Columbia crypto box

Faust urfaust at optushome.com.au
Sun Feb 9 05:06:43 EST 2003 

> Apparently some folks skipped class the day Kerchhoffs'
> Principle was covered.

While this is obvious to the oldtimers, I had to look Kerkhoffs principle 
( and found that it is the old injunction against security by obscurity ).

So for the benefit of those who are as clueless as me:

http://www.counterpane.com/crypto-gram-0205.html
"A basic rule of cryptography is to use published, public, algorithms and protocols. This principle was first stated in 1883 by Auguste Kerckhoffs: in a well-designed cryptographic system, only the key needs to be secret; there should be no secrecy in the algorithm. Modern cryptographers have embraced this principle, calling anything else "security by obscurity." Any system that tries to keep its algorithms secret for security reasons is quickly dismissed by the community, and referred to as "snake oil" or even worse. This is true for cryptography, but the general relationship between secrecy and security is more complicated than Kerckhoffs' Principle indicates. 
The reasoning behind Kerckhoffs' Principle is compelling. If the cryptographic algorithm must remain secret in order for the system to be secure, then the system is less secure. The system is less secure, because security is affected if the algorithm falls into enemy hands. It's harder to set up different communications nets, because it would be necessary to change algorithms as well as keys. The resultant system is more fragile, simply because there are more secrets that need to be kept. In a well-designed system, only the key needs to be secret; in fact, everything else should be assumed to be public. Or, to put it another way, if the algorithm or protocol or implementation needs to be kept secret, then it is really part of the key and should be treated as such. 
Kerckhoffs' Principle doesn't speak to actual publication of the algorithms and protocols, just the requirement to make security independent of their secrecy. In Kerckhoffs' day, there wasn't a large cryptographic community that could analyze and critique cryptographic systems, so there wasn't much benefit in publication. Today, there is considerable benefit in publication, and there is even more benefit from using already published, already analyzed, designs of others. Keeping these designs secret is needless obscurity. Kerckhoffs' Principle says that there should be no security determent from publication; the modern cryptographic community demonstrates again and again that there is enormous benefit to publication. "

also see:
http://www.cs.biu.ac.il/~herzbea/BIU656/index.html

Kerckhoffs' principle: Do not assume secret designs and algorithms; only keys can be assumed secret. 
Kerckhoffs' original concern was that cryptosystems designed under the `security by obscurity' assumption, namely assuming that the adversary would not know their designs, might be easily exposed once the design is revealed.
-- 

natsu-gusa ya   / tsuwamono-domo-ga   / yume no ato
summer grasses  / strong ones         / dreams site
 
Summer grasses,
All that remains
Of soldier's dreams
(Basho trans. Stryk)


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list