Want to learn more?
Explore Atbash and other simple substitution ciphers related to ROT13.
Read the guideLearning Cryptography Fundamentals?
Understanding historical ciphers builds intuition for modern security. Let us help you grow.
Not sure which cipher you have? Use the Cipher Identifier to auto-detect cipher types from unknown ciphertext using frequency analysis and Index of Coincidence.
What Is the Atbash Cipher?
Atbash is a monoalphabetic substitution cipher that maps each letter of the alphabet to its mirror image: the first letter to the last, the second to the second-to-last, and so on. In English, A becomes Z, B becomes Y, C becomes X, all the way through M↔N. Because the mapping is a self-inverse, applying Atbash twice returns the original plaintext — the same operation encodes and decodes.
How Atbash Works
Number the alphabet 0–25 (A=0, B=1, ..., Z=25). The Atbash substitution is simply:
ciphertext letter = 25 − plaintext letter (mod 26)
The full English substitution table is:
| Plain | A | B | C | D | E | F | G | H | I | J | K | L | M | | Cipher | Z | Y | X | W | V | U | T | S | R | Q | P | O | N |
So "HELLO" encodes as "SVOOL": H(7)→S(18), E(4)→V(21), L(11)→O(14), L→O, O(14)→L(11). Running "SVOOL" through Atbash again returns "HELLO" because each pair is its own inverse.
Atbash was originally designed for the Hebrew alphabet, where aleph (the first letter) maps to tav (the last), bet maps to shin, and so on — the cipher's name "atbash" comes from concatenating those four letters: aleph-tav-bet-shin.
Origin
Atbash dates to roughly 500 BCE and appears in the Hebrew Bible. The Book of Jeremiah uses Atbash to encode the place name "Babel" (בבל) as "Sheshach" (ששך) — likely as a literary device rather than serious secrecy. It is one of the earliest documented substitution ciphers and predates the Caesar cipher by several centuries.
When to Use Atbash
Never for real security — Atbash has a fixed key, so once anyone knows it is Atbash, the message is fully recovered with no further work. It is useful for:
- Educational demonstrations of substitution ciphers and modular arithmetic.
- Puzzles, CTF challenges, geocaches, and escape rooms where the "key" is recognizing the cipher.
- Literary and biblical scholarship — recognizing Atbash substitutions in ancient texts.
- Quick obfuscation when the goal is novelty, not secrecy.
Security and Cryptanalysis
Atbash is trivially broken. Because the mapping is fixed and public, anyone who suspects Atbash can decode the message in seconds. Even without knowing it is Atbash, the cipher leaves a strong fingerprint: it is a monoalphabetic substitution, so the letter frequency distribution of the ciphertext is just the English distribution mirrored. The Index of Coincidence is ~0.067, identical to English plaintext.
Standard cryptanalysis steps:
- Run frequency analysis. Atbash shows a clear English-like distribution with E (the most common English letter) appearing as V in ciphertext.
- Check for the Atbash fixed mapping (A↔Z, B↔Y, etc.). One letter-pair confirmation usually settles it.
- If unsure whether it is Atbash, ROT13, Caesar, or general substitution, the Cipher Identifier ranks candidates by statistical fingerprint.
Related Ciphers
- Caesar cipher — also a fixed-mapping monoalphabetic shift, but with 25 possible keys instead of one.
- ROT13 cipher — another self-inverse monoalphabetic substitution (shift by 13).
- Substitution cipher — the general case where any permutation of the alphabet is allowed as the key.
If you have ciphertext and aren't sure whether it is Atbash, ROT13, or a different substitution, start with the Cipher Identifier.
⚠️ Security Notice
This tool is provided for educational and authorized security testing purposes only. Always ensure you have proper authorization before testing any systems or networks you do not own. Unauthorized access or security testing may be illegal in your jurisdiction. All processing happens client-side in your browser - no data is sent to our servers.