For centuries, codebreaking was an art. Skilled cryptanalysts relied on intuition, pattern recognition, and deep experience with languages. In the early 20th century, two Americans changed that — first Parker Hitt, who systematized the practical craft of military codebreaking, and then William Friedman, who introduced statistical and mathematical methods that could determine cipher type, find key lengths, and break encryption systematically. Together, they transformed cryptanalysis from a craft into a branch of applied mathematics.
Before Friedman, there was Parker Hitt (1878–1971), a U.S. Army officer stationed at Fort Leavenworth, Kansas, and later on the Mexican border. Hitt was fascinated by codes and ciphers, and he realized that the Army had no systematic training for codebreaking. Officers were expected to figure it out on their own.
In 1916, Hitt published Manual for the Solution of Military Ciphers — the first American military textbook on cryptanalysis. It was a slim, practical book, but it covered techniques that would remain relevant for decades:
The Manual was not a theoretical work — it was written for field officers who needed to break enemy messages quickly and correctly. Hitt filled it with worked examples and practical tips. It became the training manual for a generation of American military cryptanalysts, including many who later joined Yardley's MI-8 and Friedman's SIS.
Hitt was also an inventor. He designed a strip cipher device: a wooden cylinder with 25 removable alphabet strips. Each strip had the 26 letters printed in a different scrambled order. To encrypt a message, you arranged the strips on the cylinder so that one row spelled out your plaintext, then read off a different row as the ciphertext.
The strip cipher was a significant innovation. It was portable, fast to use in the field, and much harder to break than pencil-and-paper ciphers. Most importantly, it was a cipher device — a physical machine that performed encryption mechanically rather than relying on manual letter-by-letter work. Hitt's strip cipher was a direct ancestor of the U.S. Army's M-138 strip cipher, which remained in service through World War II. It also foreshadowed the principle behind rotor machines like Enigma: using interchangeable, rearrangeable components to create complex substitutions.
Like the Friedmans after them, Parker and Genevieve Hitt were a cryptological partnership. Genevieve Young Hitt worked alongside her husband on cipher problems and was one of the first women involved in American military cryptology. Their collaboration foreshadowed the husband-and-wife team of William and Elizabeth Friedman, who would take the field even further.
Hitt's direct contributions were practical rather than theoretical. He did not develop new mathematics — he organized and systematized existing techniques and made them teachable. But that was exactly what the field needed. Before Hitt, American military cryptanalysis barely existed. After Hitt, there was a trained community of practitioners, a standard reference text, and a cipher device good enough for field use. When war came in 1917, the United States had something to build on.
Friedman himself acknowledged Hitt's foundational role. The Manual was among the texts Friedman studied at Riverbank, and several of the techniques Friedman later formalized mathematically were first described in practical terms by Hitt.
Friedman's path to cryptanalysis was unusual. Born in Moldova in 1891, he came to the United States as an infant. He studied genetics at Cornell and took a job at Riverbank Laboratories in Illinois, working for the eccentric millionaire George Fabyan. Riverbank had a cryptology department run by Elizabeth Smith (whom Friedman married in 1917), and Friedman was drawn into the work.
His scientific training proved invaluable. Where other cryptanalysts saw patterns intuitively, Friedman asked: can we measure these patterns? Can we express them as numbers? Can we build a systematic method that works even when intuition fails?
Elizabeth Smith Friedman was a brilliant cryptanalyst in her own right. During Prohibition, she broke the codes used by rum-runners for the Coast Guard. During World War II, she broke clandestine communication networks run by Nazi agents in South America. The Friedmans were arguably the most important husband-and-wife team in the history of intelligence.
Friedman's most important contribution was the Index of Coincidence (IC), published around 1920. The idea is elegantly simple: if you pick two letters at random from a text, what is the probability that they are the same letter?
In English text, some letters are very common (E, T, A) and others are rare (Z, Q, X). If you pick two random letters from English text, there is a relatively high chance they will match, because common letters show up often. The IC of English is about 0.0667 (roughly 1 in 15).
In completely random text (all 26 letters equally likely), the probability of a match is much lower: 0.0385 (exactly 1/26, roughly 1 in 26).
This difference is the key insight. Different types of encryption affect the IC in predictable ways:
For a text of N letters where letter i appears ni times:
IC = Σ ni(ni − 1) / N(N − 1)
The sum is over all 26 letters. Each term ni(ni − 1) counts the number of ways to pick two copies of letter i, and N(N − 1) is the total number of ways to pick any two letters.
The Index of Coincidence tells you what kind of cipher was used. But for a polyalphabetic cipher like Vigenère, you also need to find the key length. The Kasiski examination, developed by Friedrich Kasiski in 1863, does this by looking for repeated sequences in the ciphertext.
In a Vigenère cipher, if the same plaintext sequence happens to align with the same part of the key, it produces the same ciphertext sequence. The distance between these repeated sequences is always a multiple of the key length.
By finding all repeated sequences of three or more letters (trigrams), measuring the distances between them, and finding the greatest common divisor (GCD) of those distances, you can determine the likely key length. Once you know the key length, you can split the ciphertext into groups (one per key letter) and attack each group as a simple Caesar cipher.
Friedman also applied the chi-squared (χ2) test to cryptanalysis. This statistical test measures how well an observed distribution matches an expected distribution. In cryptanalysis, you compare the letter frequencies in a ciphertext to the expected frequencies of English.
The formula is:
χ2 = Σ (Oi − Ei)2 / Ei
Where Oi is the observed count for each letter and Ei is the expected count (based on English frequencies and the total text length). A low χ2 value means the text's frequency distribution closely matches English. A high value means it does not.
For a Caesar cipher, you can try all 26 shifts and calculate χ2 for each one. The shift that produces the lowest χ2 value is most likely to be correct, because that shift makes the frequencies best match English.
In 1929, when the Black Chamber was shut down, the Army established the Signal Intelligence Service (SIS) and put Friedman in charge. He hired a team of mathematicians — including Abraham Sinkov, Solomon Kullback, Frank Rowlett, and John Hurt — and trained them using the statistical techniques he had developed.
This team went on to break the Japanese PURPLE cipher machine in 1940, one of the greatest cryptanalytic achievements in history. They did it without ever seeing the machine — they deduced its structure entirely from analysis of intercepted messages, then built a replica.
Friedman's key innovations:
Before Friedman, a cryptanalyst might say "this looks like a polyalphabetic cipher — the frequencies are too flat." After Friedman, they could say "the IC is 0.042, which is between the English value (0.0667) and the random value (0.0385), consistent with a Vigenère cipher with a key length of approximately 5." The difference is the difference between craft knowledge and science.
Disclaimer: these pages are educational demos provided as-is, with no warranty of any kind. The author is not responsible for any consequences arising from their use.
Send comments and bug reports to chris@chrisspackman.com.
Version 0.1 — Last updated: 2026-02-25
This page is Copyright © 2025 – 2026
Chris Spackman <chris@chrisspackman.com>.
This web site developed entirely on GNU/Linux with Free / Open Source Software.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.