Crypto Wiki

Template:About Template:Confusing

The DRYAD Numeral Cipher/Authentication System (KTC 1400 D) is a simple, paper cryptographic system currently in use by the U.S. military for authentication and for encryption of short, numerical messages. Every unit with a radio is given a set of DRYAD code sheets. A single sheet is valid for a limited time (e.g. 6 hours), called a cryptoperiod.


A sample DRYAD cipher sheet

A DRYAD code sheet contains 25 lines or rows indexed by the letters in a column on the left of the page. Each row contains a random permutation of the letters A through Y. The letters in each row are grouped into 10 columns labeled 0 through 9. The columns under 0, 1, 2 and 5 have more letters than the other digits, which have just two each.

While crude, the DRYAD Numeral Cipher/Authentication System has the advantage of being fast, relatively easy and requires no extra equipment (such as a pencil). The presence of more cipher-text columns under the digits 0, 1, 2 and 5, is apparently intended to make ciphertext frequency analysis more difficult. But much of the security comes from keeping the cryptoperiod short.

DRYAD can be used in two modes, authentication or encryption.


For authentication, a challenging station selects a letter at random from the left most column followed by a second (randomly selected) letter in the row of the first chosen letter. The station being challenged would then authenticate by picking the letter directly below the row and position of the second letter selected.

For example, using the example cipher sheet to the right, Victor could challenge Peggy by transmitting the letters "Alpha" and "Bravo". Peggy's correct response would then be "Yankee".

Another form used involves selecting the third letter to the right of the second letter chosen by the challenging station (Victor's "Bravo" letter). Both the directional offset (up, down, left or right) and numeral offset can be different values then the examples given here; but must be agreed upon and understood by both parties before authentication. The offset number can even remain secret between Victor and Peggy creating a Two-factor authentication. Authentication then would require something you have (the DRYAD cipher sheet) and something you know (the secret offset value). Oscar, who is attempting to penetrate the network by posing as Peggy, would both need a copy of the DRYAD cipher sheet as well as knowledge of secret offset value.

One problem presented is that Oscar has a one in 25 chance of guessing the correct response. A solution to this is for Victor to require Peggy to authenticate twice; lowering Oscar's odds of guessing the correct response to one in 625 possible guesses. The downside to this method is reduced longevity of the current DRYAD page (since the page is getting twice as much use as a single-authentication scheme).


The second mode is used to encrypt short numeric information (such as map coordinates or a new radio frequency). The coder selects two letters at random. The first selects a row in the current active page. The second letter is used as in the authentication mode, except the adjacent letter to the right is the one selected; and is called the "SET LETTER."

Numbers are enciphered one digit at a time. A ciphertext letter is chosen from the selected row in the column under the plain text digit. If the digit occurs more than once in the number, the coder is instructed to choose a different letter in the same column. All the digits in a single plaintext number are encoded from the same row. (There is also a provision for encoding letters associated with map grid coordinates.)

See also[]