Talk:Chaffing and winnowing

agriculture vs cryptography
I am neither a farmer nor a cryptographer, but I have read a little about both. As far as I can make out, there are not two things to be kept separate here, because "chaffing and winnowing" is not any kind of agricultural concept. I believe "chaffing and winnowing" is intended to mean first adding chaff, and then removing it. This is not done in agriculture; in agriculture there is no such thing as "chaffing". There is such a thing as winnowing, as described by winnowing, but "chaffing and winnowing" is a purely cryptographic concept. My change attempted to make this clear, but if the editors do not find this clear, then other readers will not either, and I have failed.

Please word this as you wish, but please do not link to grain, which is a disambiguation page.

&mdash; Pekinensis 02:06, 7 August 2005 (UTC)
 * Blah, sorry, didn't realise that "chaffing and winnowing" wasn't an agricultural concept! I've added back a note explaining it as a source of the name. &mdash; Matt Crypto 12:32, 7 August 2005 (UTC)

cryptography or steganography
i'm not sure, and that's why i wasnt bold, but isn't this a steganography process rather than a cryptographical one. since there is no actual encryption during the process and only information hiding, i think that the first line should be changed Amenzix 20:22, 28 July 2006 (UTC)

Indeed, the two processes are similar. However, Rivest's original article (http://people.csail.mit.edu/rivest/Chaffing.txt) makes the distinction between Steganography, which requires that the attacker not realize that a message exists, and chaffing and winnowing, which assumes that the attacker knows that the message exists (in unencrypted form, nonetheless), but is unable to distinguish the true message from a host of decoys. Eyefragment 04:36, 27 June 2007 (UTC).

Since the article did indeed claim Chaffing and Winnowing to be distinct from Steganography, I have removed the reference. The pertinent part of Rivet's paper is as follows:

"Chaffing and winnowing bear some relationship to steganography. I am reminded of the steganographic technique of sending an innocuous-looking letter whose letters are written in two different, but very similar fonts.  By erasing all letters in one font, the hidden message written in the other font, remains.  For this technique (as with most steganographic techniques), security rests on the assumption that the adversary will not notice the use of two fonts. With chaffing and winnowing, the adversary may know (or suspect) that there are two different kinds of packets, but he is unable to distinguish them because he does not possess the secret authentication key." (http://people.csail.mit.edu/rivest/Chaffing.txt)

Feel free to revert my edit if there is indeed a way to view Chaffing and Winnowing as Steganography. For now, however, I've removed the reference and tags. Eyefragment 04:41, 27 June 2007 (UTC)

Weaknesses and solutions
I would suggest that we add links to the following 2 papers, which found weaknesses and solutions for them, so that people who are interested in using it know about those weaknesses, and don´t have to repeat them: http://www.cl.cam.ac.uk/~rnc1/Chaffinch.pdf http://www2.futureware.at/artikel/paper1.pdf Disclosure: I authored the second paper. — Preceding unsigned comment added by 84.114.117.3 (talk) 22:01, 2 April 2015 (UTC)