How safe is a book cipher? How would you break it?

Clash Royale CLAN TAG#URR8PPP

up vote
1
down vote

favorite

This might not be a very specific question, but I was wondering this morning.
If one were to encode a message by making a string out of an entire book and writing the message by searching for a random occurrence in the "book-string" of each letter in the message and replacing it with the string index of the letter. Additionally you could make sure no number appears twice in the message as there is normally more than one occurrence of each letter in a book. This way no "letter" in the encrypted message would repeat.

How safe is this, assuming you passed on the key safely, and how would you go about breaking it?

Thanks in advance :D

encryption

share|improve this question

asked 2 hours ago

Ciaran Hagen

83

New contributor

Ciaran Hagen is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  So, is your key the book?
  – Hilder Vitor Lima Pereira
  1 hour ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  Yes it is... You would have the same version and everything of vourse...
  – Ciaran Hagen
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  Could you give an example on how this encryption would look like?
  – Aleksander Rassasse
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  For example assume your book-string is "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz"
  – Ciaran Hagen
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  The more you use this book the more it will reveal itself. A brute-force attack, construct all the books and see what i can get.
  – kelalaka
  1 hour ago
  

  
  
  
  

 | 
show 3 more comments

up vote
1
down vote

favorite

This might not be a very specific question, but I was wondering this morning.
If one were to encode a message by making a string out of an entire book and writing the message by searching for a random occurrence in the "book-string" of each letter in the message and replacing it with the string index of the letter. Additionally you could make sure no number appears twice in the message as there is normally more than one occurrence of each letter in a book. This way no "letter" in the encrypted message would repeat.

How safe is this, assuming you passed on the key safely, and how would you go about breaking it?

Thanks in advance :D

encryption

share|improve this question

asked 2 hours ago

Ciaran Hagen

83

New contributor

Ciaran Hagen is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  So, is your key the book?
  – Hilder Vitor Lima Pereira
  1 hour ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  Yes it is... You would have the same version and everything of vourse...
  – Ciaran Hagen
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  Could you give an example on how this encryption would look like?
  – Aleksander Rassasse
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  For example assume your book-string is "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz"
  – Ciaran Hagen
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  The more you use this book the more it will reveal itself. A brute-force attack, construct all the books and see what i can get.
  – kelalaka
  1 hour ago
  

  
  
  
  

 | 
show 3 more comments

up vote
1
down vote

favorite

up vote
1
down vote

favorite

This might not be a very specific question, but I was wondering this morning.
If one were to encode a message by making a string out of an entire book and writing the message by searching for a random occurrence in the "book-string" of each letter in the message and replacing it with the string index of the letter. Additionally you could make sure no number appears twice in the message as there is normally more than one occurrence of each letter in a book. This way no "letter" in the encrypted message would repeat.

How safe is this, assuming you passed on the key safely, and how would you go about breaking it?

Thanks in advance :D

encryption

share|improve this question

asked 2 hours ago

Ciaran Hagen

83

New contributor

Ciaran Hagen is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

This might not be a very specific question, but I was wondering this morning.
If one were to encode a message by making a string out of an entire book and writing the message by searching for a random occurrence in the "book-string" of each letter in the message and replacing it with the string index of the letter. Additionally you could make sure no number appears twice in the message as there is normally more than one occurrence of each letter in a book. This way no "letter" in the encrypted message would repeat.

How safe is this, assuming you passed on the key safely, and how would you go about breaking it?

Thanks in advance :D

encryption

encryption

share|improve this question

asked 2 hours ago

Ciaran Hagen

83

New contributor

Ciaran Hagen is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked 2 hours ago

Ciaran Hagen

83

New contributor

Ciaran Hagen is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

share|improve this question

asked 2 hours ago

Ciaran Hagen

83

New contributor

Ciaran Hagen is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 2 hours ago

Ciaran Hagen

83

asked 2 hours ago

Ciaran Hagen

83

83

New contributor

Ciaran Hagen is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

New contributor

Ciaran Hagen is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

Ciaran Hagen is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  So, is your key the book?
  – Hilder Vitor Lima Pereira
  1 hour ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  Yes it is... You would have the same version and everything of vourse...
  – Ciaran Hagen
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  Could you give an example on how this encryption would look like?
  – Aleksander Rassasse
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  For example assume your book-string is "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz"
  – Ciaran Hagen
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  The more you use this book the more it will reveal itself. A brute-force attack, construct all the books and see what i can get.
  – kelalaka
  1 hour ago
  

  
  
  
  

 | 
show 3 more comments

• 
  
  
  

  
  

  
  
  
  
  
  

  
  So, is your key the book?
  – Hilder Vitor Lima Pereira
  1 hour ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  Yes it is... You would have the same version and everything of vourse...
  – Ciaran Hagen
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  Could you give an example on how this encryption would look like?
  – Aleksander Rassasse
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  For example assume your book-string is "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz"
  – Ciaran Hagen
  1 hour ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  The more you use this book the more it will reveal itself. A brute-force attack, construct all the books and see what i can get.
  – kelalaka
  1 hour ago
  

  
  
  
  

So, is your key the book?
– Hilder Vitor Lima Pereira
1 hour ago

So, is your key the book?
– Hilder Vitor Lima Pereira
1 hour ago

Yes it is... You would have the same version and everything of vourse...
– Ciaran Hagen
1 hour ago

Yes it is... You would have the same version and everything of vourse...
– Ciaran Hagen
1 hour ago

1

1

Could you give an example on how this encryption would look like?
– Aleksander Rassasse
1 hour ago

Could you give an example on how this encryption would look like?
– Aleksander Rassasse
1 hour ago

For example assume your book-string is "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz"
– Ciaran Hagen
1 hour ago

For example assume your book-string is "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz"
– Ciaran Hagen
1 hour ago

The more you use this book the more it will reveal itself. A brute-force attack, construct all the books and see what i can get.
– kelalaka
1 hour ago

The more you use this book the more it will reveal itself. A brute-force attack, construct all the books and see what i can get.
– kelalaka
1 hour ago

 | 
show 3 more comments

2 Answers
2

active

oldest

votes

up vote
2
down vote



accepted

This isn't very secure. Generally, partial knowledge of the plaintext should not lead to leakage of other parts of the plaintext. In your book cipher it clearly does.

Say we guess the first part of the message. Then we can try and see which books would be correct for the given ciphertext. After the book (the key) is found we can then decrypt the rest of the message.

share|improve this answer

answered 55 mins ago

Maarten Bodewes

48.3k568179

• 
  
  
  

  
  

  
  
  
  
  
  

  
  You're right... simple guessing could pretty quickly limit the number of possible books! Thanks.
  – Ciaran Hagen
  53 mins ago
  

  
  
  
  

add a comment | 

up vote
1
down vote

What you are proposing is just a homophonic substitution cipher and it is highly insecure for modern standards.

It doesn't satisfy common security definitions, such as "security against chosen plaintext attack". It is not semantic secure in the sense that an attacker can easily construct two different messages whose corresponding ciphertexts are guessable.

For instance, the letter Z is not frequently used, so how many times does Z appear in a usual book?

Thus, the message

"When I got there, he was like ZZZZZZZZZZZZZZZZZZZZZZZZZZ sleeping hard"

is much more likely to have repeated digits in its ciphertext than

"When I got there, he was reading an old book about computer science and art."

But even if you stick with weaker security definitions, like just requiring that someone having access to "some" ciphertexts is not able to recover the plaintext, it is still not very secure, because one can use all sort of frequency analysis against it. For instance, which are the most common 3-letter words? Maybe "the", "one", "are"... So we could try to replace them in the ciphertexts and see if it works. If some of them works, then we have already discovered some information about the plaintext and the key...

share|improve this answer

edited 20 mins ago

answered 35 mins ago

Hilder Vitor Lima Pereira

3,794828

add a comment | 

Your Answer

StackExchange.ifUsing("editor", function ()
return StackExchange.using("mathjaxEditing", function ()
StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix)
StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
);
);
, "mathjax-editing");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "281"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

Ciaran Hagen is a new contributor. Be nice, and check out our Code of Conduct.

 

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f62799%2fhow-safe-is-a-book-cipher-how-would-you-break-it%23new-answer', 'question_page');

);

Post as a guest

Name Email

2 Answers
2

active

oldest

votes

2 Answers
2

active

oldest

votes

active

oldest

votes

active

oldest

votes

up vote
2
down vote



accepted

This isn't very secure. Generally, partial knowledge of the plaintext should not lead to leakage of other parts of the plaintext. In your book cipher it clearly does.

Say we guess the first part of the message. Then we can try and see which books would be correct for the given ciphertext. After the book (the key) is found we can then decrypt the rest of the message.

share|improve this answer

answered 55 mins ago

Maarten Bodewes

48.3k568179

• 
  
  
  

  
  

  
  
  
  
  
  

  
  You're right... simple guessing could pretty quickly limit the number of possible books! Thanks.
  – Ciaran Hagen
  53 mins ago
  

  
  
  
  

add a comment | 

up vote
2
down vote



accepted

This isn't very secure. Generally, partial knowledge of the plaintext should not lead to leakage of other parts of the plaintext. In your book cipher it clearly does.

Say we guess the first part of the message. Then we can try and see which books would be correct for the given ciphertext. After the book (the key) is found we can then decrypt the rest of the message.

share|improve this answer

answered 55 mins ago

Maarten Bodewes

48.3k568179

• 
  
  
  

  
  

  
  
  
  
  
  

  
  You're right... simple guessing could pretty quickly limit the number of possible books! Thanks.
  – Ciaran Hagen
  53 mins ago
  

  
  
  
  

add a comment | 

up vote
2
down vote



accepted

up vote
2
down vote



accepted

This isn't very secure. Generally, partial knowledge of the plaintext should not lead to leakage of other parts of the plaintext. In your book cipher it clearly does.

Say we guess the first part of the message. Then we can try and see which books would be correct for the given ciphertext. After the book (the key) is found we can then decrypt the rest of the message.

share|improve this answer

answered 55 mins ago

Maarten Bodewes

48.3k568179

This isn't very secure. Generally, partial knowledge of the plaintext should not lead to leakage of other parts of the plaintext. In your book cipher it clearly does.

Say we guess the first part of the message. Then we can try and see which books would be correct for the given ciphertext. After the book (the key) is found we can then decrypt the rest of the message.

share|improve this answer

answered 55 mins ago

Maarten Bodewes

48.3k568179

share|improve this answer

share|improve this answer

answered 55 mins ago

Maarten Bodewes

48.3k568179

answered 55 mins ago

Maarten Bodewes

48.3k568179

answered 55 mins ago

Maarten Bodewes

48.3k568179

48.3k568179

• 
  
  
  

  
  

  
  
  
  
  
  

  
  You're right... simple guessing could pretty quickly limit the number of possible books! Thanks.
  – Ciaran Hagen
  53 mins ago
  

  
  
  
  

add a comment | 

• 
  
  
  

  
  

  
  
  
  
  
  

  
  You're right... simple guessing could pretty quickly limit the number of possible books! Thanks.
  – Ciaran Hagen
  53 mins ago
  

  
  
  
  

You're right... simple guessing could pretty quickly limit the number of possible books! Thanks.
– Ciaran Hagen
53 mins ago

You're right... simple guessing could pretty quickly limit the number of possible books! Thanks.
– Ciaran Hagen
53 mins ago

add a comment | 

up vote
1
down vote

What you are proposing is just a homophonic substitution cipher and it is highly insecure for modern standards.

It doesn't satisfy common security definitions, such as "security against chosen plaintext attack". It is not semantic secure in the sense that an attacker can easily construct two different messages whose corresponding ciphertexts are guessable.

For instance, the letter Z is not frequently used, so how many times does Z appear in a usual book?

Thus, the message

"When I got there, he was like ZZZZZZZZZZZZZZZZZZZZZZZZZZ sleeping hard"

is much more likely to have repeated digits in its ciphertext than

"When I got there, he was reading an old book about computer science and art."

But even if you stick with weaker security definitions, like just requiring that someone having access to "some" ciphertexts is not able to recover the plaintext, it is still not very secure, because one can use all sort of frequency analysis against it. For instance, which are the most common 3-letter words? Maybe "the", "one", "are"... So we could try to replace them in the ciphertexts and see if it works. If some of them works, then we have already discovered some information about the plaintext and the key...

share|improve this answer

edited 20 mins ago

answered 35 mins ago

Hilder Vitor Lima Pereira

3,794828

add a comment | 

up vote
1
down vote

What you are proposing is just a homophonic substitution cipher and it is highly insecure for modern standards.

It doesn't satisfy common security definitions, such as "security against chosen plaintext attack". It is not semantic secure in the sense that an attacker can easily construct two different messages whose corresponding ciphertexts are guessable.

For instance, the letter Z is not frequently used, so how many times does Z appear in a usual book?

Thus, the message

"When I got there, he was like ZZZZZZZZZZZZZZZZZZZZZZZZZZ sleeping hard"

is much more likely to have repeated digits in its ciphertext than

"When I got there, he was reading an old book about computer science and art."

But even if you stick with weaker security definitions, like just requiring that someone having access to "some" ciphertexts is not able to recover the plaintext, it is still not very secure, because one can use all sort of frequency analysis against it. For instance, which are the most common 3-letter words? Maybe "the", "one", "are"... So we could try to replace them in the ciphertexts and see if it works. If some of them works, then we have already discovered some information about the plaintext and the key...

share|improve this answer

edited 20 mins ago

answered 35 mins ago

Hilder Vitor Lima Pereira

3,794828

add a comment | 

up vote
1
down vote

up vote
1
down vote

What you are proposing is just a homophonic substitution cipher and it is highly insecure for modern standards.

It doesn't satisfy common security definitions, such as "security against chosen plaintext attack". It is not semantic secure in the sense that an attacker can easily construct two different messages whose corresponding ciphertexts are guessable.

For instance, the letter Z is not frequently used, so how many times does Z appear in a usual book?

Thus, the message

"When I got there, he was like ZZZZZZZZZZZZZZZZZZZZZZZZZZ sleeping hard"

is much more likely to have repeated digits in its ciphertext than

"When I got there, he was reading an old book about computer science and art."

But even if you stick with weaker security definitions, like just requiring that someone having access to "some" ciphertexts is not able to recover the plaintext, it is still not very secure, because one can use all sort of frequency analysis against it. For instance, which are the most common 3-letter words? Maybe "the", "one", "are"... So we could try to replace them in the ciphertexts and see if it works. If some of them works, then we have already discovered some information about the plaintext and the key...

share|improve this answer

edited 20 mins ago

answered 35 mins ago

Hilder Vitor Lima Pereira

3,794828

What you are proposing is just a homophonic substitution cipher and it is highly insecure for modern standards.

It doesn't satisfy common security definitions, such as "security against chosen plaintext attack". It is not semantic secure in the sense that an attacker can easily construct two different messages whose corresponding ciphertexts are guessable.

For instance, the letter Z is not frequently used, so how many times does Z appear in a usual book?

Thus, the message

"When I got there, he was like ZZZZZZZZZZZZZZZZZZZZZZZZZZ sleeping hard"

is much more likely to have repeated digits in its ciphertext than

"When I got there, he was reading an old book about computer science and art."

But even if you stick with weaker security definitions, like just requiring that someone having access to "some" ciphertexts is not able to recover the plaintext, it is still not very secure, because one can use all sort of frequency analysis against it. For instance, which are the most common 3-letter words? Maybe "the", "one", "are"... So we could try to replace them in the ciphertexts and see if it works. If some of them works, then we have already discovered some information about the plaintext and the key...

share|improve this answer

edited 20 mins ago

answered 35 mins ago

Hilder Vitor Lima Pereira

3,794828

share|improve this answer

share|improve this answer

edited 20 mins ago

edited 20 mins ago

edited 20 mins ago

answered 35 mins ago

Hilder Vitor Lima Pereira

3,794828

answered 35 mins ago

Hilder Vitor Lima Pereira

3,794828

answered 35 mins ago

Hilder Vitor Lima Pereira

3,794828

3,794828

add a comment | 

add a comment | 

Ciaran Hagen is a new contributor. Be nice, and check out our Code of Conduct.

 

draft saved

draft discarded

Ciaran Hagen is a new contributor. Be nice, and check out our Code of Conduct.

Ciaran Hagen is a new contributor. Be nice, and check out our Code of Conduct.

Ciaran Hagen is a new contributor. Be nice, and check out our Code of Conduct.

 

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f62799%2fhow-safe-is-a-book-cipher-how-would-you-break-it%23new-answer', 'question_page');

);

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Name Email

Name

Email

Name Email

Name

Email