Editing Playfair cipher (section)

== Cryptanalysis ==
Like most classical ciphers, the Playfair cipher can be easily cracked if there is enough text. Obtaining the key is relatively straightforward if both [[plaintext]] and [[ciphertext]] are known. When only the ciphertext is known, brute force [[cryptanalysis]] of the cipher involves searching through the key space for matches between the frequency of occurrence of digrams (pairs of letters) and the known frequency of occurrence of digrams in the assumed language of the original message.<ref>{{harvnb|Gaines|1956|page=201}}</ref>

Cryptanalysis of Playfair is similar to that of [[four-square cipher|four-square]] and [[two-square cipher|two-square]] ciphers, though the relative simplicity of the Playfair system makes identifying candidate plaintext strings easier.  Most notably, a Playfair digraph and its reverse (e.g. AB and BA) will decrypt to the same letter pattern in the plaintext (e.g. RE and ER).  In English, there are many words which contain these reversed digraphs such as REceivER and DEpartED.  Identifying nearby reversed digraphs in the ciphertext and matching the pattern to a list of known plaintext words containing the pattern is an easy way to generate possible plaintext strings with which to begin constructing the key.

A different approach to tackling a Playfair cipher is the [[Random-restart hill climbing|shotgun hill climbing]] method.  This starts with a random square of letters.  Then minor changes are introduced (i.e. switching letters, rows, or reflecting the entire square) to see if the candidate plaintext is more like standard plaintext than before the change (perhaps by comparing the digrams to a known frequency chart).  If the new square is deemed to be an improvement, then it is adopted and then further mutated to find an even better candidate.  Eventually, the plaintext or something very close is found to achieve a maximal score by whatever grading method is chosen.  This is obviously beyond the range of typical human patience, but computers can adopt this algorithm to crack Playfair ciphers with a relatively small amount of text.

Another aspect of Playfair that separates it from four-square and two-square ciphers is the fact that it will never contain a double-letter digram, e.g. EE.  If there are no double letter digrams in the ciphertext and the length of the message is long enough to make this statistically significant, it is very likely that the method of encryption is Playfair.

A good tutorial on reconstructing the key for a Playfair cipher can be found in chapter 7, "Solution to Polygraphic Substitution Systems," of ''Field Manual 34-40-2'', produced by the United States Army. Another cryptanalysis of a Playfair cipher can be found in Chapter XXI of Helen Fouché Gaines' ''Cryptanalysis / a study of ciphers and their solutions''.<ref>{{harvnb|Gaines|1956|pages=198–207}}</ref>

A detailed cryptanalysis of Playfair is undertaken in chapter 28 of [[Dorothy L. Sayers]]' 1932 mystery novel ''[[Have His Carcase]]''. In this story, a Playfair message is demonstrated to be cryptographically weak, as the detective is able to solve for the entire key making only a few guesses as to the formatting of the message (in this case, that the message starts with the name of a city and then a date). Sayers' book includes a detailed description of the mechanics of Playfair encryption, as well as a step-by-step account of manual cryptanalysis.

The German Army, Air Force and Police used the [[Double Playfair]] cipher as a medium-grade cipher in WWII, based on the British Playfair cipher they had broken early in WWI.<ref name="NCB">{{cite journal|doi=10.1080/02684528708431890|author=Currer-Briggs, Noel|title=Some of ultra's poor relations in Algeria, Tunisia, Sicily and Italy|journal=Intelligence and National Security|volume=2|number=2|pages=274–290|year = 1987}}</ref> They adapted it by introducing a second square from which the second letter of each bigram was selected, and dispensed with the keyword, placing the letters in random order. But with the German fondness for [[pro forma]] messages, they were broken at [[Bletchley Park]]. Messages were preceded by a sequential number, and numbers were spelled out. As the German numbers 1 (eins) to twelve (zwölf) contain all but eight of the letters in the Double Playfair squares, pro forma traffic was relatively easy to break (Smith, page 74-75)