Rivest's Chaffing and Winnowing

Kevlar kevlar at smartlink.net
Sun Mar 22 16:01:09 PST 1998


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Now I read about this before it was mentioned on this list, and wanted
to comment briefly upon it.

Although at first glance this appears to be a hopelessly ineffective
way of communicating (it requires double the information, plus MAC's),
It does have some interesting possibilities.

For instance... Rivest mentioned in his technical paper that you might
use this in a situtation where you are multiplexing two or more
streams of information, in which one persons "wheat" is another
persons "chaff"... This would elminate the need to generate random
"chaff", and therefore bring the ammount of wasted space WAY down... I
could see this in use in situtations like LAN's or intranets, where
bandwidth is not nearly as much of a concern because there is usally
an overabundance anyway.

Something else that occured to me while reading this tho... a major
flaw if implemented "out of the book"....

He mentions generating random MAC's... and this would be allright
because the chance of randomly generating a genuine MAC is 2**64, or
10**19, but that is unacceptable, as the law of advrages WILL catch up
to you eventualy. Therefore his second party adding chaff idea is
failable. Of corse, this is easliy remedied at run-time by checking to
see if the MAC that was just randomly generated is genuine, and
therefore unacceptable.

I hope to stimulate discussion on this subject, and welcome your
opinions about mine...

Peace.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.5 for non-commercial use <http://www.nai.com>

iQA/AwUBNRWlqgbVu2P/8fhEEQLxAACbBTO08OT/uYnDPQ1dKJH0xaZi3ocAniXQ
Z0O3d1uKcvfLDcbTHPb6PTw2
=aJRQ
-----END PGP SIGNATURE-----

-Kevlar
<Kevlar at smartlink.net>

Oh, I'm sorry... Was I not suposed to EXPORT STRONG CRYPTO?
print pack"C*",split/\D+/,`echo
"16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|
dc`

Beat your algorithms into swords and your virtual machines into spears...
Let the weak say, "I am strong". 







More information about the cypherpunks-legacy mailing list