Apparently some folks skipped class the day Kerchhoffs'
Principle was covered.
While this is obvious to the oldtimers, I had to look Kerkhoffs principle
( and found that it is the old injunction against security by obscurity ).
So for the benefit of those who are as clueless as me:
http://www.counterpane.com/crypto-gram-0205.html
A basic rule of cryptography is to use published, public, algorithms and protocols.
This principle was first stated in 1883 by Auguste Kerckhoffs: in a well-designed
cryptographic system, only the key needs to be secret; there should be no secrecy in
the algorithm. Modern cryptographers have embraced this principle, calling anything
else security by obscurity. Any system that tries to keep its algorithms secret for
security reasons is quickly dismissed by the community, and referred to as snake oil
or even worse. This is true for cryptography, but the general relationship between
secrecy and security is more complicated than Kerckhoffs' Principle indicates.
The reasoning behind Kerckhoffs' Principle is compelling. If the cryptographic
algorithm must remain secret in order for the system to be secure, then the system is
less secure. The system is less secure, because security is affected if the algorithm
falls into enemy hands. It's harder to set up different communications nets, because
it would be necessary to change algorithms as well as keys. The resultant system is
more fragile, simply because there are more secrets that need to be kept. In a
well-designed system, only the key needs to be secret; in fact, everything else should
be assumed to be public. Or, to put it another way, if the algorithm or protocol or
implementation needs to be kept secret, then it is really part of the key and should
be treated as such.
Kerckhoffs' Principle doesn't speak to actual publication of the algorithms and
protocols, just the requirement to make security independent of their secrecy. In
Kerckhoffs' day, there wasn't a large cryptographic community that could analyze and
critique cryptographic systems, so there wasn't much benefit in publication. Today,
there is considerable benefit in publication, and there is even more benefit from
using already published, already analyzed, designs of others. Keeping these designs
secret is needless obscurity. Kerckhoffs' Principle says that there should be no
security determent from publication; the modern cryptographic community demonstrates
again and again that there is enormous benefit to publication.
also see:
http://www.cs.biu.ac.il/~herzbea/BIU656/index.html
Kerckhoffs' principle: Do not assume secret designs and algorithms; only keys can be
assumed secret.
Kerckhoffs' original concern was that cryptosystems designed under the `security by
obscurity' assumption, namely assuming that the adversary would not know their
designs, might be easily exposed once the design is revealed.
--
natsu-gusa ya / tsuwamono-domo-ga / yume no ato
summer grasses / strong ones / dreams site
Summer grasses,
All that remains
Of soldier's dreams
(Basho trans. Stryk)
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
