In cryptography, Kerckhoffs' principle (also called Kerckhoffs' assumption, axiom or law) was stated by Auguste Kerckhoffs in the 19th century: A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.
Kerckhoffs' principle was reformulated (perhaps independently) by Claude Shannon as "The enemy knows the system." In that form, it is called Shannon's maxim. In contrast to "security through obscurity," it is widely embraced by cryptographers.
In 1883 Auguste Kerckhoffs wrote two journal articles on La Cryptographie Militaire, in which he stated six design principles laid down by Kerckhoffs for military ciphers. Translated from French, they are:
Some are no longer relevant given the ability of computers to perform complex encryption, but his second axiom, now known as Kerckhoffs' Principle, is still critically important.
Explanation of the principle
Stated simply, the security of a cryptosystem should depend solely on the secrecy of the key. Another way of putting it is that a method of secretly coding and transmitting information should be secure even if everyone knows how it works. Of course, despite the attacker's familiarity with the system in question, the attacker lacks knowledge as to which of all possible instances is being presently observed.
Advantage of secret keys
Using secure cryptography is supposed to replace the difficult problem of keeping messages secure with a much more manageable one, keeping relatively small keys secure. A system that requires long-term secrecy for something large and complex the whole design of a cryptographic system obviously cannot achieve that goal. It only replaces one hard problem with another. However, if a system that is secure even when the enemy knows everything except the key, then all that is needed is to manage keeping the keys secret.
There are a large number of ways the internal details of a widely used system could be discovered. The most obvious is that someone could bribe, blackmail or otherwise threaten staff or customers into explaining the system. In war, for example, one side will probably capture some equipment and people from the other side. Each side will also use spies to gather information.
Full article ▸