dicendo
The examples in this section assume typical configurations. When only
dice faces are used, we assume 36 ordinary (unnumbered) dice.
When faces, directions, and order are all used, we assume
12 numbered dice. When cards are used, we assume the active
shuffled deck selected in Options. These values are used only for
illustration.
In practice, dicendo makes no assumptions about the number of
dice or the number of recorded inputs. The counts of faces, directions,
and order values may differ, and the method works for any combination of
these inputs. Cards mode is separate from dice mode: it uses the order of
the active card deck as one permutation.
A simplified but fully functional implementation of the dice-based algorithm is available as a short Python script. For identical inputs it produces exactly the same outputs as the application, making it possible to independently verify that part of the algorithm. The working simplified implementation can be found here: Python script.
Passwords generated by dicendo are based on physical randomness
obtained from dice rolls. If only face values are used (i.e., orientation and
order are not used), the process can be viewed as generating a random number
in base 6, where the number of rolls n corresponds
to the number of digits.
This random base-6 number can then be deterministically converted
into a number represented in another base equal to the size of the selected
output alphabet. The value therefore remains random, only its representation
changes, forming the generated password.
When using only dice faces, approximately 30 rolls are needed to
obtain a good-quality 12-character password. This corresponds to
about 630 ≈ 2 * 1023 possible outcomes.
For comparison, 12 dice faces alone correspond to
612 ≈ 2 * 109 possible outcomes.
If the orientation of each die is also recorded, every die provides an
additional random value from the set
{N, E, S, W}, which can be interpreted as a digit in base
4. For n dice this produces a random number in base
4 with n digits (for 12 dice, this gives about
412 ≈ 1.6 * 107 possible outcomes).
As with face values, this number can be deterministically converted into another representation without affecting its randomness.
When permutations are used, the situation is similar. If the dice are
numbered and their order is recorded, every permutation of the
n dice is equally probable. In total there are n!
possible permutations, each occurring with the same probability. The set
of permutations can therefore be indexed: every permutation corresponds
to a unique integer in the range 0 ... (n! − 1).
A well-known method for computing such an index is the Lehmer code. This algorithm assigns a unique integer to each permutation.
Because the dice order is generated randomly, the resulting index is also a random number. This value can therefore be used as entropy and deterministically converted into a representation in the selected output alphabet.
Permutations provide a large amount of entropy even for relatively small
values of n. For example, 12! possible orders correspond
to approximately 5 * 108 equally likely outcomes.
Cards mode uses the same mathematical idea as dice order: a shuffled deck is
a permutation. If the active deck contains m cards, then there
are m! possible orders. Each complete shuffled order can be
assigned a unique integer in the range 0 ... (m! − 1).
The default active deck is the standard 52-card deck. Cards are numbered by rank and suit:
2♣ = 1, 2♦ = 2, 2♥ = 3, 2♠ = 4, 3♣ = 5, ..., A♠ = 52
If optional extra cards are enabled, they receive numbers
53, 54, and 55. If some cards are
disabled in Options, the remaining active cards are compacted into a
consecutive range before the Lehmer rank is calculated. This preserves a
continuous permutation space for the selected deck.
Cards mode requires the complete active deck to be entered. Partial decks do
not generate a password, because the Lehmer rank is defined for a complete
permutation of the selected set. With the standard 52-card deck, the
available space is 52! ≈ 8.1 * 1067 equally likely
outcomes, which is far more than needed for a normal password. If such a
long generated password is saved to recent passwords, the Password split
option can store it as shorter entries.
In practice the three sources of entropy are processed independently.
For example, when using 12 dice we obtain three numbers:
n from the dice faces, d from the directions,
and o from the permutation index.
These values are combined into a single integer using a mixed-radix encoding:
p = 612 * 412 * o + 412 * n + d
The resulting number p uniquely represents the combined dice
outcome.
More generally, the same construction works for arbitrary numbers of inputs.
Let in denote the number of face values,
id the number of recorded directions, and
io the number of dice used in the permutation.
The combined value can then be written as:
p = 6i_n * 4i_d * o +
4i_d * n +
d
Here n is the number obtained from dice faces,
d from directions, and o is the index of the
permutation. The permutation length io determines
the range of o, which takes values from
0 … (io! − 1).
The number p is finally converted into a representation in the
selected output alphabet, producing the generated password. In dice mode,
p is the mixed-radix number described above. In cards mode,
the same final conversion is applied to the Lehmer rank of the active deck
permutation.
When faces, directions, and order are all used, a good-quality password can be
obtained with only about 12 dice rolls, because the total number of
possible states is approximately
612 × 412 × 12! ≈ 1.7 × 1025.
In practical terms, this means that adding directions and order significantly increases the amount of entropy obtained from each roll. Faces, directions, and order provide three independent entropy sources, which both allow strong passwords to be generated with fewer dice and reduce the risk that possible bias from imperfect dice or non-uniform rolling techniques could affect the final result.