A Method of Secure Data Transfer Over Computer Networks
Sugata Sanyal
School of Technology & Computer Science,
Tata Institute of Fundamental Research, India
Abstract:
This work presents an algorithm to enhance security in transmission of data in networks. The algorithm uses an intuitively simple idea of modifying the data to be sent by applying All-or-Nothing Transform (AONT) first and then break the transformed data into multiple parts, where each part is marked with sequence number. Then these parts are sent to the receiver. Message Authentication Code is used while transmitting so no attacker can modify data without the receiver discovering tampering. The original data is retrieved at the receiver-end from its parts. The algorithm is designed to provide information-theoretic (that is, unconditional) security.
All-or-Nothing Transform: The All-or-Nothing Transform (AONT) was first suggested by Rivest in 1997. We present below the definition of an AONT with a slight modification. An AONT, say f, when applied on an input message sequence M to obtain the transformed message sequence M’, has the following properties:
a. The transformation f is reversible; given M’, one can obtain M.
b. Both the transformation f and its inverse f -1 are efficiently computable (that is, in polynomial time).
c. It is infeasible to compute any function of any part of M if any part of M’ is unknown.
The construction of the AONT, as suggested by Rivest in 1997, called the package transform, is only computationally secure. Stinson, in 2001, had provided the definition of an AONT having the property of information-theoretic security. He had also provided a construction of a linear (s, q) - AONT that is unconditionally secure. The linear implementation of AONT has a non-randomizing property that did not rule out known- and chosen- plaintext attacks against it. We have used a method of randomizing the input (following Stinson’s method) to prevent such attacks. Thus, by randomizing input, the linear (s, q) - AONT prevents cryptanalytic attacks.