top of page
  • Lara-Johanna Pirk


Cryptanalysis is the study of analysing and decrypting ciphers, codes and overall encrypted text without knowing or using the key. Another way of saying this is accessing the plaintext hidden in the ciphertext without knowing the decryption key.

Cryptanalysis experts study other ciphers and cryptosystems to understand what techniques and functions are used. They then use this knowledge to find techniques to weaken or crack different ciphers. This can be used for different purposes by a range of different people.

Among the people using cryptanalysis are governments, companies and even researchers. Governments use cryptanalysis to decipher encrypted messages from other countries. Companies specialising in cybersecurity use it to test their feature and researchers use cryptanalysis to find weak points in cryptographic algorithms to improve them. Hackers also frequently use cryptanalysis in their work. Here it is important to differentiate between black and white-hat hackers. Both use cryptanalysis but black-hat hackers use it to commit cybercrimes and white-hat hackers use it to test security from companies that hire them.

There are many types of cryptanalysis attacks and techniques. A few of the most important ones are listed below:

Ciphertext-Only Attack

This is when the attacker only has access to at least one encrypted message but does not know any plaintext data or the encryption algorithm being employed. This is an extremely hard attack to pull off because of the lack of data.

Known Plaintext Attack

This attack is easier to do compared to the ciphertext-only attack. A known plaintext attack is when the analyst has access to some or all the ciphertext’s plaintext. Here, the cryptanalyst’s goal is to discover the key that the cryptographer used to encrypt the message and then use the key to decrypt it. Once the key is discovered, the attacker can use it to decrypt every message encrypted with this specific key.

Chosen Plaintext Attack

In this attack, the analyst either already knows the type of encryption used or can use the device for the encryption. The analyst can then gather information regarding the key by encrypting chosen plaintext. The more they learn about the encryption technique by experimenting, the easier it is to decipher the ciphertext and find the right key.

Frequency Analysis

A technique that cryptanalysts use on easier ciphers such as substitution ciphers or Caesar cipher is called frequency analysis. This is when you count how many of each letter appears in the encrypted message and then compare this to how many of each letter appears in the English (or whatever language the plaintext is written in) language. In English, the most common letter is E followed by T, A and O. This way you can determine many letters in your encoded message.

Recent Posts

See All


bottom of page