This section will serve the key laws that have been associated with creating strong and safe encryption standards. Some of the laws given by Kerckhoff aren’t as relevant now or require more clarification which Shannon aims to do with their refresh of the ruleset. deCrypt Me wants you to appreciate the reason why these laws are used and allow you to truly understand why certain steps have been taken to create standards in such a way. If you become famous for creating laws that strengthen these principles then be sure to give us a shout out!
We’ll get onto the title of this section in a while, first let’s start with the genius behind these cryptography laws. Meet Auguste Kerckhoff 1835 - 1903! He was a professor in the late 19th century who specialised in linguistics and cryptography. A fun fact is that his father was the mayor of the village he lived in! So, what was so special about Auguste Kerckhoff and what did he bring to the world?
Kerckhoff’s claim to fame began in 1883 when two reports he had written were featured in ‘le Journal des Sciences Militaires’ or ‘journal of military sciences’ if you will. The reports were titled Military Cryptography and highlighted the desired characteristics of cryptography standards. These characteristics would go on to be used by militaries to enhance their encryption capabilities at the time. They were given many names due to different translations or how people viewed these principles, they ranged from being called principles, desideratum, assumptions, laws, doctrine, and axiom. Moving on from this there were 6 different ideologies presented in the report.
1. The system must be practically, if not mathematically, indecipherable.
2. It should not require secrecy, and it should not be a problem if it falls into enemy
hands.
3. It must be possible to communicate and remember the key without using written notes,
and correspondents must be able to change or modify it at will.
4. It must be applicable to telegraph communications.
5. It must be portable, and should not require several persons to handle or operate.
6. Lastly, given the circumstances in which it is to be used, the system must be easy
to use and should not be stressful to use or require its users to know and comply with a long list of rules.
As you can see there are some principles listed here which just aren’t as relevant today so it is okay to not take these principles as the be-all and end-all of how to develop strong encryption- or else this would be a short section and we wouldn’t need Shannon's principles! The second principle “It should not require secrecy, and it should not be a problem if it falls into enemy hands”’ is the law that is considered to be Kerckhoff’s principle.
Wait, but deCrypt Me isn’t that obvious? Well yes but actually no. Sorry, but the low-quality meme had to be done. See, “it should not be a problem if it falls into enemy hands”, doesn’t just refer to if the encrypted message is intercepted, but if the entire encryption system is revealed. We will build upon this during Shannon’s principles later. This is a hard concept, if technologies such as Caesar’s Cipher had their inner workings divulged, the message would be cracked in a matter of hours (as these messages did have to be decrypted by hand during Caesar’s reign). Then doesn’t this apply to everything? No, it doesn’t! Newer encryptions such as RSA, AES, PGP, ECC, etc.. have all had their techniques revealed; however, it’s still (as far as we know) impossible to reliably crack messages without brute-forcing them. Parties who you don’t intend on viewing the message can have the algorithm used for encryption and decryption but still never be able to decrypt the encrypted messages you send. In other words, a standard should rely on the key to be secure, not any other part of it.
This goes against the idea of security through obscurity which is where the technology behind a standard is also hidden. Now while this may seem like a desirable characteristic for a standard, it is commonly thought to be the opposite. Now, where something is known it can be critiqued. In this sense errors, vulnerabilities and backdoors can be found in public standards, wherein obscured encryption technologies these have an extremely lower chance of being found. By working using Kerckhoff’s principle, we are able to ensure that the world is cryptographically stronger!
“The father of information security”, Claude Elwood Shannon is a well recognised electrical engineer, mathematician and cryptographer, 1916 - 2001. Like Kerckhoff he published a paper in the mid 20th century ‘A Mathematical Theory of Communication’; however, this wasn’t what made him famous, while still very important.
Shannon updated Kerckhoff’s principle to ensure that it was easy to understand and updated to reflect well on the advancements of technology. This has also been a stage where people have increasingly linked the principle to be better than security through ob,curity. The principle has been simplified to “the enemy knows the system”. Well that’s concise. But it’s meaning is extremely powerful, assuming that the second a standard is used for the first time the enemy already knows exactly how the system works ensures that unnecessary risks aren’t taken and every step is taken to ensure strong encryption. Shannon didn’t build upon this much more as making this simpler meant that more people would be willing to abide by such laws.
This is why you will find many current and future standards released with their algorithms public as anyone across the world can critique it which makes it easier to improve the quality of the standard. While some do disagree and prefer to keep everything secret as to ensure that it is so called ‘more secure’ we at deCrypt Me appreciate work to be critiqued by many people in order to ensure correctness and the implementation of better ideas! This is a personal choice; however, so you are not wrong if you would prefer to keep everything secret.
That’s the end of Kerckhoff and Shannon’s principles, a quick and easy look back to see why we make so many cryptographic items public, which is rather contrary to what cryptography should do!
Written by HarryIsSecured