Wheat-and-chaff algorithm

from Wikipedia, the free encyclopedia

Chaff and wheat algorithm or chaffing and winnowing (English for "with chaff enable and winnowing ") refers to an algorithm to maintain confidentiality when sending data without the data thus encrypted to be. The method was presented in 1998 by Ronald L. Rivest and represents an alternative to steganography and cryptography . The basic idea is to hide the divided secret message like needles in a haystack made of irrelevant but similar-looking data.

Basic procedure on the sender side

The following scenario exists: Someone wants to send confidential data to a recipient via an insecure communication channel, for example the Internet . The procedure used must ensure that a third party listening in has no way of gaining knowledge of the content of the message.

Step 1: Divide the message into packets

The sender divides the message to be sent into individual data packets. The data packages are provided with a consecutive serial number . The serial number can be used to identify missing or duplicate packets at the recipient and finally to reconstruct the message.

Step 2: authentication

The sender confirms the authenticity of each individual data packet with a marking that is generated using a secret key known only to the sender and recipient. To do this, the sender adds a Message Authentication Code (MAC) to each data packet . This code is calculated from the serial number, the actual data and the key. The HMAC - SHA1 algorithm , for example, is used as the algorithm for this calculation .

Step 3: adding a chaff

Further data packets that do not belong to the actual message are mixed in. These packages are required to contain suitable serial numbers and apparently meaningful data. Any MAC is added.

Ultimately, it is important that the MAC is wrong for these packets. You don't need the actual authentication key for this. Step 3 can therefore be carried out by an uninvolved third party.

Basic procedure on the recipient side

The recipient checks the authenticity of each incoming packet. To do this, he calculates the MAC from the serial number, the data and the key available to him and compares it with the received one. The authentic packages are buffered and then assembled on the basis of the serial numbers.

Properties of the procedure

In order to be able to guarantee a certain security against eavesdropping with Chaffing and Winnowing , the scope of the transmitted data has to be increased considerably by content-wise irrelevant "chaff". Furthermore, the actual data (the “message”) must be fragmented enough so that individual fragments have little or no relevance.

The authentication key is a secret key that can only be known to the sender and recipient of the message. The sender and the recipient can agree on a new secret authentication key at any time, for example using the Diffie-Hellman method .

Application in the blogosphere

Due to the myriad of weblogs , many of which are orphaned, and a large volume of comments in the blogosphere , the use of the chaff-and-wheat algorithm is conceivable there. The existing, real comments correspond to the chaff.

Sender and recipient communicate via a selection of blogs. The chosen blogs can be independent of each other. This definition represents a symmetric key.

The message to be embedded is broken down into parts and posted as a comment in the agreed blogs. In order to prevent posts of this type from being deleted as spam, it is advisable to enrich them with further chaff parts within the comment, which make the comment appear plausible as an expression of opinion. It is also useful to use linguistic steganography to obscure the individual message parts.

The process requires a relatively high level of redundancy, as comments that are not related to the topic are quickly deleted in well-maintained blogs. Unused or orphaned blogs are therefore more suitable for blog steganograms, as little comment moderation can be expected there. The persistence of blog comments can become a problem : As a rule, you cannot remove posted comments from the blog yourself. If an attacker obtains the key, i.e. the blogs that are being posted to, and their sequence, he can reconstruct the original message.

This approach is sometimes incorrectly referred to as blog steganography, even though it principally works without steganographic methods.

General example of the algorithm

The following message should be sent secretly:

“Hello Bob, I'll see you tomorrow at 12 o'clock. Alice "

After steps 1 and 2 the following packages are available:
(all data packages have the form of serial number, message, MAC)

  • (1, Hi Bob, 465231)
  • (2, we'll look around tomorrow, 782290)
  • (3, 12h., 344287)
  • (4, Alice 312265)

With step 3 chaff is added:

  • (1, Hello Larry, 532105)
  • (2, we'll call tomorrow at, 793122)
  • (3, 16h., 891231)
  • (4, Susan, 553419)

The following messages are transmitted on the communication channel:

  • (1, Hello Larry, 532105)
  • (1, Hi Bob, 465231)
  • (2, we'll look around tomorrow, 782290)
  • (2, we'll call tomorrow at, 793122)
  • (3, 12h., 344287)
  • (3, 16h., 891231)
  • (4, Susan, 553419)
  • (4, Alice 312265)

Web links