Kerckhoffs' law
In
security engineering,
Kerckhoffs' law (also called
Kerckhoffs' assumption or
Kerckhoffs' principle) was stated by
Auguste Kerckhoffs in the 19th Century: A
cryptosystem should be designed to be secure if everything is known about it except the
key information. It was reformulated (perhaps independently) by Claude Shannon as "the enemy knows the system". In that form it is called
Shannon's Maxim. Since the advent of
open source software development, these principles have increasingly been used to ground arguments for it (and against "
security through obscurity").
Kerckhoffs' principle was one of six design principles laid down by Kerchoffs for military ciphers.
Kerckhoffs' original six cipher design principles were: (in French)
- 1° Le système doit être matériellement, sinon mathématiquement, indéchiffrable ;
- 2° Il faut qu'il n'exige pas le secret, et qu'il puisse sans inconvénient tomber entre les mains de l'ennemi ;
- 3° La clef doit pouvoir en être communiquée et retenue sans le secours de notes écrites, et être changée ou modifiée au gré des correspondants ;
- 4° Il faut qu'il soit applicable à la correspondance télégraphique ;
- 5° Il faut qu'il soit portatif, et que son maniement ou son fonctionnement n'exige pas le concours de plusieurs personnes ;
- 6° Enfin, il est nécessaire, vu les circonstances qui en commandent l'application, que le système soit d'un usage facile, ne demandant ni tension d'esprit, ni la connaissance d'une longue série de règles à observer.
Translated:
- 1. The system must be practically, if not mathematically, indecipherable;
- 2. It must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience;
- 3. Its key must be communicable and retainable without the help of written notes, and changeable or modifiable at the will of the correspondents;
- 4. It must be applicable to telegraphic correspondence;
- 5. It must be portable, and its usage and function must not require the concourse of several people;
- 6. Finally, it is necessary, given the circumstances that command its application, that the system be easy to use, requiring neither mental strain nor the knowledge of a long series of rules to observe.
References: Auguste Kerckhoffs,
La cryptographie militaire, Journal des sciences militaires, vol. IX, pp. 5-83, Jan. 1883, pp. 161-191, Feb. 1883.
External links: