<P> Another brute force approach is to match up the frequency distribution of the letters . By graphing the frequencies of letters in the ciphertext, and by knowing the expected distribution of those letters in the original language of the plaintext, a human can easily spot the value of the shift by looking at the displacement of particular features of the graph . This is known as frequency analysis . For example, in the English language the plaintext frequencies of the letters E, T, (usually most frequent), and Q, Z (typically least frequent) are particularly distinctive . Computers can also do this by measuring how well the actual frequency distribution matches up with the expected distribution; for example, the chi - squared statistic can be used . </P> <P> For natural language plaintext, there will typically be only one plausible decryption, although for extremely short plaintexts, multiple candidates are possible . For example, the ciphertext MPQY could, plausibly, decrypt to either "aden" or "know" (assuming the plaintext is in English); similarly, "ALIIP" to "dolls" or "wheel"; and "AFCCP" to "jolly" or "cheer" (see also unicity distance). </P> <P> With the Caesar cipher, encrypting a text multiple times provides no additional security . This is because two encryptions of, say, shift A and shift B, will be equivalent to a single encryption with shift A + B. In mathematical terms, the set of encryption operations under each possible key forms a group under composition . </P>

What is the difference between a general substitution cipher and a shift or caesar cipher