Music cipher

In cryptography, a music cipher is an algorithm for the encryption of a plaintext into musical symbols or sounds. Music-based ciphers are related to, but not the same as musical cryptograms. The latter were systems used by composers to create musical themes or motifs to represent names based on similarities between letters of the alphabet and musical note names, such as the BACH motif, whereas music ciphers were systems typically used by cryptographers to hide or encode messages for reasons of secrecy or espionage.

Types
There are a variety of different types of music ciphers as distinguished by both the method of encryption and the musical symbols used. Regarding the former, most are simple substitution ciphers with a one-to-one correspondence between individual letters of the alphabet and a specific musical note. There are also historical music ciphers that utilize homophonic substitution (one-to-many), polyphonic substitution (many-to-one), compound cipher symbols, and/or cipher keys; all of which can make the enciphered message more difficult to break. Regarding the type of symbol used for substitution, most music ciphers utilize the pitch of a musical note as the primary cipher symbol. Since there are fewer notes in a standard musical scale (e.g., seven for diatonic scales and twelve for chromatic scales) than there are letters of the alphabet, cryptographers would often combine the note name with additional characteristics––such as octave register, rhythmic duration, or clef––to create a complete set of cipher symbols to match every letter. However, there are some music ciphers which rely exclusively on rhythm instead of pitch or on relative scale degree names instead of absolute pitches.

Musical steganography
Music ciphers often have both cryptographic and steganographic elements. Simply put, encryption is scrambling a message so that it is unreadable; steganography is hiding a message so no knows it is even there. Most practitioners of music ciphers believed that encrypting text into musical symbols gave it added security because, if intercepted, most people would not even suspect that the sheet music contained a message. However, as Francesco Lana de Terzi notes, this is usually not because the resulting cipher melody appears to be a normal piece of music, but rather because so few people know enough about music to realize it is not ("ma gl'intelligenti di musica sono poci"). A message can also be visually hidden within a page of music without actually being a music cipher. William F. Friedman embedded a secret message based on Francis Bacon's cipher into a sheet music arrangement of Stephen Foster's "My Old Kentucky Home" by visually altering the appearance of the note stems. Another steganographic strategy is to musically encrypt a plaintext, but hide the message-bearing notes within a larger musical score that requires some visual marker that distinguishes them from the meaningless null-symbol notes (e.g., the cipher melody is only in the tenor line or only the notes with stems pointing down).

Diatonic substitution ciphers
Diatonic music ciphers utilize only the seven basic note names of the diatonic scale: A, B, C, D, E, F, and G. While some systems reuse the same seven pitches for multiple letters (e.g., the pitch A can represent the letters,  ,  , or  ), most algorithms combine these pitches with other musical attributes to achieve a one-to-one mapping. Perhaps the earliest documented music cipher is found in a manuscript from 1432 called "The Sermon Booklets of Friar Nicholas Philip." Philip's cipher uses only five pitches, but each note can appear with one of four different rhythmic durations, thus providing twenty distinct symbols. A similar cipher appears in a 15th-century British anonymous manuscript as well as in a much later treatise by Giambattista della Porta.

In editions of the same treatise (De Furtivis Literarum Notis), Porta also presents a simpler cipher which is much more well-known. Porta's music cipher maps the letters  through   (omitting   and  ) onto a stepwise, ascending, octave-and-a-half scale of whole notes (semibreves); with the remainder of the alphabet (omitting   and  ) onto a descending scale of half notes (minims). Since alphabetic and scalar sequences are in such close step with each other, this is not a very strong method of encryption, nor are the melodies it produces very natural. Nevertheless, one finds slight variations of this same method employed throughout the 17th and 18th centuries by Daniel Schwenter (1602), John Wilkins (1641), Athanasius Kircher (1650), Kaspar Schott (1655), Philip Thicknesse (1722), and even the British Foreign Office (ca. 1750).

Chromatic substitution ciphers
Music ciphers based on the chromatic scale provide a larger pool of note names to match with letters of the alphabet. Applying sharps and flats to the seven diatonic pitches yields twenty-one unique cipher symbols. Since this is obviously still less than a standard alphabet, chromatic ciphers also require either a reduced letter set or additional features (e.g., octave register or duration). Most chromatic ciphers were developed by composers in the 20th Century when fully chromatic music itself was more common. A notable exception is a cipher attributed to the composer Michael Haydn (brother of the more famous Joseph Haydn). Haydn's algorithm is one of the most comprehensive with symbols for thirty-one letters of the German alphabet, punctuations (using rest signs), parentheses (using clefs), and word segmentation (using bar lines). However, because many of the pitches are enharmonic equivalents, this cipher can only be transmitted as visual steganography, not via musical sound. For example, the notes C-sharp and D-flat are spelled differently, but they sound the same on a piano. As such, if one were listening to an enciphered melody, it would not be possible to hear the difference between the letters  and. Furthermore, the purpose of this cipher was clearly not to generate musical themes that could pass for normal music. The use of such an extreme chromatic scale produces wildly dissonant, atonal melodies that would have been obviously atypical for Haydn's time.

20th-century ciphers
Although chromatic ciphers did not seemed to be favored by cryptographers, there are several 20th-century composers who developed systems for use in their own music: Arthur Honegger, Maurice Duruflé, Norman Cazden, Olivier Messiaen, and Jacques Chailley.

Compound motivic ciphers
In a compound substitution cipher, each single plaintext letter is replaced by a block of multiple cipher symbols (e.g., 'a' = EN or 'b' = WJU). Similarly, there are compound music ciphers in which each letter is represented by a musical motive with two or more notes. In the case of the former, the compound symbols are to make frequency analysis more difficult; in the latter, the goal is to make the output more musical. For example, in 1804, Johann Bücking devised a compound cipher which generates musical compositions in the form of a minuet in the key of G Major. Each letter of the alphabet is replaced by a measure of music consisting of a stylistically typical motive with three to six notes. After the plaintext is enciphered, additional pre-composed measures are appended to the beginning and end to provide a suitable musical framing. A few years earlier, Wolfgang Amadeus Mozart appears to have employed a similar technique (with much more sophisticated musical motives), although more likely intended as a parlor game than an actual cipher. Since the compound symbols are musically meaningful motives, these ciphers could also be considered similar to codes.

Friedrich von Öttingen-Wallerstein proposed a different type of compound music cipher modeled after a polybius square cipher. Öttingen-Wallerstein used a 5x5 grid containing the letters of the alphabet (hidden within the names of angels). Instead of indexing the rows and columns with coordinate numbers, he used the solfege syllables Ut, Re, Mi Fa, and Sol (i.e., the first five degrees of a diatonic scale). Each letter, therefore, becomes a two-note melodic motive. This same cipher appears in treatises by Gustavus Selenus (1624) and Johann Balthasar Friderici (1665) (but without credit to the earlier version of Öttingen-Wallerstein).

Music ciphers with keys
Because Öttingen-Wallerstein's cipher uses relative scale degrees, rather than fixed note names, it is effectively a polyalphabetic cipher. The same enciphered message could be transposed to a different musical key––with different note names––and still retain the same meaning. The musical key literally becomes a cipher key (or cryptovariable), because the recipient needs that additional information to correctly decipher the melody. Öttingen-Wallerstein inserted rests as cipherkey markers to indicate when a new musical key was needed to decrypt the message.

Francesco Lana de Terzi used a more conventional text-string cryptovariable, to add security to a very straightforward 'Porta-style' music cipher (1670). Similar to a Vigenère cipher, a single-letter cipher key shifts the position of the plaintext alphabet in relation to the sequence musical cipher symbols; a multi-letter key word shifts the musical scale for each letter of the text in a repeating cycle.

A more elaborate cipherkey algorithm was found in an anonymous manuscript in Port-Lesney, France, most likely from the mid-18th century. The so-called 'Port-Lesney' music cipher uses a mechanical device known as an Alberti cipher disk There are two rotating disks: the outer disk contains two concentric rings (one with time signatures and the other with letters of the alphabet); the inner disk has a ring of compound musical symbols, and a small inner circle with three different clef signs. The disks are rotated to align the letters of the alphabet with compound musical symbols to encrypt the message. When the melody is written out on a music staff, the corresponding clef and time signature are added to the beginning to indicate the cipher key (which the recipient aligns on their disk to decipher the message). This particular music cipher was apparently very popular, with a dozen variations (in French, German, and English) appearing throughout the 18th and 19th centuries. The much more recent Solfa Cipher (2013) combines some of the above cryptovariable techniques. As the name suggests, Solfa Cipher uses relative solfege degrees rather than fixed pitches (like Öttingen-Wallerstein), which allows the same encrypted message to be transposable to different musical keys. Since there are only seven scale degrees, these are combined with a rhythmic component to create enough unique cipher symbols. However, instead of absolute note lengths (e.g., quarter note, half note, etc.) that are employed in most music ciphers, Solfa Cipher uses relative metric placement. This type of tonal-metric cipher makes the encrypted melody both harder to break and more musically natural (i.e. similar to common-practice tonal melodies). To decrypt a cipher melody, the recipient needs to know in which key and with what rhythmic unit the original message was encrypted, as well as the clef sign and metric location of the first note. To further confound interceptors, the transcribed sheet music could be written with a decoy clef, key signature, and time signature. The musical output, however, is a relatively normal, simple, singable tune in comparison to the disjunct, atonal melodies produced by fixed-pitch substitution ciphers.