- "A cryptosystem should be secure even if everything about the system, except the key, is public knowledge".
Kerckhoffs's principle was more briefly stated by American mathematician Claude Shannon as "the enemy knows the system", that is, "one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them". In that form, it is called Shannon's maxim. It is opposite to the idea of "security through obscurity".
More details[change | change source]
- The system must be practically, if not mathematically, indecipherable;
- It should not require secrecy, and it should not be a problem if it falls into enemy hands;
- It must be possible to communicate and remember the key without using written notes, and correspondents must be able to change or modify it at will;
- It must be applicable to telegraph communications;
- It must be portable, and should not require several persons to handle or operate;
- Lastly, given the circumstances in which it is to be used, the system must be easy to use and should not be stressful to use or require its users to know and comply with a long list of rules.
Some are no longer relevant given the ability of computers to perform complex encryption. The second axiom, Kerckhoffs's principle, is still vitally important.
References[change | change source]
- Kerckhoffs, Auguste 1883. Journal des sciences militaires, vol. IX, pp. 5–83, and pp. 161–191. "La cryptographie militaire"
- Kahn, David 1967. The Codebreakers – the story of secret writing, p235. ISBN 0-684-83130-9
- Shannon, Claude 1949. Communication theory of secrecy systems. Bell System Technical Journal 28: 662.