On Wed, Nov 18, 2009 at 12:59 PM, N. Coesel <[email protected]> wrote: > > >Security by obscurity doesn't work. > > Which is big a misconception! > > Part of my job involves assessing and implementing electronic security > measures. I did a lot of thinking and reading about what security by > obscurity actually *means* and came to the following conclusions (I'll use > a lock and a key as metaphores): > > - If you make the way the lock works publicly available then you need a > complex lock and a big key. This security measure relies on the key staying > hidden and that it will take a long time to pick the lock. > > - If you keep the way the lock works secret, you can keep the lock and the > key very simple. This security measure relies on keeping both the lock and > the key secret. Trying to pick the lock is an almost impossible task. > > Both methods require keeping a secret. So both methods rely on obscurity > anyway! > > Nico, with all due respect I think your conclusions are wrong. First of all, the biggest problem with a 'secret lock' is that once the secret is out, your security is compromised forever---the article you quoted makes this point: "The gist? If you rely on MiFare Classic security for anything, you may want to start moving to a different system." In the 'open' cryptography system, you would just change the key and keep going.
Secondly, it is not true that the open algorithms have to be complicated---in fact the only provably secure encryption is a simple one time key XOR. The keys have to be long---but this is actually true for both open and closed encryption algorithms; a simplistic key can be brute-forced in either case. "If it is worth doing, it is worth doing right".
