It’s not a one-time pad, it’s a keyed cipher. The key is the book. And even if you consider the keyspace as the set of all books ever published (a hundred million or so), that’s a very small keyspace compared to modern ciphers. With Google Books now available, it’s probably relatively straightforward to break a book cipher with a brute force attack, given enough ciphertext and enough motivation.
Yeah, I’ll do that with my telegraph connected to the internet…
Yeah this kind of thing happened - see this law case Primrose v. Western Union Tel. Co. :: 154 U.S. 1 (1894) :: Justia US Supreme Court Center in which this coded message:
“Despot am exceedingly busy bay all kinds quo perhaps bracken half of it mince moment promptly of purchase.”
was received as
“Destroy am exceedingly busy buy all kinds quo perhaps bracken half of it mince moment promptly of purchases.” - leading to great financial loss.
If you restrict to “books that have a wide enough publication in the time of the telegraph that two people at opposite ends of a telegraph line can reasonably both get the exact same edition” the pool of possible books drops substantially, possibly within the realm of being possible to be checked by a suitably motivated police force.
Do the math…
To throw in a little background on the type of complications this could lead to, there is the interesting court case of Primrose v. Western Union, decided by the Supreme Court in 1894. Mr. Primrose was a Philadelphia-based merchant involved in the wool trade. One day in 1887, he sent a telegram (which cost $1.15 to deliver) via Western Union to his agent in Kansas, which read as follows: “Despot am exceedingly busy bay all kinds quo perhaps bracken half of it mince moment promptly of purchases.” By the code book they were using, this text would have been a confirmation of a message earlier received from the agent and some information about the wool business; but it was transmitted with several errors, most notably a substitution of “bay”, which by that code book meant “I bought”, to “buy” (remember that in Morse code, an A is one dot followed by a dash, while a U is two dots with a dash, so they are very similar). With these errors, the recipient agent understood the message as an instruction to buy 500,000 pounds of wool. He went on to follow this instruction and ended up buying 300,000 pounds of wool, which caused Mr. Primrose a loss of $20,000. He sued Western Union for this amount, but all he got was a refund of the $1.15 that he had paid for the telegram. A key factor in the reasoning of the courts was that Western Union offered the option of repeating delivered messages back to the sender for comparison, and also offered an optional insurance against transmission errors, but Mr. Primrose had declined both.
The biggest flaw in Enigma was that a letter could never be encrypted to itself. If you’ve seen films of those whirling bombes in Bletchley Park or The Imitation Game, what they’re doing is taking a crib – a known piece of clear text – and checking to see if any of it’s letters are duplicated in the cypher text. Example:
Wetterbericht (Weather report) is checked for in the cypher text the part where it it’s expected it would appear. If any letter appears in the cypher text where it appears in in the clear text (W at the beginning, for example), that rotor setting cannot be right, and the machine moves on to the next one.
When a setting with no matches is found, that might be the setting used, and it is sent off to where an Enigma copy is used to decypher the whole message and see if anything pops up.
Where the human error would come in is a lazy clerk only changing a rotor or two only a couple of notches for the next part of a long message instead of a random change of all three (or four) as was supposed to be done. An even bigger factor was when a hardware change was made, inevitably someone would ask, “We don’t have the new equipment yet. Can you resend the message the old way?” The code breakers would thus have the complete encrypted text in both the old (that they could break) and the new (which they couldn’t, yet) way greatly expediting figuring out what the new equipment entailed.
It still took a couple months to do so. If you’ve read a history about the Atlantic war mentioning what the Germans called Happy Time where the submarines were more successful for a while, its when the KM changed their Enigmas and Bletchley Park couldn’t break the code for a while.
Yes, you posted it. Schnitte explained it.
‘Fraid not, sorry. Reasons.
But you still need the key number. The books with corresponding numbers were publicly available, as Bibliophage noted. Without the key number and no computers, I doubt that your average 19 th century police force or commercial competitor could crack the cipher, especially if the sender changed the key for each message.
Plus, this was the equivalent of “Pretty good privacy” - most commercial telegrams would only have needed to be kept secret for a limited time, until the recipient bought the ton of kumquats, or the merger went through, and so on. Even if the message could b cracked, pre-computer, the information gained would likely be stale and of no value.
I think leachim was responding to the subthread discussing the book cipher that bob++ described in #11, which doesn’t use a key. The security resides in the secrecy of which book is used.
Northern Piper, how big are the key numbers in your telegraphic code? If they’re small then obviously an exhaustive search might be possible.
Another thing that occurs to me is the scheme as you describe it would work only if the codebook assigns a meaning to EVERY number in the book’s range. If there are gaps in the numbering, then adding a number to a valid code number might result in an invalid code number.
They’re all five digits, in the sample I have.
I guess this technique wouldn’t have been used to encrypt anything terribly important then. I suppose it wouldn’t take more than a couple of minutes to check one key against a message to see if the decryption makes sense. If it were worth it to someone to hire 100 people to work on it, they could decrypt a message in a day or two.
If they are all 5 digit numbers, then perhaps they aren’t encrypted at all. They may be just index numbers for the code book.
Code books sometimes provided 5 digit index numbers as well as or instead of code words.
Except the person enciphering it added 300 to each number, then wrote out a new word beside the sum. If the number was just a reference to a code word, why do that?
Point taken.
Ah. Ok. Just went back and re-read your posts.
Several of the most popular code books are available online. If you don’t already know, you may be able to work out which book was used.
I don’t see this answered, so I’ll fill in: it’s in The Valley of Fear. The same novel also hints at another(?) cipher system, used by the novel’s main protagonist (not Sherlock!), while working undercover some decade or more earlier in the coal-mining districts in the US. Alas, the story gives no details.
I always thought that one was the worst of the four novels.