aont – All-Or-Nothing transform


Version 1.12

The tool applies a transformation to a file, which makes this file unintelligible.

This transformation is easy to reverse and bring the file back to its original readable form, unless portion of the transformed file is missing or corrupt. In this case it is difficult (as difficult as recovery of AES-256 encrypted data with unknown key) to reconstruct any remaining portion of the original file.

The corrupt file may not necessarily explicitly fail the restoration attempt. It may be restored to a garbage. The integrity of a restored file should be ensured with different means, for example with a hash value stored separately.

The program can be used to split file into pieces which can be meaningfully reassembled only when all come together.

Download, 14k



  aont [/t] [/n:number] [/s:size] [inputfile] [outputfiletemplate]

Reverse transformation:

  aont /r inputfiles [outputfilename]

List input files in order:

  aont /v inputfiles


apply all-or-nothing transformation to a file
split the output into number parts
split output into parts, each of size size; numeral may be followed by one of letters k, M, G for kilobytes, megabytes, gigabytes, etc.
restore file to its original form and write result to outputfile
display which files and in what order will be processed

If outputfile name is missing, it is genereated by appending suffix ".aont" for forward transformation and ".restored" for reverse transformation.

Use modes

Long term storage

The transformed part is split into large part, containing bulk of the data and one or more smaller (say, 1K) parts. Bulk part is stored on publicly accessible server, where it enjoys regular backups and other services provided by the server. The smaller parts are stored in secure locations. They can be stored on individual floppies or USB drives, etc.

Even though bulk part is publicly accessible, it is useless without smaller parts. The smaller parts are easier to store in a secure way in one or more secure locations, in part, because of their physical manifestations provided by portable media.

Sharing a secret


Split file into 3 approximately equal parts and give each part to a trusted individual. Only when all 3 agree to give their share, the original file can be restored.


  • Split file into 3 approximatley equal parts
  • Give parts 2,3 to trustee A
  • Give parts 1,3 to trustee B
  • Give parts 1,2 to trustee C

    This way any 2 of them together can restore the file, but none individually.


    Distribute 4 parts among 4 individuals:

    Any 2 of them have enough parts to reassemble the original.


    Distribute 6 parts among 4 individuals:


    Distribute 10 parts among 5 individuals:

    All these schemes may be implemented with one more part – containing the bulk of a file and parts that represent shares are small (64-1024 bytes). This bulk part may be located on public server or copy of it may be stored with each trustees. Either way, it does not have to be secret.

    Command line examples

    aont /n:4 /s:1k
    Transform file, splits in 4 pieces and place pieces of transofrmed result into,,, Parts 1-3 are 1 kb each. Part 4 contains the rest of the transformation.
    aont /n:4 /s:1k 20111120.aont*
    Specify template for part names 20111120.aont1, 20111120.aont2, 20111120.aont3, 20111120.aont4.
    aont /r 20111120.part*
    Apply reverse transformation to a concatenation of 20111120.part1, 20111120.part2, ... and write the result to 20111120.restored
    for %F in (*.pdf) do aont /t /s:256 /n:4 "%F" "t\%F.{0:D3}"
    Process all .pdf files in current directory and place resulting parts in t subdirectory. The name of parts are original file names with suffix of a form ".001".
    for %F in (t\*.part1) do aont /r "t\%~nF.part*" "r\%~nF"
    Assume that .\t subdirectory contains all necessary parts named orignalfilename.partN. Apply reverse transformation to sets of files with same originalname and place result in .\r subdirectory.

    Technical details

      0 ┌───────
        │IV (sixteen bytes, randomly generated)
     16 ├────
        │data encrypted with AES
        │with a random 256 bit key K
        │in CBC mode plus padding of final block
        │K xor SHA256(preceeding blocks)
      N └────

    [ Index page | Feedback ]