Chaffing and winnowing

From Wikipedia, the free encyclopedia

Chaffing and winnowing is a cryptographic technique to achieve confidentiality without using encryption when sending data over an insecure channel; it was conceived by Ron Rivest. It can be viewed as a form of steganography.

The sender (Alice) sends several messages to the receiver (Bob); each message is unencrypted but authenticated with a message authentication code (MAC) whose secret key Alice shares with Bob. Only one of the messages is authentic, the other ones are bogus (called "chaff"). An eavesdropper will be unable to tell which messages are bogus and which are real (i.e. to "separate the grain from the chaff") since he cannot determine which messages are authentic. Bob uses the MAC to find the authentic messages and drops the "chaff" messages. This process is called "winnowing".

This technique lends itself especially to use in packet-switched network environments such as the Internet, where each message (whose payload is typically small) is sent in a separate network packet. One variant of the technique is to continuously send out packets to multiple recipients: the participants who get chaff simply ignore it; this helps protect against information leakage and traffic analysis.

The name of the technique is derived from agriculture: after a cereal crop is harvested and threshed it remains mixed together with fibrous chaff, and must be separated out by a step of winnowing.

[edit] See also

• Null cipher

[edit] External links

• Rivest's original article on Chaffing and Winnowing