{"id":5730,"date":"2015-05-08T16:40:42","date_gmt":"2015-05-08T20:40:42","guid":{"rendered":"http:\/\/kasperskydaily.com\/uk\/?p=5730"},"modified":"2019-11-22T10:14:17","modified_gmt":"2019-11-22T10:14:17","slug":"ww2-zorge-book-cipher","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.uk\/blog\/ww2-zorge-book-cipher\/5730\/","title":{"rendered":"World War II information security: Richard Sorge and book cipher"},"content":{"rendered":"<p>The so-called <a href=\"http:\/\/en.wikipedia.org\/wiki\/Book_cipher\" target=\"_blank\" rel=\"noopener nofollow\">book cipher<\/a> has always been in favor with authors of spy novels and detective stories, who usually try to mimic reality but are not ready to feed hardcore tech concepts to readers. It is quite easy to refer to the book code, as it\u2019s the easiest encryption method comprehensible enough for the reader. As such, it does not seem to be a fictional ciphering system, like the one where you substitute letters with their corresponding sequential numbers.<\/p>\n<p>Book ciphers are based on the predisposition that both correspondents have the same book. The ciphering mechanics are based on a simple principle of a letter being substituted by the number of a page\/line\/character in the line. More sophisticated methods are based on the use of the piece of text as a \u2018gamma\u2019, or a sequence of characters used to code the message.<\/p>\n<p>Any book cipher allows procurement of an encrypted text not prone to being cracked. But, more importantly, it solves the issue of passing the key to the counterpart \u2013 the parties may agree on using a specific\u00a0book beforehand.<\/p>\n<p>One of the most renowned intelligence officers to use a book code was <a href=\"http:\/\/en.wikipedia.org\/wiki\/Richard_Sorge\" target=\"_blank\" rel=\"noopener nofollow\">Richard Sorge<\/a>, a legendary Soviet spy who operated in Japan. He is famous for two achievements: conveying the exact date of the German invasion of the Soviet Union and for letting the command know Japan had no plans of attacking USSR in the Far East.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">During WW2 modern cryptography principles were often coupled with \u2018amateur\u2019 but equally reliable ciphering methods <a href=\"https:\/\/t.co\/4282BWOXyx\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/4282BWOXyx<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/595990643094196227?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">May 6, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Although the first message was ignored (we have to note here the German counterintelligence was carrying out a massive disinformation campaign by constantly relaying numerous messages about the German invasion with different dates and controversial details), the second message was, indeed, a useful insight. It was due solely to Sorge\u2019s efforts that the Soviet command decided to concentrate the troops on the Western borders without considering a possibility of war in the Pacific.<\/p>\n<p>Sorge used the German Statistics Almanac, which was an ideal match for his purpose: different numbers in the tables\u2019 columns were united into the chains which, in turn, served the gamma to decipher messages. It was random enough for Sorge\u2019s messages to evade the Japanese counterintelligence\u2019s interception until they questioned Sorge\u2019s radio operator, Max Clausen.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Richard Sorge and book #cipher \u2013 World War II information #security:<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2Fsob1&amp;text=Richard+Sorge+and+book+%23cipher+%26%238211%3B+World+War+II+information+%23security%3A\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>It was Sorge\u2019s forced error, as he had to use only one person as a radio operator and a coder, due to massive volumes of data transmitted, and the difficulty of engaging more people into the intelligence operations in Japan.<\/p>\n<p>The cryptography historians noted that\u00a0the\u00a0Soviet intelligence service succeeded in creation and use of the so-called \u2018manual ciphers\u2019 which did not require any machinery.<\/p>\n<p>Similar ciphers were used by Soviet intelligence officers who operated in the \u201cRed Capella\u201d in Europe and by other agents, both during WWII and in the times following the end of the war. It\u2019s curious that the code of the <a href=\"https:\/\/www.kaspersky.com\/blog\/ww2-enigma-hack\/\" target=\"_blank\" rel=\"noopener nofollow\">sophisticated Enigma machine was cracked by the Allies<\/a> thanks to the analytics and another machine, whereas Sorge\u2019s messages coded by pencil and paper were read thanks to fieldwork and human factor.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Five lessons from the story of the Enigma cryptographic: <a href=\"https:\/\/t.co\/Xl6w43qpOS\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/Xl6w43qpOS<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/596383248218980353?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">May 7, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Yet, this story proves the resilience of the code, as well as the readiness of the Allies and Japanese command to employ resources, in both intelligence and material effort, to achieve the goals they set.<\/p>\n<p>An important lesson, and takeaway of this story, proves that the human factor cannot be underestimated in the infosec domain. We can say that the most productive cyber spying method used in APT campaigns nowadays is spear fishing, <a href=\"https:\/\/www.kaspersky.com\/blog\/no-monkeys-for-cozyduke\/\" target=\"_blank\" rel=\"noopener nofollow\">targeting certain employees of the attacked organization<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A legendary Soviet spy, Richard Sorge, is famous for conveying the exact date of the German invasion into the Soviet Union, and for letting the command know Japan had no plans of attacking the USSR in the Far East.<\/p>\n","protected":false},"author":40,"featured_media":5731,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,2026],"tags":[1000,996,261,556,999,97],"class_list":{"0":"post-5730","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-threats","9":"tag-book-ciphers","10":"tag-cryptology","11":"tag-encryption","12":"tag-history","13":"tag-richard-sorge","14":"tag-security-2"},"hreflang":[{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/ww2-zorge-book-cipher\/5730\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/ww2-zorge-book-cipher\/5328\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/ww2-zorge-book-cipher\/6033\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/ww2-zorge-book-cipher\/6031\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/ww2-zorge-book-cipher\/7724\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/ww2-zorge-book-cipher\/8638\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/ww2-zorge-book-cipher\/7575\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/ww2-zorge-book-cipher\/7724\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/ww2-zorge-book-cipher\/8638\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/ww2-zorge-book-cipher\/8638\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.uk\/blog\/tag\/book-ciphers\/","name":"book ciphers"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/5730","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=5730"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/5730\/revisions"}],"predecessor-version":[{"id":17922,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/5730\/revisions\/17922"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/media\/5731"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=5730"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=5730"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=5730"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}