## About CrypTool-Online (CTO)

**Encrypt directly within your browser**

CrypTool-Online provides an exciting insight into the world of cryptology. A variety of ciphers, **coding methods**, and analysis tools are introduced together with illustrated examples. Our emphasis is on making explanations easy to understand in order to further the general interest in cryptography and cryptanalysis. Therefore, you can experiment with the introduced methods in an interactive way directly on the website.

So you can learn the fundamentals of historically relevant ciphers in a little while , and also use the tools under **Ciphers** to encrypt messages yourself. You can also decrypt and **analyze** already encrypted messages and discover weaknesses of different ciphers. Under **Highlights**, you can for instance check the modern cipher AES or let the site generate good passwords for you.

CrypTool-Online is the online version of the e-learning program CrypTool. The so-called download (or offline) versions of CrypTool are also free and suitable for working with longer texts and conducting high performance analyses on encrypted messages.

Developers who like to join and enhance CTO with self-written plugins, find a good guidance in the git repository.

This site works together with the website www.cryptoprograms.com, and partly is a successor of it. The author of cryptoprograms.com also develops the famous Windows analyzer of classic ciphers CryptoCrack.

Ciphers are mtehods to encrypt messages. The origins of modern cryptography date back approximately 3000 years. The procedures used to encrypt messages before 1900 were primitive compared to modern approaches, but they are easy to understand and provide a good basis to study the more complicated methods. In recent times, especially after the emergence of telecommunication equipment, more complex encryption methods have become necessary. Today, an exorbitant amount of information is transmitted via the internet. Millions of people use websites for their banking activities causing the transmission of sensible data via networks where the precise routing of data is not always known and data may be manipulated or stolen.

This website gives you the opportunity to learn about ciphers and to test them in an interactive way within your browser. Try to encrypt a message for yourself and send it to a friend. Learn about the weak spots of popular ciphers and how they can be decrypted without knowing the key.

Ciphers are popular for geocaching (www.geocaching.com, http://en.wikipedia.org/wiki/Geocaching) to provide hints for the "treasure hunt". The ROT13 cipher is mostly used for geocaching, but also other classic ciphers like substitution, rail fence, Enigma. Often a hint is provided which indicates the cipher that was used.

Codes are used to transform data into a format, which is more convenient for the target application. One of the most common codes is the bar code, which can be optically scanned. Bar codes are found on nearly every packaging. Subsequently, supermarkets, for example, are able to rapidly capture the data on the bar codes at the check out counter. The more modern QR code can be recognized and decoded by every smartphone.

Bar codes and QR codes are used a lot, but the usage of the ASCII code exceeds the use of bar codes by far, even if we are not aware of this fact. Every keystroke on a keyboard is transformed into a bit string the computer is able to interpret.

On this website and the other recommended website, you have the opportunity to experiment with commonly used coding methods.

The goal of cryptanalysis is gaining knowledge of the encrypted text without the key.

A distinction is made for different attack scenarios:

**Ciphertext-only**

Only the encrypted text is known. Plaintext (and key) are looked for.

**Probable Plaintext**

The encrypted text is known and one can assume that the message contained follows a certain pattern. The used key is looked for.

**Known Plaintext**

An encrypted text and its plaintext is known. The goal is to determine the key.

**Chosen Plaintext**

One can freely choose a text that is to be encrypted and subsequently has access to the resulting encrypted text.

**Chosen Ciphertext**

One can temporarily generate the decrypted text from an assortment of corresponding encrypted text of one’s own choice.

Try a ciphertext-only attack against the Caesar cipher by performing a frequency analysis:

*URKAG QZODK BFMPA OGYQZ FFTQD QEGXF IUXXN QETAI ZUZMZ QIEGN IUZPA IFTQF UFXQA RFTQD QEGXF UZSIU ZPAIO AZFMU ZENAF TFTQZ MYQAR FTQAD USUZM XPAOG YQZFM ZPFTQ QZODK BFUAZ WQKGE QPFTQ GEMSQ ARWQK EUEEG BBADF QPNKF IAEBQ OUMXU OAZEO XUOWU ZSFTQ UOAZE TAIWQ KMXXA IEKAG FAEFA DQMOA BKARF TQWQK GEQPR DAYMD QEGXF UZSIU ZPAIU ZFAMZ UZFQD ZMXEF ADMSQ URKAG FTQZQ ZODKB FMZAF TQDPA OGYQZ FIUFT FTQEM YQQZO DKBFU AZYQF TAPFT QUOAZ UZEQD FWQKU EMOFU HQIUF TUZFT QWQKQ ZFDKP UMXAS NAJFT UEUET QXBRG XQEBQ OUMXX KIUFT YADQO AYBXQ JWQKE*

**Hint:**

The most frequently used character in English is "E". Determine the offset of the most frequently reoccurring character and of "E".

For example, the character "G" is the most frequently used character in a text. "G" is the 7th character of the alphabet, "E" is the 5th. The shift value of the Caesar cipher is 7-5=2. The key is 2.

While you can learn a lot about classic encryption methods and their weaknesses under the menu item Ciphers, you here have the chance to encrypt a text in hex with the modern AES encryption method. Currently, this method is being regarded as safe – provided a "good" key is used.

You can have the Password Generator provide you with a safe password. On this site, you can also learn about what a "good" password is and how to remember a seemingly complicated password without a problem.

Try beating the computer at the Taxman game and prove your mathematical skills by getting to the top of the high score.

Many more cryptographic functions, some of them in colorful visualizations, are contained in the downloadable versions of CrypTool – an overview of these more than 300 functions can be found here.