Introduction: Diceware Anywhere
This Diceware method lets you generate secure passphrases with dice and a book. Welcome to the paranoid world of cryptography. For regular folks this method is probably a waste of time, at best. But for those interested in learning more about codes, and crypto, this is a real world method used by experts. For best security you are supposed to print out the Diceware word list and use real dice - not an electronic random number generator.
I don't like having to print the Diceware list, or open it up in a PDF reader when I am in a hurry to come up with a password, username, or passphrase. Also I don't like leaving the diceware list around on my desk. But a book is hidden in plain sight.
Luckily nearly every office supply, or better yet, dollar store carries dice, a pencil box, and a cheap paperback dictionary or thesaurus.
Step 1: Rolling and Reading
Here's how I use a book as a word list. This paperback thesaurus has 530 pages. Since 530 is a three digit number, I'll need 3 dice, one for each digit.
Each page is divided into two columns, so I will need another die to choose a column. Each column has about 6 word entries, meaning I need one more die.
So for this book I end up rolling 5 dice in a pencil box for each word I need. A file box or a shoebox works also, as long as the dice can line up after you roll them.
In this example, the first 3 dice from left to right give the starting page number of 451
The 4th die chooses the column. I count columns from the starting page (for example, 451) and continue on to the next two pages if necessary. Here, the die reads 2, so it is the second column, and still on the starting page.
And the 5th die gives the number of entry words from the top of the column.
In this case the selected word is thought because it is the first entry word in the column.
Now, just repeat to get 6 or 7 words and you have a unique passphrase for a Wi-Fi key, or a PGP email signature, or other cryptographic uses.
Again, this is just another way of using the Diceware method, but without having to print out the Diceware word list.
If it all seems too elaborate, then it is probably not for you. This is for sys-admins, cryptographers, and others who frequently need to generate passphrases.
Step 2: Missing Pages?
You might wonder about all the skipped pages since the dice are only numbered from 1 to 6. Well, yeah, there will be lots of skipped pages.
For instance, all the pages from 67-110 and 267-310 and 367-410 and 467-510 are skipped.
Well actually because of how I count columns, there are potentially only 4*(43-2) = 164 skipped pages. This means about a third of the words in the book are left out.
But it really does not make a difference for our purposes. We just need random words, so if some are skipped, there are still more than enough.
So what to do if the first digit is higher than the number of pages in the book? Well if the first die had been 6, I would read it at as zero since there are only 530 pages. This would give a page number of 051, or just plain 51.
Step 3: Silly Passwords
You can modify this method to create improbable passwords. Just randomly choose two or three words using the method above.
Now roll the dice to pick a syllable in each word, wrapping the number around if the word has only 2 or 3 syllables.
Join up the syllables and get silly, but memorable, passwords like nopardstub or conbrolute !
It's simple, and is more secure than using your mother's maiden name.
You can read the Diceware FAQs for more information on passphrases and how to use them..