See discussions, stats, and author profiles for this publication at: 
https://www.researchgate.net/publication/293291732
The book cipher algorithm
Article
· October 2008
CITATIONS
4
READS
5,930
2 authors:
Dejan Ristanovic
University of Belgrade
17
PUBLICATIONS
88
CITATIONS
SEE PROFILE
Jelica Protic
University of Belgrade
52
PUBLICATIONS
752
CITATIONS
SEE PROFILE
All content following this page was uploaded by 
Dejan Ristanovic
 on 10 September 2018.
The user has requested enhancement of the downloaded file.

46
Dr. Dobb’s Journal
l
www.ddj.com
l
October 2008
Core Technology
by Dejan Ristanovic and Jelica Protic
With the Book cipher algorithm, you’re safe from these
kinds of errors because it is simple enough that you
can code it in a few lines of C that are completely
understandable, but still extremely secure. The so-
called Beale ciphers (unmuseum.org/beal.htm),
which point to a location of buried treasure some-
where in Bedford county, were coded in 1885, but still
have not been decoded. This secret (or maybe hoax)
has occupied some of the best cryptanalytic minds.
Likewise, when Simon Singh gave 10 problems in the
appendix of The Code Book, problem #5 (Book cipher)
was the most difficult one for the winners of the
£10,000 prize (www.simonsingh.com/Cipher_
Challenge.html). Still, the Book cipher has probably
never been used in commercial software.
Book Cipher 
Algorithms
Basically, the Book cipher algorithm uses letters of
subsequent words in some text or book as a key to
encode a message. Figure 1 is the simplest form, usu-
ally called the “running key cipher.” In this case, text
(usually from a book) is used to provide a very long
key stream. The book used is agreed upon in
advance, while the passage used is chosen randomly
for each message and secretly indicated somewhere
in a previous message. In this example, we agreed to
use J.K. Rowling’s Harry Potter and the Order of the
Phoenix and to start on page 335, line 28, with the
sentence, “Hermione bit her lip and did not answer.”
We write this text under the plaintext and use it as the
running key. The particular message to send is
“DRDOBBS.” We XOR the corresponding characters
of the message and the running key to get the cipher-
text 12 23 22 2 11 13 29.
The running key cipher is much better than the
famous Vigenère cipher because we do not repeat
the key—a book is hopefully long enough to encode
everything we have to say. However, security is still
poor because the entropy per character of both the
plaintext and the running key is low, and the com-
bining operation is relatively easily inverted. By
Dejan
is editor-in-
chief of PC Press, a
personal computer
magazine in
Serbia and former
Yugoslavia. He can
be contacted at
www.ristanovic
.com.
Jelica
is a profes-
sor of computer
engineering at the
School of Electrical
Engineering, University of
Belgrade. She can be contacted
at www.jeca.rs.
Unless you’re a professional cryptanalyst, writing cryptography code means meddling with
“powers” you cannot fully comprehend, and seemingly insignificant slips can be fatal.
During World War II, for instance, Polish and British mathematicians broke Germany’s
Enigma code only because the same message-key was enciphered twice at the beginning of
every message. The Germans did this to avoid mistakes caused by radio interference, but at
the same time, it ruined their carefully planned cryptosystem. And how many slips are there
in the code that multiply big numbers, look for 1000-digits primes, and encrypt the fixed
header of your document?
The Book Cipher
Algorithm
A simple—but safe—approach to security
D10deja_p5db 8/15/08 10:02 AM Page 46