Ancient Cybersecurity II: Cracking the Caesar Cipher

Martine Diepenbroek

Communication security is no modern invention: the ancient Greeks, Romans, and Near Eastern people knew dozens of ways to encipher secret messages in a variety of contexts and settings. We find examples from the poetry of Homer, written in the 8th/7th century but channelling tales far older, through to the Latin verse of Ausonius in the 4th century AD, ranging from love letters to communication in warfare.

One system of communication security used by the Romans is the so-called ‘Caesar cipher’ – named by modern cryptographers after its supposed inventor, the most famous member of Caesars, Julius (c. 100–44 BC). Yet Caesar himself never discussed the use of this cipher in either of his surviving works (The Gallic War and The Civil War) or those doubtfully attributed to him (The Alexandrian War, The African War; The Spanish War). The term ‘Caesar cipher’ can only be found in modern works on cryptography; the only surviving descriptions of it come from Aulus Gellius, Cassius Dio, and Suetonius, all writing in the second century AD. According to these authors, Caesar seems to have used his cipher to communicate with his intimates on private affairs, and with his generals in the field over long distances. As Suetonius writes about Caesar,

There are… letters of his to Cicero, as well as to his intimates on private affairs, and in the latter, if he had anything confidential to say, he wrote it in cipher [per notas scripsit, literally “wrote by means of notation”], that is, by so changing the order of the letters of the alphabet that not a word could be made out. If anyone wishes to decipher these, and get at their meaning, he must substitute the fourth letter of the alphabet, namely D, for A, and so with the others (Suetonius,  The Deified Julius, 56.6)[1]

Silver denarius from January 44 BC: Caesar’s fourth Dictatorship is celebrated on the obverse, while Juno Sospita rides a biga (two-horse chariot) on the reverse.

Suetonius thus describes letters to Caesar’s intimates about confidential matters – in both a private context and in his capacity as a general – as written in cipher to prevent Caesar’s enemies from reading the messages if they were intercepted. His correspondents included the generals Oppius and Balbus, as Aulus Gellius records:

There are… letters of Gaius Caesar addressed to Gaius Oppius and Cornelius Balbus who had charge of his affairs in his absence. In certain parts of the letters there are found individual characters which are not connected to form syllables, but apparently are written at random; for no word can be formed from those letters (Aulus Gellius, Attic Nights, 17.9.1–2).[2]

In his description of the Caesar cipher Cassius Dio also mentioned the right shift of three letters, like Suetonius and Gellius did. Or rather, Dio explained Caesar’s technique as a substitution “in every case for the proper letter of the alphabet the fourth letter beyond”. Dio added to this that Caesar’s secret letters were unintelligible to most – but not all – people:

It was his usual practice, whenever he was sending a secret message to anyone, to substitute in every case for the proper letter of the alphabet the fourth letter beyond, so that the writing might be unintelligible to most persons (Cassius Dio, Roman History, 40.9.4).[3]

A Roman messenger rides at pace, Ernest Dudley Heath (from Mary Macgregor’s The Story of Rome, T.C. & E.C. Jack, London, 1912).

Simple substitution

The Caesar cipher is often regarded as a simple substitution technique for encryption: each letter of a plaintext (a non-encrypted text) is replaced by a letter that can be found a fixed number of positions down the alphabet. Caesar, for example, used a right shift of three letters – as we have already seen in the descriptions from Suetonius, Cassius Dio and Aulus Gellius. This means that every time a plaintext letter ‘A’ appeared in his letters, it was replaced by the letter ‘D’ in the ciphertext:

Encrypting text with a Caesar cipher with a right shift of three. The letter ‘A’ in the plaintext (non-encrypted text) becomes the letter ‘D’ in the ciphertext.

Decryption would have worked the other way around. If a general – like Oppius or Balbus – received a letter from Caesar written in cipher, he would have decrypted the text by using a left shift of three to make sure that every letter returned to its original place:

Decrypting text with a Caesar cipher with a left shift of three. The letter ‘D’ in the ciphertext becomes the letter ‘A’ in the plaintext.

Interestingly, the three sources on the Caesar cipher only mention this particular right shift of three. However, Caesar could obviously have used other shifts too. With an alphabet of 24 letters,[4] he could have used any shift between 1 and 23 to the left or right. In fact, the term ‘Caesar cipher’ in modern cryptography refers to any simple substitution cipher with one shift of letters down the alphabet and cryptographers presume that Caesar used different shifts regularly. Also, Caesar could have used Latin and/or Greek, since the medium of communication amongst the Roman elite was predominantly Greek (see below for an example). The Greek alphabet of 24 letters would also have given Caesar up to 23 options to the left or right. At any rate, it is improbable that Caesar would have changed cipher often – especially whilst on campaign – since he would not have had the time nor the means to inform all his staff about the particular change easily.

A disc for easy decryption of a Caesar cipher: turning the inner wheel the appropriate number of letters will reveal the code.

However, changing often to different shifts would have made Caesar’s writings more secure. With Caesar’s cipher, anyone who was familiar with the language that was encoded had a decent chance of cracking it if they either expected it to contain a particular word, or if they were clearly able to find a word of a distinctive shape. Once they worked out a given word, that would have revealed the letter shift in use, and thus given them the key for the message as a whole. When the decision was made to change to a different shift, the intended recipient of the message could have received information about that next shift in an encrypted message – presumably using the earlier shift. Luckily for Caesar, who seemingly used only one shift of letters, ancient Latin and Greek texts were written without spacing and word division, two features that we take for granted nowadays. This clearly improved the security of his messages, since it would not have been possible for an interceptor to establish clearly where one word began and another ended.

The grave of Julius Caesar, Nightingale Cemetery, Godalming, Surrey, UK.

Number of secret letters

Who received Caesar’s secret letters? How many did he send? And how many people knew about the cipher? Although these questions are impossible to answer, it is possible to analyse Caesar’s works to look for references to the cipher. He would have communicated in cipher with his intimates on private affairs and with his generals on campaign. This means that both parties knew about – and probably made their own use of – the cipher. In addition to sending encrypted letters to his generals, Caesar would very probably also have communicated in cipher with his scouts and spies – the exploratores and speculatores. Indeed, communicating in cipher would have been especially important for both of these groups, since it was their task to find out everything about the enemy’s strengths and whereabouts and to communicate this highly sensitive information back to the central command – all without the enemy knowing about this.

Such exploratores and speculatores often came up close to the enemy’s camp, which made them vulnerable to being captured. In fact, Caesar tells us that the Gauls sometimes captured his messengers (Gallic War, 5.45–6) and intercepted at least one letter sent from Caesar’s general Quintus Cicero to Caesar (Gallic War, 5.39). Of course, if exploratores and speculatores were captured with letters to or from Caesar written in plaintext, then the enemy could easily have learned important information about their forces and plans. Therefore, it is likely that Caesar’s exploratores and speculatores would have used the Caesar cipher in their own communications, as well as Caesar and his generals.

Dramatisation of exploratores (still from a 2021 video by Invicta).

Although Caesar never directly discussed the use of this cipher in his works, we can find dozens of references in his works to the sending and receiving of important confidential despatches. There are 19 references in total in Caesar’s extant corpus to his sending important confidential messages from Caesar to his staff, while we read of Caesar’s staff sending 40 highly confidential reports back to him about the enemy’s strengths and whereabouts. In addition to this, Caesar mentioned 69 times that he sent word to some of his troops in general, or to specific people, without explicitly mentioning that he sent them a written message. Then there are another 67 potential references to secret letters, which are situations in which Caesar left some of his forces at a certain location, and then moved on to another place with only a small part of the forces moving with him. Finally, there are 140 situations in which Caesar sent troops away from him or urged them to join him again. This brings the total number of potential references and allusions to secret messages sent to Caesar to 128, along with another 207 passages in which secret messages could have been sent.

Suetonius and Cassius Dio, therefore, seem to make a reasonable argument in saying that Caesar wrote in cipher whenever he had anything confidential to say. His use of the cipher must have been important to him, as well as to the parties with whom he communicated. Indeed, the use of the cipher must have been especially important during periods of conflict – such as the Gallic war, and even more important during the Civil War, in which Romans fought Romans, Latin speakers against Latin speakers.

Vercingetorix throws down his arms before Caesar (after the Battle of Alesia in 52 BC), Lionel Royer, 1899 (Musée Crozatier, Le Puy-en-Velay, France).

Quintus Cicero besieged by the Gauls: a letter in Greek or in cipher? 

As I have said, Caesar never discussed the working of the cipher that bears his name. Yet, he discussed one situation in which he used it to communicate secretly with his general Quintus Cicero (younger brother of the appreciably more famous Marcus Tullius). This example is ‘hidden’: we need to read between the lines to understand that we are seeing Caesar use his cipher. In The Gallic War (5.48) we read that Quintus Cicero was besieged by the Gauls. According to Caesar’s own account, in order to let Quintus Cicero know that he was about to send help, he decided to write a letter to Cicero in “Greek letters” [Graecis litteris] to prevent the Gauls from understanding the letter, should they intercept it.

Cassius Dio presumed that Caesar simply wrote a letter in Greek to make sure that the Gauls could not understand the message:

He wrote in Greek all that he wished to say, in order that, even if the letter were captured, it should even so be meaningless to the barbarians and afford them no information (Cassius Dio, Roman History, 40.9.3–4).[5]

Modern scholars – both historians and cryptographers – seem to have adopted this idea. Cary and Foster simply translate the text as “He wrote… in Greek”, in their translation of Dio’s Roman History. The historians Adams and Harris also assume that Caesar must simply have written the letter in the Greek language, without using any codes.[6] However, a letter merely written in Greek in order to encrypt Caesar’s message seems an inadequate interpretation of the situation in this case. Correspondence between elite Romans in this period would typically have been written in Greek as a matter of course, and Caesar knew that some of the Gauls had knowledge of the Greek language and script (Gallic War, 1.19.1, 6.14). Therefore modern historians of cryptography such as Pieprzyk, Hardjono and Sebbery seem to be in error when presuming that Caesar’s letters, if written in Greek, would certainly have been undecipherable to his enemies in Gaul.[7] It seems implausible, then, that Caesar simply wrote the letter in Greek to prevent the Gauls from comprehending its contents.

Some other scholars – e.g. Singh, Bauer and Rice Holmes – assume that Caesar transliterated a message that was originally written in Latin, into Greek characters or letters.[8] In this way a ‘Greek’ meaningless message was created. Although this is plausible – in fact the use of different languages with different alphabets (Latin and Greek) would have made the messages even more secure – it remains the case that the typical medium of communication amongst the Roman elite was predominantly Greek. Caesar would in all probability already have communicated with Quintus Cicero using ‘Greek letters’ (= the Greek language) in his non-secret correspondence, and would have changed to communication in cipher if an extra layer of security was needed. So, Caesar’s secret letter to Cicero was most probably a letter already written in Greek and then encrypted in a Greek substitution cipher. I suggest that we can decode this story as a veiled account of Caesar’s own cipher being used in the field – a point that has not been discussed by historians or cryptographers before.

Bilingual inscription of the 1st century AD from Citium/Kition in Cyprus (Metropolitan Museum of Art, New York, USA). The Latin text says “Julia Donata, freedwoman of Olympius, is under this rock”, the Greek “Julia Donata, freedwoman of Olympius [is/was] good: farewell”.)

Greek origins

In a simple substitution cipher, the characters of a plaintext are replaced by other characters, numbers, symbols, or a combination of those – as is the case in Caesar’s substitution of plaintext letters for ciphertext letters. This becomes especially clear when an encryption table is used, like the one presented below (given the argument above, I have taken Greek as the basis):

Caesar cipher with a right shift of three applied to ancient Greek alphabet.

Indeed, I suggest that if we look further back into history and into the Ancient Greek world, we can see the embryo of the principle of substitution ciphers, like Caesar’s cipher, in the Spartan scytale. In this system – used by the Spartans in the 5th and 4th centuries BC – the letters of a secret message in Greek were also substituted, by virtue of being wrapped round a stick: for further details of this cipher, please take a look at my earlier article here.

Caesar ciphers – with various shifts – are still used in modern cryptography, showing the influence of Caesar’s method on modern communication security. Therefore, the Caesar cipher is still mentioned in almost every book on 21st-century cryptography – where it is typically described as being a conceptual milestone in the development of modern cryptography. Yet, such studies typically position Caesar’s Roman technique for secret communication as the embryonic form of modern cryptographic methods, ignoring the fact that complex modes of encryption already existed in the Classical world centuries before the Caesar cipher. Yet, none of these studies considers the significance (indirect or otherwise) of earlier Greek substitution and/or transposition ciphers – including the Spartan scytale – upon the development and deployment of the Caesar cipher.

Martine Diepenbroek has recently finished her PhD in Classics and Ancient History at the University of Bristol in the United Kingdom. She works on secret communication in the ancient world. Her first article in this series can be read here.

Further reading

M.L.M. Diepenbroek, Myths and Histories of the Spartan scytale (University of Bristol, 2021).

D. Kahn, The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet (2nd ed., Weidenfeld and Nicolson, London, 1996).


1 This passage can be read in its broader context, in both Latin and English, here.
2 Gellius’ account can be read at greater length, in Latin and English, here.
3 To read the original Greek text, and explore the context further, visit here, or consult the English translation here.
4 The Latin alphabet in Caesar’s days lacked two of our 26 letters: ‘J’, a sound they lacked, and ‘U’, since ‘U’ and ‘V’ were represented by one and the same letter V/u.
5 Follow the links above in Note 3 to explore this text further.
6 J.N. Adams, Bilingualism and the Latin Language (Cambridge UP, 2003) and W.V. Harris, Ancient Literacy (Harvard UP, Cambridge, MA, 1989).
7 J. Pieprzyk, T. Hardjono and J. Seberry, Fundamentals of Computer Security (Springer, Berlin, 2013).
8 S. Singh, Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography (Fourth Estate, London, 1999), C.P. Bauer, Unsolved! The History and Mystery of the World’s Greatest Ciphers from Ancient Egypt to Online Secret Societies (Princeton UP, NJ, 2017), and T. Rice Holmes, Caesar’s Conquest of Gaul (2nd ed., Oxford UP, 1911).