# Basic cryptography – the Caesar cipher

One of the most basic encryption schemes is the Caesar cipher. It's weak in practice, but a great way to learn how crypto works.

One of the first cryptographic systems I ever learned was the Caesar cipher. It’s one you’ve probably used as well. Unlike more sophisticated ciphers, Caesar uses a fixed shift of characters in the alphabet.

Your key is effectively the number of letters to shift to the left. A key of 1 means to shift every character one position to the left. A becomes Z. B becomes A. C becomes B. Rinse and repeat.

One of the most famous Caesar shifts is the much mocked `rot13()` function where every character is replaced by one exactly 13 characters away. This particular shift is mocked because the function is an inversion of itself – apply things twice and you end up with the original input.

With a traditional Caesar cipher, you encrypt with an integer key and decrypt with that key subtracted from 26. It’s a quick operation and sufficiently obscures the original message.

## Implementing the Caesar cipher in PHP

If you are using a shift of 13, the easiest implementation in PHP is the native `str_rot13()` function that ships with core. Unfortunately, that’s not very extensible and, if you use a shift of 13, everyone will start there to crack your message.

Instead, we want to build a more generic rotation algorithm that can adequately replace each character in a given string with its complement post shift. The following function (derived heavily from an example in the PHP documentation) does exactly that by:

• Creating a static array of candidate letters
• Leveraging PHP’s `strtr()` string translation function to replace characters in-place
``````function rotate(string \$str, int \$shift, string \$direction = 'right'): string
{
\$shift = abs(\$shift % 26);

if (\$direction === 'right') \$shift = abs(\$shift - 26);

if (\$shift === 0) {
return \$str;
} else if (\$shift === 13) {
return str_rot13(\$str);
}

\$transform = substr(\$letters, \$shift * 2) . substr(\$letters, 0, \$shift * 2);
return strtr(\$str, \$letters, \$transform);
}``````

Now, armed with a translation function, we can implement encryption and decryption interfaces for the Caesar cipher:

``````function caesar_encrypt(string \$message, int \$key): string
{
return rotate(\$message, \$key, 'left');
}

function caesar_decrypt(string \$message, int \$key): string
{
return rotate(\$message, \$key, 'right');
}``````

## Don’t do this at home

Implementing ciphers is a fun hobby but please do not use this for anything critical! The Caesar cipher is incredibly easy to crack as there are only 26 possible keys. Decrypting a message through brute force is child’s play.

For now, rest assured that knowing how to implement a Caesar cipher is a critical stepping stone to more advanced cryptography. It’s also a fun exercise for coders trying to brush the rust off their algorithm skills.