Kerckhoffs's principle

Kerckhoffs's principle (also called Kerckhoffs's desideratum, assumption, axiom, doctrine or law) of cryptography was stated by Dutch-born cryptographer Auguste Kerckhoffs in the 19th century. The principle holds that a cryptosystem should be secure, even if everything about the system, except the key, is public knowledge. This concept is widely embraced by cryptographers, in contrast to security through obscurity, which is not.

Kerckhoffs's principle was phrased by American mathematician Claude Shannon as "the enemy knows the system",^[1] i.e., "one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them". In that form, it is called Shannon's maxim.

Another formulation by American researcher and professor Steven M. Bellovin is:

In other words — design your system assuming that your opponents know it in detail. (A former official at NSA's National Computer Security Center told me that the standard assumption there was that serial number 1 of any new device was delivered to the Kremlin.)^[2]

^ Shannon, Claude (4 October 1949). "Communication Theory of Secrecy Systems". Bell System Technical Journal. 28 (4): 662. doi:10.1002/j.1538-7305.1949.tb00928.x. Retrieved 20 June 2014.
^ Bellovin, Steve (23 June 2009). "Security through obscurity". RISKS Digest. 25 (71). Archived from the original on 10 June 2011. Retrieved 18 September 2010.

[Shannon-1] Shannon, Claude (4 October 1949). "Communication Theory of Secrecy Systems". Bell System Technical Journal. 28 (4): 662. doi:10.1002/j.1538-7305.1949.tb00928.x. Retrieved 20 June 2014.

[Bellovin-2] Bellovin, Steve (23 June 2009). "Security through obscurity". RISKS Digest. 25 (71). Archived from the original on 10 June 2011. Retrieved 18 September 2010.

[1]

[2]