Blurry Box Encryption Scheme and Why it Matters to Industrial IoT
2.1 KERCKHOFFS ’ PRINCIPLE
In 1883 , Auguste Kerckhoffs published two articles in the Journal des sciences militaires 1 , in which he surveyed the military ciphers of the time and proposed six principles for the design of new ciphers . Some of those principles were dependent on the technology available at the time , but one principle , known today as Kerckhoffs ’ Principle , is still valid today and fundamentally shaped the mindset of modern cryptography ( translated from French ):
The system should not require secrecy , and it must not be a problem if it falls into enemy hands
Auguste Kerckhoffs , best-known for the principle named after him
More than a century later , Claude Shannon put it more pithily in Communication Theory of Secrecy Systems 2 : “ the enemy knows the system being used ”. In essence , the security of encryption schemes depends only on the cryptographic key , and the enemy knows everything else . This is a very pessimistic view , but one which enables us to conduct public research on cryptography . Progress stalls when Kerckhoff ’ s Principle is disregarded .
Usually , the term security through obscurity is used to describe systems where security relies on keeping the system secret . This practice is discouraged by security experts , not only for encryption schemes , because undisclosed security mechanisms are typically not well analyzed .
While it is strongly discouraged to build a system that relies only on security through obscurity , there is value in keeping secret the protection mechanisms that protect cryptographic hardware against tampering . Taking a closer look at Kerckhoffs ’ original statements , he did not demand the publication of the algorithm itself . He stated that security should not break down completely if the enemy knows the system . However , without knowing the system , it is impossible to check whether Kerckhoffs ’ Principle is satisfied . Therefore , it is common practice in cryptography to publish new schemes , so that anyone can verify their claims .
Kerckhoffs ’ Principle provides a revolutionary approach to cryptography , yet little work has been done to demonstrate its efficacy or practical business applications . Proof of its correctness and viability would pave the way for a totally new conversation and public evaluation within the security expert and hacker communities . If successful , it would raise the bar for security
1
A . Kerckhoffs , “ La cryptographie militaire ,” Journal des sciences militaires , vol . IX , pp . 5 – 83 , Jan . 1883 , pp . 161 – 191 , Feb . 1883 ( http :// petitcolas . net / fabien / kerckhoffs /).
2
C . Shannon , " Communication Theory of Secrecy Systems ," Bell System Technical Journal 28 : 662 , 4 . October 1949 .
- 6 - June 2016