Cryptology ePrint Archive: Report 2021/314

On Security Properties of All-or-nothing Transforms

Navid Nasr Esfahani and Douglas R. Stinson

Abstract: All-or-nothing transforms have been defined as bijective mappings on all s-tuples over a specified finite alphabet. These mappings are required to satisfy certain "perfect security" conditions specified using entropies of the probability distribution defined on the input s-tuples. Alternatively, purely combinatorial definitions of AONTs have been given, which involve certain kinds of "unbiased arrays". However, the combinatorial definition makes no reference to probability definitions.

In this paper, we examine the security provided by AONTs that satisfy the combinatorial definition. The security of the AONT can depend on the underlying probability distribution of the s-tuples. We show that perfect security is obtained from an AONT if and only if the input s-tuples are equiprobable. However, in the case where the input s-tuples are not equiprobable, we still achieve a weaker security guarantee. We also consider the use of randomized AONTs to provide perfect security for a smaller number of inputs, even when those inputs are not equiprobable.

Category / Keywords: foundations / combinatorial cryptography, information theory

Date: received 9 Mar 2021

Contact author: dstinson at uwaterloo ca

Available format(s): PDF | BibTeX Citation

Version: 20210311:184120 (All versions of this report)

Short URL: ia.cr/2021/314


[ Cryptology ePrint archive ]