Yes, they will.  So don’t do it.

No, it is not “good enough protection for regular folk”.  Not when in the real world—not in theory, but in practice—there are blackhats doing a batch offline attacks using any text corpus you can think of.

In a roundabout way, you have reïnvented your own version of the brainwallet.  I snipped the part that you said about number stations, because it’s irrelevant:  You are introduced your scheme by discussing some spy stuff that often relied on secure randomness, then discarded secure randomness.  Don’t do this.


One-time pad = secure randomness, by definition.  (And if it doesn’t use secure randomness, it is not a one-time pad!  Also, by the way, in modern cryptography, “one-time pad” is often a red flag for snakeoil; a one-time pad is itself secure, but the term is so abused by ignorant fools that it has become a mostly reliable marker for a high probability of bad crypto.  A one-time pad and its information-theoretic security proof are altogether totally irrelevant to Bitcoin wallets, so I will further ignore this.)

“Simply a book” may have been adequately secure for some uses 50 or 60 years ago.  Not today, when a computer can easily grind through trillions of phrases guessed from a text corpus.

Please do realize that cryptography has changed.  In the WWII era, and for most of the Cold War era, the very best ciphers would be laughably insecure by today’s standards.  Accordingly, cryptanalysis was different.  In real-world use by militaries, the use of cryptography was quite often only to slow down the cryptanalysts for long enough that a message would be irrelevant:  A general doesn’t care if his “ATTACK AT DAWN” message is cracked after the dawn attack has already occurred.

To give you a quick gut-shot feeling for how much cryptography has changed, without getting too technical:  Cryptanalysis departments used to employ teams of experts in (human) languages, to assist with estimation of word frequencies and letter frequencies in the plaintext.  They don’t do that anymore—not the same way as they used to; not nearly—because modern ciphers output ciphertext that is indistinguishable from randomness for a computationally bounded attacker.  If the type of probabilistic cryptanalysis used decades ago could shave even 1 bit off the security margin of a cipher like AES or Chacha20, then the cipher would be declared to be badly broken!  Alan Turing could drawn up his “Eines List”, way back when—nowadays, that type of analysis is generally unhelpful.

Anyway, I hope you get my point:  There was a time when for certain uses, if you understood the threat model very well, then maybe you could use some phrase from a printed book as a secret key.  That is completely inapplicable to Bitcoin wallets.  Using a phrase from a book as a Bitcoin brainwallet is a most excellent way to run a high risk of getting your money stolen; and advising others to do so is a way to make them risk getting their money stolen.  Don’t do that!

P.S., if you still believe in your scheme, then please suggest it in the technical forum where you will be promptly roasted to a crisp.  I don’t have so much time to pick apart insecure brainwallet schemes anymore; I wasted too much time on that, for years.