Instructables
Picture of Diceware Anywhere

This Diceware method lets you generate secure passphrases with dice and a book. Welcome to the paranoid world of cryptography. For regular folks this method is probably a waste of time, at best. But for those interested in learning more about codes, and crypto, this is a real world method used by experts. For best security you are supposed to print out the Diceware word list and use real dice - not an electronic random number generator.

I don't like having to print the Diceware list, or open it up in a PDF reader when I am in a hurry to come up with a password, username, or passphrase. Also I don't like leaving the diceware list around on my desk. But a book is hidden in plain sight.

Luckily nearly every office supply, or better yet, dollar store carries dice, a pencil box, and a cheap paperback dictionary or thesaurus.


 
Remove these adsRemove these ads by Signing Up

Step 1: Rolling and Reading


Here's how I use a book as a word list. This paperback thesaurus has 530 pages. Since 530 is a three digit number,  I'll need 3 dice, one for each digit.

Each page is divided into two columns, so I will need another die to choose a column. Each column has about 6 word entries, meaning I need one more die.

So for this book I end up rolling 5 dice in a pencil box for each word I need. A file box or a shoebox works also, as long as the dice can line up after you roll them.

In this example, the first 3 dice from left to right give the starting page number of 451

The 4th die chooses the column. I count columns from the starting page (for example, 451) and continue on to the next two pages if necessary. Here, the die reads 2, so it is the second column, and still on the starting page.

And the 5th die gives the number of entry words from the top of the column.

In this case the selected word is thought because it is the first entry word in the column.

Now, just repeat to get 6 or 7 words and you have a unique passphrase for a Wi-Fi key, or a PGP email signature, or other cryptographic uses.

Again, this is just another way of using the Diceware method, but without having to print out the Diceware word list.

If it all seems too elaborate, then it is probably not for you. This is for sys-admins, cryptographers, and others who frequently need to generate passphrases.
darris3212 years ago
maybe I'm wrong, but couldn't you just do a dictionary attack? 6-7 words from a dictionary attack would be the same as 6-7 characters from brute force, wouldn't it?
I guess it'd be harder because there are far more words than there are characters, but would it change that much?
nevermind. I just did the math. That does make a big difference.
The standard diceware list has 7776 words. 7776^7 is the possible number of passphrases. If we just do the 94 characters with even a 9 character passphrase, it would be 94^9.
7776^7>94^9

I will leave my comment to help anyone else who thought for a second like I did.
wware3 years ago
Nice instructable! I especially like the combinations of random syllables. I'm planning to use the word "conbrolute" at future dinner parties as soon as I can figure out a definition.