ROT13

To apply ROT13 to a piece of text, take every letter in the Latin alphabet and replace it by the letter 13 places further along in the alphabet, wrapping back to the beginning if necessary: A becomes N, B becomes O, and so forth, down to Z, which becomes M. Numbers, symbols, and other characters are left unchanged. Because there are 26 letters in the Latin alphabet and 26 = 2 × 13, the ROT13 function is its own inverse:

${\displaystyle {\mbox{ROT}}_{13}({\mbox{ROT}}_{13}(x))={\mbox{ROT}}_{26}(x)=x}$ for any text ${\displaystyle x}$

In other words, two successive applications of ROT13 restore the original text (in mathematics, this is sometimes called an involution).

The transformation can be done using a lookup table, such as the following:

For example, someone might wish to obscure the following text:

How can you tell an extrovert from an
introvert at NSA? In the elevators,
the extroverts look at the OTHER guy's shoes.

Transformed into ROT13 form, the text would become:

Ubj pna lbh gryy na rkgebireg sebz na
vagebireg ng AFN? Va gur ryringbef,
gur rkgebiregf ybbx ng gur BGURE thl'f fubrf.

A second application of ROT13 would restore the original.

ROT13 originated in the net.jokes newsgroup in the early 1980s⁽¹⁾, in an effort to provide a voluntary means to hide sexually offensive jokes. Previous attempts to categorize offensive jokes by putting them in different newsgroups had failed — site managers did not want to be seen as condoning such postings by creating a special place for them. ROT13 was a convenient solution because of its simplicity. Since it replaces alphabet letters with other letters, ROT13 did not cause problems for newsgroup software which sometimes had problems with unusual kinds of characters. ROT-13 was chosen over ROT-N (for other values of N between 1 and 25) because 13 is the only shift value which ensures that encoding and decoding are equivalent.

While users could plausibly encode and decode messages by hand, automatic decryption is much more convenient; UNIX systems have a standard utility called "tr" (transliterate) which can be used to perform ROT13 encoding (the command "tr A-Za-z N-ZA-Mn-za-m" performs the desired transformation). Automatic deciphering was soon added to newsreading software.

ROT13 can be viewed as one of a group of historical encryption algorithms known as Caesar ciphers, a type of substitution cipher. Nonetheless, ROT13 is not intended to be used for secrecy. Instead, it makes sure that the viewer of a message must consciously choose to decipher it, which typically means invoking the relevant ROT13 command in his or her software. Rather than protecting a confidential message from unauthorized readers, ROT13 safeguards readers from material they may not wish to inadvertently read, such as spoilers in book or movie reviews.

If ROT13 were used for encryption it would require little effort to break — an attacker would readily be able to both identify and break the encryption using only general techniques for breaking substitution ciphers, such as frequency analysis or exploiting pattern words. Frequency analysis relies on the fact that different letters occur with different frequency in natural language. For example, the most common letter in the English language is E. If the ciphertext was ROT13-transformed English text, we would expect R to be the most common. Using clues like this, it usually possible to reconstruct the substitution alphabet with little difficulty. Another approach would be to use pattern words. For example, PBAQVGVBA has a distinctive pattern of repeated letters: 123456523. An attacker can look up patterns in a pattern catalogue to identify the word. In English, only one fits this scheme, CONDITION.

Because of its unsuitability for secrecy, ROT13 has become a catchphrase to refer to any weak encryption, for example: "56-bit DES is no better than ROT13 these days." The terms double ROT13, ROT26 or 2ROT13 are also used humorously, including a spoof academic paper "On the 2ROT13 Encryption Algorithm" (PDF). As explained above, applying ROT13 to an already ROT13 encrypted text restores the original plaintext, so ROT26 is equivalent to no encryption at all. ROT26 has been used as a satirical jibe against the United States' DMCA copyright legislation; some online users append phrases such as "Encoded with ROT26 — circumvention will be prosecuted!" to their posts to online forums. The DMCA introduced a broad ban on the circumvention of copy prevention systems, which often employ insecure methods of cryptography.

In 2001, Russian cryptanalyst Dmitry Sklyarov was arrested after detailing weaknesses in ebook copy prevention systems. Ebooks (books available in digital or electronic format) sometimes include technical measures to enforce copyright. One vendor, New Paradigm Research Group (NPRG), used ROT13 to encrypt their reports. It has been speculated that NPRG may have mistaken the ROT13 toy example — provided with the Adobe eBook software development kit — for a serious encryption scheme [2].

ROT13 provides an opportunity for letter games. Some words will, when transformed with ROT13, produce another word. The longest example in the English language is the pair of 7-letter words abjurer and nowhere; there is also the 7-letter pair chechen and purpura. Other examples of these words are shown in the table.

The word ravine is transformed under ROT13 to enivar — its reversal, although not a word. The only known pair of common English words which are each other's ROT13 and reversal are gnat and tang.

vex is transformed to irk under ROT13; the words are synonyms.

The 1989 International Obfuscated C Code Contest (IOCCC) included an entry by Brian Westley. Westley's computer program can be ROT13'd or reversed and still compiles correctly. Its operation, when executed, is to either perform ROT13 encoding on or to reverse its input [3],[4].

The newsgroup alt.folklore.urban coined a word — furrfu — that was the ROT13 encoding of the frequently encoded utterance "sheesh". "Furrfu" evolved in mid-1992 as a response to postings repeating urban myths on alt.folklore.urban, after some posters complained that "Sheesh!" as a response to newcomers was being overused [5].

There are other little-used obfuscation schemes with a similar purpose to ROT13. ROT13 only handles letters, and leaves other characters, such as punctuation, numbers and whitespace, untouched. Because of this, ROT13 may be unsuitable for some purposes, for example, hiding the numeric answer to a riddle, or handling arbitrary binary data.

ROT47 is a variant on ROT13 which, in addition to scrambling the basic letters, also treats numbers and many other characters. Instead of using the sequence A-Z as the alphabet, ROT47 uses a larger alphabet, derived from a common character encoding known as ASCII. ASCII maps letters, digits, punctutation and other special characters to numbers in the range 0–127. Viewed in ASCII, ROT13 covers the codes 65–90 and 97–122 — the upper and lower case letters respectively. ROT47 uses 94 characters instead, from ! (the exclamation mark, ASCII code 33) to ~ (the tilde, ASCII code 126), rotating them by an offset of 47. The use of a larger alphabet is intended to produce a more thorough obfuscation than that of ROT13, but ROT47 is far less widely supported.

Applying ROT47 to the earlier example gives:

w@H J@F 42? E6== 2? 6IEC@G6CE 7C@> 2?
:?EC@G6CE 2E }$pn x? E96 6=6G2E@CDn
%96 6IEC@G6CED =@@< 2E E96 ~%wt# 8FJVD D9@6D]

The GNU C library (a set of standard routines available for use in computer programming) contains a function — memfrob()[6] — which has a similar purpose to ROT13, although it is intended for use with arbitrary binary data. The function operates (humourously termed "frobnicates") by combining each byte with the binary pattern 00101010 (42 decimal) using the exclusive or (XOR) operation. This effects a simple XOR cipher, a weak form of encryption. Like ROT13, memfrob() is self-reciprocal.

(1) — early uses of ROT13 found in the Google USENET archive date back to 8 October 1982, posted to the net.jokes newsgroup [7][8].

• Substitution cipher
• Cryptanalysis
• Usenet

• Eric S. Raymond (Editor), the Jargon File, [9].
• Bruce Schneier, Applied Cryptography, 2nd edition, Wiley, 1996, p11. ISBN 0471117099.

• Words with interesting properties under ROT13
• Online ROT13 encoder/decoder
• Another online ROT13 encoder/decoder in JavaScript
• Bilingual (Portuguese/English) page with explanations, links and software information
• ROT13 Bookmarklet
• Software for ROT13 in a large number of languages — includes a patch to SSH to add support for ROT13, and a cryptanalysis tool to automatically distinguish ROT13 text from plaintext.
• A description of ROT13 — on the Everything2 website