The Security of Chaffing and Winnowing

14 years 3 months ago

Download www.iacr.org

This paper takes a closer look at Rivest's chaffing-and-winnowing paradigm for data privacy. We begin with a definition which enables one to clearly determine whether a given scheme qualifies as "chaffing-and-winnowing." We then analyze Rivest's schemes to see what quality of data privacy they provide. His bit-by-bit scheme is easily proven secure but is inefficient. His more efficient scheme --based on all-or-nothing transforms (AONTs)-- can be attacked under Rivest's definition of security of an AONT, and even under stronger notions does not appear provable. However we show that by using OAEP as the AONT one can prove security, and also present a different scheme, still using AONTs, that is equally efficient and easily proven secure even under a relatively weak notion of security of AONTs.

Mihir Bellare, Alexandra Boldyreva

Real-time Traffic

ASIACRYPT 2000 | Cryptology | Data Privacy | Rivest's Chaffing-and-winnowing Paradigm | Scheme Qualifies |

claim paper

Post Info
More Details (n/a)

Added	24 Aug 2010
Updated	24 Aug 2010
Type	Conference
Year	2000
Where	ASIACRYPT
Authors	Mihir Bellare, Alexandra Boldyreva

Comments (0)

Sciweavers

The Security of Chaffing and Winnowing

ASIACRYPT 2000 | Cryptology | Data Privacy | Rivest's Chaffing-and-winnowing Paradigm | Scheme Qualifies |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers