift every
letter in the alphabet three spaces over (so A would be D, B would be E, etc.).

Example 4
Suppose we intercepted the following Caesar ciphertext, but we don’t know what the shift
number is.
QTYO ESP STOOPY XPDDLRP

What are some things we can do to decode the message and figure out what is says?
Solution: There are a couple of different approaches. One way that will always work is to test
all 25 unique shift numbers and see which one works.

6
 1: RUZP FTQ TUPPQZ YQEEMSQ 14: EHMC SGD GHCCDM LDRRZFD
2: SVAQ GUR UVQQRA ZRFFNTR 15: FIND THE HIDDEN MESSAGE
3: TWBR HVS VWRRSB ASGGOUS 16: GJOE UIF IJEEFO NFTTBHF
4: UXCS IWT WXSSTC BTHHPVT 17: HKPF VJG JKFFGP OGUUCIG
5: VYDT JXU XYTTUD CUIIQWU 18: ILQG WKH KLGGHQ PHVVDJH
6: WZEU KYV YZUUVE DVJJRXV 19: JMRH XLI LMHHIR QIWWEKI
7: XAFV LZW ZAVVWF EWKKSYW 20: KNSI YMJ MNIIJS RJXXFLJ
8: YBGW MAX ABWWXG FXLLTZX 21: LOTJ ZNK NOJJKT SKYYGMK
9: ZCHX NBY BCXXYH GYMMUAY 22: MPUK AOL OPKKLU TLZZHNL
10: ADIY OCZ CDYYZI HZNNVBZ 23: NQVL BPM PQLLMV UMAAIOM
11: BEJZ PDA DEZZAJ IAOOWCA 24: ORWM CQN QRMMNW VNBBJPN
12: CFKA QEB EFAABK JBPPXDB 25: PSXN DRO RSNNOX WOCCKQO
13: DGLB RFC FGBBCL KCQQYEC 26: QTYO ESP STOOPY XPDDLRP

What was the shift used?

Writing out the 25 different Caesar shifts and trying out each one was a very long and tedious task
to do back in Julius’ age, but today, with the help of computer programs, it takes only a few seconds
to do!

This method of trying all possibly keys is called the brute force attack. Since, the Caesar cipher can
easily be broken by simply trying all the possibilities, it is considered to be a weak cipher. Similarly,
the Atbash and the Pigpen cipher are considered weak, because there is no secret key to decrypting
it. It takes only a few seconds to check if a message was encoded using an Atbash or Pigpen cipher,
since we only need to check one ciphertext alphabet.

What if we picked a more complicated substitution cipher? Consider the following random substitu-
tion cipher I created above:

7
 plaintext A B C D E F G H I J K L M
ciphertext T L A X M H I K V Z C F Q
plaintext N O P Q R S T U V W X Y Z
ciphertext W R E O S N G J D Y U B P

If I send out the message ETVIM FVCMN LRRCN without the cipher attached, someone trying to inter-
cept it may try to decode it by using the Atbash or Caesar ciphers, but they’ll be unsuccessful. The
substitution cipher I used was randomly chosen with no patterns.

Even a very determined computer programmer would have some trouble trying to decode this. There
are 26! = 403291461126605635584000000 possible arrangements of the English alphabet, meaning
there are just too many possible substitution ciphers to use the brute force method. We need a more
efficient way of breaking more complicated substitution ciphers.

Frequency Analysis
One method of breaking an encryption is by using a frequency analysis. The frequency of a letter
is the number of times a letter occurs. This is very useful for substitution ciphers. By knowing how
frequently a letter occurs, we can begin to deduce what letters in ciphertext might correspond to in
plaintext.

Below is a graph that shows the relative frequency with which each letter in the English alphabet
occurs in typical written language.

Retrieved from: https:

8
The most common letters used in the English alphabet are E, T, A, and O, while the letters J, Q,
X, and Z, are not as frequently used.

We can also do a frequency analysis of a ciphertext to identify which letters appear the most or
least often to deduce what letters these could be substituted as. This will help us decrypt some
of the letters in the text. If the text is long enough, we may even be able to spot common letter
combinations that correspond to frequently used words in the language, such as ‘the’, ‘and’, ‘is’, and
so on.

Exercise 5
Consider the ciphertext
QDP PVPLDKYQ VTGPC JDPPCP

What letter is the most common in the ciphertext? Assuming the plaintext language is the
English alphabet, what ciphertext letter likely corresponds to the plaintext letter E?
Note: You do not need to decode this cipher.

Vigenère Cipher

Let’s look at one more substitution cipher, that can be considered to be more secure than all the
other ciphers we’ve seen so far. Named after the French cryptographer Blaise de Vigenère, the
Vigenère cipher was actually invented in 1553 by Giovan Battista Bellaso. It is a poly-alphabetic
substitution cipher, meaning it uses multiple substitution alphabets.

To encrypt messages using the Vigenère cipher, we can use a table called the Vigenère square. The
first row of this table lists the alphabet from A to Z. Starting from the second row, the letters are
shifted over to the left in a cyclic pattern. For example, when the letter B is shifted to the first
position, the letter A moves to the end of the row.

9
 Retrieved from: https://pages.mtu.edu/~shene/NSF-4/Tutorial/VIG/Vig-Base.html

The Vigenère square shows all 26 possible Caesar shifts in one compact chart. Each row of the
Vigenère square follows a different Caesar shift. The letters down the side of the chart represent the
key letter corresponding to the shift number used in the Caesar cipher. For example, the third row
is a Caesar shift of 2, with the plaintext letter A corresponding to the letter C.

Example 5
Let’s use the Vigenère square to encrypt the message STEAL THE MOON with the keyword GRU.
We begin by writing out our plaintext and the keyword, repeating the keyword until the end of
the plaintext.
plaintext S T E A L T H E M O O N
keyword G R U G R U G R U G R U
ciphertext

In the Vigenère square, the letters on the top of the square correspond to letters in the plaintext,
and the letters along the left side of the square correspond to letters in the keyword. To encrypt
a letter, we look for where the letters in the plaintext intersect with the letters in the keyword.
So, to find the first ciphertext letter, we would look to see where the plaintext letter S intersects
with the keyword letter G in the Vigenère square:

10
This gives us the letter Y.

plaintext S T E A L T H E M O O N
keyword G R U G R U G R U G R U
ciphertext Y

Similarly, to get our next ciphertext letter, we look for the intersection between the next plaintext
letter, T, and the keyword letter, R.

11
 We get the letter K.

plaintext S T E A L T H E M O O N
keyword G R U G R U G R U G R U
ciphertext Y K

As you can see, each letter in the ciphertext is determined by finding the intersection between
the plaintext letter and the keyword letter. For each plaintext letter, we apply a Caesar shift
corresponding to the keyword letter.

Exercise 6
Complete the Vigenère cipher in Example 6, using the Vigenère square.
plaintext S T E A L T H E M O O N
keyword G R U G R U G R U G R U
ciphertext Y K

Retrieved from: https://pages.mtu.edu/~shene/NSF-4/Tutorial/VIG/Vig-Base.html

From all the ciphers we’ve looked at today, the Vigenère cipher is the most challenging to break. In
the last example, the two O’s in the word MOON corresponded to two different letters in the keyword.
This means that they will be shifted over by a different amount and, despite being the same plaintext

12
letter, will not share the same ciphertext letter.

To decrypt the Vigenère cipher, we can use the Vigenère square in reverse.

Example 6
Suppose we received the message TKIXZM IE LAE JCR encrypted with the Vigenère cipher using
the keyword STAR.
In this case, we have our ciphertext and our keyword, and we want to get our plaintext.
plaintext
keyword S T A R S T A R S T A R S T
ciphertext T K I X Z M I E L A E J C R

Just like when we were encrypting, the letters on the left side of the grid correspond to the
keyword letters. To decrypt a letter, we go the row that corresponds to the keyword letter and
search for the ciphertext letter. The letter heading the column the ciphertext letter is in is the
plaintext letter.
For the first keyword letter S, we look at the S row on the square to find the ciphertext letter T.

Then, we look at the column that the ciphertext letter T is in.

13
So, the plaintext letter is B.

plaintext B
keyword S T A R S T A R S T A R S T
ciphertext T K I X Z M I E L A E J C R

For the next letter, we look at the row in the square corresponding to the keyword letter T to
find the ciphertext letter K.

14
Looking at the column the ciphertext letter is in, we get the plaintext letter R.

plaintext B R
keyword S T A R S T A R S T A R S T
ciphertext T K I X Z M I E L A E J C R

Exercise 7
Finish decrypting the message TKIXZM IE LAE JCR from Example 7 using the keyword STAR.
plaintext B R
keyword S T A R S T A R S T A R S T
ciphertext T K I X Z M I E L A E J C R

15