Diceware is a method for creating passphrases, passwords, and other cryptographic variables using an ordinary dice as a hardware random number generator. For each word in the passphrase, five rolls of the dice are required. The numbers from 1 to 6 that come up in the rolls are assembled as a five-digit number, e.g. 43146. That number is then used to look up a word in a word list. In the English list 43146 corresponds to munch. By generating several words in sequence, a lengthy passphrase can be constructed.
Lists have been compiled for several languages, including Catalan, Chinese, Danish, Dutch, English, Esperanto, Finnish, French, German, Italian, Japanese, Maori, Norwegian, Polish, Romanian, Russian, Spanish, Swedish and Turkish. A Diceware word list is any list of unique words, preferably ones the user will find easy to spell and to remember. The contents of the word list do not have to be protected or concealed in any way, as the security of a Diceware passphrase is in the number of words selected, and the number of words each selected word could be taken from.
The level of unpredictability of a Diceware passphrase can be easily calculated: each word adds 12.9 bits of entropy to the passphrase (that is, bits). Originally, in 1995, Diceware creator Arnold Reinhold considered five words (64 bits) the minimal length needed by average users. However, starting in 2014, Reinhold recommends that at least six words (77 bits) should be used.
This level of unpredictability assumes that a potential attacker knows that Diceware has been used to generate the passphrase, knows the particular word list used, and knows exactly how many words make up the passphrase. If the attacker has less information, the entropy can be greater than 12.9 bits per word.
If words were simply concatenated rather than separated by spaces, concatenating could form words that are already in the word list. For example, "in" and "put" form "input"; all three words can be found in the above-mentioned word list. This could slightly decrease the entropy, when compared with the recommended method of using spaces to separate each word in the list.
- Brute-force attack
- Key size discusses how many bits of key are considered "secure".
- The PGP biometric word list uses two lists of 256 words, each word representing 8 bits.
- S/KEY uses a list of 2,048 words to encode 64-bit numbers as six English words
- Password strength
- Random password generator
- Brodkin, Jon (2014-03-27). "Diceware passwords now need six random words to thwart hackers". Ars Technica.
- Internet Secrets, 2nd Edition, John R. Levine, Editor, Chapter 37, IDG Books, 2000, ISBN 0-7645-3239-1
- English diceware page has the complete description and word lists in several languages.
- Diceware for Android
- A client-side diceware multi-wordlist password generator with complete source code
- Web-based diceware app that uses the cryptographically secure getRandomValues() function
- Diceware method for generating easy-to-remember and cryptographically strong passwords and passphrases