Paper 2021/314

On Security Properties of All-or-nothing Transforms

Navid Nasr Esfahani and Douglas R. Stinson


All-or-nothing transforms have been defined as bijective mappings on all s-tuples over a specified finite alphabet. These mappings are required to satisfy certain "perfect security" conditions specified using entropies of the probability distribution defined on the input s-tuples. Alternatively, purely combinatorial definitions of AONTs have been given, which involve certain kinds of "unbiased arrays". However, the combinatorial definition makes no reference to probability definitions. In this paper, we examine the security provided by AONTs that satisfy the combinatorial definition. The security of the AONT can depend on the underlying probability distribution of the s-tuples. We show that perfect security is obtained from an AONT if and only if the input s-tuples are equiprobable. However, in the case where the input s-tuples are not equiprobable, we still achieve a weaker security guarantee. We also consider the use of randomized AONTs to provide perfect security for a smaller number of inputs, even when those inputs are not equiprobable.

Available format(s)
Publication info
Preprint. MINOR revision.
combinatorial cryptographyinformation theory
Contact author(s)
dstinson @ uwaterloo ca
2021-03-11: received
Short URL
Creative Commons Attribution


      author = {Navid Nasr Esfahani and Douglas R.  Stinson},
      title = {On Security Properties of All-or-nothing Transforms},
      howpublished = {Cryptology ePrint Archive, Paper 2021/314},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.