Abstract
This paper takes a closer look at Rivest’s chaffing-and-winnowing paradigm for data privacy.We begin with a definition which enables one to clearly determine whether a given scheme qualifies as “chaffing-and-winnowing.” We then analyze Rivest’s schemes to see what quality of data privacy they provide. His bit-by-bit scheme is easily proven secure but is inefficient. His more efficient scheme -based on all-or-nothing transforms (AONTs)- can be attacked under Rivest’s definition of security of an AONT, and even under stronger notions does not appear provable. However we show that by using OAEP as the AONT one can prove security, and also present a different scheme, still using AONTs, that is equally efficient and easily proven secure even under a relatively weak notion of security of AONTs.
Chapter PDF
Similar content being viewed by others
References
M. Bellare AND A. Boldyreva, “The security of chaffing and winnowing,” Full version of this paper, available via http://www-cse.ucsd.edu/users/mihir.
M. Bellare, A. Desai, E. Jokipii AND P. Rogaway, “A concrete security treatment of symmetric encryption: Analysis of the DES modes of operation,” Proceedings of the 38th Symposium on Foundations of Computer Science, IEEE, 1997.
M. Bellare, J. Kilian AND P. Rogaway, “The security of cipher block chaining,” Advances in Cryptology-Crypto’ 94, Lecture Notes in Computer Science Vol. 839, Y. Desmedt ed., Springer-Verlag, 1994.
M. Bellare AND P. Rogaway, “Random oracles are practical: a paradigm for designing efficient protocols,” Proceedings of the 1st Annual Conference on Computer and Communications Security, ACM, 1993.
M. Bellare, P. Rogaway, “Optimal asymmetric encryption-How to encrypt with RSA,” Advances in Cryptology-Eurocrypt’ 94, Lecture Notes in Computer Science Vol. 950, A. De Santis ed., Springer-Verlag, 1994.
V. Boyko, “On the security properties of OAEP as an all-or-nothing transform,” Advances in Cryptology-Crypto’ 99, Lecture Notes in Computer Science Vol. 1666, M. Wiener ed., Springer-Verlag, 1999.
R. Canetti, Y. Dodis, S. Halevi, E. Kushilevitz, A. Sahai, “Exposure-resilient functions and all-or-nothing transforms,” Advances in Cryptology-Eurocrypt’ 00, Lecture Notes in Computer Science Vol. 1807, B. Preneel ed., Springer-Verlag, 2000.
A. Desai, “The security of all-or-nothing encryption: protecting against exhaustive key search,” Advances in Cryptology-Crypto’ 00, Lecture Notes in Computer Science Vol. 1880, M. Bellare ed., Springer-Verlag, 2000.
O. Goldreich, S. Goldwasser AND S. Micali, “How to construct random functions,” Journal of the ACM,Vol. 33, No. 4, 210–217, (1986).
S. Goldwasser AND S. Micali, “Probabilistic encryption,” Journal of Computer and System Science, Vol. 28, 1984, pp. 270–299.
R. Rivest, “Chaffing and winnowing: Confidentiality without encryption,” http://theory.lcs.mit.edu/~rivest/publications.html.
R. Rivest, “all-or-nothing encryption and the package transform,” Proceedings of the 4th Workshop on Fast Software Encryption, Lecture Notes in Computer Science Vol. 1267, Springer-Verlag, 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bellare, M., Boldyreva, A. (2000). The Security of Chaffing and Winnowing. In: Okamoto, T. (eds) Advances in Cryptology — ASIACRYPT 2000. ASIACRYPT 2000. Lecture Notes in Computer Science, vol 1976. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44448-3_40
Download citation
DOI: https://doi.org/10.1007/3-540-44448-3_40
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41404-9
Online ISBN: 978-3-540-44448-0
eBook Packages: Springer Book Archive