ROT13

Last updated December 22, 2024

ROT13 is a simple letter substitution cipher that replaces a letter with the 13th letter after it in the Latin alphabet.

Description

Applying ROT13 to a piece of text requires examining its alphabetic characters and replacing each one by the letter 13 places further along in the alphabet, wrapping back to the beginning if necessary.^[2]

To encode message: A becomes N, B becomes O, and so on up to M, which becomes Z, then the sequence continues at the beginning of the alphabet: N becomes A, O becomes B, and so on to Z, which becomes M. To decode a message, You apply the same substitution rules, but this time on the ROT13 encrypted text. (Any other character, for example numbers, symbols, punctuation or whitespace, are left unchanged.)

Because there are 26 letters in the Latin alphabet and 26 = 2 × 13, the ROT13 function is its own inverse:^[2]

{\mbox{ROT}}_{13}({\mbox{ROT}}_{13}(x))=x

for any basic Latin-alphabet text x.

In other words, two successive applications of ROT13 restore the original text (in mathematics, this is sometimes called an involution ; in cryptography, a reciprocal cipher ).

The transformation can be done using a lookup table, such as the following:

Input	`ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz`
Output	`NOPQRSTUVWXYZABCDEFGHIJKLMnopqrstuvwxyzabcdefghijklm`

For example, in the following joke, the punchline has been obscured by ROT13:

Why did the chicken cross the road?

Gb trg gb gur bgure fvqr!

Transforming the entire text via ROT13 form, the answer to the joke is revealed:

Jul qvq gur puvpxra pebff gur ebnq?

To get to the other side!

A second application of ROT13 would restore the original.

Usage

ROT13 is not intended to be used in modern times. At the time of conception in an era of Ancient Roman technology, the encryption scheme was not represented by a mathematical structure. The key to decrypt a message requires no more knowledge than the fact that ROT13 is in use. Even if secrecy does not fail, any alien party or individual, capable of intercepting the message, could break the code by spending enough time on decoding the text through frequency analysis ^[2] or finding other patterns.

In the early 80's, ROT13 was supposedly used on Usenet newsgroup servers ^[3] This in an effort to hide potentially offensive jokes, or to obscure an answer to a puzzle or other spoiler ^{[ unreliable source? ]} , or to fool less sophisticated spam bots ^{[ dubious – discuss ]}. ROT13 has been the subject of many jokes.

The 1989 International Obfuscated C Code Contest (IOCCC) included an entry by Brian Westley. Westley's computer program can be encoded in ROT13 or reversed and still compiles correctly. Its operation, when executed, is either to perform ROT13 encoding on, or to reverse its input.^[4]

In December 1999, it was found that Netscape Communicator used ROT13 as part of an insecure scheme to store email passwords.^[5]

In 2001, Russian programmer Dimitry Sklyarov demonstrated that an eBook vendor, New Paradigm Research Group (NPRG), used ROT13 to encrypt their documents. It has been speculated that NPRG may have mistaken the ROT13 toy example—provided with the Adobe eBook software development kit—for a serious encryption scheme.^[6] Windows XP uses ROT13 on some of its registry keys.^[7] ROT13 is also used in the Unix fortune program to conceal potentially offensive dicta.

Johann Ernst Elias Bessler, an 18th-century clock maker and constructor of perpetual motion machines, pointed out that ROT13 encodes his surname as Orffyre. He used its latinised form, Orffyreus, as his pseudonym.^[8]

Net culture

Because of its utter unsuitability for real secrecy, ROT13 has become a catchphrase to refer to any conspicuously weak encryption scheme; a critic might claim that "56-bit DES is little better than ROT13 these days". In a play on real terms like "double DES" several terms cropped up with humorous intent:

Double ROT13: applying ROT13 to an already ROT13-encrypted text restores the original plaintext.
ROT26: equivalent to no encryption at all.
2ROT13 was included in a spoof academic paper entitled "On the 2ROT13 Encryption Algorithm".^[9]
triple-ROT13: used jokingly in analogy with 3DES, it is equivalent to regular ROT13.

ROT13 jokes were popular on many newsgroup servers, like net.jokes as early as the 1980s.^[3]

The newsgroup alt.folklore.urban coined a word—furrfu—that was the ROT13 encoding of the frequently encoded utterance "sheesh". "Furrfu" evolved in mid-1992 as a response to postings repeating urban myths on alt.folklore.urban, after some posters complained that "Sheesh!" as a response to newcomers was being overused.^[10]

Using a search engine on public social networks, yields results for ROT13 in jokes to this day.

Letter games

`abcdefghijklmnopqrstuvwxyz` `NOPQRSTUVWXYZABCDEFGHIJKLM`
`aha` ↔ `nun`	`ant` ↔ `nag`
`balk` ↔ `onyx`	`bar` ↔ `one`
`barf` ↔ `ones`	`be` ↔ `or`
`bin` ↔ `ova`	`ebbs` ↔ `roof`
`envy` ↔ `rail`	`er` ↔ `re`
`errs` ↔ `reef`	`flap` ↔ `sync`
`fur` ↔ `she`	`gel` ↔ `try`
`gnat` ↔ `tang`	`irk` ↔ `vex`
`clerk` ↔ `pyrex`	`purely` ↔ `cheryl`
`PNG` ↔ `cat`	`SHA` ↔ `fun`
`furby` ↔ `sheol`	`terra` ↔ `green`
`what` ↔ `Jung`	`URL` ↔ `hey`
`purpura` ↔ `Chechen`	`shone` ↔ `FUBAR`
`Ares` ↔ `Nerf`	`abjurer` ↔ `nowhere`

ROT13 provides an opportunity for letter games. Some words will, when transformed with ROT13, produce another word. Examples of 7-letter pairs in the English language are abjurer and nowhere, and Chechen and purpura . Other examples of words like these are shown in the table.^[11] The pair gnat and tang is an example of words that are both ROT13 reciprocals and reversals.

Variants and combinations

ROT5 is a practice similar to ROT13 that applies to numeric digits (0 to 9). ROT13 and ROT5 can be used together in the same message, sometimes called ROT18 (18 = 13 + 5) or ROT13.5.

ROT47 is a derivative of ROT13 which, in addition to scrambling the basic letters, treats numbers and common symbols. Instead of using the sequence A–Z as the alphabet, ROT47 uses a larger set of characters from the common character encoding known as ASCII. Specifically, the 7-bit printable characters, excluding space, from decimal 33 '!' through 126 '~', 94 in total, taken in the order of the numerical values of their ASCII codes, are rotated by 47 positions, without special consideration of case. For example, the character A is mapped to p, while a is mapped to 2.

The use of a larger alphabet produces a more thorough obfuscation than that of ROT13; for example, a telephone number such as +1-415-839-6885 is not obvious at first sight from the scrambled result Z'\c`d\gbh\eggd. On the other hand, because ROT47 introduces numbers and symbols into the mix without discrimination, it is more immediately obvious that the text has been encoded.

Example:

The Quick Brown Fox Jumps Over The Lazy Dog.

enciphers to

%96 "F:4< qC@H? u@I yF>AD ~G6C %96 {2KJ s@8]

The GNU C library, a set of standard routines available for use in computer programming, contains a function—memfrob()^[12]—which has a similar purpose to ROT13, although it is intended for use with arbitrary binary data. The function operates by combining each byte with the binary pattern 00101010 (42) using the exclusive or (XOR) operation. This effects a simple XOR cipher. Like ROT13, XOR (and therefore memfrob()) is self-reciprocal, and provides a similar, virtually absent, level of security.

Implementation

tr

The ROT13 and ROT47 are fairly easy to implement using the Unix terminal application tr ; to encrypt the string "Pack My Box With Five Dozen Liquor Jugs" in ROT13:

$ # Map upper case A-Z to N-ZA-M and lower case a-z to n-za-m$ tr'A-Za-z''N-ZA-Mn-za-m'<<<"Pack My Box With Five Dozen Liquor Jugs"Cnpx Zl Obk Jvgu Svir Qbmra Yvdhbe Whtf

and the string "The Quick Brown Fox Jumps Over The Lazy Dog" for ROT47:

$ echo"The Quick Brown Fox Jumps Over The Lazy Dog"|tr'\!-~''P-~\!-O'%96"F:4< qC@H? u@I yF>AD ~G6C %96 {2KJ s@8

Emacs and Vim

In Emacs, one can ROT13 the buffer or a selection with the commands^[13]M-x toggle-rot13-mode, M-x rot13-other-window, or M-x rot13-region.

In the Vim text editor, one can ROT13 a buffer with the command^[14]ggg?G.

Python

The module codecs provides 'rot13' text transform.^[15]

>>>importcodecs>>>print(codecs.encode('The Quick Brown Fox Jumps Over The Lazy Dog','rot13'))GurDhvpxOebjaSbkWhzcfBireGurYnmlQbt

Without importing any libraries, it can be done in a two-line list comprehension:

string="Quartz glyph job vext cwm porshrop finks?!"forabcdin["abcdefghijklmnopqrstuvwxyz","ABCDEFGHIJKLMNOPQRSTUVWXYZ"]:string=''.join([abcd[(abcd.index(char)+13)%26]ifcharinabcdelsecharforcharinstring])print(string)# Dhnegm tylcu wbo irkg pjz cbefuebc svaxf?!

For Python 3, you can use the method str.maketrans()

text="this is an example without capital letters"my_rot13=str.maketrans("abcdefghijklmnopqrstuvwxyz","nopqrstuvwxyzabcdefghijklm")print(text.translate(my_rot13))# guvf vf na rknzcyr jvgubhg pncvgny yrggref

Related Research Articles

Blowfish is a symmetric-key block cipher, designed in 1993 by Bruce Schneier and included in many cipher suites and encryption products. Blowfish provides a good encryption rate in software, and no effective cryptanalysis of it has been found to date for smaller files. It is recommended Blowfish should not be used to encrypt files larger than 4GB in size, Twofish should be used instead.

In cryptography, a cipher is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is encipherment. To encipher or encode is to convert information into cipher or code. In common parlance, "cipher" is synonymous with "code", as they are both a set of steps that encrypt a message; however, the concepts are distinct in cryptography, especially classical cryptography.

In cryptography, encryption is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Despite its goal, encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.

In cryptography, the one-time pad (OTP) is an encryption technique that cannot be cracked, but requires the use of a single-use pre-shared key that is larger than or equal to the size of the message being sent. In this technique, a plaintext is paired with a random secret key. Then, each bit or character of the plaintext is encrypted by combining it with the corresponding bit or character from the pad using modular addition.

In cryptography, a substitution cipher is a method of encrypting in which units of plaintext are replaced with the ciphertext, in a defined manner, with the help of a key; the "units" may be single letters, pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing the inverse substitution process to extract the original message.

In cryptography, a Caesar cipher, also known as Caesar's cipher, the shift cipher, Caesar's code, or Caesar shift, is one of the simplest and most widely known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet. For example, with a left shift of 3, D would be replaced by A, E would become B, and so on. The method is named after Julius Caesar, who used it in his private correspondence.

Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext. The keys may be identical, or there may be a simple transformation to go between the two keys. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link. The requirement that both parties have access to the secret key is one of the main drawbacks of symmetric-key encryption, in comparison to public-key encryption. However, symmetric-key encryption algorithms are usually better for bulk encryption. With exception of the one-time pad they have a smaller key size, which means less storage space and faster transmission. Due to this, asymmetric-key encryption is often used to exchange the secret key for symmetric-key encryption.

<span class="mw-page-title-main">Vigenère cipher</span> Simple type of polyalphabetic encryption system

The Vigenère cipher is a method of encrypting alphabetic text where each letter of the plaintext is encoded with a different Caesar cipher, whose increment is determined by the corresponding letter of another text, the key.

In cryptography, an initialization vector (IV) or starting variable is an input to a cryptographic primitive being used to provide the initial state. The IV is typically required to be random or pseudorandom, but sometimes an IV only needs to be unpredictable or unique. Randomization is crucial for some encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between segments of the encrypted message. For block ciphers, the use of an IV is described by the modes of operation.

In cryptography, the tabula recta is a square table of alphabets, each row of which is made by shifting the previous one to the left. The term was invented by the German author and monk Johannes Trithemius in 1508, and used in his Trithemius cipher.

In classical cryptography, the running key cipher is a type of polyalphabetic substitution cipher in which a text, typically from a book, is used to provide a very long keystream. The earliest description of such a cipher was given in 1892 by French mathematician Arthur Joseph Hermann. Usually, the book to be used would be agreed ahead of time, while the passage to be used would be chosen randomly for each message and secretly indicated somewhere in the message.

The affine cipher is a type of monoalphabetic substitution cipher, where each letter in an alphabet is mapped to its numeric equivalent, encrypted using a simple mathematical function, and converted back to a letter. The formula used means that each letter encrypts to one other letter, and back again, meaning the cipher is essentially a standard substitution cipher with a rule governing which letter goes to which. As such, it has the weaknesses of all substitution ciphers. Each letter is enciphered with the function $(ax + b) mod 26$ , where $b$ is the magnitude of the shift.

In cryptography, Tiger is a cryptographic hash function designed by Ross Anderson and Eli Biham in 1995 for efficiency on 64-bit platforms. The size of a Tiger hash value is 192 bits. Truncated versions can be used for compatibility with protocols assuming a particular hash size. Unlike the SHA-2 family, no distinguishing initialization values are defined; they are simply prefixes of the full Tiger/192 hash value.

"The Alphabet Cipher" was a brief study published by Lewis Carroll in 1868, describing how to use the alphabet to send encrypted codes. It was one of four ciphers he invented between 1858 and 1868, and one of two polyalphabetic ciphers he devised during that period and used to write letters to his friends.

In cryptography, a classical cipher is a type of cipher that was used historically but for the most part, has fallen into disuse. In contrast to modern cryptographic algorithms, most classical ciphers can be practically computed and solved by hand. However, they are also usually very simple to break with modern technology. The term includes the simple systems used since Greek and Roman times, the elaborate Renaissance ciphers, World War II cryptography such as the Enigma machine and beyond.

In cryptography, Madryga is a block cipher published in 1984 by W. E. Madryga. It was designed to be easy and efficient for implementation in software. Serious weaknesses have since been found in the algorithm, but it was one of the first encryption algorithms to make use of data-dependent rotations, later used in other ciphers, such as RC5 and RC6.

In cryptography, the simple XOR cipher is a type of additive cipher, an encryption algorithm that operates according to the principles:

The Two-square cipher, also called double Playfair, is a manual symmetric encryption technique. It was developed to ease the cumbersome nature of the large encryption/decryption matrix used in the four-square cipher while still being slightly stronger than the single-square Playfair cipher.

<span class="mw-page-title-main">Cryptography</span> Practice and study of secure communication techniques

Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.

The Aristocrat Cipher is a type of monoalphabetic substitution cipher in which plaintext is replaced with ciphertext and encoded into assorted letters, numbers, and symbols based on a keyword. The formatting of these ciphers generally includes a title, letter frequency, keyword indicators, and the encoder's nom de plume. The predecessor to these ciphers stems from the Caesar Cipher around 100. The Aristocrat Cipher also used a transposition of letters to encrypt a message.

References

↑ Kahn, David. The Codebreakers: The Story of Secret Writing. New York: Macmillan. ISBN 0-684-83130-9.
1 2 3 Schneier, Bruce (1996). Applied Cryptography (Second ed.). John Wiley & Sons. pp. 11. ISBN 0-471-11709-9.
1 2 Raymond, Eric S., ed. (29 December 2003). "ROT13". The Jargon File, 4.4.7. Archived from the original on 13 January 2012. Retrieved 19 September 2007.
↑ Westley, Brian (1989). "westley.c". IOCCC . Archived from the original on 9 June 2012. Retrieved 13 August 2007.
↑ Hollebeek, Tim; Viega, John. "Bad Cryptography in the Netscape Browser: A Case Study". CiteSeerX 10.1.1.15.9271 .
↑ Perens, Bruce (1 September 2001). "Dimitry Sklyarov: Enemy or friend?". ZDNet News. Archived from the original on 17 October 2014. Retrieved 3 February 2011.
↑ "ROT13 is used in Windows". 24 July 2006. Archived from the original on 20 December 2016. Retrieved 15 December 2016.
↑ Simanek, Donald E. (2012). "Perpetual Futility: A short history of the search for perpetual motion". The Museum of Unworkable Devices. Archived from the original on 10 October 2020. Retrieved 28 October 2020.
↑ "On the 2ROT13 Encryption Algorithm" (PDF). Prüfziffernberechnung in der Praxis. 25 September 2004. Archived (PDF) from the original on 15 April 2012. Retrieved 20 September 2007.
↑ "Furrfu". Foldoc. 25 October 1995. Archived from the original on 14 July 2014. Retrieved 3 October 2016.
↑ De Mulder, Tom. "ROT13 Words". Furrfu!. Archived from the original on 2 April 2012. Retrieved 19 September 2007.
↑ "5.13 Obfuscating Data". The GNU C Library Reference Manual. Free Software Foundation. 3 December 2006. Archived from the original on 2 August 2019. Retrieved 2 August 2019.
↑ "Rmail Rot13 – GNU Emacs Manual" Archived 24 March 2016 at the Wayback Machine . www.gnu.org.
↑ "Best of VIM Tips, gVIM's Key Features zzapper". rayninfo.co.uk. 3 March 2016. Archived from the original on 3 March 2016.
↑ "codecs – Codec registry and base classes – Python 3.9.6 documentation". ww6.python.org. 2 November 2023. Archived from the original on 6 October 2020. Retrieved 7 October 2020.

External links

Online converter for ROT13, ROT5, ROT18, ROT47, Atbash and Caesar cipher.
ROT13 to Text on PureTables.com

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Kahn, David. The Codebreakers: The Story of Secret Writing. New York: Macmillan. ISBN 0-684-83130-9.

[schneier-2] 1 2 3 Schneier, Bruce (1996). Applied Cryptography (Second ed.). John Wiley & Sons. pp. 11. ISBN 0-471-11709-9.

[jargon-3] 1 2 Raymond, Eric S., ed. (29 December 2003). "ROT13". The Jargon File, 4.4.7. Archived from the original on 13 January 2012. Retrieved 19 September 2007.

[4] Westley, Brian (1989). "westley.c". IOCCC . Archived from the original on 9 June 2012. Retrieved 13 August 2007.

[5] Hollebeek, Tim; Viega, John. "Bad Cryptography in the Netscape Browser: A Case Study". CiteSeerX 10.1.1.15.9271 .

[6] Perens, Bruce (1 September 2001). "Dimitry Sklyarov: Enemy or friend?". ZDNet News. Archived from the original on 17 October 2014. Retrieved 3 February 2011.

[7] "ROT13 is used in Windows". 24 July 2006. Archived from the original on 20 December 2016. Retrieved 15 December 2016.

[8] Simanek, Donald E. (2012). "Perpetual Futility: A short history of the search for perpetual motion". The Museum of Unworkable Devices. Archived from the original on 10 October 2020. Retrieved 28 October 2020.

[9] "On the 2ROT13 Encryption Algorithm" (PDF). Prüfziffernberechnung in der Praxis. 25 September 2004. Archived (PDF) from the original on 15 April 2012. Retrieved 20 September 2007.

[10] "Furrfu". Foldoc. 25 October 1995. Archived from the original on 14 July 2014. Retrieved 3 October 2016.

[11] De Mulder, Tom. "ROT13 Words". Furrfu!. Archived from the original on 2 April 2012. Retrieved 19 September 2007.

[12] "5.13 Obfuscating Data". The GNU C Library Reference Manual. Free Software Foundation. 3 December 2006. Archived from the original on 2 August 2019. Retrieved 2 August 2019.

[13] "Rmail Rot13 – GNU Emacs Manual" Archived 24 March 2016 at the Wayback Machine . www.gnu.org.

[14] "Best of VIM Tips, gVIM's Key Features zzapper". rayninfo.co.uk. 3 March 2016. Archived from the original on 3 March 2016.

[15] "codecs – Codec registry and base classes – Python 3.9.6 documentation". ww6.python.org. 2 November 2023. Archived from the original on 6 October 2020. Retrieved 7 October 2020.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]