Chaffing and Winnowing: Confidentiality without Encryption Ronald L. Rivest
MIT Lab for Computer Science March 18, 1998 (rev. April 24, 1998)
http://theory.lcs.mit.edu/~rivest/chaffing.txt A major goal of security
techniques is ``confidentiality''---ensuring that adversaries gain no
intelligence from a transmitted message. There are two major techniques for
achieving confidentiality: -- Steganography: the art of hiding a secret
message within a larger one in such a way that the adversary can not
discern the presence or contents of the hidden message. For example, a
message might be hidden within a picture by changing the low-order pixel
bits to be the message bits. (See Wayner (1996) for more information on
steganography.) -- Encryption: transforming the message to a ciphertext
such that an adversary who overhears the ciphertext can not determine the
message sent. The legitimate receiver possesses a secret decryption key
that allows him to reverse the encryption transformation and retrieve the
message. The sender may have used the same key to encrypt the message (with
symmetric encryption schemes) or used a different, but related key (with
public-key schemes). DES and RSA are familiar examples of encryption
schemes. This paper introduces a new technique, which we call ``chaffing
and winnowing''---to winnow is to ``separate out or eliminate (the poor or
useless parts),'' (Webster's Dictionary), and is often used when referring
to the process of separating grain from chaff. Novel techniques for
confidentiality are interesting in part because of the current debate about
cryptographic policy as to whether law enforcement should be given when
authorized surreptitious access to the plaintext of encrypted messages. The
usual technique proposed for such access is ``key recovery,'' where law
enforcement has a ``back door'' that enables them to recover the decryption
key. Winnowing does not employ encryption, and so does not have a
``decryption key.''
MORE ON...
http://theory.lcs.mit.edu/~rivest/chaffing.txt