The Gronsfeld cipher is a polyalphabetic substitution cipher that works exactly like the Vigenère cipher except that its key is a sequence of digits rather than a keyword of letters. It is named after the 17th-century Count Gronsfeld and was once a popular hand cipher because a short numeric key is easy to remember and to apply.
How it works
Each letter of the alphabet is numbered 0 (A) through 25 (Z). The numeric key is repeated cyclically beneath the message, and each key digit gives the shift for the letter above it. Encryption uses the standard Vigenère addition:
C = (P + d) mod 26
where d is the current key digit. Decryption simply subtracts instead:
P = (C - d) mod 26
Because digits only run from 0 to 9, the Gronsfeld cipher chooses from just ten of the 26 possible Caesar shifts. This is its only real difference from Vigenère, and it is what makes Gronsfeld a touch easier to break.
Example
With the key 31415 and plaintext HELLO:
P: H E L L O
d: 3 1 4 1 5
C: K F P M T
H (7) plus 3 gives K, E (4) plus 1 gives F, and so on. Decrypting KFPMT with the same key subtracts each digit to recover HELLO.
How it differs from the Vigenère cipher in practice
The Vigenère cipher uses a keyword where every letter represents a shift from 0 (A) to 25 (Z), giving the encipherer access to all 26 Caesar alphabets. The Gronsfeld key, being numeric, only ever produces shifts from 0 (the digit 0, no shift) to 9 (the digit 9, a nine-step shift). This means:
- Thirteen of the 26 possible Caesar shifts are simply never used.
- Two key digits, 0 and 1, produce very small shifts that leave the output close to the original letter.
- Frequency analysis becomes easier because the effective alphabet of encryptions is smaller.
The Gronsfeld has a compensating practical advantage: memorising a PIN-like number such as 7391 is easier than a keyword, and it avoids the need to agree on a word that might be guessed from a dictionary attack. Historically this made it popular for simple field use in the 17th and 18th centuries.
Breaking it and its limits
The Gronsfeld cipher is vulnerable to the same attacks as Vigenère: the Kasiski test and the index of coincidence method can both determine the key length, and once the length is known, each position reduces to a simple Caesar cipher that frequency analysis solves quickly. Longer numeric keys that do not repeat obvious patterns are stronger, but the 0–9 shift restriction means no Gronsfeld key can be as strong as a Vigenère key of the same length.
Use the Gronsfeld cipher for puzzles, cryptography education, historical study, and recreational codebreaking — never for protecting real secrets.
Notes
- Only letters are shifted; spaces and punctuation pass through and do not consume a key digit, keeping the digits aligned with the letters.
- A longer, non-repeating-looking key resists Kasiski examination better, but the small 0–9 shift range remains the cipher’s weakness.
- For a letter-keyed version with a full 0–25 shift range, use the Vigenère or Autokey cipher instead.