LOGBOOK

HELP

Quiz Entry - updated: 2026.05.31

What is Kerckhoffs' Principle, and why is it the default for modern cryptography?

A cryptosystem should remain secure even if everything about it except the key is publicly known.

The Dutch cryptographer Auguste Kerckhoffs published it in 1883. Translated to modern terms: the algorithm, protocol, implementation, parameters, and modes are all assumed public. Only the key is secret.

Why this is the default:

  • Algorithms can't stay secret in practice — software gets reverse-engineered, hardware gets decapped, employees leak, vendors publish. "Security through obscurity" of the algorithm has failed every single time it's been tried at scale (A5/1 in GSM, content scramble in DVDs, Mifare Classic, …).
  • Public algorithms get reviewed. AES, RSA, ECC, SHA-2 all went through years of public cryptanalysis before being trusted. A secret algorithm has been reviewed only by its (small) author team.
  • Key rotation is cheap; algorithm rotation is expensive. If only the key is secret, a compromise just means rotating keys. If the algorithm was secret too, you have to rebuild the whole system.

Tip: Whenever you see "we use our own proprietary encryption", that's a red flag — it's the opposite of Kerckhoffs and the opposite of what every modern security standard recommends.

From Quiz: ISF / Symmetric Cryptography | Updated: May 31, 2026