History of Encryption

Egyptian Hieroglyphic Substitution

A tomb inscription in Khnumhotep II's tomb at Beni Hasan (c. 1900 BC) uses non-standard hieroglyphs in place of conventional signs — the earliest known example of deliberate graphemic substitution in writing. Not used to conceal secrets but to add dignity and invitation to the text; the substitution principle is identical to every cipher that followed.

Atbash

Hebrew scribes substitute each letter with its mirror in the alphabet (aleph↔tav, bet↔shin). Attested in the Book of Jeremiah (25:26 and 51:41), where Sheshach conceals Babel. The earliest documented cipher and the prototype of the involutive (self-inverse) transformation.

Scytale

Spartan generals wrap a strip of leather around a wooden rod of a specific diameter to reveal or conceal a message. It is history's first known transposition cipher — the letters are unchanged, only their order is rearranged.

Polybius Square

Greek historian Polybius devises a grid encoding that converts letters to numeric pairs — one of the earliest systems to fractionalize the alphabet. Its principle survives in ADFGVX and tap code.

Caesar Cipher

Julius Caesar shifts letters by three positions to communicate with his generals during the Gallic Wars. Suetonius confirms it in The Twelve Caesars. It works because most interceptors are illiterate.

Rail Fence Cipher

A zigzag transposition written along an imaginary fence of N rails. Attested in the ancient Mediterranean and reborn during the American Civil War as a hand cipher for field telegraph operators — simple, fast, and trivially broken once the rail count is guessed.

Aeneas Tacticus — The Wheel

The earliest systematic cryptographic treatise. Aeneas the Tactician, in Poliorketika, describes a disk cipher — holes drilled around the rim, thread wound through them spelling a message. Unwind the thread: no message visible. He also describes steganographic techniques: hidden ink, women couriers, wax tablets with shaved-head messages. The oldest surviving technical manual of information security.

Al-Kindi's Frequency Analysis

Al-Kindi publishes A Manuscript on Deciphering Cryptographic Messages — the first known description of frequency analysis. Every simple substitution cipher is now breakable. The codebreakers lead for 600 years.

Monoalphabetic Substitution

The general substitution cipher — a permuted alphabet, 26! possible keys — reigns through Al-Kindi's era and well into the Renaissance. Al-Kindi himself shows that despite the astronomical key count, every monoalphabetic cipher falls to a frequency table.

Pigpen Cipher

A geometric substitution drawn from two grids and two X-patterns, later adopted by Freemasons for lodge records and gravestones. Cryptographically a monoalphabetic cipher in disguise; culturally, the most widely-recognized symbolic cipher in history.

Joseon Yeokhak Cipher

Diplomatic dispatches of the Joseon court encode messages via a hexagram-keyed Caesar shift derived from classical Chinese cosmology. Each of the 64 hexagrams of the I Ching specifies an alphabet rotation and a word-substitution layer; the encoding was used for roughly two centuries of border and intelligence correspondence.

Geʿez Monastic Ciphers

Ethiopian Orthodox monasteries develop keyed monoalphabetic substitutions for the Geʾz script — using the 26-consonant fidel order, permuted by a keyword. The ciphers protected liturgical texts, medical manuscripts, and correspondence between isolated scriptoria. The earliest known sub-Saharan African cryptographic tradition.

The Voynich Manuscript

A 240-page illustrated codex is written in an unknown script. Carbon-dated to the early 15th century, it surfaces in Rudolf II's Prague court around 1580 and has resisted every cipher and linguistic attack for six centuries. Beinecke MS 408. Status: unsolved.

Alberti Cipher Disk

Leon Battista Alberti invents the cipher disk and proposes changing the cipher alphabet mid-message — the birth of polyalphabetic encryption. For the first time, frequency analysis alone is not enough.

Vigenère Cipher

Giovan Battista Bellaso describes a polyalphabetic cipher using a tabula recta, later misattributed to Blaise de Vigenère (1586). The cipher resists cryptanalysis for three centuries and earns the title "le chiffre indéchiffrable" — the unbreakable cipher. It isn't.

The Babington Plot Cipher

Mary, Queen of Scots, encrypts her conspiracy with Anthony Babington using a 64-glyph nomenclator. Walsingham's codebreaker Thomas Phelippes solves it within days, then forges a postscript to extract the names of the conspirators. Mary is beheaded on Feb 8, 1587. The first execution caused by cryptanalysis.

The Argenti Cipher

Matteo and Giambattista Argenti serve as papal cipher secretaries from 1561 to 1620, designing the most sophisticated nomenclators of the Renaissance. Their system couples a 391-symbol substitution alphabet with code-groups, nulls, and deliberate traps — the first thoroughly professional approach to cipher design. Their manuscript Trattato de' Ciferi is the era's definitive insider account of cryptographic theory.

Bacon's Binary Encoding

Francis Bacon devises a 5-bit binary code to hide messages in the typeface — steganography meets binary encoding, 300 years before Shannon.

The Great Cipher of the Rossignols

Antoine Rossignol and his son Bonaventure design a nomenclator for Louis XIV that maps 587 numbers onto syllables, individual letters, and traps. It guards the secrets of the Sun King's court for two centuries until Étienne Bazeries breaks it in 1893 after three years of work — and finally identifies the prisoner known as the Man in the Iron Mask.

Homophonic Substitution

The Duchy of Mantua issues the first known homophonic cipher, mapping each plaintext letter to multiple ciphertext symbols to flatten frequency peaks. The first cryptographic countermeasure to Al-Kindi's frequency analysis.

Porta's Polyalphabetic

Giambattista della Porta publishes De Furtivis Literarum Notis, describing a reciprocal polyalphabetic table that needs only 11 alphabets to handle the entire Latin alphabet — a more efficient cousin of Vigenère's tabula recta.

Gronsfeld Cipher

Count Gronsfeld's reduced-keyspace Vigenère uses a numeric key (0–9) instead of a keyword. Easier to memorize, easier to break: only ten alphabets, often a short repeating digit string.

Copiale Cipher

An 18th-century German oculist secret society binds 105 pages of Roman letters, Greek letters, and abstract symbols. Sits unsolved in archives for 250 years until Knight, Megyesi, and Schaefer crack it in 2011 with statistical-machine-translation tools.

John Wallis and the Civil War Ciphers

Oxford mathematician John Wallis — best known for the ∞ symbol and contributions to calculus — begins breaking Royalist ciphers for the Parliamentary side in 1643. He solves nomenclators, polyalphabetics, and Confederate Vigenère-class systems entirely by hand, without any prior training. Wallis continues as a government cryptanalyst through the Restoration and into the 1690s, demonstrating that pure mathematical insight can substitute for tradecraft.

Culper Ring — Washington’s Spy Network

George Washington's intelligence operation uses a homophonic substitution cipher (Tallmadge's 763-word codebook), invisible ink, and dead-drop dead-letter systems to move intelligence from British-occupied New York to Continental Army headquarters. The Culper Ring is the most effective intelligence network of the American Revolution and the direct ancestor of American tradecraft.

Benedict Arnold & Major André

Major John André uses the André Code — a book cipher based on Blackstone's Commentaries — to coordinate Benedict Arnold's defection with British Intelligence. Andre is captured with incriminating page-line-word coordinates in his boot; he is hanged October 2, 1780. The treason fails, but the codebook method survives as the model for agent communication for two centuries.

Jefferson Disk

Thomas Jefferson designs a cylinder cipher with 26 scrambled-alphabet disks on an axle. The concept is so sound it's reinvented by Bazeries and officially adopted as the US Army's M-94 in 1922.

Playfair Cipher

Charles Wheatstone invents the Playfair cipher, championed by Lord Playfair. By encrypting letter pairs instead of individual letters, it defeats simple frequency analysis. Used by the British Army through both world wars.

Kasiski Examination

Friedrich Kasiski publishes a method to determine the key length of polyalphabetic ciphers by analyzing repeated patterns. The "unbreakable" Vigenère falls. Babbage had done it earlier but never published.

The Beale Ciphers

A pamphlet titled The Beale Papers publishes three numerical ciphers said to locate a buried fortune in gold and silver. Cipher #2 is solved with the Declaration of Independence as the running key; #1 and #3 remain unsolved 140 years later. The original case study in book ciphers — and in the operational fragility of key reuse.

Running-Key Cipher

A Vigenère variant that takes the keystream from a long shared text — a book, a poem, a newspaper passage. Strong against Kasiski analysis but vulnerable to known-plaintext probable-word attacks because the "key" is not random.

Columnar Transposition

A keyword-ordered grid where plaintext is written across rows and read out by columns in keyword-alphabetical order. The workhorse field-cipher of late-19th and early-20th-century militaries; reused as a building block inside ADFGVX and the German double-transposition.

Four-Square Cipher

Félix Delastelle's two-keyword refinement of Playfair: four 5×5 squares laid in a 2×2 grid, two of them keyed. Encrypts digraphs without Playfair's awkward double-letter rule.

Beaufort Cipher

Admiral Sir Francis Beaufort's reciprocal polyalphabetic cipher — same operation for encryption and decryption — used on the Hagelin M-209 mechanical cipher machine eighty years later.

Civil-War Dictionary Code

Confederate and Union agents alike encode messages by replacing words with page-line-word coordinates from an agreed printed dictionary or book. Trivial when the codebook is identified — invincible while the codebook is secret and standard editions disagree.

Stager Route Cipher

Anson Stager designs a word-level route transposition for Lincoln's Military Telegraph Service. Real words, no obvious gibberish, fast for telegraph operators — and never decisively broken by the Confederacy during the war.

Confederate Vigenère

The Confederate Signal Corps fields brass cipher disks engraved with the Vigenère tabula recta, using a tiny rotation of three keywords. Union cryptanalysts read most traffic within hours of capture, contributing materially to several Confederate military reverses.

Nihilist Cipher

Russian revolutionaries combine a Polybius square with a numeric Vigenère-style addition step — the first widely-used composite cipher and the direct ancestor of the Soviet VIC system.

Chinese Telegraph Code

S.A. Viguier and the Imperial Telegraph Administration publish the Standard Telegraphic Code — a four-digit numeric representation for 6,899 Chinese characters, enabling telecommunications for a language with no alphabet. The codebook becomes the commercial infrastructure for all Chinese-language wire traffic for seventy years, and the basis for every later Chinese commercial codebook used in commerce, diplomacy, and espionage.

Straddling Checkerboard

A 10-column substitution table that gives the eight most frequent letters single-digit codes and the rest two digits, exploiting frequency to compress ciphertext. The core building block inside both VIC and the Soviet Nihilist family.

Tap Code

A 5×5 Polybius grid encoded as taps on walls and pipes. American POWs in Hanoi use it to maintain communication, solidarity, and command across solitary cells — not for secrecy, but for connection.

Fractionated Morse

Convert plaintext to dots and dashes, regroup the symbols into triplets, then map each triplet through a keyword-shuffled alphabet. A clever marriage of Morse encoding and substitution that scrambles letter boundaries entirely.

Bazeries Cylinder

Étienne Bazeries reinvents the Jefferson disk as a 20-disk cylinder for the French Army. Rejected by the army; vindicated when the United States adopts the same concept as the M-94 in 1922.

Two-Square Cipher

Delastelle's pared-back digraph cipher — only two keyed squares, arranged horizontally or vertically. Faster to set up than Four-Square but leaks more digraph structure.

Bifid Cipher

Delastelle pairs a Polybius square with a row/column transposition step, fractionating each letter into two coordinates and rejoining them across the whole message. The first cipher to truly diffuse single-letter information across the ciphertext.

Trifid Cipher

Delastelle's three-dimensional extension of Bifid: a 3×3×3 cube fractionates each letter into three coordinates, then a three-row transposition rejoins them. Diffusion across a much wider window than Bifid.

One-Time Pad

Gilbert Vernam patents the one-time pad — proven by Shannon in 1949 to be the only theoretically unbreakable cipher. The catch: the key must be truly random, as long as the message, and never reused.

ADFGVX Cipher

Colonel Fritz Nebel deploys the ADFGVX cipher for German spring offensives. It combines Polybius substitution with columnar transposition. Lieutenant Georges Painvin breaks it in a legendary feat of manual cryptanalysis.

German Double Transposition

The German Army standardizes a two-keyword columnar transposition. Apply columnar transposition once, then transpose the resulting block again with a second keyword. Considered effectively unbreakable in the field for the era; used until ADFGX replaced it in 1918.

Vernam Patent

Gilbert Vernam at AT&T patents an XOR-tape teleprinter cipher. With a truly random, never-reused tape it becomes the one-time pad; with any reuse, it falls catastrophically. The first electrically-implemented stream cipher.

ADFGX Cipher

Colonel Fritz Nebel's first Polybius-plus-transposition field cipher uses only the letters A, D, F, G, X — chosen because their Morse code is hardest to confuse over noisy radio. Replaced three months later by ADFGVX.

Chaocipher

John F. Byrne invents a hand cipher with two permuting alphabet wheels that scramble themselves after every letter. He spends decades trying to interest the US government and fails. The mechanism is finally revealed by his estate in 2010 — 92 years later.

Zimmermann Telegram

German Foreign Secretary Arthur Zimmermann cables Mexico City a secret offer of an alliance against the United States. British Room 40 intercepts and decodes it — then waits three weeks before revealing it to Washington in a way that protects their codebreaking source. The telegram helps bring America into WWI in April 1917.

M-94 Cylinder Cipher Device

The US Army adopts the M-94 — a 25-disk Jefferson-Bazeries cylinder — as its standard tactical cipher device. Compact, mechanical, and far more portable than a codebook. Used by US forces through the early WWII period, when it was gradually replaced by SIGABA and M-209 for higher-traffic circuits.

KRYHA Machine

Alexander von Kryha's pocket-sized cipher machine uses a 25-letter substitution wheel driven by a spring-wound irregular stepping mechanism. It is sold commercially and adopted by several small governments and businesses. William Friedman breaks a 1,135-character KRYHA message in 2 hours and 41 minutes in 1933, demonstrating that the irregular stepping mechanism provides far less security than its operators believed.

Enigma Machine

Arthur Scherbius patents the Enigma in 1918. The German military adopts it with 158 quintillion possible settings. Polish mathematicians crack it in 1932. Turing and Bletchley Park industrialize the break with the Bombe machine, shortening WWII by an estimated two years.

Siemens Geheimschreiber T52

Siemens's Geheimschreiber ("secret writer") is a teleprinter with built-in cipher wheels — the German Navy and Luftwaffe’s encrypted teleprinter for high-level traffic. Unlike Enigma, which operates on individual letters, the Geheimschreiber operates on Baudot-coded teletype characters, combining XOR-based stream cipher output with complex wheel stepping. Swedish mathematician Arne Beurling breaks it in 1940 using only two weeks of traffic without ever seeing the machine.

Lorenz Cipher & Colossus

The Lorenz SZ40/42 encrypts German teleprinter traffic. Bill Tutte reverse-engineers the machine without ever seeing it. Tommy Flowers builds Colossus — the first programmable electronic digital computer — to break it.

Purple Broken on September 20

Frank Rowlett's SIS team breaks Japan's Type 97 diplomatic cipher ("Purple") without ever seeing the machine. On the afternoon of September 20, 1940, junior cryptanalyst Genevieve Grotjan identifies the alignment that reveals the wiring of the consonant stepping-switch bank. The resulting MAGIC intercepts read Tokyo's diplomatic traffic for the rest of the war.

Navajo Code Talkers

420 Navajo Marines transmit battlefield orders in a language no adversary can decode. Their code, based on the Navajo language with military-specific vocabulary layered on top, is the only widely-used military cipher that was never broken.

Shannon's Secrecy Theory

Claude Shannon publishes "Communication Theory of Secrecy Systems" (classified 1945, published 1949) — the mathematical foundation of modern cryptography. He proves the one-time pad is unbreakable and defines confusion and diffusion as the two pillars of cipher design.

Hill Cipher

Lester Hill publishes a cipher built on matrix multiplication mod 26 — the first practical algebraic cipher. Mostly broken by known-plaintext linear algebra, but its core idea (mixing multiple input symbols to produce each output symbol) survives directly in AES MixColumns.

Hagelin M-209

Boris Hagelin's pin-and-lug mechanical cipher machine becomes the US Army's tactical workhorse — 140,000 units issued. Cryptographically a Beaufort cipher with a deterministic but long key cycle. Captured M-209 traffic was readable to German cryptanalysts within hours, but Allied operational discipline limited the damage.

Diffie-Hellman Key Exchange

Whitfield Diffie and Martin Hellman publish "New Directions in Cryptography" — inventing public-key cryptography. For the first time, two parties can agree on a secret key over an insecure channel without ever meeting. GCHQ had classified equivalent work by James Ellis years earlier.

RSA & DES

Rivest, Shamir, and Adleman publish RSA — the first practical public-key cryptosystem. The same year, NIST standardizes DES as the federal encryption standard. The era of algorithmic, standardized cryptography begins.

Kryptos at CIA Headquarters

Sculptor Jim Sanborn installs Kryptos in the CIA's New Headquarters courtyard — a copper screen of 1,735 carved characters in four sections. K1 (keyed Vigenère with PALIMPSEST), K2 (keyed Vigenère with ABSCISSA), and K3 (a 192-character transposition) are publicly solved by 1999. K4 — 97 characters — remains unsolved despite three Sanborn-released cribs (BERLIN, CLOCK, NORTHEAST). Living cryptography in stainless steel and copper.

AES Standardized

After a 5-year international competition, NIST selects Rijndael (by Joan Daemen and Vincent Rijmen) as the Advanced Encryption Standard. AES remains the backbone of symmetric encryption worldwide.

SHA-1 Collision Attack

Xiaoyun Wang and team demonstrate theoretical collision attacks against SHA-1, beginning the transition to SHA-256 and SHA-3. A practical collision is demonstrated by Google in 2017.

Snowden Revelations

Edward Snowden's disclosures reveal the scale of government surveillance. The revelations accelerate global adoption of end-to-end encryption — HTTPS becomes the default, messaging apps adopt Signal Protocol, and encryption moves from specialist tool to human right.

Zodiac Z-340 Cipher

The Zodiac Killer mails a 340-character cipher to the San Francisco Chronicle. It resists all attacks for 51 years until David Oranchak, Sam Blake, and Jarl Van Eycke crack it during COVID lockdown — revealing a homophonic substitution hidden behind a diagonal transposition.

VIC Cipher

The most sophisticated hand cipher ever fielded in espionage — carried by Soviet spy Reino Häyhänen to America. Combines straddling checkerboard, chain addition, and double transposition with a key derived from a song lyric. Most intercepted VIC messages were never broken by cryptanalysis; the cipher was exposed only by Häyhänen's defection in 1957.

VENONA Project

The US Army discovers Soviet one-time pad key reuse: two messages encrypted with the same OTP key are XOR-able, yielding P1 ⊕ P2. Over 37 years, analysts decode thousands of Soviet intelligence cables and identify Julius Rosenberg, Klaus Fuchs, Kim Philby, and the Cambridge Five. VENONA remains classified until 1995.

KL-7 ADONIS

The KL-7 is the principal NATO cipher machine of the 1950s–60s: eight rotor wheels (one stationary), a non-standard stepping mechanism, and interchangeable core wiring. Issued to all NATO allies. Compromised by John Walker's spy ring from 1968 to 1985 — the worst peacetime naval intelligence loss in US history.

Fialka M-125

The Fialka (“Violet”) is the Soviet answer to Enigma: ten rotors (vs. three), a card-based plugboard for alphabet permutation, and a built-in printer. Issued to Warsaw Pact members, never to civilian markets. Design details remained classified in Russia until the 2000s; the West's analyses of captured units were not released until the late Cold War.

Diana Cryptosystem

The US Army's DIANA is a field one-time pad system designed explicitly to prevent the key-reuse failures that VENONA exploited. Pre-printed pad pages are numbered sequentially; each page is used once and physically destroyed. DIANA exemplifies the doctrine lesson of VENONA: perfect secrecy is achievable, but only with perfect key discipline.

ROT13 on Usenet

Caesar's cipher with the shift permanently fixed at 13 — exactly half the alphabet, so applying it twice returns the plaintext. Born on early Usenet to hide spoilers and punchlines, it survives as the internet's polite cipher: trivial to break, easy to apply, no key required.

Solitaire / Pontifex

Bruce Schneier designs a hand cipher for Neal Stephenson's Cryptonomicon, generating its keystream by shuffling a single deck of 54 playing cards. No electronics required, leaves nothing incriminating to seize. Paul Crowley's 1999 analysis identifies a measurable keystream bias; no practical break has emerged in 27 years.

Post-Quantum Cryptography

NIST launches the Post-Quantum Cryptography competition in 2017. In 2024, ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) are standardized — designed to resist quantum computers running Shor's algorithm. The ancient arms race continues.