ROT13

ROT13 replaces each letter by its partner 13 characters further along the alphabet. For example, HELLO becomes URYYB (or, reversing, URYYB becomes HELLO again).

ROT13 ("rotate by 13 places", sometimes hyphenated ROT-13) is a simple substitution cipher used in online forums as a means of hiding spoilers, punchlines, puzzle solutions, and offensive materials from the casual glance. ROT13 has been described as the "Usenet equivalent of a magazine printing the answer to a quiz upside down".^[1] ROT13 is a variation of the Caesar cipher, developed in ancient Rome.

ROT13 is its own inverse; that is, to undo ROT13, the same algorithm is applied, so the same action can be used for encoding and decoding. The algorithm provides minimal cryptographic security, and is often cited as a canonical example of weak encryption. ROT13 has inspired a variety of letter and word games on-line, and is frequently mentioned in newsgroup conversations.

Description

Applying ROT13 to a piece of text merely requires examining its alphabetic characters and replacing each one by the letter 13 places further along in the alphabet, wrapping back to the beginning if necessary.^[2] A becomes N, B becomes O, and so on up to M, which becomes Z, then the sequence continues at the beginning of the alphabet: N becomes A, O becomes B, and so on to Z, which becomes M. Only those letters which occur in the English alphabet are affected; numbers, symbols, whitespace, and all other characters are left unchanged. Because there are 26 letters in the English alphabet and 26 = 2 × 13, the ROT13 function is its own inverse:^[2]

${\displaystyle {\mbox{ROT}}_{13}({\mbox{ROT}}_{13}(x))={\mbox{ROT}}_{26}(x)=x}$ for any text x.

In other words, two successive applications of ROT13 restore the original text (in mathematics, this is sometimes called an involution; in cryptography, a reciprocal cipher).

The transformation can be done using a lookup table, such as the following:

ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz

NOPQRSTUVWXYZABCDEFGHIJKLMnopqrstuvwxyzabcdefghijklm

For example, in the following joke, the punchline has been obscured by ROT13:

How can you tell an extrovert from an
introvert at NSA? Va gur ryringbef,
gur rkgebireg ybbxf ng gur BGURE thl'f fubrf. 

Transforming the entire text via ROT13 form, the answer to the joke is revealed:

Ubj pna lbh gryy na rkgebireg sebz na
vagebireg ng AFN? In the elevators,
the extrovert looks at the OTHER guy's shoes.

A second application of ROT13 would restore the original.

Usage

ROT13 was in use in the net.jokes newsgroup by the early 1980s.^[3] It is used to hide potentially offensive jokes, or to obscure an answer to a puzzle or other spoiler.^[2][4] A shift of thirteen was chosen over other values, such as three as in the original Caesar cipher, because thirteen is the value for which encoding and decoding are equivalent, thereby allowing the convenience of a single command for both.^[4] ROT13 is typically supported as a built-in feature to newsreading software.^[4] Email addresses are also sometimes encoded with ROT13 to hide them from less sophisticated spam bots.

ROT13 is an example of the encryption algorithm known as a Caesar cipher, attributed to Julius Caesar in the 1st century BC.^[5]

ROT13 is not intended to be used where secrecy is of any concern—the use of a constant shift means that the encryption effectively has no key, and decryption requires no more knowledge than the fact that ROT13 is in use. Even without this knowledge, the algorithm is easily broken through frequency analysis.^[2] Because of its utter unsuitability for real secrecy, ROT13 has become a catchphrase to refer to any conspicuously weak encryption scheme; a critic might claim that "56-bit DES is little better than ROT13 these days." Also, in a play on real terms like "double DES", the terms "double ROT13", "ROT26" or "2ROT13" crop up with humorous intent, including a spoof academic paper "On the 2ROT13 Encryption Algorithm".^[6] As applying ROT13 to an already ROT13-encrypted text restores the original plaintext, ROT26 is equivalent to no encryption at all. By extension, triple-ROT13 (used in joking analogy with 3DES) is equivalent to regular ROT13.

In December 1999, it was found that Netscape Communicator used ROT-13 as part of an insecure scheme to store email passwords.^[7] In 2001, Russian programmer Dimitry Sklyarov demonstrated that an eBook vendor, New Paradigm Research Group (NPRG), used ROT13 to encrypt their documents; it has been speculated that NPRG may have mistaken the ROT13 toy example—provided with the Adobe eBook software development kit—for a serious encryption scheme.^[8] Windows XP uses ROT13 on some of its registry keys.^[9]

Letter games and net culture

abcdefghijklmnopqrstuvwxyz NOPQRSTUVWXYZABCDEFGHIJKLM
aha ↔ nun	ant ↔ nag
balk ↔ onyx	bar ↔ one
barf ↔ ones	be ↔ or
bin ↔ ova	ebbs ↔ roof
envy ↔ rail	er ↔ re
errs ↔ reef	flap ↔ sync
fur ↔ she	gel ↔ try
gnat ↔ tang	irk ↔ vex
clerk ↔ pyrex	purely ↔ cheryl
PNG ↔ cat	SHA ↔ fun
furby ↔ sheol	terra ↔ green
what ↔ Jung	URL ↔ hey
purpura ↔ Chechen	shone ↔ FUBAR

ROT13 provides an opportunity for letter games. Some words will, when transformed with ROT13, produce another word. The longest example in the English language is the pair of 7-letter words abjurer and nowhere; there is also the 7-letter pair chechen and purpura. Other examples of words like these are shown in the table.^[10]

The 1989 International Obfuscated C Code Contest (IOCCC) included an entry by Brian Westley. Westley's computer program can be ROT13'd or reversed and still compiles correctly. Its operation, when executed, is either to perform ROT13 encoding on, or to reverse its input.^[11]

The newsgroup alt.folklore.urban coined a word—furrfu—that was the ROT13 encoding of the frequently encoded utterance "sheesh". "Furrfu" evolved in mid-1992 as a response to postings repeating urban myths on alt.folklore.urban, after some posters complained that "Sheesh!" as a response to newcomers was being overused.^[12]

Variants

ROT47 is a derivative of ROT13 which, in addition to scrambling the basic letters, also treats numbers and common symbols. Instead of using the sequence A–Z as the alphabet, ROT47 uses a larger set of characters from the common character encoding known as ASCII. Specifically, the 7-bit printable characters, excluding space, from decimal 33 '!' through 126 '~', 94 in total, taken in the order of the numerical values of their ASCII codes, are rotated by 47 positions, without special consideration of case. For example, the character A is mapped to p, while a is mapped to 2. The use of a larger alphabet produces a more thorough obfuscation than that of ROT13; for example, a telephone number such as +1-415-839-6885 is not obvious at first sight from the scrambled result Z`\c`d\gbh\eggd. On the other hand, because ROT47 introduces numbers and symbols into the mix without discrimination, it is more immediately obvious that the text has been enciphered.

Example:

The Quick Brown Fox Jumps Over The Lazy Dog.

enciphers to

%96 "F:4< qC@H? u@I yF>AD ~G6C %96 {2KJ s@8]

The GNU C library, a set of standard routines available for use in computer programming, contains a function—memfrob()^[13]—which has a similar purpose to ROT13, although it is intended for use with arbitrary binary data. The function operates by combining each byte with the binary pattern 00101010 (42) using the exclusive or (XOR) operation. This effects a simple XOR cipher. Like ROT13, memfrob() is self-reciprocal, and provides a similar, virtually absent, level of security.

Methods

A method of en-/decrypting a string can be implemented using the UNIX tr command. For example:

echo "Or fher gb qevax lbhe Binygvar" | tr 'A-Za-z' 'N-ZA-Mn-za-m'
Be sure to drink your Ovaltine

See also

• Cryptanalysis

Notes and references

1. Horrocks, Bruce (28 June 2003). "UCSM Cabal Circular #207-a". Usenet group uk.comp.sys.mac (Message ID UZ36hgCSoh$+EwqG@nodomain.nodomain.us). Retrieved 2007-09-17.
2. Schneier, Bruce (1996). Applied Cryptography (Second ed.). John Wiley & Sons. p. 11. ISBN 0-471-11709-9.
3. Early uses of ROT13 found in the Google USENET archive date back to 8 October 1982, posted to the net.jokes newsgroup [1][2].
4. Raymond, Eric S. (ed.) (2003-12-29). "ROT13". The Jargon File, 4.4.7. Retrieved 2007-09-19. {{cite web}}: |first= has generic name (help)
5. Kahn, David. The Codebreakers: The Story of Secret Writing. New York: Macmillan. ISBN 0-684-83130-9. {{cite book}}: Cite has empty unknown parameter: |coauthors= (help)
6. "On the 2ROT13 Encryption Algorithm" (PDF). Prüfziffernberechnung in der Praxis. 2004-09-25. Retrieved 2007-09-20.
7. Hollebeek, Tim. "Bad Cryptography in the Netscape Browser: A Case Study". Reliable Software Technologies. Retrieved 2007-09-20. {{cite web}}: Unknown parameter |coauthors= ignored (|author= suggested) (help)
8. Perens, Bruce (2001-09-01). "Dimitry Sklyarov: Enemy or friend?". ZDNet News. Retrieved 2007-09-20.
9. Ferri, Vic (2007-01-04). "The Count Keys in the Windows Registry". ABC: All 'Bout Computers. Retrieved 2007-09-20.
10. De Mulder, Tom. "ROT13 Words". Furrfu!. Retrieved 2007-09-19.
11. Westley, Brian (1989). "westley.c". IOCCC. Retrieved 2007-08-13.
12. "Furrfu". Foldoc. 1995-10-25. Retrieved 2007-08-13.
13. "5.10 Trivial Encryption". The GNU C Library Reference Manual. Free Software Foundation. 2006-12-03. Retrieved 2007-09-20.

External links

• Online Converter for ROT5 and ROT13 (no JavaScript)
• iHideURL Rot13 implementation to hide and scramble URLs.
• Software for ROT13 in a large number of languages — includes a patch to ssh to add support for ROT13, and a cryptanalysis tool to automatically distinguish ROT13 text from plaintext.