Statistical analysis tools for classical cipher breaking and AI-generated text fingerprinting.
Jamie Grunewald | LinkedIn | github.com/JamieGrunewald
This repository applies statistical text analysis techniques across two domains:
- Classical Cipher Breaking — frequency analysis, Index of Coincidence, and chi-square scoring to break polyalphabetic ciphers without prior knowledge of the key.
- AI Text Fingerprinting (in development) — extending the same statistical foundations to detect authorship signatures in AI-generated text.
The cipher analysis module originated as a live demo for the CypherCon 9 talk "Breaking Ciphers & Fingerprinting AI" (Milwaukee, April 2026), based on graduate cryptography research at the University of Delaware (CPEG 472).
cipher-ai-analysis/
├── cipher_analysis/
│ ├── cyphercon_demo.py # Live demo: break a Vigenère-encrypted WarGames quote
│ ├── words.txt # English word list for plaintext scoring
│ ├── sample_output.txt # Reference output from a clean run
│ └── BreakingCiphers_Cyphercon9.pdf # CypherCon 9 slide deck
├── ai_fingerprinting/ # Coming soon
└── README.md
A complete Vigenère cipher break executed in seven steps:
| Step | Technique | Purpose |
|---|---|---|
| 1 | Ciphertext display | Establish the problem |
| 2 | IOC + Chi-Square | Statistical recon — identify cipher type |
| 3 | IOC column sweep | Determine key length |
| 4 | Per-column frequency attack | Recover alphabetic key characters |
| 5 | Word-list disambiguation | Resolve chi-square near-ties |
| 6 | Key reconstruction | Reveal the full key |
| 7 | Plaintext recovery | Decrypt the ciphertext |
Requirements: Python 3.8+, no external dependencies.
# Interactive mode (press ENTER to advance each step)
python3 cipher_analysis/cyphercon_demo.py
# Auto mode (timed pauses — useful for recording)
python3 cipher_analysis/cyphercon_demo.py --autowords.txt must be in the same directory as the script.
The same statistical patterns that expose a repeating cipher key also expose authorship signatures in text. The planned module will apply IOC, character frequency distributions, and stylometric scoring to compare text samples and identify AI-generated content.
A fair question: if both humans and LLMs write in English, are not their statistical profiles nearly identical?
Yes. That is exactly what makes it interesting.
Gross statistics like letter frequency and Index of Coincidence will look nearly identical between human and LLM output. You won't separate them with the same tools that crack a Vigenère cipher. The signal is finer than that.
But LLMs do not sample from natural English — they sample from a learned approximation of it, and that approximation has detectable artifacts:
- Entropy consistency — human writing has high local entropy variance (some sentences are predictable, some are not). LLM output tends to hover in a narrower band.
- Token-level patterns — characteristic preferences at the subword level that do not match human writing distributions, particularly around punctuation, transition phrases, and hedge language.
- Perturbation response — the most promising signal. Slightly perturb a passage and re-score it; LLM output shows a characteristic pull back toward high-probability tokens that human writing does not. This is the core idea behind DetectGPT.
The bridge from cipher analysis is not the specific metrics, but it is the mindset: measure structure, probe the system, follow the gradient signal. The tools change. The approach does not.
The cipher analysis pipeline mirrors the full implementation in the Crypto repository (CPEG 472 coursework). The demo script is self-contained for portability.
MIT License — see LICENSE