chaffing and winnowing + gpg?

Sen Nagata sen_ml at
Fri Jun 26 15:01:14 CEST 1998


  have you read the following rivest paper:
  i think it would be very interesting to have a way of doing this in
gnu pg -- it's seems pretty easy conceptually.

  0) start w/ a message that A wants to send to B
  1) create a session key as usual (perhaps size might need to be different?)
  2) perform the transformation mentioned in the paper on the message
  3) split the message up into 1024 (or other size) bytes
  4) 'authenticate' each of the pieces made in step 3) using the session key
  5) create an appropriate amount of 'chaff'
  6) assemble a single resulting message from the 'authenticated' pieces
     and 'chaff'

  someone has done an implementation of chaffing and winnowing, which can 
be found at:

  one of the great things about the chaffing and winnowing method is that 
there is no encyrption/decryption involved (note: for the specific idea 
mentioned above there would be because the session key must be encrypted 
using B's public key).

  the paper is really very interesting -- it was worth losing sleep over.  
there are a number of other exciting points, but i won't spoil that fun by 
mentioning them here :-)

More information about the Gnupg-devel mailing list