The DRYAD Numeral Cipher/Authentication System (KTC 1400 D) is a simple, paper cryptographic system employed by the U.S. military for authentication and for encryption of short, numerical messages. Each unit with a radio is given a set of matching DRYAD code sheets. A single sheet is valid for a limited time (e.g. 6 hours), called a cryptoperiod.
via wikipedia.
This was written because there’s another site but it features unreadable CSS and confusing descriptions. And I wanted to better understand the various methods of using DRYAD.
By design this version uses a seed, if you plan to actually use this, it is probably wise to replace the rather predictable randomisation algorithm with a CSPRNG, before generating your sheets. This additionally then obviates the need for the ‘secret’. If you use the key as the special value ‘CSPRNG’, then the seed will be ignored and the CSPRNG will be used.
Authentication
For authentication, a challenging station selects a letter at random from the left most column followed by a second (randomly selected) letter in the row of the first chosen letter. The station being challenged would then authenticate by picking the letter directly below the row and position of the second letter selected.[1][2]
Another form used involves selecting the third letter to the right of the second letter chosen by the challenging station.
Both the directional offset (up, down, left or right) and numeral offset can be values different from the examples given here, but must be agreed upon and understood by both parties before authentication.
Encryption
The second mode is used to encrypt short numeric information (such as map coordinates or a new radio frequency). The coder arbitrarily selects two letters at random. The first letter designates a row in the current active page. The second one is used similarly to the authentication mode, except that the letter immediately to the right is selected. This selected letter is called the “SET LETTER.”
Numbers are enciphered one digit at a time. A ciphertext letter is chosen from the selected row (the row designated by the SET LETTER) in the column under the plain text digit. If the digit occurs more than once in the number, the coder is instructed to choose a different letter in the same column. All the digits in a single plaintext number are encoded from the same row. (There is also a provision for encoding letters associated with map grid coordinates.)
Decryption
Same thing in reverse.
Sheet
| KTC 1400 D |
|---|