It's annoying that there's a similar sounding but totally unrelated Kirchhoff's circuit laws from ee; the really crazy thing would be using secure multiparty computation (circuit evaluation...) to show some kind of artificial relationship between the two laws (in that one special case), just to troll people more.
Kerckhoffs' principle is common knowledge, but it very often violated.
E. g. it is almost not possible to buy car alarm/immobiliser system with known cryptographic algorithms and protocols.
As a result - most car security systems use weak crypto (or no crypto at all), rely on security by obscurity. And it is possible to steal car using wireless code grubbers (to sniff key when owner lock/unlock car).
But obscurity isn't the enemy of secure crytpo; it's just not the solution to it. Assuming the enemy "already knows the system" is fine, but that doesn't mean obscurity itself somehow reduces security...
I know that's not what the principal posits, but that's an attitude I frequently encounter, and I find it profoundly annoying, for some reason.
> but that doesn't mean obscurity itself somehow reduces security...
Banks have window facades for a reason... Transparency is also a way of increasing security. It cuts both ways.
Consider a weakness in a hash algorithm. If found by a 3rd party, you want this information to be publicly announced as soon as possible (be you Alice or Chuck), but that's only possible if the algorithm is widely available in the first place.
Obscurity is enemy when there is security system vendor and consumer. If algorithms used inside is not public known, than consumer can't choose from two systems more secure one.
If we're assuming that obscurity is close to irrelevant, what matters is that the cryptography method is sound. In which case, obscurity doesn't reduce security, but it is a waste of effort.
It is the right of the people to overthrow a barbaric government. When a government makes it their main concern to prevent dissent, rather than to uphold the constitution of our nation, they have strayed from their rights and duties as governors. There is nothing elegant about the government having the twitch ability to single-out every dissenting "radical" and efficiently terminate their "threat." A sudden change in political wind, and you could see your neighbor disappear because he was a "communist" rebel. Take the current wiretaps and surveillance and channel them back 40 years, and imagine the consequence on the populace. We need to prevent our government from being able to destroy dissent, and that includes invasive invasion of privacy, regardless of its current use and form. It will always be a horrendous potential energy, a spring ready to swallow up the good will of the nation.
