Documentation for the "Chaffwin" Chaffing/Winnowing Package ============================================================ Ben Sussman Karl Fogel Spring 1998 What's here? ------------ README ------> This file. Read it first, it explains everything. COPYING -----> Copyright information. IDEAS -------> Random thoughts on improvements that could be made. chaffwin.pl -> The actual chaffing and winnowing program. See comments at top for how to run it. chaffwin.el -> An Emacs interface to chaffwin.pl. Makefile ----> "make" builds, "make check" tests, "make install" installs. chaffwin.c, md5.c, md5.h: ---> A C version of chaffing and winnowing. I'm not sure whether the C version got finished or not, it's been a while. It does seem to compile, though... What's chaffing and winnowing? ------------------------------ Check out , by Ron Rivest. This package implements a version of the algorithm (one hesitates to call it an "algorithm" -- perhaps "protocol" would be more accurate?) described therein. In brief, Rivest has devised a method of "hiding" a message within a larger message that does *not* involve encryption. Rather, the text of the message is transmitted in the clear; the catch is that it's surrounded by hundreds of random decoy words, making it incomprehensible. By means of a shared secret password, the recipient can sift through the mess and figure out exactly which words are the "true" words of the message. How is this possible? Each word has an ASCII-hash attached to it, which is derived from the word and the password. The "true" words' hashes resolve correctly when the recipient uses the correct password. The "decoy" words' hashes are always bogus.. hence the metaphor of "separating the wheat from the chaff." Is it encryption, weak steganography, or just plain smoke and mirrors? You decide. We like it because it produces entertaining output, hides your message from casual snoopers, and uses up more bandwidth than you can possibly imagine. What do I need to try this stuff? --------------------------------- - perl 5 - chaffwin.pl - a standard Unix dictionary chaffwin.pl needs a dictionary to generate random words during encryption. Most versions of Unix keep plaintext dictionaries (wordlists) in /usr/dict. Near the top of chaffwin.pl is a variable initialized to "/usr/dict/words; change that if necessary. How do I install? ----------------- `make install' This simply copies the perl script to /usr/local/bin and prints a message about using the emacs elisp interface. Also be sure to point chaffwin.pl toward a dictionary (see above.) How do I create a secret message? --------------------------------- Invoke chaffwin.pl with the "-e" flag (for "encrypt"). You need to pass it a passphrase using "-p", optionally a chaff level using "-c", and finally a file to add chaff to. (If the filename were omitted, chaffwin.pl would read from stdin.) The chaff level defaults to 17; in this example, we lower it to 5: Example (using "foo bar" as a password): [bsussman@minos:~]$ cat > text Hello, world. It's a nice day. It's only a so-so day on this line, though. [bsussman@minos:~]$ chaffwin.pl -e -p "foo bar" -c 6 text (1, 3, "the", bk.0QKXVfNBXMbkKnCkUESKZx2) (1, 2, "am", bkjoZNnBpHt2cbk6fU86p6c.YI) (1, 6, "Hello,", bkr8CMHFyb3bAbkY5blSHUKzew) (1, 11, "disentangle", bksakuJHwOOtYbk38/zC.X/iD.bkKnCkUESKZx2) (1, 4, "came", bkG62kiBRG4mUbkx5dsEU5QZmE) (1, 1, " ", bkpCxJJSSdDUgbkj8p51YxF.uQ) (3, 3, "now", bkyAKgIB8UyO6bkKnCkUESKZx2) (3, 4, "very", bk3fbah691/dEbkx5dsEU5QZmE) (3, 6, "world.", bk4ZumgoEOPHEbkY5blSHUKzew) (3, 7, "\\\"see", bkVx3dsuxFAIwbktX40cVitM9Q) (3, 4, "that", bk3.9dbtB2hrgbkx5dsEU5QZmE) (3, 1, " ", bkAJlFv0Q/V7Mbkj8p51YxF.uQ) (5, 4, "It's", bksiiHpvmpM/Ibk3q/zC6xRnFQ) (5, 2, "we", bkw5tCrhfKM2Ubk6fU86p6c.YI) (5, 2, "if", bkE2B25VNU/okbk6fU86p6c.YI) (5, 6, "knolls", bk/fXQNENPghsbkXSqERxRsYb2) (5, 10, "ironically", bksOKfM.FELvQbkpkQIRgwyjOwbk6fU86p6c.YI) (5, 1, " ", bkIKzAm5IHdQEbkj8p51YxF.uQ) (7, 1, "a", bkdg/vWigVlhgbkj8p51YxF.uQ) (7, 5, "came!", bkqTjEMpvK4Kobkd6axvDgGr8I) (7, 12, "intensifying", bk9AKmald5R.wbkH853wQ2JJ6Abkx5dsEU5QZmE) (7, 9, "Edwardian", bklNDjGrXdeSYbk86IBemIeSRYbkj8p51YxF.uQ) (7, 1, "I", bk0xfJNKPkJPYbkj8p51YxF.uQ) (7, 1, " ", bkqoZiwsHYBq2bkj8p51YxF.uQ) (9, 5, "when.", bkb0zPlLmJeZAbkd6axvDgGr8I) (9, 7, "lagoons", bkuWwBCPi3KIkbktX40cVitM9Q) (9, 7, "two\\\"", bkaXUIHutcS92bktX40cVitM9Q) (9, 3, "The", bkKbEeJxKS/2EbkKnCkUESKZx2) (9, 4, "nice", bkqJGCaN.lPNMbk3q/zC6xRnFQ) (9, 1, " ", bkVxIwb75wE8gbkj8p51YxF.uQ) (11, 2, "an", bk1jW/a1iTAtkbkKnCkUESKZx2) (11, 3, "one", bkXjVJbEHKSHAbkx5dsEU5QZmE) (11, 4, "day.", bk8MGIPytfsMUbk.3CJeSyZdM2) (11, 6, "So\\\"", bkh/1gRxcvOiAbktX40cVitM9Q) (11, 4, "one,", bkeAE6MtbGjDgbkd6axvDgGr8I) (11, 1, " ", bkIKjkmSx0Nwwbk6fU86p6c.YI) (12, 2, "\n", bknVt1Bn.m0ksbkKnCkUESKZx2) (14, 4, "day.", bk4grcB7knu0gbkd6axvDgGr8I) (14, 4, "It's", bkJdXTD5393nwbk.3CJeSyZdM2) (14, 1, "A", bknepQZ5dxfiQbk6fU86p6c.YI) (14, 3, "him", bkkRWOROjjbhwbkx5dsEU5QZmE) (14, 3, "and", bkUwjfo6CsK.Mbkx5dsEU5QZmE) (14, 1, " ", bkmNvtocOMirUbk6fU86p6c.YI) (16, 4, "only", bkfAP4G1DlwWYbk.3CJeSyZdM2) (16, 6, "little", bkqNLJemXYpQIbktX40cVitM9Q) (16, 3, "is!", bk8WefUwOYBWwbkx5dsEU5QZmE) (16, 4, "got?", bkuvpMBSBtHh.bkd6axvDgGr8I) (16, 4, "over", bktPRWdoyV5pcbkd6axvDgGr8I) (16, 1, " ", bkI7orUOvdAOcbk6fU86p6c.YI) (18, 7, "punting", bkaBslkCu99qwbkvLD8FGy1piY) (18, 9, "consensus", bkG2Bsj0EUnUgbkr.1eJtTug2Ebk6fU86p6c.YI) (18, 12, "foreigns\\\"", bkUuPz9HRiPXEbkNs.VAAGcotYbkd6axvDgGr8I) (18, 3, "her", bk4QU7D2BoeBYbkx5dsEU5QZmE) (18, 1, "a", bkeoizlX/f1xAbk6fU86p6c.YI) (18, 1, " ", bk.DKA2Ee3MGEbk6fU86p6c.YI) (20, 4, "well", bkDoX9wkLEdBYbkd6axvDgGr8I) (20, 10, "decreasing", bkCybtLRIsOI6bkSKZl6QvLaNgbkKnCkUESKZx2) (20, 5, "so-so", bkTi4IbmRolCMbkY5blSHUKzew) (20, 3, "or!", bk5OCtkJNGvWEbkx5dsEU5QZmE) (20, 4, "for?", bk0.A8vzA.Wj.bkd6axvDgGr8I) (20, 1, " ", bkEMxJg6KxNLYbk6fU86p6c.YI) (22, 13, "accosting\\\"", bk0GA4.RvswE.bk2vfAnstkPPEbkXSqERxRsYb2) (22, 3, "The", bk0e8w/dBGRHIbkx5dsEU5QZmE) (22, 10, "prevalence", bkaZj29m07Qq2bk/vfqXFBhhmYbkKnCkUESKZx2) (22, 3, "day", bkrfFz9Q6Prfobk3q/zC6xRnFQ) (22, 7, "\\\"and", bk60nOSiP/t/MbkoYNdcO3/Od2) (22, 1, " ", bkFDQJozAaeWwbk6fU86p6c.YI) (24, 7, "little.", bkPZ/pt7ua0vEbku4vUrnDTQwE) (24, 2, "Me", bkAV6HzPou8PIbkKnCkUESKZx2) (24, 7, "\\\"the", bkJXnwfuO1e2gbku4vUrnDTQwE) (24, 3, "her", bkvg8LmgyFofUbkx5dsEU5QZmE) (24, 2, "on", bkDupDTP56VCAbkKnCkUESKZx2) (24, 1, " ", bkGYKyzD9Azn2bk6fU86p6c.YI) (26, 4, "this", bkqOQZK6FXE1Ibk.3CJeSyZdM2) (26, 5, "rants", bkUmah20rPj1cbkXSqERxRsYb2) (26, 3, "had", bkt5JF/QC45uUbkx5dsEU5QZmE) (26, 14, "accomplishment", bkbk1ZlamZGREbk8N0c2gv2L96bktX40cVitM9Q) (26, 3, "big", bkbBrc1pDeAGkbkx5dsEU5QZmE) (26, 1, " ", bkklPrxKuUCgcbk6fU86p6c.YI) (28, 8, "barbaric", bkTGhPKCzRjGwbk8/lModv52Icbkj8p51YxF.uQ) (28, 5, "there", bka9Z3YMmbfHYbkXSqERxRsYb2) (28, 5, "line,", bk53DrIa7MQhwbkY5blSHUKzew) (28, 4, "Went", bk637TUO.PFDQbkd6axvDgGr8I) (28, 4, "had,", bkE7ArJYkUgAYbkd6axvDgGr8I) (28, 1, " ", bknmoJlpSy1Gobk6fU86p6c.YI) (30, 5, "just,", bkok4MFy7lMSAbkXSqERxRsYb2) (30, 9, "tolerable", bkkCG7uwG1ejUbkqrbbw8G3Szsbk6fU86p6c.YI) (30, 4, "Only", bkMvSAhgVEA6obkd6axvDgGr8I) (30, 7, "Has\\\"", bk5yLvGLpOv1cbklN/tM104nFM) (30, 7, "though.", bk/ckGngpYFY6bki8E9MjVDpAY) (30, 1, " ", bk/.V2S.iCFPMbk6fU86p6c.YI) (31, 2, "\n", bknQMlfwaIhmobkKnCkUESKZx2) (32, 2, "\n", bk6EmHXbHquQEbkKnCkUESKZx2) How do I decode a secret message? --------------------------------- Once you've received some chaffed text, you can "winnow" the wheat-words out of it. The arguments are the same as in chaffing, only use the "-d" flag (for "decrypt") instead of "-e". [bsussman@minos:~]$ chaffwin.pl -d -p "foo bar" chafftext Hello, world. It's a nice day. It's only a so-so day on this line, though. Again, omitting the filename causes data to be read from stdin. Using the wrong password yields nothing, since every hash then appears bogus to the script. How do I increase security? --------------------------- Use other software. Or, pass a "-c" chaff level argument when encrypting: [bsussman@minos:~]$ chaffwin.pl -e -c 30 -p "foo bar" chafftext ... This will give you twenty-nine packets of chaff for every one packet of wheat. Chaffwin defaults to a chaff level of 17. Can I use these scripts with Emacs? ----------------------------------- Darn tootin'! Put chaffwin.el into your Emacs load-path, and the following into your .emacs (modify as you see fit): (global-set-key "\C-cw" 'chaffwin-map) ;; uncomment the expression below to see your passphrase as you enter it: ;; (setq chaffwin-passphrase-noecho nil) (autoload 'chaffwin-map "chaffwin" nil t) (autoload 'chaffwin-chaff-region "chaffwin" nil t) (autoload 'chaffwin-winnow-region "chaffwin" nil t) (autoload 'chaffwin-find-and-winnow-region "chaffwin" nil t) See the comments at the top of chaffwin.el for more information. What are my obligations? ------------------------ All source code in this package is released under the terms of the GNU General Public License (GPL). For more information, see and the GPL license "COPYING" included in this package. If you make changes, please let us know! Changes of general utility will be merged back into the main distribution. Anonymous access to the CVS repository is also possible. For now, see http://www.red-bean.com/~kfogel/programming.html for the module name and password; nicer arrangements will be made if there is demand. Why did you write this? ----------------------- C'mon. Every kid wants to make his own secret decoder ring. :) Why do you call it "Chaffwin"? ------------------------------ Because "Windows98" was taken. Why does/doesn't the script do FOO? (or, "DISCLAIMER") -------------------------------------------------------- Are you kidding? This code is for amusement and educational purposes only. It is very much an amateur effort, and probably provides no security. We make no claim to its fitness for any particular purpose, especially privacy. If you are a large government or a top-secret spy, we do not recommend this software for anything, and we never met you.