Chaffing / Winnowing works by allowing allowing several messages to be encrypted in the same file. And a random amount of random data is also included in the file. Each message would have a different key. When confronted for the key, you provide the key for the first message (the one with Aunt Bettie's cookie recipe - which you, of course, want to protect with encryption). Of course, Thay aren't sure if there is another message in there too, so, after the threats, you tell the second key, for the message where you critisize your boss (which, of course, you want to protect with encryption). More threats, but thats all that is in the file. Or is it? They have no way of knowing if there is more or not. The deniability that you want.
I don't know of anybody that produces a package based on this technique - which is too bad
.
When will someone create an encryption utility based on Chafing and Winnowing? This allows several files, each with its own key, and some random data, to be combined in a single file. On one can determine how many files are in there so, after you extract one or two files, you can deny that there are any other files in it. And no one can prove there are more files in it (since there is a unknown amount of random data also included in the package). Plausible deniability.
Slashdot Mirror
Chaffing / Winnowing works by allowing allowing several messages to be encrypted in the same file. And a random amount of random data is also included in the file. Each message would have a different key. When confronted for the key, you provide the key for the first message (the one with Aunt Bettie's cookie recipe - which you, of course, want to protect with encryption). Of course, Thay aren't sure if there is another message in there too, so, after the threats, you tell the second key, for the message where you critisize your boss (which, of course, you want to protect with encryption). More threats, but thats all that is in the file. Or is it? They have no way of knowing if there is more or not. The deniability that you want. I don't know of anybody that produces a package based on this technique - which is too bad .
When will someone create an encryption utility based on Chafing and Winnowing? This allows several files, each with its own key, and some random data, to be combined in a single file. On one can determine how many files are in there so, after you extract one or two files, you can deny that there are any other files in it. And no one can prove there are more files in it (since there is a unknown amount of random data also included in the package). Plausible deniability.