Sciweavers

ASIACRYPT
2000
Springer

The Security of Chaffing and Winnowing

14 years 4 months ago
The Security of Chaffing and Winnowing
This paper takes a closer look at Rivest's chaffing-and-winnowing paradigm for data privacy. We begin with a definition which enables one to clearly determine whether a given scheme qualifies as "chaffing-and-winnowing." We then analyze Rivest's schemes to see what quality of data privacy they provide. His bit-by-bit scheme is easily proven secure but is inefficient. His more efficient scheme --based on all-or-nothing transforms (AONTs)-- can be attacked under Rivest's definition of security of an AONT, and even under stronger notions does not appear provable. However we show that by using OAEP as the AONT one can prove security, and also present a different scheme, still using AONTs, that is equally efficient and easily proven secure even under a relatively weak notion of security of AONTs.
Mihir Bellare, Alexandra Boldyreva
Added 24 Aug 2010
Updated 24 Aug 2010
Type Conference
Year 2000
Where ASIACRYPT
Authors Mihir Bellare, Alexandra Boldyreva
Comments (0)