NAME

Dice-Road-Dictionary-Generator.pl - Dice-Road Dictionary™ Password Code Book Generator


SYNOPSIS

perl Dice-Road-Dictionary-Generator.pl -n 5 -l en (Generate a 5 dice table in English with standard dice )

perl Dice-Road-Dictionary-Generator.pl -n 3 -s 20 -l en (Generate a 3 dice table in English with twenty-sided dice )

perl Dice-Road-Dictionary-Generator.pl -n 10 -s 2 -l en (Generate a 10 dice table in English with coins as dice )

perl Dice-Road-Dictionary-Generator.pl -n 5 -l de (Generate a 5 dice table in German with standard dice )


SLOGAN

The Dice-Road Dictionary™ Password Code Book: Your /dev/random home away from home.


DESCRIPTION

OVERVIEW

The Dice-Road Dictionary™ Password Code Book is inspired by Arnold Reinhold's Diceware™ Dictionary http://world.std.com/~reinhold/diceware.html

The Dice-Road Dictionary™ Password Code Book is a lookup table sorted in dice-numeric order containing 4 columns:

BACKGROUND

Generating secure passwords that will actually be used requires dealing with two conflicting requirements:

The GNU apg program (automatic password generator) does a good job squaring the usability/randomness circle. Unfortunately GNU apg does not appear to be available for non-Linux operating systems. Even if it was, the source of randomness in non-open source systems may be cracked or tapped.

While Dice-Road Dictionaries are intended for use "on the road" when a reliable GNU-based system may not be available, there are strong reasons to use physically-verifiable random number generators when creating passwords for high stakes cryptographic payloads.

REQUIREMENTS

The Dice-Road Dictionary™ perl program requires the following GNU programs:

OTHER FEATURES

Each Dice-Road Dictionary™ generated from the perl program will be unique since the GNU aspell Spell Checker Dictionary, the GNU apg passwords and the /dev/urandom words are sorted in random order. The program verifies that there are no duplicates within the dictionary symbol set.

While the source of security for the Dice-Road Dictionary™ is dice randomness, random sorted dictionaries containing arbitrary word sets will hinder the hypothetical "large, well funded organization" or foreign government working to crack lawfully deployed passwords.


OPTIONS

Dice-Road-Dictionary-Generator.pl: Generates a Dice Road Password Dictionary in groff and text format.

Option -C
 : B<maximum> aspell dictionary word character length [ default = 7 ]
Option -c
 : B<minimum> aspell dictionary word character length [ default = 2 ]
Option -h
 : Print help.
Option -l
 : I<aspell> language code [ default = en ]
Option -n
 : number of dice for each dictionary entry [ default = 5 ]
Option -s
 : dice geometry: number of sides for each dice [ default = 6 ]


CAVEATS

WHY DICE ?

Dice are not vulnerable to the the full spectrum of electronic threats: interception, injection, intrusion. While physical attempts to substitute loaded dice are possible, they are greatly reduced by using clear casino dice).

There are many good password generation programs available: GNU apg for Linux systems or PWGEN for windows, but many PC users are not in a position to install these programs. Also, proper use of a password generation program requires that the source code be examined and verified. The code that generates the random number stream should also be examined to make sure it is not cracked or tapped.

Examining code is a task for experts. It takes time and energy. Dice are much easier to deal with and are intrinsically trustworthy.

There are also many password generation websites and random number websites such as http://www.random.org Likewise, some who need a secure password may not have a secure Internet connection. In the age when surveillance is pervasive, there may not be such a thing.

MINIMUM PASSWORD LENGTH

Arnold Reinhold recommends "five words for most users" for Diceware™.

http://world.std.com/~reinhold/dicewarefaq.html#howlong

COLUMN PICKING

Each Dice Road Dictionary entry contains a Aspell dictionary word, an APG FIPS-180 word and a random character hexagram. A rule for picking the column (such as 1-2-3 for three throws) should be adhered to to avoid selection bias creeping into the password selection.

KEYBOARD NOTES

All keyboards are vulnerable to both hardware and software key logging. And since keyboards are secret-software embedded systems, there may be internal vulnerabilities as well.

The open source KeePass Password Safe http://keepass.info has an optional built-in on-screen keyboard plugin obtainable at: http://keepass.info/plugins.html#osk

Open Solaris recommends transmitting passwords via a file (See http://hub.opensolaris.org/bin/view/Community+Group+arc/passwords-cli), set to the minimum permissions to get the job done. Afterwards, it should be destroyed using the GNU shred command. http://www.linfo.org/shred.html


ACKNOWLEDGMENTS

Thanks to Arnold Reinhold-- one of the unsung heros of computer security for Diceware™ http://world.std.com/~reinhold/diceware.html.


AUTHOR

Tom Borawski ChiefOperator (circle a) GeneralTelegraph.com


COPYRIGHT

Copyright (c) 2017 by Tom Borawski ChiefOperator (circle a) GeneralTelegraph.com

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.


AVAILABILITY

The project page is located at www.generaltelegraph.com.

http://www.generaltelegraph.com/dice-road-dictionary/dice-road-dictionary.html