Hacker News new | comments | show | ask | jobs | submit login
Kerckhoffs's principle (wikipedia.org)
35 points by markeightfold on Dec 19, 2013 | hide | past | web | favorite | 17 comments



It's annoying that there's a similar sounding but totally unrelated Kirchhoff's circuit laws from ee; the really crazy thing would be using secure multiparty computation (circuit evaluation...) to show some kind of artificial relationship between the two laws (in that one special case), just to troll people more.


Not only that, there's also Kirchhoff's law of thermal radiation. https://en.wikipedia.org/wiki/Kirchhoff%27s_law_of_thermal_r...


Boy that Kirchhoff guy's been a productive fellow.


Kerckhoffs' principle is common knowledge, but it very often violated. E. g. it is almost not possible to buy car alarm/immobiliser system with known cryptographic algorithms and protocols. As a result - most car security systems use weak crypto (or no crypto at all), rely on security by obscurity. And it is possible to steal car using wireless code grubbers (to sniff key when owner lock/unlock car).


But obscurity isn't the enemy of secure crytpo; it's just not the solution to it. Assuming the enemy "already knows the system" is fine, but that doesn't mean obscurity itself somehow reduces security...

I know that's not what the principal posits, but that's an attitude I frequently encounter, and I find it profoundly annoying, for some reason.


> but that doesn't mean obscurity itself somehow reduces security...

Banks have window facades for a reason... Transparency is also a way of increasing security. It cuts both ways.

Consider a weakness in a hash algorithm. If found by a 3rd party, you want this information to be publicly announced as soon as possible (be you Alice or Chuck), but that's only possible if the algorithm is widely available in the first place.


Obscurity is enemy when there is security system vendor and consumer. If algorithms used inside is not public known, than consumer can't choose from two systems more secure one.


If we're assuming that obscurity is close to irrelevant, what matters is that the cryptography method is sound. In which case, obscurity doesn't reduce security, but it is a waste of effort.


Obscurity is bad because it makes you _think_ it adds security.


Is anyone elsed appalled at the fact that this Wikipedia article was amended to include a mention of Bruce Schneier?

Bruce Schneier ties it in with a belief that all security systems must be designed to fail as gracefully as possible:

Is it REALLY necessary to add that to the entry?


It's Wikipedia, so you're free to remove it if you think it doesn't belong.


So why is this being posted? Kerckhoffs' principle is common knowledge, I thought


There are a lot of things which I would consider "common knowledge", but this is not one of them.

Unless of course you mean common knowledge among computer scientists and cryptographers, in which case "common" is rather rare.


I'm not the OP so I can't speak for him but here is why I think it's cool he posted it now:

1. not everyone is familiar with cryptology, actually the majority of people aren't.

2. IMO it is extremely relevant to the NSA. If there was complete transparency but an elegant system, we can have a secure country.


It is the right of the people to overthrow a barbaric government. When a government makes it their main concern to prevent dissent, rather than to uphold the constitution of our nation, they have strayed from their rights and duties as governors. There is nothing elegant about the government having the twitch ability to single-out every dissenting "radical" and efficiently terminate their "threat." A sudden change in political wind, and you could see your neighbor disappear because he was a "communist" rebel. Take the current wiretaps and surveillance and channel them back 40 years, and imagine the consequence on the populace. We need to prevent our government from being able to destroy dissent, and that includes invasive invasion of privacy, regardless of its current use and form. It will always be a horrendous potential energy, a spring ready to swallow up the good will of the nation.

http://www.sandiego6.com/story/cia-director-brennan-confirme...


It was probably linked from something else on the current front page.


Obscurity is underrated.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: