Crypto-IT Logo
ου γαρ εστιν κρυπτον ο ου φανερον γενησεται ουδε αποκρυφον ο ου γνωσθησεται και εις φανερον ελθη
Wersja PL ENG Version

Two-Square Cipher (Double Playfair)

  • Description
  • Algorithm
  • Implementation
A two-square cipher is a modification of the Playfair cipher and provides slightly better protection of exchanged messages.
Polygraphic substitution cipher
The cipher was widely used by diplomats and armies until World War II. Nowadays, it is considered to be easily breakable by using brute force attacks.

The two-square cipher is a polygraphic substitution cipher. The original plaintext is divided into groups of a few letters. Then, each group is replaced by another previously determined group of characters. The two-square cipher operates on groups of the size of two letters.

Before encryption one should prepare two tables, using words (or longer phrases) that are used as secret keys. Both tables have dimensions of 5 by 5 letters and contain 25 letters of the Latin alphabet. The Latin alphabet has 26 letters, so to create the table, one of the rare letters should be skipped (for example, x or q), or the letters i and j should be treated as one letter.

During inserting letters into the two tables, one should use the secret keywords. First, all duplicated letters in the keywords should be skipped (only the first occurrences should remain). Then, all the remaining letters should be entered (in the original order) into the tables (letters from the first keyword to the first table, and letters from the second one to the second table). Of course, before that, the parties should agree, in which order the table cells ought to be filled (for example, row by row from left to right, and from top to bottom). The rest cells of the table should be filled with the remaining alphabet letters, usually in the alphabetical order.

For example, if one used names of both parents of the Roman Emperor Vespasian as secret keywords: Titus Flavius Sabinus and Vespasia Polla, treating the letters i and j as one letter, and filling the tables row by row, from left to right and from top to bottom, one would receive the following two tables:

 t  i  u  s  f
 l  a  v  b  n
 c  d  e  g  h
 k  m  o  p  q
 r  w  x  y  z
 v  e  s  p  a
 i  o  l  b  c
 d  f  g  h  k
 m  n  q  r  t
 u  w  x  y  z

The tables should be placed side by side in such a way that lines of rows (or lines of columns) are aligned.

To perform encryption, as a next step, one should divide the plaintext into pairs. Each pair should consist of two consecutive letters. If necessary, a rare letter may be appended to the original text (for example X or Q).

Then, one should find the first letter of each pair in the first table, and the second letter in the second table. Then, one should create a rectangle that covers over two tables and has corners in cells determined by the two letters. To encrypt those two letters, they have to be replaced by another two letters, that are determined by two other corners of the rectangle. The same steps should be repeated for all plaintext pairs. All letters should be replaced by letters chosen based on the tables.

For example, encrypting of a pair of letters AS by using the tables defined above, produces one of the two pairs: IL or LI.

Note, that both parties should agree in which order the new letters ought to be appended to the ciphertext (for example, the first letter would be a letter from the left table and the second letter would be taken from the right table).

If both letters in the currently encrypting pair are located in the same row (or, respectively, in the same column), then a new pair should the same as the original one. It must by highlighted that one of the weaknesses of the two-square cipher is that such a situation takes place for twenty percent of all possible pairs of letters.

Ciphertext decryption is performed in a similar way. Firstly, the recipient should create (knowing the secret keywords) the same two tables as the sender. Then, he should decode pairs of letters, by using analogous operations. He should find the two ciphertext letters in the two tables, then he should determine the rectangle corners (which will locate the original plaintext letters), and finally the plaintext letters should be appended in the correct order to the plaintext.

Security of the two-square cipher

The biggest weakness of the cipher is the fact that plaintext fragments may be quite often visible in the corresponding ciphertext. Based on that feature, and on two methods of attacking the cipher - frequency analysis and guessing plaintext parts (described below) - an intruder can predict and discover increasingly longer fragments of the original message.

Ciphertext frequency analysis of is about finding frequent repetitions of the same pairs of letters. Knowing approximate frequencies of digraphs in a given language, one can try to match popular ciphertext pairs to popular digraphs occurring in the language. Because of using two secret keys, this is a more difficult task than the same operation performed against the Playfair cipher.

Guessing plaintext fragments is about finding ciphertext letters that correspond to popular phrases expected during communications, for example welcoming, or date and place of creating the message. Knowing the ciphertext and probable plaintext fragments, one can recreate the tables used for encryption. This was a very common method of attacking German ciphers similar to the two-square cipher, during the Second World War.

Implementing the Two-Square Cipher is a relatively simple task. After preparing the input text and passwords, the main challenge is to deal properly with row and column numbers, for each character.

Below, there is a JavaScript function which performs encryption of the input message, and return the result. Note, that both keywords are passed as one dimensional strings:

function encrypt(messageInput, keyword) {
  var messageOutput = '';

  var pos = 0;
  while (pos < messageInput.length) {
    var m1 = messageInput[pos];
    var m2 = '';

    if (pos + 1 < messageInput.length) {
        m2 = messageInput[pos + 1];
        pos += 2;
    } else {
      m2 = 'Q' // some dummy letter
      pos += 1;

    var c1 = m1;
    var c2 = m2;

    var idx1 = keyword[0].indexOf(m1);
    var idx2 = keyword[1].indexOf(m2);

    if (Math.floor(idx1 / 5) !== Math.floor(idx2 / 5)) {
      c1 = keyword[0][(5 * Math.floor(idx2 / 5)) + idx1 % 5];
      c2 = keyword[1][(5 * Math.floor(idx1 / 5)) + idx2 % 5];

    messageOutput = messageOutput.concat(c1);
    messageOutput = messageOutput.concat(c2);

  return messageOutput;

You may try out the Two-Square Cipher online on Crypto-Online website.