The tool applies a transformation to a file, which makes this file unintelligible.
This transformation is easy to reverse and bring the file back to its original readable form, unless portion of the transformed file is missing or corrupt. In this case it is difficult (as difficult as recovery of AES-256 encrypted data with unknown key) to reconstruct any remaining portion of the original file.
The corrupt file may not necessarily explicitly fail the restoration attempt. It may be restored to a garbage. The integrity of a restored file should be ensured with different means, for example with a hash value stored separately.
The program can be used to split file into pieces which can be meaningfully reassembled only when all come together.
Transformation:
aont [/t] [/n:number] [/s:size] [inputfile] [outputfiletemplate]
Reverse transformation:
aont /r inputfiles [outputfilename]
List input files in order:
aont /v inputfiles
where,
If outputfile name is missing, it is genereated by appending suffix ".aont" for forward transformation and ".restored" for reverse transformation.
The transformed part is split into large part, containing bulk of the data and one or more smaller (say, 1K) parts. Bulk part is stored on publicly accessible server, where it enjoys regular backups and other services provided by the server. The smaller parts are stored in secure locations. They can be stored on individual floppies or USB drives, etc.
Even though bulk part is publicly accessible, it is useless without smaller parts. The smaller parts are easier to store in a secure way in one or more secure locations, in part, because of their physical manifestations provided by portable media.
Split file into 3 approximately equal parts and give each part to a trusted individual. Only when all 3 agree to give their share, the original file can be restored.
This way any 2 of them together can restore the file, but none individually.
Distribute 4 parts among 4 individuals:
Distribute 6 parts among 4 individuals:
Distribute 10 parts among 5 individuals:
aont /n:4 /s:1k 2011-11-20.zipTransform file 2011-11-20.zip, splits in 4 pieces and place pieces of transofrmed result into 2011-11-20.zip.part1, 2011-11-20.zip.part2, 2011-11-20.zip.part3, 2011-11-20.zip.part4. Parts 1-3 are 1 kb each. Part 4 contains the rest of the transformation.
aont /n:4 /s:1k 2011-11-20.zip 20111120.aont*Specify template for part names 20111120.aont1, 20111120.aont2, 20111120.aont3, 20111120.aont4.
aont /r 20111120.part*Apply reverse transformation to a concatenation of 20111120.part1, 20111120.part2, ... and write the result to 20111120.restored
for %F in (*.pdf) do aont /t /s:256 /n:4 "%F" "t\%F.{0:D3}"Process all .pdf files in current directory and place resulting parts in t subdirectory. The name of parts are original file names with suffix of a form ".001".
for %F in (t\*.part1) do aont /r "t\%~nF.part*" "r\%~nF"Assume that .\t subdirectory contains all necessary parts named orignalfilename.partN. Apply reverse transformation to sets of files with same originalname and place result in .\r subdirectory.
0 ┌─────── │IV (sixteen bytes, randomly generated) 16 ├──── │data encrypted with AES │with a random 256 bit key K │in CBC mode plus padding of final block N-32├───── │K xor SHA256(preceeding blocks) N └────