A book cipher is a cipher in which the key is some aspect of a book or other piece of text; books being common and widely available in modern times, users of book ciphers take the position that the details of the key are sufficiently well hidden from attackers in practice. This is in some ways an example of security by obscurity. It is typically essential that both correspondents not only have the same book, but the same edition.
This can have problems; if a word appears in the plaintext but not in the book, it cannot be encoded. An alternative approach which gets around this problem is to replace individual letters rather than words. One such method, used in the second Beale cipher, substitutes the first letter of a word in the book with that word's position. In this case, the book cipher is properly a cipher — specifically, a homophonic substitution cipher. However, if used often, this technique has the side effect of creating a larger ciphertext (typically 4 to 6 digits being required to encipher each letter or syllable) and increases the time and effort required to decode the message.
Choosing the key
The main strength of a book cipher is the key. The sender and receiver of encoded messages can agree to use any book or other publication available to both of them as the key to their cipher. Someone intercepting the message and attempting to decode it, unless they are a skilled cryptographer (see Security below), must somehow identify the key from a huge number of possibilities available. In the context of espionage, a book cipher has a considerable advantage for a spy in enemy territory. A conventional codebook, if discovered by the local authorities, instantly incriminates the holder as a spy and gives the authorities the chance of deciphering the code and sending false messages impersonating the agent. On the other hand a book, if chosen carefully to fit with the spy's cover story, would seem entirely innocuous. The drawback to a book cipher is that both parties have to possess an identical copy of the key. The book must not be of the sort that would look out of place in the possession of those using it and it must be of a type likely to contain any words required. Thus, for example, a spy wishing to send information about troop movements and numbers of armaments would be unlikely to find a cookery book or a romantic novel useful keys.
Using widely available publications
Another approach is to use a dictionary as the codebook. This guarantees that nearly all words will be found, and also makes it much easier to find a word when encoding. This approach was used by George Scovell for the Duke of Wellington's army in some campaigns of the Peninsular War. In Scovell's method, a codeword would consist of a number (indicating the page of the dictionary), a letter (indicating the column on the page), and finally a number indicating which entry of the column was meant. However, this approach also has a disadvantage: because entries are arranged in alphabetical order, so are the code numbers. This can give strong hints to the cryptanalyst unless the message is superenciphered. The wide distribution and availability of dictionaries also present a problem; it is likely that anyone trying to break such a code is also in possession of the dictionary which can be used to read the message.
The Bible is a widely available book that is almost always printed with chapter and verse markings making it easy to find a specific string of text within it, making it particularly useful for this purpose; the widespread availability of concordances can ease the encoding process as well.
Essentially, the code version of a "book cipher" is just like any other code, but one in which the trouble of preparing and distributing the codebook has been eliminated by using an existing text. However this means, as well as being attacked by all the usual means employed against other codes or ciphers, partial solutions may help the cryptanalyst to guess other codewords, or even to break the code completely by identifying the key text. This is, however, not the only way a book cipher may be broken. It is still susceptible to other methods of cryptanalysis, and as such is quite easily broken, even without sophisticated means, without the cryptanalyst having any idea what book the cipher is keyed to.[page needed]
If used carefully, the cipher version is probably much stronger, because it acts as a homophonic cipher with an extremely large number of equivalents. However, this is at the cost of a very large ciphertext expansion.
- A famous use of a book cipher is in the Beale ciphers, of which document no. 2 uses a (variant printing of) the United States Declaration of Independence as the key text.
- In the American Revolution, Benedict Arnold used a book cipher, sometimes known as the Arnold Cipher, which used Sir William Blackstone's Commentaries on the Laws of England as a key text.
- Book ciphers have consistently been used throughout the Cicada 3301 mystery.
- In The Valley of Fear, Sherlock Holmes decrypts a message enciphered with a book cipher by deducing which book had been used as a key text.
- The name of Ken Follett's World War II thriller The Key to Rebecca refers to a German spy in Cairo using Daphne du Maurier's novel Rebecca as the basis of a code.
- In A Presumption of Death, Lord Peter Wimsey, on assignment for British Intelligence in World War II Nazi-occupied Europe, uses a code based on the works of John Donne. The Germans, suspecting that an intelligence service in which Oxonians have a major role would choose a classical work of English literature, systematically try such works until hitting the right one and breaking the code, coming near to catching the spy. Wimsey then improvises a new code, based on an unpublished text known only to himself and his wife.
- Graham Greene's protagonists often use book codes. In The Human Factor, several books are used, and an edition of Charles Lamb's Tales from Shakespeare is used in Our Man in Havana.
- A book cipher plays an important role in the TV version of Sharpe's Sword. The key text is Voltaire's Candide.
- In the 2004 film National Treasure, an Ottendorf cipher is discovered on the back of the U. S. Declaration of Independence, using the "Silence Dogood" letters as the key text.
- The protagonists of the Matthew Reilly novel The Six Sacred Stones used a book cipher to send confidential messages to each other. The key text was the Harry Potter books, but the messages were sent via a The Lord of the Rings forum to make the key text harder to identify.
- In Lost: Mystery of the Island, a series of four jigsaw puzzles released in 2007, Ottendorf cipher was used on each puzzle's box to hide spoilers and reveal information about the show to the fans.
- "The Fisher King", a two-part episode of Criminal Minds, features an Ottendorf cipher brought to the Behavioral Analysis Unit by the UNSUB via Agent Hotchner's wife. The cypher was part of a larger puzzle to find a girl who had been missing for two years. The key text was The Collector by John Fowles.
- Burn Notice (episodes "Where There's Smoke" and "Center of the Storm", 2010): Michael Westen steals a Bible from a safe deposit box that is the code book of Simon. This becomes part of the season plot to track an organization starting wars for profit as Michael tries to arrange an interview with Simon.
- In the episode "The Blind Banker" of the BBC series Sherlock, Sherlock Holmes searches for a book that is the key to a cipher being used by Chinese Tong smugglers to communicate with their agents and with each other through graffiti messages;
- In the film Unknown (2011), Prof. Bressler's passwords are obscured by an Ottendorf cipher.
- In The Unit episode "Paradise Lost", Jonas Blane (aka Snake Doctor) uses a book code from the poem Paradise Lost to communicate to his wife, Molly, that he has arrived safely in Panama.
- In "The Good Soldier Švejk" by Jaroslav Hašek, the title character's commanding officers attempt to use a book cipher. Their attempts are undone, however, when it is revealed that the novel in question is composed of two volumes, and Švejk has delivered the first volume to the officers, thinking that they intended to read the novel, rather than the second, where the code is ciphered from.
- In An Instance of the Fingerpost, a historical mystery by Iain Pears, a book cipher conceals one character's family history and its relationship with the English Civil War.
- In John Le Carre's A Perfect Spy, the protagonist Magnus Pym uses a book cipher based on the German text Simplicissimus.
- In the movie Manhunter, Hannibal Lecter, who is in prison, communicates in a personal ad in a newspaper using a book code the police know is not what he says it is (he mentions verses in the Bible, but some of the chapter numbers are not valid.) The police later discover which book Lecter was actually using, and he has given the man the home address of an FBI profiler, Will Graham, and warned the man to kill Graham.
- Changda Wang; Shiguang Ju (2008). "Book Cipher with Infinite Key Space". 2008 International Symposium on Information Science and Engineering. p. 456. doi:10.1109/ISISE.2008.273. ISBN 978-0-7695-3494-7.
- Yardley, Herbert O. The American Black Chamber (Annapolis: Naval Institute Press, 2004; reprints original edition).
- Bell, Chris. "Cicada 3301 update: the baffling internet mystery is back". Daily Telegraph. Archived from the original on 7 January 2014.