The DRYAD Numeral Cipher/Authentication System (KTC 1400 D) is a simple, paper cryptographic system employed by the U.S. military for authentication and for encryption of short, numerical messages. Each unit with a radio is given a set of matching DRYAD code sheets. A single sheet is valid for a limited time (e.g. 6 hours), called a cryptoperiod.
A DRYAD cipher sheet contains 25 lines or rows of scrambled letters. Each line is labeled by the letters A to Y in a column on the left of the page. Each row contains a random permutation of the letters A through Y. The letters in each row are grouped into 10 columns labeled 0 through 9. The columns under 0, 1, 2 and 5 have more letters than the other digits, which have just two each.
While crude, the DRYAD Numeral Cipher/Authentication System has the advantage of being fast, relatively easy and requires no extra equipment (such as a pencil). The presence of more cipher-text columns under the digits 0, 1, 2 and 5, is apparently intended to make ciphertext frequency analysis more difficult. But much of the security comes from keeping the cryptoperiod short.
DRYAD can be used in two modes, authentication or encryption.
For authentication, a challenging station selects a letter at random from the left most column followed by a second (randomly selected) letter in the row of the first chosen letter. The station being challenged would then authenticate by picking the letter directly below the row and position of the second letter selected.
For example, using the example cipher sheet to the right and the NATO phonetic alphabet, Jason could challenge Peggy by transmitting "authenticate Alpha Bravo". Peggy's correct response would then be "authenticate Yankee".
Another form used involves selecting the third letter to the right of the second letter chosen by the challenging station (Jason's "Bravo" letter). Both the directional offset (up, down, left or right) and numeral offset can be values different from the examples given here, but must be agreed upon and understood by both parties before authentication.
One problem presented is that an enemy impersonator has a one in 25 chance of guessing the correct response (one in 24 if a letter is selected from the same row). A solution to this is for Jason to require Peggy to authenticate twice; lowering the impersonator's odds of guessing the correct response to one in 625. The downside to this method is reduced longevity of the current DRYAD page, since the page is getting twice as much use as a single-authentication scheme.
The second mode is used to encrypt short numeric information (such as map coordinates or a new radio frequency). The coder arbitrarily selects two letters at random. The first letter designates a row in the current active page. The second one is used similarly to the authentication mode, except that the letter immediately to the right is selected. This selected letter is called the "SET LETTER."
Numbers are enciphered one digit at a time. A ciphertext letter is chosen from the selected row (the row designated by the SET LETTER) in the column under the plain text digit. If the digit occurs more than once in the number, the coder is instructed to choose a different letter in the same column. All the digits in a single plaintext number are encoded from the same row. (There is also a provision for encoding letters associated with map grid coordinates.)
- BATCO — similar paper based tactical cipher used by the British forces
- M-94 — tactical cipher used in World War II
- Dryad — original meaning in mythology
- Polyalphabetic cipher
- Substitution cipher
- Further explanation of the DRYAD Numeral Cipher/Authentication System
- U.S. Army Field Manual FM 24-35