Generic ROT

The Generic ROT (or ROT-N) is the mother family of alphabet-rotation ciphers. It’s the natural extension of the Caesar cipher: instead of fixing the shift at 3 (Caesar’s historical value), allow any integer shift between 1 and 25.

The label “ROT” comes from “rotation” and rose to popularity on Usenet and BBSes in the 1980s — mostly via ROT-13 (used to hide spoilers and jokes) and ROT-47 (which shifts printable ASCII characters rather than just letters).

Principle

For each plain letter indexed p ∈ {0..25} (A=0, B=1, …, Z=25) and a shift N ∈ {1..25}:

encrypt: c = (p + N) mod 26
decrypt: p = (c − N) mod 26

The alphabet wraps: after Z, we restart at A. Common variants:

• ROT-5: digits 0-9 only (modulo 10).
• ROT-13: shift of 13 over the alphabet — involutive (encrypt = decrypt because 13 + 13 = 26).
• ROT-18: combines ROT-13 on letters and ROT-5 on digits.
• ROT-47: shift of 47 across printable ASCII (! to ~, 94 characters) — also involutive.
• ROT-8000: Unicode variant using a 8000-position shift.

Example

With N = 4 (ROT-4), the mapping is:

plain   : A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
cipher  : E F G H I J K L M N O P Q R S T U V W X Y Z A B C D

The cleartext CIPHER CHRON ICLE becomes GMTLIV GLVSR MGPI. The demonstration below replays this enciphering step by step.

Strengths and weaknesses

Strengths

• Instant learnability — anyone grasps ROT in two minutes.
• Memorable variants — ROT-13 and ROT-47 are de facto Internet standards for soft masking (spoilers, jokes, easter eggs).
• Involutivity for ROT-13 and ROT-47 — no need to distinguish encryption from decryption.
• Native support in most programming languages and Unix utilities (tr).

Weaknesses

• Only 25 useful keys — brute force is trivial: try the 25 shifts, one yields intelligible text.
• Frequency analysis cracks it in one step — the most frequent ciphertext letter maps to plain E (English/French) in nearly all cases, so N = position(most_frequent) − position(E).
• No real security — used purely for masking, not for confidentiality.

How to attack it by hand

1. Count occurrences of each ciphertext letter.
2. Identify the most frequent letter — almost certainly the encrypted form of E.
3. Compute the distance between that letter and E. That’s N.
4. Apply the inverse shift.

For texts of 30+ letters, the attack lands in seconds. For short texts (<10 letters), test the 25 shifts and keep the one yielding readable output.

Closely related ciphers

• Caesar cipher — special case with N = 3.
• ROT-13 — special case with N = 13, involutive.
• ROT-47 — extended ASCII variant.
• Affine — generalisation: c = (a × p + b) mod 26. More keys, but frequency analysis still applies.
• Vigenère — generalisation: N varies by position, driven by a keyword. Far stronger.

In CipherChronicle

Generic ROT is a didactic on-ramp: the very first cipher to test on a mysterious message. ROT-N puzzles ask the player to recover the shift via frequency analysis — the canonical exercise to grasp statistical cryptanalysis.