[Cryptography] traffic analysis -> let's write an RFC?, and sunlight

[Salz, Rich]

> I was told years ago that the cryptography group within NSA had as a
> standard that no crypto system could be considered secure unless I could
> give you all the details as to how it works and you still could not break it.

Kerckhoff 1883
Shannon 1949
      -- http://en.wikipedia.org/wiki/Kerckhoffs%27s_principle

Counter-point: the NSA still classifies many of their crypto algorithms.

--  
Principal Security Engineer, Akamai Technologies
IM: rsalz at jabber.me Twitter: RichSalz