A polyalphabetic substitution cipher invented by Blaise de Vigenère in the 1500's. It has N different cipher alphabets, where N is the number of letters in the alphabet, each shifted by one letter with respect to the previous alphabet. A grid is drawn NxN. The first row is a cipher alphabet with a Caesar shift of one. The second has a Caesar shift of two and so on.

Next a key is selected. The letters of the key define which rows to use and in what order. So when encrypting plaintext the first letter of the plaintext is encrypted using the cipher alphabet specified by the first letter of the key (the row that starts with the first letter of the key). The second letter of the plaintext is encrypted using the row that starts with the second letter of the key and so on until you have used every letter in the key then you start over at the beginning of the key.

For many years it was believed that this cipher was unbreakable. Then in the 1800's, sometime prior to 1854, Charles Babbage managed to tackle the beast. Yet since he never published his findings it wouldn't be until 1863 before the world would know the square was breakable. In 1863 Fridrich Wilhelm Kasiski independently discovered the same technique Babbage found. (see Breaking the Vigenère Square)

This square can be used as the basis for a One-time Pad. The difference is that the key of a One-time Pad has a length of at least the plaintext, so there is no repetition, and the letters that make up the key are generated at random to avoid any unintended repetition. By using a key this long that doesn't contain repetition it isn't susceptible to the codebreaking technique developed by Babbage and Kasiski.

The Vigenère Square for English:

         A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

     B   B C D E F G H I J K L M N O P Q R S T U V W X Y Z A 
     C   C D E F G H I J K L M N O P Q R S T U V W X Y Z A B
     D   D E F G H I J K L M N O P Q R S T U V W X Y Z A B C 
     E   E F G H I J K L M N O P Q R S T U V W X Y Z A B C D 
     F   F G H I J K L M N O P Q R S T U V W X Y Z A B C D E 
     G   G H I J K L M N O P Q R S T U V W X Y Z A B C D E F 
     H   H I J K L M N O P Q R S T U V W X Y Z A B C D E F G 
     I   I J K L M N O P Q R S T U V W X Y Z A B C D E F G H 
     J   J K L M N O P Q R S T U V W X Y Z A B C D E F G H I 
     K   K L M N O P Q R S T U V W X Y Z A B C D E F G H I J 
     L   L M N O P Q R S T U V W X Y Z A B C D E F G H I J K 
     M   M N O P Q R S T U V W X Y Z A B C D E F G H I J K L 
     N   N O P Q R S T U V W X Y Z A B C D E F G H I J K L M 
     O   O P Q R S T U V W X Y Z A B C D E F G H I J K L M N 
     P   P Q R S T U V W X Y Z A B C D E F G H I J K L M N O 
     Q   Q R S T U V W X Y Z A B C D E F G H I J K L M N O P 
     R   R S T U V W X Y Z A B C D E F G H I J K L M N O P Q 
     S   S T U V W X Y Z A B C D E F G H I J K L M N O P Q R
     T   T U V W X Y Z A B C D E F G H I J K L M N O P Q R S 
     U   U V W X Y Z A B C D E F G H I J K L M N O P Q R S T 
     V   V W X Y Z A B C D E F G H I J K L M N O P Q R S T U
     W   W X Y Z A B C D E F G H I J K L M N O P Q R S T U V
     X   X Y Z A B C D E F G H I J K L M N O P Q R S T U V W
     Y   Y Z A B C D E F G H I J K L M N O P Q R S T U V W X 
     Z   Z A B C D E F G H I J K L M N O P Q R S T U V W X Y
     A   A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

This effect can also be achieved with a code wheel. Some prefer the wheel because it is less eye bending. On the other hand, it requires manual labor to operate.

Either way, they turn the alphabet into a cyclic group and add the key to the clear text message to achieve encryption.

If one is not using a one-time-key, then it may be useful to use a different group than the one shown above. One can reorder the letters, or put them into two cycles (changing the group from C26 to the Cartesian product of C2 and C13). This will make the number of possible keys effectively larger by a factor of 26!/6 as far as your adversary is concerned, and so make cracking the code more difficult. The problem with relying on this is that your adversary may be able to accumulate data over time as you use different keys, and determine what group you are using. Once that has been done, there is no further advantage to using a different square over using the original. However, this can throw off a cracker for some time.

Note that the improvement factor is less than 2*26! because for any cyclic group you choose, it is isomorphic to the same group with a different generator. For example, instead of (0,1,2,3,4...23,24,25,0) one could count (0,3,6,... 24,1,4,7,... 25,2,5,8,... 20,23,0) which would produce the same cryptographic effect but have a different ordering. C26 has 12 generators (all the odd numbers except 13). Therefore, we lose a factor of 12. Then we regain a factor of 2 because there is the same number of groups of the form C2xC13.