[2346] in cryptography@c2.net mail archive
Re: Rivest's Wheat & Chaff - A crypto alternative
daemon@ATHENA.MIT.EDU (Carl Carter)
Tue Mar 24 14:02:39 1998
From: ccarter@lginfocomm.com (Carl Carter)
To: cryptography@c2.net
Date: Tue, 24 Mar 1998 09:27:22 +0000
Reply-to: ccarter@lginfocomm.com
CC: ccarter@c2.net
In-reply-to: <t5367l4ac1h.fsf@rover.cygnus.com>
Pardon me for de-lurking here, but perhaps there is another
enhancement to this wheat and chaff idea that might reduce the
overhead:
For longer messages, break the message up into n pieces (where n is
some number like 8 to be found by the receiver). Then, for each
piece, create the authentication using the sequence number and the
data bit and the number of the piece. Then send sequence number 0 of
each piece, scrambled in a random way, followed by sequence number 1
of each piece scrambled in another random way, etc. In addition to
the n pieces, add chaff of no more than n, and potentially 0, extra
elements as required to ensure that there are an equal number of 1s
and 0s sent for each sequence number.
The recipient then receives m elements for sequence number 0, and
realizes that n must be some value from m/2 to m. He/she then
authenticates each element using all possible piece numbers, thus
determining n by the number of successes. Those pieces which fail
all tests must be the chaff. For subsequent sequence numbers, only
piece numbers up to n need be tried.
I will admit to considerable naievite in this topic, so perhaps my
idea has obvious holes. But it looks to me like the necessary
chaffing could be reduced to perhaps half overall.
Carl Carter
ccarter@lginfocomm.com
