Kerckhoffs's principle

The Kerckhoffs'sche principle or Kerckhoffs ' is a maxim in 1883 by Auguste Kerckhoffs formulated principle of modern cryptography, which says that the security of an encryption method on the secrecy of the key and is not due to the secrecy of the encryption algorithm. The Kerckhoffs'schen principle is often the so-called "security through obscurity " compared: security through secrecy of the ( encryption ) algorithm, possibly in addition to the secrecy of the key.

Historical

The Kerckhoffs'sche principle is the second of the six principles for designing a secure encryption method that introduces Kerckhoffs 1883 in La cryptographie militaire. The six principles are:

An encryption system that met these requirements did not exist back then.

Modern cryptography

Also speaking in modern cryptography good reasons for the Kerckhoffs'sche principle:

  • It is much more difficult, an algorithm to be kept secret as a key.
  • It is difficult, a compromised algorithm by another than to replace a compromised key.
  • Secret algorithms can be reconstructed by reverse engineering of software or hardware implementations.
  • Errors in public algorithms can generally be discovered more easily (see peer-reviewed ) when as many professionals deal with it.
  • Most of the " secret " encryption methods have proven to be weak and inadequate.
  • With the use of "secret" encryption process must be expected with the presence of a back door.

The consistent application of the principle Kerckhoffs'schen result, many experts to form an opinion about a process. This is desirable: With the wealth of expert opinions, the process can be more thoroughly investigated for potential weaknesses and vulnerabilities. For example, the AES algorithm was determined in a public tender process in which many experts submitting proposals for a new, secure encryption algorithm as possible and examined.

Experience in cryptology also shows that many kept secret by their developers procedures have proven to or with their disclosure as weak and were broken. Examples are the GSM algorithms A5 / 1 and A5 / 2, cryptographic algorithms, the access control cards Mifare Basic and Legic prime and the encryption method magenta. On the other hand, a secret cryptographic algorithm is not necessarily unsafe.

Kerckhoffs'sche the principle is used today in most of encryption algorithms such as DES, AES, RSA application.

Backdoor (computing) Advanced Encryption Standard Bruce Schneier
472571
de