“If he had anything confidential to say, he wrote it in cipher, that is, by so changing the order of the letters of the alphabet, that not a word could be made out. If anyone wishes to decipher these, and get at their meaning, he must substitute the fourth letter of the alphabet, namely D, for A, and so with the others.”
Suetonius, Life of Julius Caesar 56
Introduction
The first type of puzzle that I want to introduce to other DMs is the substitution cipher. Substitution ciphers are possibly the easiest puzzles to incorporate in a TTRPG game, for both your players and you: They are easy to create, easy to insert into your story, and easy to solve, once players have the key. And because of that, they are fun for everyone! So if you want to introduce a puzzle into your campaign to see how it goes, a simple cipher is a great place to start.
A substitution cipher is a written code, in which agreed upon symbols are used in place of the normal letters. These symbols can be other letters, as in a Caesar shift cipher or a transcription cipher like the Dwarven, Elvish, and Draconic scripts from the Dungeons and Dragons 5e Player’s Handbook (pages 122-24). However, they can also be images, sounds, or any other distinguishable sequence, like Morse code or the Dancing Men cipher from the Sherlock Holmes mystery, The Adventure of the Dancing Men.
As I said before, substitution ciphers are simple to understand and easy to decipher, once you have the key. There are many other types of ciphers besides substitution ciphers, such as Vigenére ciphers, Bacon ciphers, all the way up to modern public- and private-key cryptography. I don’t recommend using these in your TTRPG games. These ciphers were intentionally designed to be hard to crack; and the result is that it takes a longer time both to understand the principles of encryption and to manually decrypt the message. That means that, if you introduce one of these cipher types in your game, the game progress will have to stop twice: first for your players to learn how the cipher works, and again when they try to decipher your puzzle.
This gets at one of my fundamental best practices for incorporating puzzles into TTRPGs: The puzzle shouldn’t stop the collaborative storytelling. I remember reading a post on Reddit of “top RPG puzzles,” where one DM bragged about stumping his players with a riddle puzzle for over an hour. To me, that’s not a good puzzle. Just like a combat encounter that stretches on for too long or a role-playing encounter with a shopkeeper that never ends, someone (possibly including me, the DM!) is going to start getting bored while the party tries to solve that puzzle. And the moment someone gets bored, they stop having fun.
For maximum TTRPG fun, my recommendation is to stick to simple substitution ciphers, even though no serious spymaster would actually use one. They create the verisimilitude of a bona fide mystery, and your players will get just as much of an a-ha moment when they solve it, with far less work for everyone. Going forward, when I use the word “cipher,” I mean a substitution cipher.
Also, while I’m talking about definitions: the word “cipher” is both a noun, describing such a code, and a verb, describing the act of encoding a message using a cipher. For clarity, I will use “encode” instead of “cipher” here when I am talking about the action.
Cipher Mechanics
Okay, let’s start with the mechanics of the substitution cipher. A substitution cipher, as stated previously, is a word or message that has been disguised by replacing most or all of the letters (or other symbols) in it with different letters or symbols. For harder ciphers, that replacement is random. For simpler ciphers, that replacement follows a pattern For example, in a Caesar Shift cipher, each letter is replaced by the letter a set number of steps to the right of it: If the Caesar Shift is 5, then A would be replaced with F, B would be replaced with G, etc.
As a general rule, a cipher is an obvious puzzle. When something is written in a cipher, it becomes some form of gibberish. But most people are familiar enough with ciphers from other media that, when you give your players a cipher, they are likely to realize that the gibberish sequence conveys a message. Until they have the key, though, it is unintelligible to them. This text, the encoded message, is also called the ciphertext.
The way that players solve a cipher is by finding or figuring out the cipher key, which is the principle by which you disguised the letters in the original message. You can design your story such that they can find the key through exploration or role-playing, or they may need to crack the cipher using logic (or another puzzle, in a multi-layered puzzle).
One challenge to ciphers is that, especially if you use a simple cipher or your message is long, they can sometimes be decoded without the cipher key. Since your ciphers will usually translate into the native language of the players at your game table, someone can apply their knowledge of that language to the cipher to try to “crack” it. (For an example of this, review the aforementioned Sherlock Holmes story, The Adventure of the Dancing Men.)
If this concerns you, the easiest way to solve it is to add a complicating factor such as the ones that I discuss below, that will limit players’ ability to do this. However, if it is your goal that your players manually decode the message (and sometimes, for fun storytelling, that makes sense!), there are a few ways that you can make it easier for them, instead.
For my next post, I’ll walk through the steps of actually designing your own cipher puzzle. In the meantime, I’ll leave you with examples of two simple ciphers.
Example: The Caesar Shift Cipher
The Caesar shift is possibly the simplest cipher out there. It is also one of the oldest, allegedly having been used by Julius Caesar himself to disguise his communications. As stated previously, its cipher principle is to “shift” your message a consistent number of letters left or right in the alphabet, so that the original message is disguised, but easily decoded by an informed reader.
Because it keeps the letters of the alphabet in sequence, a Caesar shift cipher is very easy to crack; all someone needs to do is try a maximum of 25 possible solutions before they hit on the correct one. Therefore, it is most fun with players who know nothing about cryptography, such as younger players, or in situations where you want your players to be able to decipher it. Otherwise, you risk your players decoding it earlier in the story than you intended, which could frustrate you, and would therefore not be fun.
Another strategy that you can use to prevent your players from deciphering the cipher early is to initially give them only limited time with the cipher. For example, show them the ciphertext for a few seconds but then hide it. (Perhaps they catch a glimpse of the text on top of the high priest’s help, but then he hides it.)That will give them enough time to recognize it as a cipher, but not enough time to write it down and decode it. Then, later in the story, when you are prepared for them to crack the code, actually give them a copy of the ciphertext.
To create your own Caesar shift cipher, you first need to decide what your shift will be. A shift of 1 to the right shifts all of the letters of the alphabet right by one: A becomes B, B becomes C, etc. At the end of the alphabet, just circle back to the beginning: Z becomes A. A shift of 4 to the left shifts all of the letters of the alphabet left by four: A becomes W, B becomes X, C becomes Y, D becomes Z, E becomes A, etc. Notice that a shift of 4 to the left is the same as a shift of 22 to the right: A becomes W in either case.
Whatever shift you choose, write out your key, with the regular letters in the first row or column and the encoded letters in the second row or column. Then, use that to encode your message, one word at a time. So, using the cipher in Figure 1, the message “GET OUT” would become “SQF AGF.” Once your players have (figured out) the cipher key, they will decode it by reversing that process.
It is very possible for players to read a cipher key backwards. Continuing the example in the previous paragraph, they might mistakenly assume that the first row is the cipher and the second row is the real message. In that case, they would turn “SQF AGF” into “ECR MSR,” which is still gibberish. Inexperienced puzzle solvers might give up here. If your players get stuck with this, I recommend that you gently suggest that they switch which row they are using as the key. The goal of a TTRPG is storytelling, not expert decryption. It is therefore usually preferable to keep the story moving than to let it stumble over such a small obstacle.
A Caesar shift cipher is easy to incorporate into your story because of its long history. For example, it can easily be inserted into traditional medieval fantasy stories without straining your players’ imagination. It heavily implies that its author wanted to disguise the message, so it isn’t necessarily a good cipher to use to represent a different language. For that, you might find it easier to use a transposition cipher. However, you should balance your need for verisimilitude against you and your players’ tolerance for extra work. If you don’t have access to a fantasy font and a printer, for example, encoding a message into Elvish may take longer than you care to spend, and the same message will also take your players longer to decode.
Example: The Pigpen Cipher
Another very well known cipher is the pigpen cipher. The name comes from the fact that the cells of the cipher grid are similar to the pens or cages in which pigs used to be kept. Its other names include the Freemason’s cipher (because masons allegedly used it, along with the Knights Templar and the Rosicrucians) and the Napoleon cipher (because Napoleon allegedly used it), and a number of others. Its origins may be in ancient Hebrew writing.
The encoding principle of the pigpen cipher is simple: Each cell of the grid is assigned to one letter. Most of the time, pigpen ciphers are sequential: the first cell is assigned to the letter A, the second to B, etc.
However, you can make your pigpen cipher much more difficult to decode simply by not starting with A in the first cell. Start with, say, G, instead, and continue sequentially through the alphabet, with A following Z. Someone familiar with a pigpen cipher will try to crack it using A as the first value, and when that fails, they are likely to give up, as they will realize that they don’t know the cipher principle. Then, when they later discover the cipher key, they’ll still be able to quickly decode the message.
If that isn’t enough security for you, you can also assign the letters to the cells at random. This will make your cipher very hard to crack, because your players will have to depend on word and letter patterns in the message. However, it will also slow down the decoding process once your players get the key, because they will have to hunt for every letter, instead of being able to learn the pattern.
When you encode your message, each cell in your chart becomes a character in the message. See Figure 3 for an example of the message “Walk north” encoded using the pigpen cipher in Figure 2.
Once you have made your cipher key, you can easily write out your ciphertext by hand. There are also free pigpen cipher fonts available on the internet, and if you plan to make a lot of pigpen ciphers, installing one of those in your word processor could save you a lot of time. However, one warning: These fonts generally follow the letter sequence in Figure 2. If you also want to apply one of the methods I’ve suggested above to make your cipher harder to crack, you will need to first create your own substitution cipher that will convert the font letters to your cipher values.
For example, if you plan to make a sequential pigpen cipher starting with G, you’d create a Caesar shift cipher with a shift of 6 to the left. Then, if your message was “GET OUT,” you would use that cipher key to transform it into the script of the font: “AYN ION.” Then you would be able to use the font to type that message. Your players will not need to do the same work, as long as you give them the correct cipher key. For them, since they are not typing, the symbol that the font assigns to “A” will always mean “G.”
As with Caesar shift ciphers, pigpen ciphers are easy to incorporate into most TTRPG stories because of their long history and their use by secret societies. Also, because it doesn’t use the English alphabet (or whatever alphabet the native language at your table uses), it is somewhat easier to substitute for a foreign or ancient language.
Leave a Reply