Welcome to part 2 of my diceware / passphrase pages. In this round, I'll describe the method I've devised that uses an existing resource you might not be aware of. The 70,000+ ebooks you can download for free via the Gutenberg project.

Now before we dive into this, there are a couple prerequisites. 1: patience and 2: your computer or laptop will need to be pretty powerful to deal with the sheer amount of text and folders that come with downloading this many ebooks. You should also think about whether this method is right for you in the sense that you'll be taking bandwidth from a reputable company by downloading all these books for a singular purpose. Whereas I actually read a lot of the books, you may not. The choice is yours, of course. A donation to project Gutenberg would be in order whatever you choose. They're a great project!

First go to the download page of Gutenberg that shows where you can get copies of their books for local browsing enjoyment. The "all books as plain text" is what you're looking for. Click the link and you'll be presented with a server list of files available. I grabbed the largest file available. It's a compressed tar.zip file of about 10 gigs and uncompresses to even more. Please note this takes a really long time. If you can find a torrent, do it that way to save Gutenberg the bandwidth. You'll also want to decompress the file overnight as it took me about 4 hours with my powerful desktop computer.

So what do we do with all these text files that thousands of people have worked hard to create? Well, they are the source from which we will get our next passphrases. The folder structure of the archive is thus: gutenberg_txt / epub / folder# / textfile.txt

The sheer number of folders makes it near impossible even on my desktop linux machine to browse, so it's easier to just type the file location into the file browser address bar.

For this exercise, you'll need five of your 10-sided dice to generate a random 5 digit number between 1 and 75,696. Now mind you, that number is probably different. There were 75,696 Gutenberg ebooks available at the time of download so that's the number I have today. So roll your dice a few times to get the number. If your number is over 75,696 simply roll until it is not. Alternatively, you can use random.org's integer generator to select one at random between 1 and 75,969. While random.org is technically NOT a pseudo random generator, it serves the purpose unless, of course, you feel you have state actors working against you. Remember the ultra paranoid always use dice. :) There are other ways to generate the needed number with different dice, but using the ten sided dice will suffice for our purposes here.

So, as you can see, after rolling my dice a few times, I ended up with 01367!

I go to my Gutenberg folder and navigate in the address bar to the folder that contains this numbered text file. In this case, I have randomly selected a book entitled, Findlekind. It appears to be a children's book by Louisa de la Ramee. The book has 1,081 lines, excluding the ending Project Gutenberg credit texts.

The interesting part now is how do you get a random number between 1 and 1,081 using only dice? Well, it's complicated, but that's the fun part of it. This is where having good sets of dice come in handy. And a quarter! For the first digit, flip a coin. We only need 1 or 0. Let's say heads is 1 and tails is 0. You flip a tails, so the first number is 0. We have three numbers left which can be determined with three rolls of a 10 sided die. So, we roll! The numbers I got were 395. And now, you guessed it, we go to line 395 in the ebook we have open where we find the following paragraph.

He got out upon a long, gray, wooden bridge, and looked up and down the reaches of the river, and thought to himself, maybe this was not Sprugg but Jerusalem, so beautiful it looked with its domes shining golden in the sun, and the snow of the Soldstein and Branjoch behind them. For little Findelkind had never come so far as this before. As he stood on the bridge so dreaming, a hand clutched him, and a voice said:

One of the fun things about this method is that when you get to this point, you can choose basically anything in the paragraph you come across. If you don't like anything in it, you can roll dice for another! I've decided on the following phrase for my passphrase:

As he stood on the bridge so dreaming

Now all you have to do is conform your phrase to whatever credential's rules you have to use. i.e. capital letters, symbols, and what not. The beauty of the system is I could easily have chosen a combination to make the phrase more palatable like:

Findelkind as he stood on the bridge a hand clutched him and said

You can make the phrase yours as long as it uses the text. The text above is about 276 bits of entropy which is insanely good, and if protected would not be hackable by a non-nation state. And even a nation-state with significant resources would be hard pressed as it'd take a lot of time, money, and resources to crack. I would actually place the entropy higher due to the sheer amount of text given to choose from, but you, little oh you, have the knowledge now.

ya nerd.

A few notes to end with: duck.ai is a good resource for when you're not sure how to get a random number using dice. For example, you can ask it "how do I get a random number between X and Y using dice? It is strangely well-versed in the methods. Eventually you will remember all the different ways to get random numbers using dice, which is why it is so important to have a good, varied set. See my first diceware page for suggestions. Hope you enjoyed this page! As always, my email door is always open.