aont – All-Or-Nothing transform

Description

Version 1.12

The tool applies a transformation to a file, which makes this file unintelligible.

This transformation is easy to reverse and bring the file back to its original readable form, unless portion of the transformed file is missing or corrupt. In this case it is difficult (as difficult as recovery of AES-256 encrypted data with unknown key) to reconstruct any remaining portion of the original file.

The corrupt file may not necessarily explicitly fail the restoration attempt. It may be restored to a garbage. The integrity of a restored file should be ensured with different means, for example with a hash value stored separately.

The program can be used to split file into pieces which can be meaningfully reassembled only when all come together.

Download

aont_1_12.zip, 14k

Usage

Transformation:

  aont [/t] [/n:number] [/s:size] [inputfile] [outputfiletemplate]

Reverse transformation:

  aont /r inputfiles [outputfilename]

List input files in order:

  aont /v inputfiles

where,

/t: apply all-or-nothing transformation to a file
/n:number: split the output into number parts
/s:size: split output into parts, each of size size; numeral may be followed by one of letters k, M, G for kilobytes, megabytes, gigabytes, etc.
/r: restore file to its original form and write result to outputfile
/v: display which files and in what order will be processed

If outputfile name is missing, it is genereated by appending suffix ".aont" for forward transformation and ".restored" for reverse transformation.

Use modes

Long term storage

The transformed part is split into large part, containing bulk of the data and one or more smaller (say, 1K) parts. Bulk part is stored on publicly accessible server, where it enjoys regular backups and other services provided by the server. The smaller parts are stored in secure locations. They can be stored on individual floppies or USB drives, etc.

Even though bulk part is publicly accessible, it is useless without smaller parts. The smaller parts are easier to store in a secure way in one or more secure locations, in part, because of their physical manifestations provided by portable media.

Sharing a secret

3/3

Split file into 3 approximately equal parts and give each part to a trusted individual. Only when all 3 agree to give their share, the original file can be restored.

2/3

Split file into 3 approximatley equal parts

Give parts 2,3 to trustee A

Give parts 1,3 to trustee B

Give parts 1,2 to trustee C

This way any 2 of them together can restore the file, but none individually.

2/4

Distribute 4 parts among 4 individuals:

(2,3,4) → A
(1,3,4) → B
(1,2,4) → C
(1,2,3) → D

Any 2 of them have enough parts to reassemble the original.

3/4

Distribute 6 parts among 4 individuals:

(4,5,6) → A
(2,3,6) → B
(1,3,5) → C
(1,2,4) → D

3/5

Distribute 10 parts among 5 individuals:

(5,6,7,8,9,10) → A
(2,3,4,8,9,10) → B
(1,3,4,6,7,10) → C
(1,2,4,5,7,9) → D
(1,2,3,5,6,8) → E

All these schemes may be implemented with one more part – containing the bulk of a file and parts that represent shares are small (64-1024 bytes). This bulk part may be located on public server or copy of it may be stored with each trustees. Either way, it does not have to be secret.

Command line examples

aont /n:4 /s:1k 2011-11-20.zip

Transform file 2011-11-20.zip, splits in 4 pieces and place pieces of transofrmed result into 2011-11-20.zip.part1, 2011-11-20.zip.part2, 2011-11-20.zip.part3, 2011-11-20.zip.part4. Parts 1-3 are 1 kb each. Part 4 contains the rest of the transformation.

aont /n:4 /s:1k 2011-11-20.zip 20111120.aont*

Specify template for part names 20111120.aont1, 20111120.aont2, 20111120.aont3, 20111120.aont4.

aont /r 20111120.part*

Apply reverse transformation to a concatenation of 20111120.part1, 20111120.part2, ... and write the result to 20111120.restored

for %F in (*.pdf) do aont /t /s:256 /n:4 "%F" "t\%F.{0:D3}"

Process all .pdf files in current directory and place resulting parts in t subdirectory. The name of parts are original file names with suffix of a form ".001".

for %F in (t\*.part1) do aont /r "t\%~nF.part*" "r\%~nF"

Assume that .\t subdirectory contains all necessary parts named orignalfilename.partN. Apply reverse transformation to sets of files with same originalname and place result in .\r subdirectory.

Technical details

  0 ┌───────
    │IV (sixteen bytes, randomly generated)
 16 ├────
    │data encrypted with AES
    │with a random 256 bit key K
    │in CBC mode plus padding of final block
N-32├─────
    │K xor SHA256(preceeding blocks)
  N └────

[ Index page | Feedback ]