Kerckhoffs' principle

related topics
{law, state, case}
{math, number, function}
{system, computer, user}
{theory, work, human}
{war, force, army}
{acid, form, water}
{disease, patient, cell}

In cryptography, Kerckhoffs' principle (also called Kerckhoffs' assumption, axiom or law) was stated by Auguste Kerckhoffs in the 19th century: A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.

Kerckhoffs' principle was reformulated (perhaps independently) by Claude Shannon as "The enemy knows the system." In that form, it is called Shannon's maxim. In contrast to "security through obscurity," it is widely embraced by cryptographers.

Contents

Origins

In 1883 Auguste Kerckhoffs[1] wrote two journal articles on La Cryptographie Militaire,[2] in which he stated six design principles laid down by Kerckhoffs for military ciphers. Translated from French, they are:[3]

Some are no longer relevant given the ability of computers to perform complex encryption, but his second axiom, now known as Kerckhoffs' Principle, is still critically important.

Explanation of the principle

Stated simply, the security of a cryptosystem should depend solely on the secrecy of the key. Another way of putting it is that a method of secretly coding and transmitting information should be secure even if everyone knows how it works. Of course, despite the attacker's familiarity with the system in question, the attacker lacks knowledge as to which of all possible instances is being presently observed.

Advantage of secret keys

Using secure cryptography is supposed to replace the difficult problem of keeping messages secure with a much more manageable one, keeping relatively small keys secure. A system that requires long-term secrecy for something large and complex the whole design of a cryptographic system obviously cannot achieve that goal. It only replaces one hard problem with another. However, if a system that is secure even when the enemy knows everything except the key, then all that is needed is to manage keeping the keys secret.

There are a large number of ways the internal details of a widely used system could be discovered. The most obvious is that someone could bribe, blackmail or otherwise threaten staff or customers into explaining the system. In war, for example, one side will probably capture some equipment and people from the other side. Each side will also use spies to gather information.

Full article ▸

related documents
Declaration of Geneva
Good faith
Alarm
State of the art
Wikipedia:Etiquette
Upskirt
Courts of the United Kingdom
Natura 2000
Scandal
English Nature
Hack value
Situational offender
Non-combatant
LaGrand case
Office of Strategic Influence
UnrealScript
Jean Barbeyrac
Shotgun debugging
Samuel D. Waksal
Numbering plan
National Environmental Protection Act
Foreign Sales Corporation
Leoline Jenkins
Cultural genocide
Obfuscation
Joseph Gary
Structure and Interpretation of Computer Programs
Facade pattern
ObjectPAL
Norbert Zongo