DRYAD One Time Pad

DRYAD tool

- You have to generate the sheet before you can print it.
- You have to generate the sheet before you can print it.
Description

A DRYAD cipher sheet (also called a pad or table) contains 25 lines or rows of scrambled letters.

In typical DRYAD pad each line is labeled by the letters A to Y in a column on the left of the page and each row contains a random permutation of the letters A through Y.

The letters in each row are grouped into 10 columns labeled 0 through 9. The column under 0 has 4 letters per row, column 1, 2 and 5 have 3 letters per row, the other columns have 2 letters each. Notably the letter I and the letter O are absent from the letters available for encryption.

A validity time called a cryptoperiod is assigned to each pad.

Check "How to use this tool" for information on setting up an encrypted channel using a DRYAD pad.
How to use this tool

There are two ways to use a DRYAD sheet, authentication and encryption. Both options require these following previous steps and are often combined to make sure the source is valid before using a sheet for encryption.
1. Setting up
  1. Select a starting and finishing time for the DRYAD to be active, this is called the cryptoperiod.
  2. Input or generate an ID on the controls.
  3. Click "Generate pad".
  4. Print two or more pads. Keep them secret, keep them safe.
2. Get a "Set Letter"
  Before you can start encrypting you must decide on a Set Letter by following these steps:
  1. Think of a letter from A to Z excluding the letter Y.
  2. Find the fist column to the left of your pad and then lookup your letter, the row corresponding to this letter is your Set Indicator.
  3. Now think of a second letter from A to Z and find it in your chosen Set Indicator (i.e the horizontal row of your first letter).
  4. The letter to the right of the letter you just picked letter is your Set Letter.
    
    If there is no letter to the right your set letter is the first letter on the left of your chosen Set Indicator.
  5. You must repeat the previous steps if:
    
    You have encrypted 15 characters with the current set.
    
    The numbers or letters have already been used up on the current set.
  6. You are now ready to encrypt numbers or encrypt letters.
  Encryption examples using "example" as the ID to generate the pad.
  
  - Example 1: Imagine I pick "R" as my first letter (the set indicator). And for my second letter I choose "A"; the letter to the right of "A" on set indicator "R" is "H", so "H" becomes my set letter.
  
  - Example 2: Imagine I pick "F" as my first letter (the set indicator). And for my second letter I choose "J"; there is no letter after "J" because it is the last of the row, so I go to the beginning of the row and "C" becomes my set letter.
3. Useful information
  1. - Keep the cryptoperiod as short as possible.
  2. - Use the authentication method before sending any ciphertext or at agreed intervals.
  3. - You can download and run this page locally (and offline) for extra security.
  4. - Try and print your sheets as small as possible, to facilitate hiding them if necessary.
  5. - Print as many sheets at once as messages you intend on sending and receiving.
  6. - Make sure you print/load your pads in a trusted location
  7. - Delete printer memory and delete browser cache after printing.
  8. - Always prefer paper pads over using this tool on a computer or device.
For Authentication

Use the rules described in the "How to use this tool" section before you are ready to authenticate.
1. Steps to Authenticate
  1. The challenging station selects a set letter.
  2. The station being challenged authenticates by picking the letter directly below the letter challenged.
    
    If set indicator row is "Y" (the last row in the pad) the authentication response must be the corresponding letter in the "A" row.
  3. Repeat the authentication process at least twice to increase its security.
  - Example 1: using "example" as the ID to generate the pad.
  - - "Alfa one Bravo, this is Yankee two Zulu, authenticate Delta Kilo, over."
  - - "Yankee two Zulu, this is Alfa one Bravo, authentication India, over."
  - Example 2: using "example" as the ID to generate the pad.
  - - "Yankee two Zulu, this is Alfa one Bravo, authenticate Yankee Lima, over."
  - - "Alfa one Bravo, this is Yankee two Zulu, authentication Uniform, over."
2. Useful information
  1. - Authentication checks and fresh tables must be renewed on a scheduled basis.
  2. - Any challenge/reply authentications should be crossed out in the currently used set.
  3. - Another challenge should be made if:
    
    - An incorrect reply is received.
    
    - If a "standby" is requested.
    
    - If an unusual delay occurs between challenge and reply.
  4. - Never give the challenge and reply in the same transmission (AKA self authentication).
  5. - In challenge and reply authentication, only the station responding is verified.
  6. - Do not accept a challenge as an authentication.
  7. - To verify both stations, both stations should be challenged and should reply.
  8. - If the challenged station does not reply in the next 5 seconds challenge them again, even if their answer is correct.
Encryption

Use the rules described in the "How to use this tool" section before you follow these steps.
1. Encrypt Digits
  1. The encoder selects a set letter.
  2. Search for the intersection between the set letter row and the marked cleartext digit column
  3. Choose one letter from the intersection group, this letter is your ciphertext.
    
    If the chosen letter already exists in the encoded ciphertext choose a different letter from the intersection group.
    
    In numbers with digit repetition you might have to "break" (see example below) and assign a new set letter, as you will run out of letters because of the previous rule.
  4. Mark out the letter as used to avoid using it again.
  5. Repeat this process until you have encoded all your digits.
  6. Examples using "example" as the seed to generate the pad.
    
    Number encryption of cleartext "1445":
    
    - "Alfa one Bravo, this is Yankee two Zulu, I set Yankee Bravo (pause) Mike Romeo Tango Echo as meeting time, over."
    
    Note that "as meeting time"" should be a code list digraph or other code, not a literal time.
    
    Number encryption of cleartext "14447":
    
    - "Alfa one Bravo, this is Yankee two Zulu, I set November Juliet (pause) India Echo Golf (pause) I set Echo Uniform (pause) Oscar Whiskey, over."
    
    Note that because we ran out of cipher letters on set letter "I" we had to set a new row to continue the transmission.
2. Encrypt Letters
  1. The encoder selects a set letter.
  2. Find your cleartext letter on the horizontal alphabet just above the numbers and get the ciphertext letter at their intersection.
    
    Unlike number encryption, you only have one cipher letter to choose below your clieartext letter.
    
    If a ciphertext letter repeats itself add a "break" (see example below) and choose and new set letter.
    
    Never encrypt more than 15 letters without changing the set letter.
  3. Repeat the process with the rest of your cleartext.
  Examples: using "example" as the ID to generate the pad.
  
  Word encryption of cleartext "RETREAT":
  - - "Alfa one Bravo, this is Yankee two Zulu, I set Uniform Papa (pause) Papa Charlie Tango (pause) I set Charlie Kilo (pause) Mike Golf Hotel (pause) I set Mike Golf (pause) Echo, over."
  - Note that because we ran out of cipher letters we had to set a new set letter row twice to continue the transmission.
3. Decryption
  1. The decoder uses the first two letters in the ciphertext to determine the set letter with which the code was encrypted.
  2. Beginning from the third letter of your ciphertext translate the ciphertext characters back to cleartext.
    
    Pay special attention not to confuse code names with the ciphertext itself.
    
    Readjust the set letter with every new set letter.
  3. Repeat the process with the rest of your ciphertext until it is decoded.
  Examples:
  Using "example" as the ID to generate the pad.
  
  Example 1:
  Decrypting the ciphertext digits "HV VXHD", transmitted as "I Set Hotel Victor (pause) Victor X-ray Hotel Delta":
  - - Taking the first two ciphertext letters will guide us to set letter "R".
  - - Mark every letter encoded so to avoid using them again.
  - - Searching for VXHD reveals the word HELP, your decrypted message.
  Example 2:
  A more complex example using code names. Suppose the following:
  - "XXX" means "encrypted latitude".
  - "YYY" means "encrypted longitude".
  - "XXX SQ JASIXWHNMV YYY KE SLKGJVMERX" as our ciphertext.
  - - Using XXX we use SQ to get the set letter "R" resulting in decoding 0399163562.
  - - The we get YYY followed by KE to get the set letter "Y" resulting in decoding 1163971546.
  - - Your decoded coordinates are latitude 039.9163562 and longitude 116.3971546.
4. Encryption and Decryption tips
  1. - Always keep your messages as short as possible.
  2. - Never send more than 15 letters per set letter.
  3. - Never transmit the set letter over the channel.
  4. - Predefine a codebook to assign code names to intended communication.
Controls
- - [?]The start time for the message exchange to occur. Start Time:
  - [?]The end time for the message exchange to occur. End Time:
- - [?]Set the time your pad will be valid for use. Cryptoperiod preset:
  - [?]Change versions, the D version is more verbose, the C version was intended for use with a KAL 61 device or similar. DRYAD type:
- - [?]This will create a unique set of characters for your OTP based on your input. DRYAD ID:
  - [?]
- - [?]The leftmost column. Once you know your set letter you can use it to encrypt or decrypt. Set Indicator:
  - [?]The column that represents your cleartext. Column:
  - [?]The set letter is always one to the right of your indicator column chosen letter. Set Letter:
- - [?]The clicked cipher letters will be added here. Ciphertext:

DRYAD Pad Generator.

What is a DRYAD?

DRYAD tool

Description

How to use this tool

For Authentication

Encryption

Controls