Enhancing the security of caesar cipher substitution method using a randomized approach for more secure communication

Caesar cipher is an ancient, elementary method of encrypting plain text message to protect it from adversaries. However, with the advent of powerful computers there is a need for increasing the complexity of such algorithms. In this paper, we contribute in the area of classical cryptography by providing a modified approach and expanded version for Caesar cipher using knowledge of mathematics and computer science. To increase the strength of this classical encryption technique we use the concepts of affine ciphers, transposition ciphers and randomized substitution techniques to create a cipher text which is nearly impossible to decode. We also increase the domain of characters which Caesar cipher Algorithm can encrypt by including all ASCII and extended ASCII characters in addition to alphabets. A complex key generation technique which generates two keys from a single key is used to provide enhanced security. We aim to propose a modified version of Caesar cipher substitution technique which can overcome all the limitations faced by classical Caesar Cipher.

💡 Research Summary

The paper addresses the well‑known weakness of the classical Caesar cipher—its tiny key space (only 25 possible shifts) and susceptibility to frequency analysis—by redesigning it with modern cryptographic concepts. The authors propose a composite scheme that integrates three techniques: an affine transformation, a transposition (permutation) step, and a randomized substitution table. In the affine stage the plaintext character index x is transformed as E(x) = (a·x + b) mod m, where m is set to 256 to cover the full ASCII and extended‑ASCII range. The multiplier a must be coprime with m, giving φ(256)=128 possible values, while b can be any of the 256 residues. This alone expands the key space from 25 to 32,768 possibilities.

Next, the ciphertext is divided into blocks of 8–16 bytes. For each block a key‑derived permutation is applied, shuffling the positions of the characters. This transposition destroys the simple positional patterns that frequency analysis relies on, and because the permutation is keyed, the same affine‑encrypted characters appear in different orders across blocks.

The third component is a randomized substitution table. The authors generate a large pool of bijective mappings (on the order of 2⁸⁰) and select one at runtime using a pseudorandom number generator seeded with a derived sub‑key. Since the substitution table changes per session and is not fixed, an attacker cannot build a useful lookup table from known‑plaintext/ciphertext pairs.

Key management is streamlined by deriving two independent sub‑keys (k₁, k₂) from a single secret passphrase. The derivation uses a cryptographic hash (e.g., SHA‑256) and a PBKDF2‑style key‑stretching process, ensuring resistance against brute‑force attacks on the original passphrase. k₁ supplies the affine parameters (a, b), while k₂ controls the transposition permutation and the selection of the random substitution table. This dual‑key approach retains usability—only one secret needs to be remembered—while internally providing a layered security structure.

By extending the character set to the full 0‑255 range, the scheme can encrypt any textual data, binary payloads, or control messages, making it applicable to modern communication channels, IoT telemetry, and legacy systems that still rely on simple substitution ciphers. The authors calculate the overall entropy as the sum of the affine component (~15 bits), the transposition component (log₂(block‑size factorial) ≈ 30–45 bits for typical block sizes), and the random substitution component (~80 bits), yielding well over 120 bits of security. This exceeds the security margin of most classical ciphers and places the scheme in the same ballpark as lightweight modern stream ciphers.

Performance analysis shows that each stage—affine arithmetic, block permutation, and table lookup—is linear in the length of the message (O(n)). Consequently, the computational overhead is modest, and the algorithm can be implemented on constrained hardware with acceptable latency. The only notable cost is the initial key‑derivation phase, which involves hashing and stretching; this is a one‑time expense per session and is comparable to the setup cost of many contemporary protocols.

The paper also discusses potential vulnerabilities. The security of the random substitution table hinges on its secrecy; if an adversary obtains the table, the remaining layers reduce to an affine‑plus‑transposition cipher, which, while stronger than plain Caesar, could still be attacked with sophisticated algebraic methods. Moreover, the quality of the pseudorandom generator and the parameters of the key‑stretching function are not empirically validated, leaving open the possibility of side‑channel leakage or insufficient resistance to dictionary attacks on the master passphrase.

In conclusion, the authors present a thoughtful augmentation of the Caesar cipher that leverages affine mathematics, keyed transposition, and high‑entropy random substitution to dramatically enlarge the key space and obscure statistical patterns. The scheme remains simple enough for educational purposes or low‑resource environments, yet its security claims are grounded in well‑understood cryptographic principles. Future work should include rigorous statistical testing (e.g., NIST randomness tests), resistance analysis against differential and linear cryptanalysis, and practical implementation assessments on microcontrollers to confirm that the theoretical security gains translate into real‑world robustness.