Autokey
Vigenère's self-extending key — the message becomes its own key.
Why This Matters
Vigenère's autokey is the under-appreciated half of his 1586 system. After the keyword is exhausted, the plaintext itself is appended to the key — so the key never repeats. That single change wiped out the Kasiski attack a century before Kasiski wrote it down. For nearly 350 years the autokey was effectively unbreakable in the field, until William F. Friedman's 1920s statistical machinery made it tractable.
Belaso (1553) and Cardano (1556) had both proposed self-extending keys; Vigenère's Traicté des chiffres (1586) gave the construction its definitive form and unfortunately also presented the much weaker repeating-key variant. History remembered the wrong one: the polyalphabetic that became known as ‘the Vigenère cipher’ for the next four centuries is the breakable repeating-key version, and Vigenère's actually-strong autokey was largely forgotten until Friedman's interwar work.
Pick a short keyword K. Encrypt the first |K| plaintext letters with K under a Vigenère shift. Then take the plaintext itself, prepend K, and use that string as the running key for the rest of the message. Decryption recovers K-many letters first, then uses those recovered plaintext letters as the key for the next stretch — and so on. The key never repeats; its statistics are those of natural English (or French, etc.), not of a short cycled keyword.
The key isn't random — it is plaintext shifted by a few characters. Friedman observed that the ciphertext has detectable correlation with itself shifted by the keyword length, because shifted plaintext-vs-plaintext is just the original Vigenère table applied to English-vs-English. Crib dragging the most likely keyword length yields the keyword in dozens to a few hundred trial decryptions.
| Concept from Autokey | Modern Evolution |
|---|---|
| Self-extending key | Modern stream ciphers feed plaintext-derived state back in too — but only via cryptographic mixing (e.g., AES-OFB key schedule) |
| Friedman's index of coincidence (κ) | Still the canonical periodicity test taught in cryptanalysis courses |
| ‘Don't reuse keys’ isn't enough | If your ‘key' has natural-language structure you've leaked it |
Ciphertext: QOXSXPWRYOSKP
Hint: the primer is a single Renaissance-style keyword, but the rest of the key comes from the plaintext itself.
| Era | Renaissance · 1586 |
| Security | Statistical (Friedman, 1920s) |
| Origin | Blaise de Vigenère (1586), refining Belaso/Cardano |
| Year | 1586 |
| Key Type | Short keyword, then plaintext itself extends the key |
| Broken By | Friedman's index of coincidence + autokey-aware crib dragging (1920s) |
| Modern Lesson | Self-keyed schemes still leak: the key is no longer random once it carries plaintext statistics |