Sunteți pe pagina 1din 5


(c. 500 BC)

Atbash (also transliterated Atbaš) is a simple substitution cipher originally for the
Hebrew alphabet, but possible with any known alphabet.


The Atbash cipher is a substitution cipher with a specific key where the letters of the
alphabet are reversed. I.e. all 'A's are replaced with 'Z's, all 'B's are replaced with 'Y's,
and so on. It was originally used for the Hebrew alphabet, but can be used for any

The Atbash cipher offers almost no security, and can be broken very easily. Even if an
adversary doesn't know a piece of ciphertext has been enciphered with the Atbash
cipher, they can still break it by assuming it is a substitution cipher and determining the
key using hill-climbing. The Atbash cipher is also an Affine cipher with a=25 and b = 25,
so breaking it as an affine cipher also works.

The Algorithm

The Atbash cipher is essentially a substitution cipher with a fixed key, if you know the
cipher is Atbash, then no additional information is needed to decrypt the message. The
substitution key is:



To encipher a message, find the letter you wish to encipher in the top row, then replace
it with the letter in the bottom row. In the example below, we encipher the message
'ATTACK AT DAWN'. The first letter we wish to encipher is 'A', which is above 'Z', so the
first ciphertext letter is 'Z'. The next letter is 'T', which is above 'G', so that comes next.
The whole message is enciphered:



To decipher a message, the exact same procedure is followed. Find 'Z' in the top row,
which is 'A' in the bottom row. Continue until the whole message is deciphered.


The Atbash Cipher was originally a monoalphabetic substitution cipher used for the

Hebrew alphabet. It is one of the earliest known substitution ciphers to have been used,

and is very simple. However, it's simplicity is also it's biggest pitfall, as it does not use a

key. Hence every piece of plaintext enciphered using the Atbash Cipher uses the same

ciphertext alphabet, and so can be easily broken, since the encryption algorithm is

known to all.

The Atbash Cipher simply reverses the plaintext alphabet to create the ciphertext

alphabet. That is, the first letter of the alphabet is encrypted to the last letter of the

alphabet, the second letter to the penultimate letter and so forth. In the original Hebrew

this means that 'aleph' is encrypted to 'tav', and 'beth' to 'shin'. This is where we get the

name of the cipher 'atbash'. For the Hebrew alphabet we get the following conversion


It is considered a 'weak' or 'simple' cipher because it only has one possible key, and it is

a simple monoalphabetic substitution cipher. However, this may not have been an issue
at the time when the cipher was first devised.
Atbash cipher substitutes the corresponding letter from the reverse alphabet.

The ciphertext alphabet for the Atbash cipher on the Hebrew alphabet.

For the Roman alphabet of 26 letters, we have the ciphertext alphabet as given in the

table below.

The ciphertext alphabet for the Atbash Cipher.


As with any monoalphabetic substitution cipher, encryption using the Atbash Cipher is
very simple once the ciphertext alphabet has been generated. We simply replace each
occurence of each plaintext letter with the respective ciphertext letter given by the table.
So, if we take the plaintext "atbash", we can see that "a" enciphers to "Z", "t" enciphers
to "G" and so on. Continuing in this way, we see that the final ciphertext is "ZGYZHS".


Due to the symmetric nature of this cipher, the decryption process is exactly the same as
the encryption process. Thus, for the recipient to decrypt the ciphertext, the same
ciphertext alphabet must be generated as was used to encrypt the message in the first
place. In this case, the ciphertext alphabet relies only on the alphabet used, and hence
the table above is also used to decipher the message. So, given the ciphertext "XRKSVI",
and assuming that the alphabet used was the standard Roman alphabet of 26 letters, we
can retrieve the plaintext "cipher".

The Atbash Cipher is a very weak substitution cipher, since there is no secret key
behind generating the ciphertext alphabet to perform the encryption. Thus, given a
piece of ciphertext, known to have been enciphered using the Atbash Cipher, anyone
who intercepts the message can easily decipher it to retrieve what was meant to be

Despite this, it provides a very quick and easy way to conceal messages from an
onlooker and can be used successfully to encipher messages of not great importance.

The one security measure that does exist for the Atbash Cipher is to use different
plaintext alphabets. For example using a plaintext alphabet with the ten digits attached
at the end (ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789), or one with the most
common punctuation marks in it. Both these alphabets add a bit more security to the
cipher, but as we shall see, these are methods that can be used for every cipher.

The ciphertext alphabet for an alphabet containing punctuation, a space and the digits


Decrypt using Atbash

The eagle has landed