Skip to main content
CipherChronicle

Cryptography glossary

Ciphertext

Also known as : Cryptogram · Cipher text · Encrypted text

The ciphertext (French: chiffré) is the output of an encryption operation. It’s what you transmit, what you print on a puzzle’s QR code, what you carve on a Templar stele. The plaintext is encoded inside it but not directly readable — that’s precisely what encryption promises: turning a message into something that gives nothing away to an unequipped reader.

A vocabulary distinction everyone gets wrong

First trap to avoid: in many languages, the word “cipher” is ambiguous. It can refer to:

  • The cipher as an algorithm: “the Caesar cipher”, “the Vigenère cipher”. Synonymous with encryption method.
  • The ciphertext as a result: the output you get after applying the cipher to the plaintext.

English mostly avoids the confusion by spelling out cipher (algorithm) versus ciphertext (result). French has a similar pairing: chiffre versus chiffré — close in spelling, distinct in meaning. On CipherChronicle, we use ciphertext whenever we mean the result displayed on a puzzle page.

What a well-built ciphertext looks like

When the procedure is sound, the ciphertext appears statistically random:

  • Well-built polyalphabetic ciphers (Vigenère with a long key) → E’s frequency becomes indistinguishable from Z’s.
  • Modern ciphers (AES, ChaCha20, RSA-OAEP) → output distribution is strictly uniform. For any byte, each value from 0 to 255 is equally likely.
  • One-time pad → ciphertext mathematically indistinguishable from a pure random stream.

This statistical uniformity is what makes a sound ciphertext incompressible: a properly encrypted file doesn’t compress, because compression exploits predictability, and predictability has been destroyed by encryption. If you see a supposedly encrypted file that compresses by 50 %, the encryption is broken.

What a weak ciphertext looks like

When the procedure is weak, the ciphertext carries traces of the plaintext:

  • Monoalphabetic substitution → E’s frequency stays high, just under a different letter. LW LV (E → L) gives away the Caesar cipher to a frequency count.
  • Transposition → every plaintext letter is present, just shuffled. Frequency is strictly preserved.
  • Polygraphic substitution (Playfair, Hill) → preserves n-gram frequencies rather than single letters. Crackable but more laborious.
  • Short Vigenère → lets repeated plaintext sequences land on the same position of the key cycle and produce the same ciphertext. The Kasiski test exploits these repetitions.

It’s on these traces that cryptanalysis rests. A ciphertext that looks random to the eye may very well have a non-uniform frequency — a spreadsheet or a Python script settles the matter.

Ciphertext on CipherChronicle

On CipherChronicle, the ciphertext is what’s displayed on a puzzle page:

  • As a letter grid for “text → text” ciphers (Caesar, Vigenère, Atbash, Playfair…). Solvers copy-paste or retype to decrypt.
  • As glyphs or symbols for image-based ciphers (Pigpen, Templar, Aurebesh, Dancing Men…). Solvers identify each symbol, then apply the table.
  • As groups of digits for numerical ciphers (A1Z26, Polybius, ADFGVX). Cryptanalysis then starts from spotting repeated pairs/triples.

The ciphertext is immutable once published: it’s the hash of the solution that anchors consistency. Modifying the ciphertext without recomputing the hash would invalidate every future attempt, even correct ones. That’s why the puzzle edit drawer forbids changing the ciphertext after publication.

Spotting a ciphertext in the wild

If you stumble on a chunk of text that looks like ciphertext during an investigation (graffiti, memory dump, suspicious file), a few hints:

  • Length: a classical ciphertext has the plaintext’s length (modulo padding); modern CBC-mode ciphertext is aligned to 16 bytes.
  • Alphabet: only 26 letters → probably a classical cipher. 64 Base64 characters → encoded binary, decode before cryptanalysis. Hexadecimal → same.
  • Index of coincidence: ~0.067 (EN) or ~0.078 (FR) → monoalphabetic or transposition. ~0.038 → long polyalphabetic or random stream.

Ciphertext malleability and authenticated encryption

A subtler property than confidentiality is integrity. Many classical ciphers (and even some modern modes like CBC) are malleable: an attacker who flips a bit in the ciphertext flips a predictable bit in the recovered plaintext, without ever needing the key. This is catastrophic when the plaintext is TRANSFER 100 USD and the attacker can quietly change it to TRANSFER 900 USD. Modern designs solve this with authenticated encryption (AES-GCM, ChaCha20-Poly1305): the ciphertext carries a cryptographic tag that fails to verify if a single bit is altered. Always prefer authenticated modes — confidentiality without integrity is rarely what you actually want.

Key takeaways:

  • Distinguish cipher (algorithm) from ciphertext (result). The same trap exists in French (chiffre vs chiffré).
  • A good ciphertext looks random; it’s incompressible and statistically uniform.
  • A weak ciphertext preserves traces of the plaintext (frequency, length, repetitions) — those traces are where cryptanalysis lives.
  • The ciphertext is what gets transmitted: once published on CipherChronicle, it’s immutable.

← Whole glossary