User interface, security, and "simplicity"

Ed Gerck edgerck at
Sun May 4 21:24:00 EDT 2008

Ian G wrote: (on Kerckhoffs's rules)
> =====================
> 6. Finally, it is necessary, given the circumstances that command its 
> application, that the system be easy to use, requiring neither mental 
> strain nor the knowledge of a long series of rules to observe.
> =====================
> ...
> PS:  Although his 6th is arguably the most important

Yes. Usability should be the #1 property of a secure system.

Conventional security thinking says that usability and security are 
like a seesaw; if usability goes up, security must go down, and 
vice-versa. This apparent antinomy actually works as a synergy: with 
more usability in a secure system, security increases. With less 
usability in a secure system, security decreases. A secure system that 
is not usable will be left aside by users.

Ed Gerck

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list