How to construct random functions
Journal of the ACM (JACM)
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
On the Security Properties of OAEP as an All-or-Nothing Transform
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
The Security of All-or-Nothing Encryption: Protecting against Exhaustive Key Search
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
The Security of Chaffing and Winnowing
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
All-or-Nothing Encryption and the Package Transform
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Exposure-resilient functions and all-or-nothing transforms
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
On Perfect and Adaptive Security in Exposure-Resilient Cryptography
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
The Security of Chaffing and Winnowing
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Chaffinch: Confidentiality in the Face of Legal Threats
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Disappearing Cryptography: Information Hiding: Steganography & Watermarking
Disappearing Cryptography: Information Hiding: Steganography & Watermarking
Unconditionally secure chaffing-and-winnowing: a relationship between encryption and authentication
AAECC'06 Proceedings of the 16th international conference on Applied Algebra, Algebraic Algorithms and Error-Correcting Codes
| Hi-index | 0.00 |
This paper takes a closer look at Rivest's chaffing-and-winnowing paradigm for data privacy.We begin with a definition which enables one to clearly determine whether a given scheme qualifies as "chaffing-and-winnowing." We then analyze Rivest's schemes to see what quality of data privacy they provide. His bit-by-bit scheme is easily proven secure but is inefficient. His more efficient scheme --based on all-or-nothing transforms (AONTs)-- can be attacked under Rivest's definition of security of an AONT, and even under stronger notions does not appear provable. However we show that by using OAEP as the AONT one can prove security, and also present a different scheme, still using AONTs, that is equally efficient and easily proven secure even under a relatively weak notion of security of AONTs.