Double ROT13 (ROT26)

Apply ROT13 twice — a no-op that demonstrates cipher identity

Run ROT13 twice on any text and watch it return unchanged, illustrating that ROT13 is its own inverse. A teaching demonstration of why double ROT13, jokingly called ROT26, provides exactly zero encryption. Runs in your browser. It runs free in your browser on Gera Tools, with nothing uploaded.

Last updated Source: Gera Tools

What is ROT13?

ROT13 is a Caesar cipher that rotates each letter 13 places through the 26-letter alphabet. A becomes N, B becomes O, and so on. It is used to hide spoilers and puzzle answers, not for real security.

Double ROT13 — affectionately called ROT26 — is the classic cryptography joke: it runs the ROT13 cipher twice and gives you back exactly what you started with. This tool demonstrates that self-inverse property step by step.

How it works

ROT13 rotates each letter 13 positions forward, wrapping around at the end of the alphabet:

encrypted = ((letter - base + 13) mod 26) + base

Apply it a second time and the total shift is 13 + 13 = 26, a full rotation around the 26-letter alphabet:

(x + 13 + 13) mod 26  =  (x + 26) mod 26  =  x

So the second pass perfectly undoes the first. The tool shows the intermediate single-pass result, then the double-pass result, which always equals the input.

Letter-by-letter example

Take the word HELLO:

LetterAfter one ROT13After two ROT13
H (7)+13 → U (20)+13 → H (7)
E (4)+13 → R (17)+13 → E (4)
L (11)+13 → Y (24)+13 → L (11)
L (11)+13 → Y (24)+13 → L (11)
O (14)+13 → B (1)+13 → O (14)

One pass: URYY B. Two passes: HELLO. The original text returns exactly.

ROT13 in context — why it exists

ROT13 was widely used in early Usenet newsgroups to hide spoilers, offensive jokes, and puzzle answers so that readers had to take a deliberate action to see them. It is not and has never been intended as encryption — anyone who knows it can decode it in seconds, and it is documented in countless references. Its value was purely social: providing a visual barrier that required a conscious decision to cross.

The self-inverse property made it convenient: one code, one function, no modes. You encode and decode with the same operation, which meant newsreader software could implement it with a single menu item.

The lesson for cryptography

Double ROT13 is used in cryptography education to illustrate what happens when you stack a self-inverse cipher: you get back to where you started, with zero added security. More generally, it illustrates several principles:

  • Rounds are not automatically additive. Applying an operation twice does not double the difficulty of breaking it — if the operations cancel, security can be zero.
  • Algorithm structure matters. Real ciphers (AES, ChaCha20) carefully avoid self-cancellation by combining substitution, permutation, and XOR with key-derived values at every round.
  • Security through obscurity fails. ROT13 was always transparent — everyone knew the algorithm. Real security comes from key secrecy, not algorithm secrecy.

Tips and notes

  • Because ROT13 is its own inverse, the same operation both encodes and decodes — there is no separate decode mode in plain ROT13.
  • Only letters move; everything else is left untouched, which is why the joke works on any text including symbols and digits.
  • The takeaway: stacking rounds of a self-inverse transform adds no security. Real ciphers avoid this by mixing different, non-cancelling operations.
  • To decode standard ROT13-encoded text: paste the encoded text and read the value shown after the first pass — the double-pass output simply confirms that running it again returns the original.