Suppose we have obtained a plain text
for which we know its enciphered value, but do not have the key or code which generated it.
How would we then try to attack the remaining ciphertext?
One method would be to use the known plain text to generate possible cribs and then use those to attack the ciphertext. Obviously that is MUCH easier in a monoalphabetic cipher as opposed to a polyalphabetic cipher. Conversely, superencipherment makes using such cribs much tougher. How would we generate cribs from the known plaintext? (Here, GARDENER).
One method is permutation. We would permute all possible words from the known plain text.
So for example we could derive inter alia
ARRANGE REARRANGE DANGER RED ENRAGED GRAND GRADE GRAD END
from GARDENER and then see if any of our possible cribs enable us to at least partly recover the generative key to the cipher.
But how does such a search for cribs work in Chinese?
Let’s go back to our example of AF (Midway) mapping to AL to determine what AFF maps to.
One approach would be to first map the English words on to their Chinese equivalents so for example
AF => 中点 => AL
ALL => 都
and decompose the Chinese characters into their components. Thus 中火占, 土日者邑口巴 and also look at homophonic equivalents
重点 中电，豆斗 in search of cribs. We could also look at terms which are related by their components yet neither semantically nor phonetically such as 主朱猪。
I guess the lesson is: