Affine Cipher Tool

Not sure which cipher you have? Use the Cipher Identifier to auto-detect cipher types from unknown ciphertext using frequency analysis and Index of Coincidence.

What Is the Affine Cipher?

The Affine cipher is a monoalphabetic substitution cipher that encrypts each letter using a linear function modulo 26. It generalizes the Caesar cipher (which is the special case where the multiplier equals 1) by adding a multiplicative component, expanding the key space from 25 to 311 distinct keys.

How the Affine Cipher Works

Number the alphabet A=0, B=1, ..., Z=25. The encryption function is:

E(x) = (a · x + b) mod 26

where a and b are the two halves of the key. Decryption is:

D(y) = a⁻¹ · (y − b) mod 26

where a⁻¹ is the modular multiplicative inverse of a modulo 26.

For decryption to work, a must be coprime to 26 — that is, gcd(a, 26) = 1. Since 26 = 2 × 13, any a that is even or a multiple of 13 has no inverse mod 26 and breaks decryption. The 12 valid values of a are:

1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25

The shift b can be any integer from 0 to 25, giving 12 × 26 = 312 key pairs. Subtracting the trivial identity (a=1, b=0) leaves 311 useful keys.

Worked Example

Encrypt "HELLO" with a=5, b=8.

• H = 7 → (5·7 + 8) mod 26 = 43 mod 26 = 17 → R
• E = 4 → (5·4 + 8) mod 26 = 28 mod 26 = 2 → C
• L = 11 → (5·11 + 8) mod 26 = 63 mod 26 = 11 → L
• L = 11 → L
• O = 14 → (5·14 + 8) mod 26 = 78 mod 26 = 0 → A

Ciphertext: "RCLLA". To decrypt, compute a⁻¹: 5 · 21 = 105 = 4·26 + 1, so 5⁻¹ ≡ 21 (mod 26). Then D(y) = 21 · (y − 8) mod 26 recovers each plaintext letter.

History

The Affine cipher does not have a single inventor or famous historical use — it is best understood as the natural algebraic generalization of the Caesar cipher. It became a standard textbook example in 20th-century cryptography courses because it cleanly illustrates modular arithmetic, multiplicative inverses, and why key constraints matter. The requirement that gcd(a, 26) = 1 is the first place most students encounter the concept of a unit in a modular ring.

When to Use the Affine Cipher

For classroom and self-study use only. The Affine cipher is excellent for teaching:

• Modular arithmetic and the extended Euclidean algorithm (used to compute a⁻¹).
• Why key space alone is not enough for security — 311 keys can be brute-forced in milliseconds.
• The transition from purely additive ciphers (Caesar) to multiplicative ones, leading toward modern stream ciphers.

It also shows up in CTF challenges, puzzle hunts, and recreational cryptography, often as the second or third layer in a stacked cipher.

Security and Cryptanalysis

The Affine cipher offers essentially no real-world security. Two independent attacks defeat it:

1. Brute force — only 311 keys exist, so trying all of them and scoring each candidate plaintext (against English letter frequencies or a dictionary) recovers the message instantly.
2. Frequency analysis — like all monoalphabetic substitution ciphers, Affine preserves the English letter frequency distribution under a fixed permutation. The Index of Coincidence stays near 0.067. Identifying the two most frequent ciphertext letters and mapping them to the two most frequent English letters (E and T) gives you two equations in two unknowns (a and b) and solves the key directly.

A known-plaintext attack with just two correct letter pairs gives a linear system that pinpoints (a, b) in one step.

Related Ciphers

• Caesar cipher — the Affine cipher with a = 1.
• Atbash cipher — the Affine cipher with a = 25, b = 25.
• Substitution cipher — the general monoalphabetic case where Affine is one of many possible mappings.

If you have ciphertext and suspect Affine but aren't sure, the Cipher Identifier can flag the monoalphabetic fingerprint and rank Affine against Caesar, ROT13, and general substitution.