The Shift (or Caesar) Cipher is another monoalphabetic substitution cipher.

Although more
secure than the Atbash Cipher, it is still an easy cipher to break, especially by today's standards.
Originally, it was used by Julius Caesar for sending encrypted messages to his troops, as
recorded by Suetonius:
If he had anything confidential to say, he wrote it in cipher, that is, by so changing the order of the letters of the
not a word could be made out. If anyone wishes to decipher these, and get at their meaning, he must substitute t
of the alphabet, namely D, for A, and so with the
(Suetonius, The Twelve Caesars)

This describes what we would now call a shift of 3, and describes the cipher that Caesar used
quite well. That is, "a" was encrypted as "D", "b" as "E", etc. The table below gives the plaintext
alphabet and the ciphertext alphabet to show how a shift of 3 could be depicted.

A Caesar Shift of 3. This was the key that Caesar himself

used.
For a Caesar shift we have a key, which makes the cipher stronger than the Atbash Cipher. The
key is the number by which we shift the alphabet, since this provides a unique way to describe
the ciphertext alphabet easily.
The example on the Monoalphabetic Substitution Ciphers page where each letter is replaced by
the letter after it in the alphabet is a Shift of 1.
Encryption
Encryption using the Shift Cipher is very easy. First we must create the ciphertext alphabet,
which as discussed above is simply found by 'shifting' the alphabet to the left by the number of
places given by the key. Thus a shift of 1 moves "A" to the end of the ciphertext alphabet, and
"B" to the left one place into the first position. As the key gets bigger, the letters shift further
along, until we get to a shift of 26, when "A" has found it's way back to the front. We have
already seen a shift of 3 in the table above, and below we have a shift of 15.

The ciphertext alphabet for a Sihft of 15.

Once we have created the table, the encryption process is easy, as we just replace each occurence
within the plaintext of a letter with the corresponding ciphertext letter as given by the ciphertext
alphabet. Hence, if we wanted to encrypt the plaintext "julius caesar" with the key he himself
used, namely 3, we look along the plaintext alphabet row in the first table to find "j", and note
that this encrypts to "M". We then look for "u", and take the ciphertext letter "X". Continuing in
this way, we finally encrypt to "MXOLXV FDHVDU".
Decryption
Decryption by the intended recipient of a ciphertext received that has been encrypted using the
Shift Cipher is also very simple. One can either use the table already created above, and find
each letter of the ciphertext in the bottom row, and replace with the corresponding plaintext letter
directly above it, or the recipient could create the inverse table, with the ciphertext alphabet on
top, and using a shift of -3 on it, which gives the table below.

To decrypt a message encoded with a Shift of 3, generate

the plaintext alphabet using a shift of -3.
Clearly, the encryption table and its inverse are the same as each other, only reordered. If we
have received the ciphertext "PDUFXV EUXWXV", and we know that it has been enciphered
using the key 3, then we can use the table to decipher the message. We see that "P" represents
the plaintext letter "m", "D" represents "a" and so on. Continuing in this way we retrieve the
plaintext "marcus brutus", the name of the famous conspiritor in the assassination of Julius
Caesar.
Discussion
An important thing to remember with the Shift Cipher is that it works modulo 26 (which is the
length of the standard alphabet). That is, a right shift of 1 is the same as a left shift of -1, which is
just a shift of 25. Hence the key is unique modulo 26, and so a shift of 33 is actually the same as
a shift of 33 mod 26 = 7.
Another interesting fact worth noting here is that composing multiple shifts (doing one shift
followed by another shift) does not make the cipher any more secure. This is because a shift
of a followed by a shift of b is the same as a shift of a + b (or in more concrete terms, a shift of 2
followed by a shift of 5 is identical to if we had just shifted the alphabet by 7 in the first place). If
you can not see this readily, then have a go to check this result.
If it is known that a Shift Cipher has been used, but the key is unknown, then it is fairly simple to
break the code by a simple brute force attack. This simply means using a trial and error approach
to attack the cipher. The main weakness of the Shift cipher is the fact that there are only 26 keys,
and hence ciphertext alphabets, one of which is the identity mapping that leaves the plaintext
unaltered. For this reason, the Brute Force method of attack is very effective on the Shift cipher.
In it's most bare form, this entails going through each key, and working out what the plaintext
would be if that key had been used.
That is, given the intercepted ciphertext "RFWHZX HWFXXZX", where we do not know what
key has been used, but we do know that a Shift Cipher has been implemented, we must first try a
key of 1, then a key of 2, then a key of 3 and so on, until a plaintext that makes sense is returned.
For this ciphertext we would get:

 a key of 1 gives the plaintext "qevgyw gvewwyw"

 a key of 2 gives the plaintext "pdufxv fudvvxv"
 a key of 3 gives the plaintext "octewu etcuuwu"
 a key of 4 gives the plaintext "nbsdvt dsbttvt"
 a key of 5 gives the plaintext "marcus crassus"
 sing a key of 5 we have recovered the plaintext "marcus crassus", another high powered
contempory of Julius Caesar. It is very unlikely that another key will produce a second
plaintext that makes sense, so we can assume that this is the correct plaintext (although,
with a computer it would not take long to check the remaining 20 possibilities).
 There are two dificulties with this method. The first is that we were lucky in our example
above, that we only had to do the decryption 5 times, but it is equally likely that a key of
24 could have been used, and then the time to perform the breaking of the code would be
substantial. This is a problem that has been largely overcome by the invention of
computers, which can perform all 26 possible calculations in a matter of seconds.
 The second problem with the above method is that the message intercepted could be
longer than two words, and hence performing each decryption could take a significant
amount of time. The way around this is fairly simple, and that is to just look at the first
two or three words of the intercept, and perform the calculations on these. You will still
find the key, by finding the key that deciphers those words into a meaningful phrase, and
can then use the key to decrypt the rest of the message as you would if you had known
the key to start with.
 This method of breaking the Shift Cipher is rather cumbersome, but can be useful if you
know that it has been used. However, in reality it is unlikely that as an interceptor you
would know which cipher has been used. There is a general method for attacking all
monoalphabetic ciphers called frequency analysis, which is discussed later.