Kerckhoffs' Law
I was reading up on some of my older topics in cryptography and came across a section om Kerchoffs' Law. Kerchoff was a Dutchman who lived in Paris and is fairly well known for some principles he put together around military cryptography. It is funny how this 19th century security principle still holds true today. Essentially, Auguste Kerchoff suggested an encryption pattern that assumes that all parts of the system are known -- accept the secret key. That would render security through obscurity relatively pointless and in todays world would mean :
1. Don't bother creating a closed system for encryption. If and when it is compromised -- you will have much bigger problems to tackle including re-architecting your entire security paradigm .
2. In today's world -- Kerchoff would essentially say let's use 3DES and we don't care if anyone knows the cipher -- just protect the key. If and when the key is broken --simply use another key and move on.
1. Don't bother creating a closed system for encryption. If and when it is compromised -- you will have much bigger problems to tackle including re-architecting your entire security paradigm .
2. In today's world -- Kerchoff would essentially say let's use 3DES and we don't care if anyone knows the cipher -- just protect the key. If and when the key is broken --simply use another key and move on.
The law was one of six design principles laid down by Kerckhoffs for military ciphers :
- The system should be, if not theoretically unbreakable, unbreakable in practice.
- Compromise of the system should not inconvenience the correspondents.
- The key should be rememberable without notes and should be easily changeable
- The cryptograms should be transmittable by telegraph
- The apparatus or documents should be portable and operable by a single person
- The system should be easy, neither requiring knowledge of a long list of rules nor involving mental strain
Comments