19-04-2011, 03:28 PM
Prepared by-
Kirti Dixit
Uday joshi
[attachment=12404]
Abstract
This paper presents an overview of Chaffing and Winnowing as described by
Ronald Rivest. This leads onto a review of a secure Chaffing and Winnowing
scheme called Chaffinch.
1.Introduction-
The use of technology to stay ahead of and get around laws and regulations is a recurrent theme in my writings and talks. A legislative process that cannot keep up with the pace of technology is often guilty of producing regulations too mired in the specifics of today's technology that they do not anticipate and do not apply to the changes that will inevitably come. An example of a technology that may be a way around existing encryption legislation is Chaffing and Winnowing.
"Chaff" and "Winnowing" are terms that come from the oldest profession (or second oldest, depending upon who you ask) - farming. Winnowing means to remove the useless parts, or "chaff", from grain. By adding useless information to valuable data, you are able to securely transport the entire package until it can be safely winnowed at the other end. By obscuring data within meaningless bytes, we are providing the same functionality as encryption, but technically we aren't encrypting anything.
Chaffing and winnowing are dual components of a privacy-enhancement scheme that does not require encryption. The technique consists of adding false packets to a message at the source (sender end of the circuit), and then removing the false packets at the destination (receiver end). The false packets obscure the intended message and render the transmission unintelligible to anyone except authorized recipients.
At the source, each legitimate message packet is assigned a unique serial number and a message authentication code (MAC). Every serial number and MAC is known to the receiver in advance. Then the bogus packets are added at the source; this is the chaffing process (chaff is the undesirable part of a plant such as wheat that is separated during milling). The chaff packets have the same format as the legitimate ones, and they also have reasonable serial numbers, but they have invalid MACs. It is impossible to tell the difference between the legitimate packets and the chaff except by comparing MACs at the destination.
At the destination, the chaff packets are removed by comparing MACs. This is called winnowing. If an incoming packet has a bogus MAC, it is discarded; if it has a legitimate MAC, it is accepted. Thus, the original message is recovered.
Definition :
Chaffing and winnowing is a cryptographic technique to achieve confidentiality without using encryption when sending data over an insecure channel. The name is derived from agriculture: after grain has been harvested and threshed, it remains mixed together with inedible fibrous chaff. The chaff and grain are then separated by winnowing, and the chaff is discarded. The technique was conceived by Ron Rivest. Although it bears similarities to both traditional encryption and steganography, it cannot be classified under either category.
This technique is remarkable compared to ordinary encryption methods because it allows the sender to deny responsibility for encrypting their message. When using chaffing and winnowing, the sender transmits the message unencrypted, in clear text. Although the sender and the receiver share a secret key, they use it only for authentication. However, a third party can make their communication confidential by simultaneously sending specially crafted messages through the same channel.
Chaffing and Winnowing was first proposed by Ronald Rivest as a means to achieve confidentiality in message transmission.
At the present time there were two major techniques used for preventing adversaries from gaining information from a transmitted message:
• Encryption
This is the process of transforming the message into a random stream of characters called a cipher text. This is done using keys to encrypt and decrypt the message. Decryption of the cipher text is very difficult without knowledge these keys. Techniques like this have been around for some time and commonly used examples are DES, 3DES, RSA and AES.
• Steganography
The art of hiding a secret message within a larger one in such a way as to be able to deny the message exists. An example is hiding a text message in a picture file by changing the low-order pixel bits to be the message information.
Chaffing and Winnowing introduces a novel new concept that does not use encryption keys, and as such would not be subject to import and export restrictions. Chaffing and Winnowing achieves privacy and confidentiality by using authentication keys, however, these are not to be confused with encryption keys. Authentication keys/digital signatures are not controlled by governments and most have chosen that the disclosure of these signatures is not allowed. They have taken this stance over authentication keys because of the danger of unscrupulous people being able to use someone else’s personal authenticator to take over that person’s identity!
2.Chaffing and Winnowing-
To understand the processes involved it is first useful to familiarize us with some quite old words.
Winnow – to separate out or eliminate the poor or useless parts
Chaff – useless parts of wheat
Winnowing is often used when referring to separating grain from chaff.
Authenticating:
When the user has a message they want to send it is broken into packets. These packets contain the message information and header information. Within this header is usually a serial number so that the receiver can reassemble the message in the correct order.
In Chaffing and Winnowing the person sending the message adds a “message authentication code”, MAC, to each of the transmitted packets. Both the sender and receiver calculate the Mac as a function of the packet contents, serial number and a secret password/key that is shared. This MAC is attached onto the end of the packet as demonstrated in Figure 1.
Serial number information
Serial no. info MAC
MAC Algorithm
Figure 1. This shows the process of authenticating packets. The MAC is calculated and then put onto the end of the packet. These MAC’s are not regarded as encryption, just authentication, as the packet is still in the clear.
Now that all of the packets are authenticated they are ready to be sent. If they are sent as they are there is no security as the information is still in the clear! An adversary need only intercept all of the packets to reconstruct the message. Confidentiality comes from the next step…
3.Chaffing-
This is the process of “adding chaff”, useless parts, to the transmitted message. The chaff are fake packets that have the correct overall format, reasonable serial numbers and reasonable content, however, they have MAC’s that are not valid when computed with the shared key.
These chaff packets are interspersed randomly with the good(wheat) packets to form the transmitted data sequence. The receiver collects all of the transmitted packets in the sequence and computes the MAC that should be associated with each packet using the MAC algorithm and the shared key. Those packets with MAC’s not matching those appended are discarded and the only packets left are the wheat ones with valid MAC’s. The MAC numbers are stripped off and the serial numbers used to reconstruct the message.
