I’ve had quite a few people ask about book codes, and suggested them in place of one-time pads. When book codes were first invented it would take considerable time to break the code. With modern cryptanalysis computing that have every book ever written stored in them book codes can be broken fairly quickly.
In this article I’ll explore the basics of how a book code works and could be used. However, I’d still strongly recommend that OTP is the way to go if you want to keep messages strictly between your mutual-assistance group.
This is a primer article – I’ll be writing more in-depth articles on cryptology for members in the near future.
A book cipher, or Ottendorf cipher, is where a group of numbers, usually three, represent the page, line and letter or word in a specific book.
The basic principle is to find a word, or letters to make a word, in a book that both the sender and receiver have, and then make a reference to that word or letter.
The Key – The Book
Firstly, both sender and receiver must have the same book. This means the same edition and printing date, as slight variances in style, printing set up, etc. can change the page numbers or where a paragraph starts. This would obviously change the coding encryption and decryption and change the message.
Another challenge with selecting a book is that is must have sufficient depth of language to provide you either the words you need and enough pages that you can use it multiple times without having to use the same word/page combination as this would make cryptanalysis easier.
An additional challenge is that you need a method to mark or indicate that you have used that word key before, so you don’t repeat it.
The challenge to encrypting with letters is that is will take a lot longer to encrypt, and decrypt, the message and longer to send it.
The third challenge is a book that would not look out of place if someone saw it. The King James bible is a common book used as the key for book ciphers.
For the purposes of practice we will be using Decline and Decay: Strategies for Surviving the Coming Unpleasantness, by A. American and Alan Kay.
If you have the Kindle version the page numbers might not match.
Probably one of the best know movies for incorporating book cipher is National Treasure.
The ‘parts’ to your crypto text, or numbers in this case, are going to be:
- page number
- line number
So our encrypted message will be formatted:
PAGE # – LINE # – WORD #
Part of the ‘agreement’ that the sender and receive need to agree is whether not you are including heading and titles.
So, if I want to use the word “stop” the steps would be
- find the word “stop” in the book = page 103
- what line is it on? = 1
- what word is it on line 1? = 6
So my cryptotext will be 103-1-6
I now need to do something so that I know I’ve used that occurrence of ‘stop’ and not use it again. Maybe a small pencil mark, almost like I was using a pencil as a pointer when speed reading.
To put a ‘complete’ message together takes time, and sometimes you might have to re-word your message because you can’t find the words you want in the key! The message below took me longer to do that I could have done with an OTP!
71-15-7 74-2-6 135-28-7 133-18-2 94-9-6 151-3-4
Security Through Obscurity
Now, to make a book cipher more ‘secure’ your MAG could have a plan that incorporates some of the following:
- use a different book on some kind of rotation, either sequentially, day of the week, etc.
- vary the sequences of page-line-word and/or letter
- either within a message (can get very complex!)
- by different days
There are tools on the web that can very quickly determine, with a degree of probability, the type of cipher being used. They can also run an analysis and come close to deciphering the text. If you can do that as a ‘game’ on the web then you should be able to imagine the resources that agencies have to do this.
I got interested in cryptology probably like most kids, with some kind of decoder ring in a box of cereal! I remember playing with friends with simple transposition ciphers.
Lile any other skill in our tool box we need to practice. While book ciphers can be fun they are not a substitute for one time pad ciphers. There is a reason they are still in use today.
So check out the resources on this site for learning one time pad, get our one time pad generator (as seen in my live video) and made your one OTP pad for your MAG and practice regularly.