Chaffing and winnowing
|
Chaffing and winnowing is separation of chaff from grain, done by a threshing machine; the phrase is also used metaphorically.
In cryptography, chaffing and winnowing is a technique to achieve confidentiality without using encryption when sending data over an insecure channel; it was conceived by Ron Rivest. It can be viewed as a form of steganography.
The sender (Alice) sends several messages to the receiver (Bob); each message is unencrypted but authenticated with a message authentication code whose secret key Alice shares with Bob. Only one of the messages is authentic, the other ones are bogus (called "chaff"). An eavesdropper will be unable to tell which messages are bogus and which are real (i.e. to "separate the grain from the chaff") since he cannot determine which messages are authentic. Bob uses the MAC to find the authentic messages and drops the "chaff" messages. This process is called "winnowing".
This technique lends itself especially to use in packet-switched network environments such as the Internet, where each message (whose payload is typically small) is sent in a separate network packet. One variant of the technique is to continuously send out packets to multiple recipients: the participants who get chaff simply ignore it; this helps protect against information leakage and traffic analysis.
See also
External links
- Rivest's original article on Chaffing and Winnowing (http://theory.lcs.mit.edu/~rivest/chaffing.txt)de:Chaffing and Winnowing