World Library  
Flag as Inappropriate
Email this Article

Kerckhoffs's principle

Article Id: WHEBN0000053064
Reproduction Date:

Title: Kerckhoffs's principle  
Author: World Heritage Encyclopedia
Language: English
Subject: Cryptography, Libelle (cipher), Steganography, Bruce Schneier, Claude Shannon
Collection: Cryptography
Publisher: World Heritage Encyclopedia
Publication
Date:
 

Kerckhoffs's principle

In cryptography, Kerckhoffs's principle (also called Kerckhoffs's desiderata, Kerckhoffs's assumption, axiom, or law) was stated by Auguste Kerckhoffs in the 19th century: A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.

Kerckhoffs's principle was reformulated (or perhaps independently formulated) by Claude Shannon as "the enemy knows the system", [1] i.e., "one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them". In that form, it is called Shannon's maxim. In contrast to "security through obscurity", it is widely embraced by cryptographers.

Contents

  • Origins 1
  • Explanation of the principle 2
    • Advantage of secret keys 2.1
    • Maintaining security 2.2
  • Applications 3
  • Security through obscurity 4
  • Notes 5
  • References 6
  • External links 7

Origins

In 1883 Auguste Kerckhoffs[2] wrote two journal articles on La Cryptographie Militaire,[3] in which he stated six design principles for military ciphers. Translated from French, they are:[4]

  1. The system must be practically, if not mathematically, indecipherable;
  2. It should not require secrecy, and it should not be a problem if it falls into enemy hands;
  3. It must be possible to communicate and remember the key without using written notes, and correspondents must be able to change or modify it at will;
  4. It must be applicable to telegraph communications;
  5. It must be portable, and should not require several persons to handle or operate;
  6. Lastly, given the circumstances in which it is to be used, the system must be easy to use and should not be stressful to use or require its users to know and comply with a long list of rules.

Some are no longer relevant given the ability of computers to perform complex encryption, but his second axiom, now known as Kerckhoffs's principle, is still critically important.

Explanation of the principle

Stated simply, the security of a cryptosystem should depend solely on the secrecy of the key and the private randomizer.[5] Another way of putting it is that a method of secretly coding and transmitting information should be secure even if everyone knows how it works. Of course, despite the attacker's familiarity with the system in question, the attacker lacks knowledge as to which of all possible instances is being presently observed.

Advantage of secret keys

Using secure cryptography is supposed to replace the difficult problem of keeping messages secure with a much more manageable one, keeping relatively small keys secure. A system that requires long-term secrecy for something as large and complex as the whole design of a cryptographic system obviously cannot achieve that goal. It only replaces one hard problem with another. However, if a system is secure even when the enemy knows everything except the key, then all that is needed is to manage keeping the keys secret.

There are a large number of ways the internal details of a widely used system could be discovered. The most obvious is that someone could bribe, blackmail, or otherwise threaten staff or customers into explaining the system. In war, for example, one side will probably capture some equipment and people from the other side. Each side will also use spies to gather information.

If a method involves software, someone could do memory dumps or run the software under the control of a debugger in order to understand the method. If hardware is being used, someone could buy or steal some of the hardware and build whatever programs or gadgets needed to test it. Hardware can also be dismantled so that the chip details can be seen with microscopes.

Maintaining security

A generalization some make from Kerckhoffs's principle is: "The fewer and simpler the secrets that one must keep to ensure system security, the easier it is to maintain system security." Bruce Schneier ties it in with a belief that all security systems must be designed to fail as gracefully as possible:

Any security system depends crucially on keeping some things secret. However, Kerckhoffs's principle points out that the things kept secret ought to be those least costly to change if inadvertently disclosed.

For example, a cryptographic algorithm may be implemented by hardware and software that is widely distributed among users. If security depends on keeping that secret, then disclosure leads to major logistic difficulties in developing, testing, and distributing implementations of a new algorithm – it is "brittle". On the other hand, if keeping the algorithm secret is not important, but only the keys used with the algorithm must be secret, then disclosure of the keys simply requires the simpler, less costly process of generating and distributing new keys.

Applications

In accordance with Kerckhoffs's principle, the majority of civilian cryptography makes use of publicly known algorithms. By contrast, ciphers used to protect classified government or military information are often kept secret (see Type 1 encryption). However, it should not be assumed that government/military ciphers must be kept secret to maintain security. It's possible that they are intended to be as cryptographically sound as public algorithms, and the decision to keep them secret is in keeping with a layered security posture.

Security through obscurity

It is moderately common for companies, and sometimes even standards bodies as in the case of the CSS encryption on DVDs, to keep the inner workings of a system secret. Some argue this "security by obscurity" makes the product safer and less vulnerable to attack. A counter argument is that keeping the innards secret may improve security in the short term, but in the long run only systems that have been published and analyzed should be trusted.

Steve Bellovin commented:

Notes

  1. ^ Shannon, Claude (4 October 1949). "Communication Theory of Secrecy Systems". Bell System Technical Journal 28: 662. Retrieved 20 June 2014. 
  2. ^ Kahn, David (1996), The Codebreakers: the story of secret writing (second ed.), Scribners  p.235
  3. ^ Peticolas, Fabien, electronic version and English translation of "La cryptographie militaire" 
  4. ^ Auguste Kerckhoffs, "La cryptographie militaire" Journal des sciences militaires, vol. IX, pp. 5–83, January 1883, pp. 161–191, February 1883.
  5. ^ Massey, James L (1993), Cryptography: Fundamentals and Applications, course notes  p.2.5
  6. ^ Mann, Charles C. (September 2002), "Homeland Insecurity",  
  7. ^ Bellovin, Steve (June 2009), "Security through obscurity", Risks Digest 

References

This article incorporates material from the Citizendium article "Kerckhoffs' Principle", which is licensed under the but not under the .

External links

  • John Savard article discussing Kerckhoffs's design goals for ciphers
  • Reference to Kerckhoffs's original paper, with scanned original text
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and USA.gov, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for USA.gov and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
 
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
 
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.
 


Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.